More ISPs Blocking Port 25 Inbound?Users indicate Cox, BellSouth now employing tactic ( old news - 02:37PM Wednesday Jan 11 2006) tags: spam · networking · mailPort 25/tcp is used for SMTP, the outgoing mail protocol, and is often blocked by ISPs to cut down on spam (whether intentional or due to infection). The block prevents users from sending outgoing mail via any third party mail-hosting services. We've watched what was once somewhat of a scattered practice quickly become an industry standard over the last few years. The tactic is generally a good idea, and only causes trouble when the ISP fails to clearly inform users of the change, allowing them to employ fairly easy solutions. Some ISPs allow the port to be re-opened upon request, while others - like Comcast - only apply the filters when dealing with spamming accounts in the first place. Other ISPs take that tactic a bit further, blocking inbound port 25 traffic. Some claim this less common tactic is usually done to prevent users from running a mail server; forcing them to upgrade to a more substantive business account for the privilege. ISPs say this isn't the case; blocking inbound port 25 traffic really helps them keep inadvertent open relays to a minimum, and therefore helps keep their IP blocks off of blacklists. While we knew ISPs like Canadian cable provider Cogeco were employing this tactic, discussion in our BellSouth forum seems to indicate BellSouth has recently started blocking inbound traffic on port 25. Similar discussion in our Cox forum would indicate that Cox has started doing so as well. Some argue that measures such as blocking ICMP or in/outbound port 25 TCP traffic eliminates much needed functionality. The general consensus among security experts and spam fighters however is that port 25 blockades (at least outbound) are an effective weapon in the war on spam, and that users can generally find easy workarounds to any inconveniences. Additional explanation of why ISPs utilize this tactic can be found in this thread in our forums
Related:- Verizon's 'Weird' Anti-Spam Technology
- Comcast Blocking Port 25/TCP Inbound?
- Four Major ISPs To Use 'CertifiedEmail'
- Verizon Deploys 'Certified Email'
- Spammers Launch Major DDoS Offensive
- The Goodmail Debate
- New AT&T Filters Eating Legit E-mail
- My DLink Router Is Spamming Me
|
 
mrchris
We don't miss you Bush
Premium
join:2002-10-01
North Babylon, NY | Gonna need to do more.. If you want less spam getting to your customers, such as going after the actual spammers themselves! | |
|  | 
BIGMIKE
Premium
join:2002-06-07
Westminster, CA
| Re: Gonna need to do more.. Is your ISP blocking your access?
P2P program not working? People cannot reach your web server? People can't reach your email server?
It's possible your ISP is blocking incoming connections to the required ports. This test will confirm it. You need to specify the port you want to check. To do that, you have to know the port number your program uses to accept inbound TCP connections. »www.hackerwhacker.com/freetools.php
Tracing Port 25 to Ip Address 66.74.***.***
19 cpe-66-74-224-118.socal.res.rr.com (66.74.***.***) [closed] 89.104 ms 85.018 ms 83.793 ms
--
Type "miserable failure" in Google | |
| | | kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| Re: Gonna need to do more.. Port 25 blocks only mask the symptoms, not the disease.
It's more of a "not in my backyard" scenario than any real anti-spam tactic. It makes the ISP in question "look" better on the Internet as a whole, but for every ISP that blocks 25, there are a dozen more that don't, especially abroad.
Even if *every* ISP in the US were to block 25, the spammers would just use servers in China, Russia, etc. And we would still be buried in spam.
The problem can only be solved at the source. Make it illegal for companies to solicit spammers for advertising, and ENFORCE that law strictly.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. | |
| | 
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| said by mrchris  :If you want less spam getting to your customers, such as going after the actual spammers themselves! How about better implementing spam filters? Or providing customers with better spam filtering through webmail, as well as POP3/SMTP clients?
Although it has some positive effect, blocking port 25 across the board does little to reduce actual "spam", since the spammers just move on to target IPs owned by ISPs that don't have port 25 blocks. Essentially, blocking port 25 gives the ISP a little bit of a PR-boost, but does nothing to actually decrease the amount of spam that their customers see in their inboxes.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 12900+ messages currently using 406 MB. | |
| 
maartena
Stacked.
