Unplugging spamming PCs

Brett bretton at gmail.com
Wed Jun 23 17:32:24 UTC 2004


My bad!  I was too busy with that pesky little thing called "work" to
scrutinize my grammar before I sent ;-)  It is reactive, but they are
at least doing something.

Completely blocking port 25 (except to comcast mail servers) will stop
zombies, but not people intentionally sending spam.  Anyone with a
shell account can still forward traffic from an arbitrary port to 25
on an open relay.

They are definitely not taking the "hard line against spam" either,
but at least they are making an effort.


On Wed, 23 Jun 2004 12:07:27 -0500 (CDT), Sam Hayes Merritt, III
<sam at themerritts.org> wrote:
> 
> 
> On Wed, 23 Jun 2004, Brett wrote:
> 
> > At least they now realize they are one of the worst and are finally
> > becoming proactive:
> >
> > http://zdnet.com.com/2100-1104-5230615.html
> >
> > They are also starting to block port 25.
> 
> That is still reactive (first the abuse has to occur, then you try and
> filter anymore from occuring), at least they might be now be doing
> something that everyone else has been doing for years.
> 
> So far today we've only blocked 3381 attempts from dynamic comcast.net
> space to send email to our users.
> 
> Proactive would be blocking port 25 except to comcast.net's mail servers,
> at least on retail users without static IPs, and then opening it up if
> the customer cannot work around it by using comcast's mail server to send
> out. Thats what responsible ISPs have done.
> 
> 
> sam
> 
>



More information about the NANOG mailing list