On Fri, Jul 31, 2015 at 5:41 AM, Tyler Durden virii@enn.lu wrote:
But when it comes to spam they get, indeed, a bit upset. I recommend you to block the mail ports as we do it. ---> 25, 465, 587
As posted here last month, 25 no longer open relays mail for MUA's, it does accept MX for its own @domains. Since few want to whitelist and exclude that one email from someone, protection against mail sources is inherently weak and 25 gets a lot of inbound spam. Tor exits get a lot of reports and block it.
Authentication is required by RFC with 587 submission (which MUA's are now effectively confined to use by the rest of the email / antispam / admin ecosystem if they expect their mail to get through). And counter to RFC which say not to use it for any mail at all anymore, 465 is sometimes still used as a legacy submission port.
Since it is manageable account based, submission is less of an issue. It is the responsibility of the mail provider to deal with (ie cancel) the individual spammy account that was reported to them. If they don't want outbound spam they should charge nonrefundable fees for accounts, deploy outbound antispam, etc. As last resort they can block client IP.
If an exit operator gets a report regarding an account based service, they should consider copying their reply to all of: - the ISP of the exit (to educate, show responsiveness, and save the exit) - the reporter (to educate, and redirect them to the account based service) - the account based service (to educate, and let them deal with the account)
Browsing (80 and 443) and email (993 and 587) are fundamental, it can be hard to know when to give them up to otherwise save an exit.