mrchris
We don't miss you Bush
Premium
join:2002-10-01
North Babylon, NY | Gonna need to do more..
If you want less spam getting to your customers, such as going after the actual spammers themselves! |
|
maartena
Stacked.
Premium
join:2002-05-10
Orange, CA
 ·RoadRunner Cable
| Port 26
I use my webhost's e-mail services, and have been for a long time. Mainly on my laptop at first, so I could easily send mail from any wifi connection at friends houses, etc. But since my webhost's e-mail services turned out to be very reliable, where at one point in time the socal.rr.com smtp server had some problems, I decided to only use their servers to send and receive e-mail.
I found that some ISP's indeed block port 25, but my webhost has solved that by allowing SMTP connections on port 26 as well. Check with your webhoster to see if they can do this as well, many webhosters allow you to use their smtp server on a different port outside of 25, just because there are many ISP's blocking port 25.
--
"I'm honored to shake the hand of a brave Iraqi citizen who had his hand cut off by Saddam Hussein." - Bush, May 2004. |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| This is why I'm against port 25 blocks...
... in the first place!
When ISPs started blocking outbound only, it was effective and there are workarounds (e.g. using a different port or using the ISP's mail server).
I always feared that some ISPs would thoughtlessly block inbound 25 as well, making it impossible to run an inbound mail server (technically against the TOS, but basically harmless if configured properly). With an outbound block, even an open relay can't do much, if any, damage.
Blocking inbound 25 is more about reducing functionality or forcing power users to subscribe to more expensive tiers (or switching ISPs) than fighting spam.
Heck, even with most ISPs blocking 25 outbound, I still see LOTS of spam in my inbox. All it does is cause the spammers to find other ways to spew their crap.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA
1 edit | Huh?
said by Article :
ISPs say this isn't the case; blocking inbound port 25 traffic really helps them keep inadvertent open relays to a minimum, and therefore helps keep their IP blocks off of blacklists.
Which ISPs are saying this? At time of posting the additional nfo note is a dead link (board does not exist).
--
WAR HAS NEVER SOLVED ANYTHING, except ending slavery, facism, communism, Nazism.... |
|
roamer1
sticking it out at you
join:2001-03-24
Atlanta, GA
clubs:
| reply to maartena
Re: Port 26...or 465, or 587...
said by maartena  :my webhost has solved that by allowing SMTP connections on port 26 as well. Check with your webhoster to see if they can do this as well, many webhosters allow you to use their smtp server on a different port outside of 25, just because there are many ISP's blocking port 25. Most web hosting and third-party email providers and some corporate (non-Exchange) email systems allow authenticated SMTP on ports 465 and/or 587, the "standard" ports for such access.
-SC
--
"it seems like all you ever buy is Abercrombie and cell phones" --a friend |
|
roamer1
sticking it out at you
join:2001-03-24
Atlanta, GA
clubs:
| reply to kpatz
Re: This is why I'm against port 25 blocks...
said by kpatz :basically harmless if configured properly And that's the rub..."if configured properly". Some SMTP daemons, such as Postfix, are designed to disallow relay by default, but others aren't, and it's really easy with some daemons, such as sendmail, to make mistakes that result in open relays. 
-SC
--
"it seems like all you ever buy is Abercrombie and cell phones" --a friend |
|
RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11
 ·AT&T Midwest
| So the zombies move to inbound port 26
Or any other port for that matter. If I were writing spambots I don't think I'd be worrying about adhering to standards like which port to listen on. In the long run blocking port 25 inbound is just so much iMasturbation.
How about going after the companies advertising via spam instead?
This is a red herring for the real reason: Upselling to business-class accounts.
--
Toolmaster of La Grange. |
|
graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
| Just the next and final step.
ISPs who block inbound port 25 have long had Acceptable Use Policies prohibiting running mail servers. Now, by blocking inbound port 25, all they are trying to do is prevent such unacceptable use via technical means.
However, anyone who actually knows how things really work, knows that this port blocking is trivial to work around via SMTP redirection service so long as the ISP doesn't block this too. |
|
sbrook
Premium,Mod
join:2001-12-14
H0H 0H0
·Rogers Hi-Speed
Host:
Rogers
Bell Canada
| reply to kpatz
Re: This is why I'm against port 25 blocks...
It's more about limiting botnets to do SMTP relaying. The reason you still see lots of spam is that much of it comes from ISPs that DON'T block port 25 yet. The idea of a separate Mail submission agent using an alternate port is actually in the mail RFCs |
|
BIGMIKE
Premium
join:2002-06-07
Westminster, CA
| reply to mrchris
Re: Gonna need to do more..
Is your ISP blocking your access?
P2P program not working? People cannot reach your web server? People can't reach your email server?
