said by js339:
I stand corrected. Thanks for the link and info, both of you.
I would that I could have offered direct links, but CL wants zip codes, and mine doesn't work for them. So I tried shooting in the dark.
... and ISPs can just start blocking ports and filtering all and sundry willy-nilly when they feel like it ...
Again, in my experience, there is nothing random about port blocking. For the NetBIOS ports, the ISPs are not selling local area networking; and NetBIOS is inherently insecure, and not suited for use on wan (the public Internet). It is a part of the ISPs own network security policy to force sharing through specific user applications (most ISPs don't block FTP, that I am aware of).
For SMTP service, most ISPs offer their own, in-house, or sub-contracted email service. But most residential users don't even think about security at all, and some are prone to fall prey to 'bots, which take over their system to spew spam outbound to port 25. When I first started running my own server, I actually counted incoming port 25 connections (at that time still permitted on SBC) from dubious sources. The two largest offenders were SBC (1st in spam, 2nd in customer count) and Comcast (2nd in spam, 1st in customer count). By the end of 2002, each ISP had implemented port 25 policies (Comcast would push a port 25 blocked modem config file to offending customers; SBC just implemented a system-wide block on outbound port 25). By the summer of 2003, both ISPs were in a dead heat for dead last in dubious SMTP connections from compromised customer machines, with Verizon and Road Runner the two top offenders. As a spam mitigation technique, port 25 blocks work.
Aside from some vulnerable Windows networking function on, I believe, port 445, I am not aware of any other widely blocked ports. ISPs are responsible for the security of their networks, and will, even should, implement security policies for the greater good of their customers.
I believe there exists a small, tech-savvy subset of ISP customers capable of responsible access to useful ports, for whom an ISP should offer a different level service, at a reasonable fee. Many ISPs do just that (with the probable caveat that their fees may not be reasonable) by offering static IP address packages.
I believe that all spam filtering should be done at SMTP time, and when and if an email is accepted for delivery ...
It's frustrating when gmail accepts mail on my behalf, and then silently discards it as spam, and I have yet to find a viable alternative.
I agree, and the viable alternative, if one is willing to tackle the job, is to run one's own mail server. I like that my ISP does offer static IP addresses for a reasonable fee; to include setting rDNS, so the server host name is in my domain.--
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum