AW: AW: Windows Messenger Popup Spam on UDP Por t 10 26

[vogt () hansenet com]

> > This isn't about you. The ISP also has a responsibility to protect
> > the internet at large. If millions of spam are sent each day because
> > the average user is too stupid to close off his proxy, then the
> > ISP can either shut him down, or block the proxy port. Obviously,
> > shutting down isn't an option for business reasons.
>
> In this case I would request all ISPs to block port 25. 
> Millions of spams 
> are sent via this port each day.

True, but incomplete. I work for an ISP, but my data is only true for
us, so as usual, YMMV.
Most spam is NOT sent out via port 25. It arrives via port 25, but it
almost always relayed inbetween. Some years back, open relays were the
main problem. However, we've dug into things a bit and found to our
surprise that not only are they not the main problem anymore, but in
fact a tiny minority. The main problem is open socks proxies (port 1080).

Ironically, the proposal that everyone should use a firewall makes the
problem worse, not better - we believe one or more personal firewalls
shipping with a bad default config are the culprits.

So what's an ISP to do? We all know nobody wants spam (even the spammers
don't want to RECEIVE spam, only to send it). We also know that 90% of
the current Internet population doesn't know the difference between an 
open proxy and a cup holder.


best regards / mit freundlichen Gruessen,

Tom Vogt
Hansenet Webfarm Security 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html