[129368] in North American Network Operators' Group
Re: ISP port blocking practice
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Sep 3 14:14:04 2010
From: Owen DeLong <owen@delong.com>
To: John Levine <johnl@iecc.com>
In-Reply-To: <20100903124008.72241.qmail@joyce.lan>
Date: Sat, 4 Sep 2010 03:40:17 +0930
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Sent from my iPad
On Sep 3, 2010, at 10:10 PM, John Levine <johnl@iecc.com> wrote:
>> Really? So, since so many ISPs are blocking port 25, there's lots =
less spam
>> hitting our networks?
>=20
> It's been extremely effective in blocking spam sent by spambots on
> large ISPs. It's not a magic anti-spam bullet. (If you know one,
> please let us know.)
>=20
That simply hasn't been my experience. I still get lots of spam from =
booted hosts in large provider networks, and yes, that includes many =
that block 25. As near as I can tell, 25 blocking is not affecting =
spammers at all, just legitimate users.
There was a time when it was effective, but the spammers have long since =
adapted. Now we are only breaking the Internet. We are no ,onger =
accomplishing anything ireful. It's pure momentum.
>> workaround. Since, like many of us, I use a lot of transient =
networks,
>> having to reconfigure for each unique set of brokenness is actually =
wasting
>> more of my time than the spam this brokenness was alleged to prevent.
>=20
> Is there some reason you aren't able to configure your computers to =
use
> tunnels or SUBMIT? They seem to work pretty well for other people.
>=20
Many of the transient networks I deal with block 22, 25, 465, and 587. =
They also often block protocols 41 and 43 or do not provide a public =
address, rendering those protocols unusable anyway.
Yes, I am now running ssh and s,tp processes on ports 80 and 443 to get =
around this, but, that consumes an extra address for something that =
should be handled by a port number.
Personally, i'd rather use port numbers for l4 uniqueness rather than IP =
Addresses.
Owen
> R's,
> John
