kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| This is why I'm against port 25 blocks...
... in the first place!
When ISPs started blocking outbound only, it was effective and there are workarounds (e.g. using a different port or using the ISP's mail server).
I always feared that some ISPs would thoughtlessly block inbound 25 as well, making it impossible to run an inbound mail server (technically against the TOS, but basically harmless if configured properly). With an outbound block, even an open relay can't do much, if any, damage.
Blocking inbound 25 is more about reducing functionality or forcing power users to subscribe to more expensive tiers (or switching ISPs) than fighting spam.
Heck, even with most ISPs blocking 25 outbound, I still see LOTS of spam in my inbox. All it does is cause the spammers to find other ways to spew their crap.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
roamer1
sticking it out at you
join:2001-03-24
Atlanta, GA
clubs:
| said by kpatz  :basically harmless if configured properly And that's the rub..."if configured properly". Some SMTP daemons, such as Postfix, are designed to disallow relay by default, but others aren't, and it's really easy with some daemons, such as sendmail, to make mistakes that result in open relays. 
-SC
--
"it seems like all you ever buy is Abercrombie and cell phones" --a friend |
|
sbrook
Premium,Mod
join:2001-12-14
H0H 0H0
 ·Rogers Hi-Speed
Host:
Rogers
Bell Canada
| reply to kpatz
It's more about limiting botnets to do SMTP relaying. The reason you still see lots of spam is that much of it comes from ISPs that DON'T block port 25 yet. The idea of a separate Mail submission agent using an alternate port is actually in the mail RFCs |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
1 edit | Botnets don't generally use inbound port 25 to do spam relaying. They use other ports, or even outbound connections to a IRC server or something like that.
Other than the 0.00001% of customers that are running a misconfigured mail server on their connection, blocking 25 INBOUND accomplishes nothing as far as controlling spam/abuse. It only stops mail from being received on port 25, relayed or not, if you're running a mail server.
And with 25 blocked OUTBOUND, even a misconfigured open relay won't get very far. It could receive mail to relay, but it wouldn't get back out.
I used to run my own mail server for my domain on my cable modem. I plan on doing this again, once I have the money to build another box. If my ISP decides to block 25 INBOUND, I would switch ISPs. I wouldn't be too pleased if they blocked 25 outbound either, but that I can understand them doing, as it's somewhat effective in reducing spam flow (well, from that ISP anyway... trouble is, there are a gazillion ISPs around the world and the spammers will just go to another).
Alternate ports work for outbound mail from a client to a MTA. But if you want to receive mail, guess what. MTAs only send mail via port 25.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
mxmumtuna
join:2000-08-11
Ashburn, VA
| said by kpatz :Other than the 0.00001% of customers that are running a misconfigured mail server on their connection, blocking 25 INBOUND accomplishes nothing as far as controlling spam/abuse. It only stops mail from being received on port 25, relayed or not, if you're running a mail server. Interesting. Please cite your source for the 0.00001% estimation of the number of home (or residential customers, if you prefer) users who run a mail server *and* have it misconfigured such that it acts as an open relay.
I suspect it's significantly higher than that. |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| 0.00001% is a wild-a$$ed guess, but it gives you the idea of what I'm coming at. Open SMTP relays on residential connections are in the vast minority. Well under 1 percent, and probably more like 0.1%, and that's probably a high estimate. After all, what do most people plug their cable/DSL modems into? Windows and Mac boxes. Neither of these come with SMTP servers standard. Those who have SMTP servers are either ignorant *nix users or they installed the SMTP server on purpose, which means they (hopefully) know what they're doing. Also, most if not all current SMTP implementations disable relaying by default.
For every open SMTP relay out there that would be blocked by a 25 inbound block, there are likely 100 or more zombied proxy machines that would NOT be affected.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. |
|
Necronomikro
join:2005-09-01
| reply to mxmumtuna
The number is irrelevant, the spam is blocked dead in its tracks if outbound 25 is blocked. Having 25 open inbound won't automatically make an open relay start relaying, if it can't send the mail out. Unless, of course, it uses SMTP authentication and talks to your ISPs server, in which case the ISP can deal with that user. (The chances of someone being knowledgable enough to set up a mail server and SMTP authentication and it being an open relay are low) |
|
maartena
Stacked.
Premium
join:2002-05-10
Orange, CA
·RoadRunner Cable
| reply to kpatz
said by kpatz :Heck, even with most ISPs blocking 25 outbound, I still see LOTS of spam in my inbox. All it does is cause the spammers to find other ways to spew their crap. Most professional spammers have a few servers in countries that aren't all that occupied with the laws of the digital age, China being the biggest one, but I know spammers also have placed servers in countries like Turkey, Russia, and several other Asian, South American and African countries.
Port 25 blocks aren't going to stop spam. What they MAY block is worms and virusses trying to use that port to spread spam, and there are a few spamming worms out there nowadays.
--
"I'm honored to shake the hand of a brave Iraqi citizen who had his hand cut off by Saddam Hussein." - Bush, May 2004. |
|
maartena
Stacked.
Premium
join:2002-05-10
Orange, CA
·RoadRunner Cable
| reply to mxmumtuna
said by mxmumtuna :I suspect it's significantly higher than that. I don't. 95% of people use Microsoft Windows, probably about 3% use a mac, and about 2% use Linux/BSD. I may be off 1% or so don't quote me on it.
From those numbers, I would want to bet that if someone even KNOWS what a mail server could do for a home computer, they are probably advanced enough to know that Linux is probably your best bet to run a mail server.
I would estimate that the percentage of people actually running a mailserver, albeit on Windows, MacOS or Linux, is certainly below 2% and probably less then 1%.
Sources? Since no-one actually has counted the number of mail servers in personal homes, there is no other sources then each others words, and that goes just as much for you claiming it is "significantly" higher then that.
--
"I'm honored to shake the hand of a brave Iraqi citizen who had his hand cut off by Saddam Hussein." - Bush, May 2004. |
|
sbrook
Premium,Mod
join:2001-12-14
H0H 0H0 | Considering the number of misconfigured commercial SMTP servers there are out there still, I would reckon that there will still be a lot of misconfigured residential email servers amongst those who would think it "Cool" to run their own server. |
|