Premium
join:2002-05-10
Orange, CA
 ·RoadRunner Cable
| Port 26 I use my webhost's e-mail services, and have been for a long time. Mainly on my laptop at first, so I could easily send mail from any wifi connection at friends houses, etc. But since my webhost's e-mail services turned out to be very reliable, where at one point in time the socal.rr.com smtp server had some problems, I decided to only use their servers to send and receive e-mail.
I found that some ISP's indeed block port 25, but my webhost has solved that by allowing SMTP connections on port 26 as well. Check with your webhoster to see if they can do this as well, many webhosters allow you to use their smtp server on a different port outside of 25, just because there are many ISP's blocking port 25.
--
"I'm honored to shake the hand of a brave Iraqi citizen who had his hand cut off by Saddam Hussein." - Bush, May 2004. | |
| | 
roamer1
sticking it out at you
join:2001-03-24
Atlanta, GA
clubs:
| Re: Port 26...or 465, or 587... said by maartena :my webhost has solved that by allowing SMTP connections on port 26 as well. Check with your webhoster to see if they can do this as well, many webhosters allow you to use their smtp server on a different port outside of 25, just because there are many ISP's blocking port 25. Most web hosting and third-party email providers and some corporate (non-Exchange) email systems allow authenticated SMTP on ports 465 and/or 587, the "standard" ports for such access.
-SC
--
"it seems like all you ever buy is Abercrombie and cell phones" --a friend | |
| | | 
n2jtx
join:2001-01-13
Glen Head, NY | Re: Port 26...or 465, or 587... I used port 587 myself to get around OOL's port 25 outbound block as I run my own external mail server. The newer versions of sendmail have 587 enabled by default.
--
I support the right to keep and arm bears. | |
| | | | 
RARPSL
join:1999-12-08
Suffern, NY
| Re: Port 26...or 465, or 587... said by n2jtx :I used port 587 myself to get around OOL's port 25 outbound block as I run my own external mail server. The newer versions of sendmail have 587 enabled by default. I am a OOL connectivity user and I feel that they (and most other Outgoing Port25 ISPs) are Hypocrites. I say this since OOL (and I assume the other ISPs blocking outgoing Port25) has a FAQ that explains that this is being done for SPAM Control reasons/etc. They say if you want/need to use some other ISPs SMTP (ie: MSA) Servers to submit your Email, then to find out what Non-Port25 Port that Remote ISP Supports. IOW, because OOL blocks your attempt to connect to the Remote ISP's MSA Servers on Port25 it is, OOL claims, that ISP's responsibility to supply a non-Port25 for use by that ISP's customers when submitting Email to the MSA Server. The Hypocrisy comes into play due to OOL's (and I assume other Outgoing-Port25 Blocking ISPs) refusal to follow their own requirements (when a "Remote" ISP) to support a Non-Port25 Port (such as the aforementioned up-thread 465 [SSL-SMTP] and/or 587 [official MSA] Ports) on THEIR Internet Facing (and LAN) MSA Servers.
IOW: If I am currently connected to ISP2 (which blocks Outgoing Port25) I can not connect to OOL's MSA Servers to send my "From OOL-Address" Email EVEN THOUGH OOL expects ISP2 to accept my "From ISP2-Address" on a non-Port25 Port.
IMO: If an ISP wants to block Outgoing Port25 Connections and require other ISPs to offer some Non-Port25 Port to accept mail submission, then that ISP should comply with this requirement by having a Non-Port25 Port for submission use by their customers on THEIR Servers. | |
| kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| This is why I'm against port 25 blocks... ... in the first place!
When ISPs started blocking outbound only, it was effective and there are workarounds (e.g. using a different port or using the ISP's mail server).
I always feared that some ISPs would thoughtlessly block inbound 25 as well, making it impossible to run an inbound mail server (technically against the TOS, but basically harmless if configured properly). With an outbound block, even an open relay can't do much, if any, damage.
Blocking inbound 25 is more about reducing functionality or forcing power users to subscribe to more expensive tiers (or switching ISPs) than fighting spam.
