ISP port blocking practice
owen at delong.com
Fri Sep 3 13:10:17 CDT 2010
Sent from my iPad
On Sep 3, 2010, at 10:10 PM, John Levine <johnl at iecc.com> wrote:
>> Really? So, since so many ISPs are blocking port 25, there's lots less spam
>> hitting our networks?
> It's been extremely effective in blocking spam sent by spambots on
> large ISPs. It's not a magic anti-spam bullet. (If you know one,
> please let us know.)
That simply hasn't been my experience. I still get lots of spam from booted hosts in large provider networks, and yes, that includes many that block 25. As near as I can tell, 25 blocking is not affecting spammers at all, just legitimate users.
There was a time when it was effective, but the spammers have long since adapted. Now we are only breaking the Internet. We are no ,onger accomplishing anything ireful. It's pure momentum.
>> workaround. Since, like many of us, I use a lot of transient networks,
>> having to reconfigure for each unique set of brokenness is actually wasting
>> more of my time than the spam this brokenness was alleged to prevent.
> Is there some reason you aren't able to configure your computers to use
> tunnels or SUBMIT? They seem to work pretty well for other people.
Many of the transient networks I deal with block 22, 25, 465, and 587. They also often block protocols 41 and 43 or do not provide a public address, rendering those protocols unusable anyway.
Yes, I am now running ssh and s,tp processes on ports 80 and 443 to get around this, but, that consumes an extra address for something that should be handled by a port number.
Personally, i'd rather use port numbers for l4 uniqueness rather than IP Addresses.
More information about the NANOG