It's possible your ISP is blocking incoming connections to the required ports. This test will confirm it. You need to specify the port you want to check. To do that, you have to know the port number your program uses to accept inbound TCP connections. »www.hackerwhacker.com/freetools.php
Tracing Port 25 to Ip Address 66.74.***.***
19 cpe-66-74-224-118.socal.res.rr.com (66.74.***.***) [closed] 89.104 ms 85.018 ms 83.793 ms
--
Type "miserable failure" in Google |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
1 edit | reply to sbrook
Re: This is why I'm against port 25 blocks...
Botnets don't generally use inbound port 25 to do spam relaying. They use other ports, or even outbound connections to a IRC server or something like that.
Other than the 0.00001% of customers that are running a misconfigured mail server on their connection, blocking 25 INBOUND accomplishes nothing as far as controlling spam/abuse. It only stops mail from being received on port 25, relayed or not, if you're running a mail server.
And with 25 blocked OUTBOUND, even a misconfigured open relay won't get very far. It could receive mail to relay, but it wouldn't get back out.
I used to run my own mail server for my domain on my cable modem. I plan on doing this again, once I have the money to build another box. If my ISP decides to block 25 INBOUND, I would switch ISPs. I wouldn't be too pleased if they blocked 25 outbound either, but that I can understand them doing, as it's somewhat effective in reducing spam flow (well, from that ISP anyway... trouble is, there are a gazillion ISPs around the world and the spammers will just go to another).
Alternate ports work for outbound mail from a client to a MTA. But if you want to receive mail, guess what. MTAs only send mail via port 25.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
1 edit | reply to RadioDoc
Re: So the zombies move to inbound port 26
Like I said in another post, zombies don't use 25 inbound at all. They use varying high-numbered ports, or they make an outbound connection to an IRC server. The only thing they do with port 25 is make outbound connections to send mail. An outbound-only 25 block stops the zombies from spewing spam. Inbound 25 blocks only stop power users from using one of the major standard Internet protocols on their Internet connection. I guess that would mean that it's no longer a true "Internet" connection, but a dumbed down, high-speed AOL wannabe connection.
Open relays as a primary source of spam transmission stopped years ago. Most spam is spewed by zombies, proxies, or direct from spammer's systems now. Blocking 25 inbound would stop less than 0.1% of spam transmission.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
mxmumtuna
join:2000-08-11
Ashburn, VA
| reply to kpatz
Re: This is why I'm against port 25 blocks...
said by kpatz :Other than the 0.00001% of customers that are running a misconfigured mail server on their connection, blocking 25 INBOUND accomplishes nothing as far as controlling spam/abuse. It only stops mail from being received on port 25, relayed or not, if you're running a mail server. Interesting. Please cite your source for the 0.00001% estimation of the number of home (or residential customers, if you prefer) users who run a mail server *and* have it misconfigured such that it acts as an open relay.
I suspect it's significantly higher than that. |
|
RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11 | reply to kpatz
Re: So the zombies move to inbound port 26
Precisely. |
|
Necronomikro
join:2005-09-01 | reply to graysonf
Re: Just the next and final step.
Yes, but, someone has to receive the email on on port 25. SMTP redirection probably isn't free... |
|
mrchris
We don't miss you Bush
Premium
join:2002-10-01
North Babylon, NY | reply to graysonf
They should start slapping spammers with tremendous fines (like the one that got an 11B fine). |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| reply to mxmumtuna
Re: This is why I'm against port 25 blocks...
0.00001% is a wild-a$$ed guess, but it gives you the idea of what I'm coming at. Open SMTP relays on residential connections are in the vast minority. Well under 1 percent, and probably more like 0.1%, and that's probably a high estimate. After all, what do most people plug their cable/DSL modems into? Windows and Mac boxes. Neither of these come with SMTP servers standard. Those who have SMTP servers are either ignorant *nix users or they installed the SMTP server on purpose, which means they (hopefully) know what they're doing. Also, most if not all current SMTP implementations disable relaying by default.
For every open SMTP relay out there that would be blocked by a 25 inbound block, there are likely 100 or more zombied proxy machines that would NOT be affected.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
Necronomikro
join:2005-09-01
| reply to mxmumtuna
The number is irrelevant, the spam is blocked dead in its tracks if outbound 25 is blocked. Having 25 open inbound won't automatically make an open relay start relaying, if it can't send the mail out. Unless, of course, it uses SMTP authentication and talks to your ISPs server, in which case the ISP can deal with that user. (The chances of someone being knowledgable enough to set up a mail server and SMTP authentication and it being an open relay are low) |
|
jpark
join:2005-02-05
Jackson, TN | We didn't REALLY sell you Internet Access.
Just whatever access we deem appropriate.
I'm waiting for my ISP to block port 80. That will really slow down traffic on the pipe. |
|
packetscan
Premium
join:2004-10-19
Bridgeport, CT
clubs:
·Optimum Online
| reply to RadioDoc
Re: So the zombies move to inbound port 26
"How about going after the companies advertising via spam instead?"
I could not agree more.
Business shouldn't be able to hind behind the marketing firms they hire. No More "well our marketing firm did that with out our knowledge" crap-ola.
--
Who do you want to pay off today? |
|