Heck, even with most ISPs blocking 25 outbound, I still see LOTS of spam in my inbox. All it does is cause the spammers to find other ways to spew their crap.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. | |
| |
roamer1
sticking it out at you
join:2001-03-24
Atlanta, GA
clubs:
| Re: This is why I'm against port 25 blocks... said by kpatz :basically harmless if configured properly And that's the rub..."if configured properly". Some SMTP daemons, such as Postfix, are designed to disallow relay by default, but others aren't, and it's really easy with some daemons, such as sendmail, to make mistakes that result in open relays. 
-SC
--
"it seems like all you ever buy is Abercrombie and cell phones" --a friend | |
| | 
sbrook
Premium,Mod
join:2001-12-14
H0H 0H0
·Rogers Hi-Speed
Host:
Rogers
Bell Canada
| It's more about limiting botnets to do SMTP relaying. The reason you still see lots of spam is that much of it comes from ISPs that DON'T block port 25 yet. The idea of a separate Mail submission agent using an alternate port is actually in the mail RFCs | |
| | | kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
1 edit | Re: This is why I'm against port 25 blocks... Botnets don't generally use inbound port 25 to do spam relaying. They use other ports, or even outbound connections to a IRC server or something like that.
Other than the 0.00001% of customers that are running a misconfigured mail server on their connection, blocking 25 INBOUND accomplishes nothing as far as controlling spam/abuse. It only stops mail from being received on port 25, relayed or not, if you're running a mail server.
And with 25 blocked OUTBOUND, even a misconfigured open relay won't get very far. It could receive mail to relay, but it wouldn't get back out.
I used to run my own mail server for my domain on my cable modem. I plan on doing this again, once I have the money to build another box. If my ISP decides to block 25 INBOUND, I would switch ISPs. I wouldn't be too pleased if they blocked 25 outbound either, but that I can understand them doing, as it's somewhat effective in reducing spam flow (well, from that ISP anyway... trouble is, there are a gazillion ISPs around the world and the spammers will just go to another).
Alternate ports work for outbound mail from a client to a MTA. But if you want to receive mail, guess what. MTAs only send mail via port 25.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. | |
| | | | 
mxmumtuna
join:2000-08-11
Ashburn, VA
| Re: This is why I'm against port 25 blocks... said by kpatz :Other than the 0.00001% of customers that are running a misconfigured mail server on their connection, blocking 25 INBOUND accomplishes nothing as far as controlling spam/abuse. It only stops mail from being received on port 25, relayed or not, if you're running a mail server. Interesting. Please cite your source for the 0.00001% estimation of the number of home (or residential customers, if you prefer) users who run a mail server *and* have it misconfigured such that it acts as an open relay.
I suspect it's significantly higher than that. | |
| | | | | kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| Re: This is why I'm against port 25 blocks... 0.00001% is a wild-a$$ed guess, but it gives you the idea of what I'm coming at. Open SMTP relays on residential connections are in the vast minority. Well under 1 percent, and probably more like 0.1%, and that's probably a high estimate. After all, what do most people plug their cable/DSL modems into? Windows and Mac boxes. Neither of these come with SMTP servers standard. Those who have SMTP servers are either ignorant *nix users or they installed the SMTP server on purpose, which means they (hopefully) know what they're doing. Also, most if not all current SMTP implementations disable relaying by default.
For every open SMTP relay out there that would be blocked by a 25 inbound block, there are likely 100 or more zombied proxy machines that would NOT be affected.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. | |
| | | | | Necronomikro
join:2005-09-01
| The number is irrelevant, the spam is blocked dead in its tracks if outbound 25 is blocked. Having 25 open inbound won't automatically make an open relay start relaying, if it can't send the mail out. Unless, of course, it uses SMTP authentication and talks to your ISPs server, in which case the ISP can deal with that user. (The chances of someone being knowledgable enough to set up a mail server and SMTP authentication and it being an open relay are low) | |
| | | | |
maartena
Stacked.
Premium
join:2002-05-10
Orange, CA
·RoadRunner Cable
| said by mxmumtuna :I suspect it's significantly higher than that. I don't. 95% of people use Microsoft Windows, probably about 3% use a mac, and about 2% use Linux/BSD. I may be off 1% or so don't quote me on it.
From those numbers, I would want to bet that if someone even KNOWS what a mail server could do for a home computer, they are probably advanced enough to know that Linux is probably your best bet to run a mail server.
