nanog mailing list archives
Re: ISP port blocking practice
From: Owen DeLong <owen () delong com>
Date: Sun, 5 Sep 2010 19:43:27 -0700
On Sep 5, 2010, at 10:36 AM, Claudio Lapidus wrote:
Hello all, On Fri, Sep 3, 2010 at 11:30 PM, Ricky Beam <jfbeam () gmail com> wrote:If I block port 25 on my network, no spam will originate from it. (probablly) The spammers will move on to a network that doesn't block their crap. As long as there are such open networks, spam will be rampant. If, overnight, every network filtered port 25, spam would all but disappear. But spam would not completely disappear -- it would just be coming from known mailservers :-) thus enters outbound scanning and the frustrated user complaints from poorly tuned systems...That won't be probably the case. Here recently we conducted a rather comprehensive analysis on dns activity from subscribers, and we've found that in IP ranges that already have outgoing 25 blocked we were still getting complaints about originating spam. It turned out that the bots also know how to send through webmail, so port 25 blocking renders ineffective there. --cl.
Perhaps a new BCP is coming from MAAWG suggesting we now block outbound port 80. Owen
Current thread:
- Re: ISP port blocking practice, (continued)
- Re: ISP port blocking practice Brett Frankenberger (Sep 06)
- Re: ISP port blocking practice Patrick W. Gilmore (Sep 06)
- Re: ISP port blocking practice deleskie (Sep 06)
- Re: ISP port blocking practice Brett Frankenberger (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 06)
- Re: ISP port blocking practice Suresh Ramasubramanian (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 06)
- Re: ISP port blocking practice Suresh Ramasubramanian (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 07)
- Re: ISP port blocking practice John Levine (Sep 09)
- Re: ISP port blocking practice Owen DeLong (Sep 05)
- RE: ISP port blocking practice Brian Johnson (Sep 13)
- Re: RE: ISP port blocking practice Joshua William Klubi (Sep 13)
- Re: ISP port blocking practice Franck Martin (Sep 02)
- Re: ISP port blocking practice Owen DeLong (Sep 03)