draven
Premium,Mod
join:2002-02-20
my bunker
Host:
General Questions
No, I Will Not Fix..
| [News] Comcast to begin targeted SMTP port blocking
This has been speculated and even reported by some news articles recently (ie. »news.com.com/2102-1034_3-5218178···il.print ). I received this information from a reliable source at Comcast last night:
"In our ongoing effort to combat spam, Comcast is implementing targeted blocking of Port 25. This action is expected to decrease the amount of outbound "spam" traffic from the comcast.net domain.
Impacted customers will be prevented from sending email using an e-mail client such as Outlook Express. The customers' PCs will still be able to fully receive new messages in their client or utilize webmail interfaces (Comcast.net, Hotmail, Yahoo!, etc.) to send and receive e-mail.
For the past year, many viruses, Spyware, Trojans, and other malicious software have been created with features allowing spammers to remotely take control of users' computers, creating computer zombies for routing mail traffic silently in the background. By blocking port 25, we will block the customer's computer from being used as a relay point or zombie for the spam traffic. It is important to note that the majority of customers will not be aware that their computer is infected with a virus and is being used to send large volumes of spam."
This should now be taken into consideration when troubleshooting posters who can no longer send e-mail. |
|
cc-in-tn
| How will this affect customers who have third party pop3 accounts? |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| reply to draven
If they do this right it could reduce the effects of zombied spam senders without penalizing those of us who have never sent a single byte of spam but legitimately use email servers other than Comcast's.
Plus, if they only block the port on "known" spam-sending IPs, that means they know which subscribers are affected, and hopefully the port block will just be the initial step, and that they'll get the subscriber to clean their system afterward.
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend. |
|
oldTDNickell
Premium
join:2000-12-19
Federal Way, WA | reply to draven
Now i know why i couldn`t send e-mail to Comcast last Sat.using OutLook Express.
This is going to upset alot of people that use O/E but if it helps on the spam i will live with it.:( |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| said by oldTDNickell  :
Now i know why i couldn`t send e-mail to Comcast last Sat.using OutLook Express.
This is going to upset alot of people that use O/E but if it helps on the spam i will live with it.:(
You should still be able to use Comcast's email servers (smtp.comcast.net) even if you're affected by the block. But according to the article, not everyone will have the block placed, only those who are sending spam.
I'm not blocked, I can still access 3rd party servers on 25. I won't be happy if I am blocked either, since I've never sent so much as a byte of spam in my life.
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend. |
|
makaze
Premium
join:2004-02-23
USA
1 edit | reply to draven
Just a FYI, if you get this 'targeted block'
absolutely NO traffic via port 25 will get pass the modem.
not even to comcast's smtp server.
The only way to email out at that point is either:
1. webmail
2. a smtp server not on port 25 |
|
oldTDNickell
Premium
join:2000-12-19
Federal Way, WA | reply to draven
I have never sent any spam so i don`t know why those e-mails didn`t go.The way i read that statement they are blocking port 25 to everyone.Could be wrong. |
|
makaze
Premium
join:2004-02-23
USA
| said by oldTDNickell :
I have never sent any spam so i don`t know why those e-mails didn`t go.The way i read that statement they are blocking port 25 to everyone.Could be wrong.
no they are not blocking it on everyone..
targeted blocking is only going to block those in which they have recieved complaints about spamming.. |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
1 edit | reply to makaze
said by makaze :
Just a FYI, if you get this 'targeted block' absolutely NO traffic via port 25 will get pass the modem... not even to comcast's smtp server.
Where did you hear that?
According to the CNET article: quote:
Instead, Comcast's engineers plan to try the innovative approach of identifying the zombie PCs and surreptitiously sending the subscriber's cable modem a new configuration routine that prevents outbound connections on port 25. Zombie-infected users won't even notice, the thinking goes, because most people use Comcast's mail servers for outgoing e-mail. Anyone wrongfully blocked can call and complain.
The 2nd sentence would seem to indicate that blocked subscribers can still access Comcast's smtp servers. Blocking access to smtp.comcast.net would be counterproductive, since then the subscriber wouldn't be able to send mail at all from a normal client. Well, on the other hand, maybe it would get them to disinfect their PC and get themselves unblocked.  quote:
I have never sent any spam so i don`t know why those e-mails didn`t go.