I would estimate that the percentage of people actually running a mailserver, albeit on Windows, MacOS or Linux, is certainly below 2% and probably less then 1%.
Sources? Since no-one actually has counted the number of mail servers in personal homes, there is no other sources then each others words, and that goes just as much for you claiming it is "significantly" higher then that.
--
"I'm honored to shake the hand of a brave Iraqi citizen who had his hand cut off by Saddam Hussein." - Bush, May 2004. | |
| | | | | |
sbrook
Premium,Mod
join:2001-12-14
H0H 0H0 | Re: This is why I'm against port 25 blocks... Considering the number of misconfigured commercial SMTP servers there are out there still, I would reckon that there will still be a lot of misconfigured residential email servers amongst those who would think it "Cool" to run their own server. | |
| |
maartena
Stacked.
Premium
join:2002-05-10
Orange, CA
·RoadRunner Cable
| said by kpatz :Heck, even with most ISPs blocking 25 outbound, I still see LOTS of spam in my inbox. All it does is cause the spammers to find other ways to spew their crap. Most professional spammers have a few servers in countries that aren't all that occupied with the laws of the digital age, China being the biggest one, but I know spammers also have placed servers in countries like Turkey, Russia, and several other Asian, South American and African countries.
Port 25 blocks aren't going to stop spam. What they MAY block is worms and virusses trying to use that port to spread spam, and there are a few spamming worms out there nowadays.
--
"I'm honored to shake the hand of a brave Iraqi citizen who had his hand cut off by Saddam Hussein." - Bush, May 2004. | |
| 
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA
1 edit | Huh? said by Article :
ISPs say this isn't the case; blocking inbound port 25 traffic really helps them keep inadvertent open relays to a minimum, and therefore helps keep their IP blocks off of blacklists.
Which ISPs are saying this? At time of posting the additional nfo note is a dead link (board does not exist).
--
WAR HAS NEVER SOLVED ANYTHING, except ending slavery, facism, communism, Nazism.... | |
| RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11
 ·AT&T Midwest
| So the zombies move to inbound port 26 Or any other port for that matter. If I were writing spambots I don't think I'd be worrying about adhering to standards like which port to listen on. In the long run blocking port 25 inbound is just so much iMasturbation.
How about going after the companies advertising via spam instead?
This is a red herring for the real reason: Upselling to business-class accounts.
--
Toolmaster of La Grange. | |
| | kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
1 edit | Re: So the zombies move to inbound port 26 Like I said in another post, zombies don't use 25 inbound at all. They use varying high-numbered ports, or they make an outbound connection to an IRC server. The only thing they do with port 25 is make outbound connections to send mail. An outbound-only 25 block stops the zombies from spewing spam. Inbound 25 blocks only stop power users from using one of the major standard Internet protocols on their Internet connection. I guess that would mean that it's no longer a true "Internet" connection, but a dumbed down, high-speed AOL wannabe connection.
Open relays as a primary source of spam transmission stopped years ago. Most spam is spewed by zombies, proxies, or direct from spammer's systems now. Blocking 25 inbound would stop less than 0.1% of spam transmission.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. | |
| | | RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11 | Re: So the zombies move to inbound port 26 Precisely. | |
| | | | 
Zaber
When all are gone, there shall be none
join:2000-06-08
Cleveland, OH
clubs:
·Expedient
·XO COMMUNICATIONS
·AT&T Midwest
1 edit | said by RadioDoc :Or any other port for that matter. If I were writing spambots I don't think I'd be worrying about adhering to standards like which port to listen on. In the long run blocking port 25 inbound is just so much iMasturbation. How about going after the companies advertising via spam instead? This is a red herring for the real reason: Upselling to business-class accounts. Agreed one hundred percent. There is no truly no good reason for the consumers to block a port like 25. Those of us who have set up a mail server have a reason to, for example every site that I go to that asks for an mail address I create a new one just for that site, that way if an address is getting spammed it just gets deleted and no more spam. Also how many bots actually sit on such a obvious port?
As for going after the companies actually paying the spammers I can hear it now: "We never told them to do that." "It is someone else trying to make us look bad." "It was a rouge employee that has been fired." And I am sure there will be many more. I do agree, go after the spammers source of income and they will die out.
