How does the use of port 587 stop spammers?

1

I see that that ISPs are starting to push users to use SMTP port 587 instead of old port 25. Spam usually appears in the ISP's reason for this need. My question is "how is this going to stem the spam tide?"

  • Is this because 587 typically employs authentication? But some ISPs don't require authentication on that port. Also, can't 25 be configured to require user authentication as well?
  • Is this because 587 can use certificates? Aren't the certificates server-side rather than client-side?
  • Is this to stop 'legacy' spam-bots? Won't the spammers just adapt?

What am I missing here? My Google searches return a lot of 'how to fix your port 25 issues', but very little 'why'.

Marc Bernier

Posted 2019-11-06T20:53:53.507

Reputation: 113

Some conversation about it here>>>>>>https://stackoverflow.com/questions/3484947/why-should-i-convince-developers-to-use-port-587-for-all-smtp-communication

– Moab – 2019-11-06T21:01:54.370

Answers

4

This was done a very long time ago, and predominantly because of your first reason "587 typically employs authentication" and most (not all) ISP's do this. Port 25 has largely been closed down (public do not use / need it anymore) but spammers use to try to hijack port 25 to send out spam. As I noted, this all happened a very long time ago in most places

John

Posted 2019-11-06T20:53:53.507

Reputation: 5 395

1To expand even more, specifically, they just grab a website list, check them all and copy down their public mx record. Then they can scan all these addresses to see if port 25 is open. Once they have that filtered, they can start testing to see which ones work to automatically send mass email through someone elses servers. A lot of people who are hobbyists may have mail servers set up pointed to their custom domains so spammers can mass spoof this way easily. Using 587 instead of 25 means you have to have their user/pass in order to send out of their mailing server, negating the technique – Narzard – 2019-11-06T21:22:19.837

1Also, an ISP may require username and password as authentication and that secures sending even more – John – 2019-11-06T21:24:37.790

Am I correct in thinking that SMTP servers would still need to leave 25 open and/or some other route for non-authenticated senders? In other words, I don't have authentication for example.com, but I need to send an (legit) e-mail to a user there. – Marc Bernier – 2019-11-06T22:10:02.960

SMTP servers may close down any external use of port 25 and only allow Exchange (or other legitimate server) to use the port – John – 2019-11-06T22:12:02.550

@MarcBernier "Am I correct in thinking that SMTP servers would still need to leave 25 open and/or some other route for non-authenticated senders?" - Not for (directly) outgoing mail. That said, in practical (rather than absolute) terms, port 25 still needs to be open for receiving email in general (and potentially relaying it). While email transactions can take place on any port, 25 has been in service long enough it's the standard. – Anaksunaman – 2019-11-06T22:47:51.540

@MarcBernier Note that there are services which will accept mail on port 25 and relay it to another port. These can be used in instances where an ISP blocks port 25 for both incoming and outgoing mail (e.g. a user sends on port 587 and another, third-party server (X) receives on port 25 then relays emails to the user's/website's mail server (Y) on a known, non-blocked port). – Anaksunaman – 2019-11-06T22:55:45.677

Asked: 2019-11-06T20:53:53.507

Viewed: 105 times

Active: 2019-11-06T21:10:19.283