It was probably just a temporary smtp server outage. Can you send mail now?
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend. |
|
draven
Premium,Mod
join:2002-02-20
my bunker
Host:
General Questions
No, I Will Not Fix..
2 edits | reply to oldTDNickell
Re: [News] Comcast to begin targeted SMTP port blo
Nope, they will seemingly be targeting the port blocking, meaning you have to qualify (open spam relay) to be a recipient of the measures that will block the port.
That means that if you cannot send e-mail any longer through your mail client, you may be running as an open relay.
Edit: As noted above, you *should* still have the ability to send through Comcast's servers. However, spam-blocking and multi-thread mechanism's there would quickly take effect if zombine machine were to try such a thing. |
|
oldTDNickell
Premium
join:2000-12-19
Federal Way, WA | reply to draven
Re: [News] Comcast to begin targeted SMTP port blocking
I just sent a e-mail to my yahoo account from outlook express and it sent just fine no probably. |
|
JPuppy
Java Heathen
Premium
join:2002-11-24
Honesdale, PA
clubs: | reply to draven
I don't see these measures as a bad thing. Especially if it only effects those that are sending large amounts of Spam. As always, I hope there will be measures for those wrongly accused to have themselves removed from the blacklist. |
|
draven
Premium,Mod
join:2002-02-20
my bunker | reply to oldTDNickell
Re: [News] Comcast to begin targeted SMTP port blo
Good.
Of course, Comcast will need to now tighten down their own SMTP servers. All of these measures should have a dramatic effect on the overall proliferation of spam from the network. |
|
makaze
Premium
join:2004-02-23
USA
1 edit | reply to oldTDNickell
Re: [News] Comcast to begin targeted SMTP port blocking
nvermnd |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| reply to draven
Re: [News] Comcast to begin targeted SMTP port blo
AFAIK their own servers are pretty tight already. Anyone trying to spam through them won't likely get very far.
They should beef them up though, or add more servers. Depending on how many people are "targeted" it may cause bottlenecks/increase in traffic through the servers, which could cause outages/delays in sending email. Or worse yet, when the spammers discover their zombie farm's losing its effectiveness, they could use the zombies to target Comcast's smtp servers in a DDOS attack (another reason why zombies should be cut off and cleaned as the real solution, instead of just a band-aid block applied).
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend. |
|
vic102482
Premium
join:2002-04-30
Upper Marlboro, MD | reply to draven
Re: [News] Comcast to begin targeted SMTP port blocking
About time! |
|
Qumahlin
Never Enough Time
Premium,MVM
join:2001-10-05
united state
2 edits | reply to draven
I have yet to hear the details of this plan, but if they plan on implementing a port 25 block via the modems config as the CNET article says then that means NO TRAFFIC whatsoever will go out over 25...not even to smtp.comcast.net. I mean theoretically we could put in port 25 IP filters and list all the applicable comcast servers as the only allowed addresses but it would be a large pain and I really don't see it being done that way.
So either CNET is wrong on how it is going to be implemented, or Acidtone is right. Either way we will find out soon enough.
--
Forum Posts:4326 |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
1 edit | Unless the modem config allows access control by port and IP. I don't know how modem config files work so I don't know if it allows that level of control. I thought they do though, since in ex-attbi areas, when you first hook up an unprovisioned modem, you can only access the SAS site on 443 (https) through a proxy, so wouldn't that be a IP and port level config?
I wonder how Cox does their block... through the modem config or through router rules.
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend. |
|
draven
Premium,Mod
join:2002-02-20
my bunker | reply to Qumahlin
Re: [News] Comcast to begin targeted SMTP port blo
Would I not be correct in stating that traffic from your computer to smtp.comcast.net does not have to originate from source port 25? It only has to end up at destination port 25? |
|
JPuppy
Java Heathen
Premium
join:2002-11-24
Honesdale, PA
clubs: | Once someone here actually gets the blocking enabled we'll know for sure. Even if a CIPS employee has to look at the modem config. |
|
