[129599] in North American Network Operators' Group
RE: ISP port blocking practice
daemon@ATHENA.MIT.EDU (Brian Johnson)
Mon Sep 13 09:54:45 2010
Date: Mon, 13 Sep 2010 08:54:35 -0500
In-Reply-To: <op.vihk8tzvtfhldh@rbeam.xactional.com>
From: "Brian Johnson" <bjohnson@drtel.com>
To: "NANOG list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Brian J.
>-----Original Message-----
>From: Ricky Beam [mailto:jfbeam@gmail.com]
>Sent: Friday, September 03, 2010 9:30 PM
>To: Owen DeLong; Patrick W. Gilmore
>Cc: NANOG list
>Subject: Re: ISP port blocking practice
>
>On Fri, 03 Sep 2010 08:12:01 -0400, Owen DeLong <owen@delong.com>
>wrote:
>> Really? So, since so many ISPs are blocking port 25, there's lots
less
>> spam hitting our networks?
>
>Less than there could be. It appears a lot less effective because
there
>are so many ISPs not doing any blocking. Both of my residential
>connections are open, and always have been. (even dialup was unblocked.
>which I always found odd since the UUNET wholesale dialup agreement
>requires the RADIUS response contain a packet filter limiting port 25
to
>your mail server(s).)
>
>If I block port 25 on my network, no spam will originate from it.
>(probablly) The spammers will move on to a network that doesn't block
>their crap. As long as there are such open networks, spam will be
>rampant. If, overnight, every network filtered port 25, spam would all
>but disappear. But spam would not completely disappear -- it would
just
>be coming from known mailservers :-) thus enters outbound scanning and
>the frustrated user complaints from poorly tuned systems...
>
>--Ricky
This is what we (network admins) get paid to do! If we are running a
server that is a security risk to the net, then we can't complain when
it gets filtered. It is our job to do our due diligence and ensure our
servers are not spam hot-beds or open relays (or other bad stuff,
etc...).
The port 25 blocking simply prevents the largest volume of hosts in an
ISP network, the users, from being a spam delivery platform.
- Brian
CONFIDENTIALITY NOTICE: This email message, including any attachments, =
is for the sole use of the
intended recipient(s) and may contain confidential and privileged =
information. Any unauthorized review,
copying, use, disclosure, or distribution is prohibited. If you are not =
the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the =
original message. Thank you.
