Mail Security through Obscurity trend

First of all let me say that this post might be too technical for some, so I apologize for that in advance.

For those who don’t know, outgoing mail when using SMTP, uses port 25. However, because SMTP doesn’t verify the sender, there is a lot of abuse lately, mainly by spammers.

There is a very nice alternative, namely making the connection over SSL port 465. This requires you to specify your username and password and makes sure that only you (or someone who has access to that server) can send mail. Because you need to identify, spammers don’t like it. This may sound very complex, for the ordinary user however, these are just settings in your mail application.

But for some reason the service providers and some hosting companies refuse to support this, with lots of spam being sent from their machines as a result. The new trend lately is by just changing the SMTP port from 25 to 26 and hoping that spammers will lose interest in their servers because port 25 didn’t work. This is known as a security by obscurity technique. And it’ll work as long as it’s not mainstream. Let’s see how long it’ll last…

No Responses to “Mail Security through Obscurity trend”.

Leave a response