ISP port blocking practice

• Previous message (by thread): ISP port blocking practice
• Next message (by thread): ISP port blocking practice
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dan White wrote:
> On 23/10/09 17:58 -0400, James R. Cutler wrote:
>> Blocking the well known port 25 does not block sending of mail. Or the
>> message content.
> 
> It does block incoming SMTP traffic on that well known port.

Then the customer should have bought a class of service that permits 
servers.

>> I think the relevant neutrality principle is that traffic is not blocked
>> by content.
> 
> My personal definition doesn't quite gel with that. You're deciding for the
> customer how they can use their connection, before you have any evidence of
> nefarious activity.

They decided for themselves when they bought a residential connection 
instead of a business circuit.  Just because someone bought themselves a 
Camry doesn't mean that Toyota is deciding for them that they can't haul 
1000lbs of concrete with it.  The customer did when they decided to buy 
a car and not a pickup.

> Would you consider restricting a customer's outgoing port 25 traffic to a
> specific mail server a step over the net neutrality line?

I do this all the time.  For example I don't let my customers send or 
receive mail (or any traffic for that matter) from prefixes originating 
from AS32311 (Colorado spammer Scott Richter).  Now if I was blocking 
mail to dnc.org, gop.com, greenpeace.org, etc or restricting Vonage to 
.05% of my bandwidth then yeah that would violate net neutrality 
principles.  The difference is one stifles speech and is 
anti-competitive.  The other mitigates a network security and stability 
risk.

I see this same argument on Slashdot all too often.  It's usually 
bundled with an argument against providers doing any sort of traffic 
aggregation ("if I buy 1.5Mbps then it should be a dedicated pipe 
straight to the Internet!")  Unfortunately that's simply not reality. 
You can either live with a small level of controls on your traffic for 
the sake of stability and security or you can have wide-open ISPs with 
no security prohibitions whatsoever.  The support costs for the ISPs go 
through the roof and of course that gets passed onto the customer.  Your 
5 9s SLA gets replaced with "use it while you can before it goes down 
again".  Everyone pays a penalty for having a digital Wild West.  Not to 
start another thread on a completely OT topic but the same concept can 
be applied to other things like health care.  Either everyone can pay a 
little bit for all to have good service or many average consumers can 
pay lots to make up the losses for those that can't pay at all.

Justin

• Previous message (by thread): ISP port blocking practice
• Next message (by thread): ISP port blocking practice
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]