Spammers are already getting around this! -

Author	All Replies
fatmanskinny Premium join:2004-01-04 Wandering Reviews: ·Comcast ·Comcast Digital .. 2 edits	Spammers are already getting around this! How? If Bellsouth's e-mail only recognize @bellsouth.net e-mails for outgoing, spammers just put a fictitious e-mail ending in @bellsouth.net and add a different REPLY TO e-mail when you try and reply to that @bellsouth.net address. I am not a spammer. However, while I was on Xtreme for a few days before going back to Ultra, I was still able to send Yahoo outgoing from Xtreme account. Also, my cousin who just got Bellsouth Xtreme can do the same thing. Edit: Same thing with ComCrap and other ISPs. A step in the right direction may be having the OutGoing Mail Server require authentication (you would need a valid e-mail account and password matching the name you are sending under) where it verifies if the e-mail is actually being sent from a valid blah@bellsouth.net account. -- Find out Why The World Laughs at George "Dumbya" Bush and those who stand behind him now.
	to forum · permalink · 2004-05-06 14:07:16 ·

roamer1 sticking it out at you join:2001-03-24 Atlanta, GA	said by fatmanskinny: How? If Bellsouth's e-mail only recognize @bellsouth.net e-mails for outgoing, spammers just put a fictitious e-mail ending in @bellsouth.net and add a different REPLY TO e-mail when you try and reply to that @bellsouth.net address. BellSouth.net doesn't do and AFAIK has never done what Verizon did (i.e., you don't have to use @bellsouth.net as your From: address). The point of blocking outbound port 25/tcp (note, INBOUND port 25/tcp is usually not blocked by ISPs that block outbound -- I don't know about BellSouth specifically) is to cut down on "relay rape" and "direct to MX" types of spamming, and allow the ISP to count/rate-limit outgoing emails from a user to help nip spammers in the bud. Port 25/tcp blocking doesn't usually create problems with using other ISPs'/companies' AUTHENTICATED SMTP servers, since they usually run on other ports (commonly 465/tcp or 2525/tcp.) -SC -- No-Bull SE US Wireless Info: »www.sewireless.info/ Atlanta Apt/Condo Cable & Broadband Info: »www.atlaptcable.info/
	to forum · permalink · 2004-05-06 14:29:07 ·
fantomposter Phantom Poster Premium join:2002-09-21 Independence, OH	reply to fatmanskinny said by fatmanskinny: How? If Bellsouth's e-mail only recognize @bellsouth.net e-mails for outgoing, spammers just put a fictitious e-mail ending in @bellsouth.net and add a different REPLY TO e-mail when you try and reply to that @bellsouth.net address. Maybe I misread what you ment, but outgoing smtp on all ISP's is much different than you describe. Bellsouth does not look at the from address. They look at two things. One, if the to address is to bellsouth it accepts the email and delivers it locally. Or two if the to address is not bellsouth they look at the IP address that the connection is coming from. If the sending connection is on Bellsouth's network it accepts the email and delivers it offsite. If the IP is from somewhere else, it refuses the email and returns a 5XX relaying denied error. The from address is never looked at, for just the reason you mention, anyone can get around it. Some ISP's do use authentication, either smtp username and password or pop before smtp.
	to forum · permalink · 2004-05-06 14:44:08 ·
fatmanskinny Premium join:2004-01-04 Wandering Reviews: ·Comcast ·Comcast Digital .. 1 edit	I use to work for Blah Inc. Their outgoing mail server was mail.blah.com. Whenever I tried to send an e-mail from blah@yahoo.com by using their outgoing mail server, it was blocked and I got various error messages in the Outlook Express window that shows an e-mail's outgoing progress. Reason why I couldn't send Yahoo through company's e-mail is due to them not only blocking port 25 but also making it so that outgoing mail required authentication. If I am not mistaken, when a company requires you to use OutGoing Mail Authentication, they are checking to see if you have a valid user account and password associated with that company. See images below. »www.alivemembers.co.uk/images/tu···uth3.png »www.alivemembers.co.uk/images/tu···uth4.png I may be wrong but this is what I was told. -- Find out Why The World Laughs at George "Dumbya" Bush and those who stand behind him now.
	to forum · permalink · 2004-05-06 15:00:47 ·
fantomposter Phantom Poster Premium join:2002-09-21 Independence, OH	said by fatmanskinny: If I am not mistaken, when a company requires you to use OutGoing Mail Authentication, they are checking to see if you have a valid user account and password associated with that company. See images below. Yep. But you wont find many ISP's that do that. They only do IP verification. So the fix to your above problem was to not use the company smtp for outgoing, but to use their ISP's.
	to forum · permalink · 2004-05-06 15:21:25 ·

Blocking Port 25 > Spammers are already getting around this!

Spammers are already getting around this!