nanog mailing list archives
Re: ISP port blocking practice
From: Scott Howard <scott () doc net au>
Date: Sat, 11 Sep 2010 18:29:11 -0700
On Sun, Sep 5, 2010 at 8:06 PM, Owen DeLong <owen () delong com> wrote:
Doing away with open relays and open proxies didn't really interfere with legitimate traffic on a meaningful level. Blocking outbound SMTP is causing such problems.
You keep saying this, but can you provide any examples of situations where ISP that have done this RIGHT, and have caused anything more than a very minor inconvenience to a very small percentage of their users, and no impact at all to the rest? Nobody is talking about blocking port 465 or 587 as being a good thing - only port 25. I've been involved with multiple ISPs in multiple countries that have implemented port 25 blocking. Those that did it right (dynamic IPs only, self opt-out, communication, etc) all reported sufficiently small volumes of end-user problems that it could almost be considered noise in the normal support load. If a better job was done of blocking only 25, perhaps this would be less so.
Name an ISP that is blocking port 465 or 587? Not a hotel or a library - but an ISP. The question isn't just what is or isn't effective, or, even how much it
reduces spam complaints. There is also the question of how much legitimate traffic suffers collateral damage in your spam mitiigation techniques.
From the data I have, which comes from multiple implementations of blocking,
it is very clear that the answer is that it had a significant impact on the amount of spam being originated from the network, and with very little to zero collateral damage. To a large extent, this isn't about the impact that such changes have on the total global volume of spam being sent - and if you think it is you're missing the point. This is about ISP taking an interest in stopping spam originating from their network, and getting themselves off the various "Top 10 spammers" lists (hello Telefonica, are you listening?). If you're not taking an interest in the spam that's originating from your network, then you're a part of the problem (and given that only a few weeks ago people on spam-l were discussing blocking all oh HE... well...) Scott
Current thread:
- Re: ISP port blocking practice, (continued)
- Re: ISP port blocking practice Ricky Beam (Sep 03)
- Message not available
- Re: ISP port blocking practice Patrick W. Gilmore (Sep 03)
- Re: ISP port blocking practice Claudio Lapidus (Sep 05)
- Re: ISP port blocking practice Patrick W. Gilmore (Sep 05)
- Re: ISP port blocking practice Franck Martin (Sep 05)
- Re: ISP port blocking practice Paul Ferguson (Sep 05)
- Re: ISP port blocking practice Jon Lewis (Sep 05)
- Re: ISP port blocking practice Owen DeLong (Sep 05)
- Re: ISP port blocking practice Franck Martin (Sep 05)
- Re: ISP port blocking practice Jon Auer (Sep 06)
- Re: ISP port blocking practice Scott Howard (Sep 11)
- Re: ISP port blocking practice Brett Frankenberger (Sep 06)
- Re: ISP port blocking practice Patrick W. Gilmore (Sep 06)
- Re: ISP port blocking practice deleskie (Sep 06)
- Re: ISP port blocking practice Brett Frankenberger (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 06)
- Re: ISP port blocking practice Suresh Ramasubramanian (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 06)
- Re: ISP port blocking practice Suresh Ramasubramanian (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 07)
- Re: ISP port blocking practice John Levine (Sep 09)