ISP port blocking practice

Owen DeLong owen at delong.com
Fri Sep 3 13:10:17 CDT 2010


Sent from my iPad

On Sep 3, 2010, at 10:10 PM, John Levine <johnl at iecc.com> wrote:

>> Really?  So, since so many ISPs are blocking port 25, there's lots less spam
>> hitting our networks?
> 
> It's been extremely effective in blocking spam sent by spambots on
> large ISPs.  It's not a magic anti-spam bullet.  (If you know one,
> please let us know.)
> 
That simply hasn't been my experience. I still get lots of spam from booted hosts in large provider networks, and yes, that includes many that block 25. As near as I can tell, 25 blocking is not affecting spammers at all, just legitimate users.

There was a time when it was effective, but the spammers have long since adapted. Now we are only breaking the Internet. We are no ,onger accomplishing anything ireful. It's pure momentum.

>> workaround. Since, like many of us, I use a lot of transient networks,
>> having to reconfigure for each unique set of brokenness is actually wasting
>> more of my time than the spam this brokenness was alleged to prevent.
> 
> Is there some reason you aren't able to configure your computers to use
> tunnels or SUBMIT?  They seem to work pretty well for other people.
> 
Many of the transient networks I deal with block 22, 25, 465, and 587. They also often block protocols 41 and 43 or do not provide a public address, rendering those protocols unusable anyway.

Yes, I am now running ssh and s,tp processes on ports 80 and 443 to get around this, but, that consumes an extra address for something that should be handled by a port number.

Personally, i'd rather use port numbers for l4 uniqueness rather than IP Addresses.

Owen

> R's,
> John




More information about the NANOG mailing list