Outgoing SMTP Servers
bjorn at mork.no
Thu Oct 27 07:37:21 UTC 2011
Owen DeLong <owen at delong.com> writes:
> On Oct 26, 2011, at 8:07 PM, Scott Howard wrote:
>> As much as some ISPs still resist blocking port 25 for residential
>> customers, it does have a major impact on the volume of spam leaving
>> your network. I've worked with numerous ISPs as they have gone
>> through the process of blocking port 25 outbound. In every case the
>> number of end-user complaints has been low enough to be basically
>> considered background noise, but the benefits have been significant -
>> including one ISP who removed not only themselves but also their
>> entire country from most of the 'Top 10 Spammers' list when they did
> Blocking outbound port 25 would not reduce the already infinitesimal
> volume of spam leaving my network in the least. It would, however,
> block a lot of legitimate traffic.
> No thanks.
I understand that. But you may want to say "Yes, please" to having port
25 blocked by default while having the ability to turn that filter off.
As a residential user, the IP address you use to connect to MXs will
inevitably be one carved out of a pool allocated to residential users.
This is completely independent of whether you are using IPv4 or IPv6, or
having static or dynamic addresses. You buy a residential product =>
you get a residential address.
What that means to you, is that the filters running on all the MXs
around the world will classify *you* based on the observed behaviour of
all the residential customers of your ISP (among other factors of
course, but that's not relevant for this discussion). If your ISP
offers an open port 25 to everyone policy, then you may experience that
your legitimate traffic drowns in a large volume of worm or virus
initiated traffic, making a number of MXs drop your traffic with the
rest of the bunch.
If, on the other hand, your ISP block port 25 by default and let you
disable the filter, then your traffic will probably account for a
significant part of the traffic the MXs of the world see from that
address pool. This increases the probability that they classify the
pool as "friendly", and end up accepting your traffic.
Most MXs will probably have a sane enough policy to make them accept your
mail in either case. But some won't. And as I'm sure you are aware of:
You can influence your local policy by choosing your ISP, but you can
rarely influence the policies of the MXs you want to talk to.
That's why you would want to say "yes, please" to the "filter by default
but offer a disable knob" service.
More information about the NANOG