Edit: added more rambling
--
Give a man a fish and he eats for a day, teach a man to fish and he will feed himself for a lifetime | |
| 
graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
| Just the next and final step. ISPs who block inbound port 25 have long had Acceptable Use Policies prohibiting running mail servers. Now, by blocking inbound port 25, all they are trying to do is prevent such unacceptable use via technical means.
However, anyone who actually knows how things really work, knows that this port blocking is trivial to work around via SMTP redirection service so long as the ISP doesn't block this too. | |
| | Necronomikro
join:2005-09-01 | Re: Just the next and final step. Yes, but, someone has to receive the email on on port 25. SMTP redirection probably isn't free... | |
| | |
graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL | Re: Just the next and final step. There is at least one free service that I know of. | |
| | | | Necronomikro
join:2005-09-01 | Re: Just the next and final step. There are attachment/email size limitations, I'm sure. | |
| | | | |
graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
1 edit | Re: Just the next and final step. Messages are limited to 50MB. If you can't say it in 50MB, you have other problems  There aren't any overall usage quotas as yet. I would expect this to change though if the service is overused or abused. They are even considering outbound redirection service to make them a complete solution. But I would expect them to be very cautious about offering outbound service since that could be easily abused.
Additionally, SMTP redirection is so easy to set up, that anyone who isn't impacted by inbound/outbound port 25 blocking can do it as a favor to one or more others, limited only by their bandwidth. | |
| | | | | | Necronomikro
join:2005-09-01
| Re: Just the next and final step. Interesting. Who does this service? Not that it matters too much - I have a webhost that does email, and the rest I either do through webmail, or at work (which hosts its own email system - exchange (for the fancy outlook support), with the emails filtered through a linux box with spamassassin installed. I also have a redundant email relay that relays all emails intended for this domain to the exchange box, should the mail server go down, or the internet connection go down. | |
| |
mrchris
We don't miss you Bush
Premium
join:2002-10-01
North Babylon, NY | They should start slapping spammers with tremendous fines (like the one that got an 11B fine). | |
| | |
sbrook
Premium,Mod
join:2001-12-14
H0H 0H0 | Re: Just the next and final step. OK, slap those Koreans, or Chinese spammers with these tremendous fines ... let's see how far that gets us! | |
| jpark
join:2005-02-05
Jackson, TN | We didn't REALLY sell you Internet Access. Just whatever access we deem appropriate.
I'm waiting for my ISP to block port 80. That will really slow down traffic on the pipe. | |
| | stufried
Premium
join:2003-10-13 | Re: We didn't REALLY sell you Internet Access. Etisilat blocks port 80. | |
| 
Krispy
Premium,VIP
join:2001-12-11
the stix
| Three plus years and counting We've been filtering 25/tcp inbound on residential cable modems for over 3 years now and I believe we've gotten a total of maybe 20 complaints during that time.
When we intially decided to do this is was strictly to stop the spam coming from misconfigured servers...these misconfigured servers were getting our netblocks blacklisted approx once per week by various RBLs and after filtering inbound 25/tcp we've been listed on RBLs a total of 3 times so it works. We had tried warning and suspending affected customers before this to no avail, it was our last option.
If you need to run a mail server get a business package and/or run it over VPN and then it doesn't matter what ports we filter.
--
you can lead a horse to the water but you cannot make him drink...you can put a man through school but you cannot make him think --ben harper | |
| | kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| Re: Three plus years and counting You meant 25/tcp outbound, dind't you?
Blocking 25 inbound would have little to no effect on spam transmission, beyond blocking it outbound.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages. | |
| | | | | | |
RARPSL
join:1999-12-08
Suffern, NY
| Re: Three plus years and counting said by odog :We haven't been doing it as long as him but last year when we blocked 110 out, 80 out, and 25 in... all we got was complaints from people running servers. I assume you mean 80 IN not OUT. Otherwise you are preventing your users from accessing ANY Web Site other than those you host. 80 is the normal outgoing port for all Web Sites access (unless the URL is HTTPS in which case Port 443 is used). | |
| nowshining
join:2005-08-22
Bakersfield, CA
| actually... take a look at ur internet service providers legal agreement, user agreement and so forth..about over a half of spam is from them aside from that they are selling ur name to other advertisers and if looking closely reades also selling to CLIENTS, so basically if the cash bid is high enough and I worked for your isp i could basically get ur Credit card number, account name and password, and so forth...:) but basically AOL is the worst and mosts willingly to do this, think about this how many identities stolen, i bet they were from AOL alone as when i was an IDIOT on spyware, etc... and found adaware SE it found hijacked items, also AOL still calls me up asking me to sign on again, and many times someone who bought my name, etc...for the high prices signed me up again once, but i was never charged due to i talked to someone from the fraud department..
Remember AOL spyware detector is spyware, it puts spyware on your computer and even takes a long time to scan..
Aol-esperience with them..
Client-I have Netzero they use NSIS adaware spyware and the client part was from their licence/user agreement and since they are all basically the same with names changed...:) well, u get the point now...
So basically yes Netzero also sells my name/ and so forth..
download this:
»www.javacoolsoftware.com/eulalyzerdl.html
its basically analyzes user agreements, and so forth. for words, sentences that should be read immediately and the non-pro version is free..:)that's how i knew more about Netzero... | |
| | 
mikes60
My Paradise
Premium
join:2001-07-31
Boynton Beach, FL
·AT&T Southeast
 ·Vonage
| Re: actually... said by nowshining :take a look at ur internet service providers legal agreement, user agreement and so forth..about over a half of spam is from them aside from that they are selling ur name to other advertisers and if looking closely reades also selling to CLIENTS, so basically if the cash bid is high enough and I worked for your isp i could basically get ur Credit card number, account name and password, and so forth...:) but basically AOL is the worst and mosts willingly to do this, think about this how many identities stolen, i bet they were from AOL alone as when i was an IDIOT on spyware, etc... and found adaware SE it found hijacked items, also AOL still calls me up asking me to sign on again, and many times someone who bought my name, etc...for the high prices signed me up again once, but i was never charged due to i talked to someone from the fraud department.. Remember AOL spyware detector is spyware, it puts spyware on your computer and even takes a long time to scan.. Aol-esperience with them.. Client-I have Netzero they use NSIS adaware spyware and the client part was from their licence/user agreement and since they are all basically the same with names changed...:) well, u get the point now... So basically yes Netzero also sells my name/ and so forth.. download this: » www.javacoolsoftware.com/eulalyzerdl.htmlits basically analyzes user agreements, and so forth. for words, sentences that should be read immediately and the non-pro version is free..:)that's how i knew more about Netzero... You lost me after "Actually"
--
Today is the tomorrow you worried about yesterday--so why bother? | |
| 
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB
| ISPs are doing the right thing The ISPs are doing the right thing by blocking ports -- especially if they make it clear on their support websites that this is what they are doing.
Even if the ISP doesn't make it clear, it is pretty obvious when you don't see expected events on a port, that that port is being blocked somewhere.
* Yes a properly configured mail server is not a problem.
- But what are the chances of an amateur configuring a mail server correctly?
- And what about the inconvenience to the millions of other subscribers of one amateurs experimenting?
People say that the internet would be safe if only all the users had adequate education.
Maybe we can't do that for surfers, but at least we can do it for those who want to run easily exploited servers.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC) | |
| | 
Effable
@192.245.x.x
| Re: ISPs are doing the right thing ISPs are doing the easy thing, not the right thing.
The right thing is allowing me to opt-out as a user, so I can fully enjoy all of the Internet services available, to which I am entitled. Make it a waiver, whatever, but give me an opt-in choice to connect in the manner I consciously choose.
-F | |
|
Jsmith12
@net.uk
| Blocking outbound port 25 is right! Blocking outbound port 25 is a good thing for ISP's to do -stops spammers buying a cheap DSL connection and sending millions of spam emails and virus / trojan infected machines from spewing out their rubbish.
Sending mail 'direct' from normal broadband account is also blocked inbound by many ISP's like AOL.
The problem comes with your ISP does not provide reliable SMTP services (our did not) so we used »www.authsmtp.com for all our outgoing mail. Much more secure and been using it for over a year no problems. | |
| | | |
|
|
