The End-To-End Internet (was Re: Blocking MX query)
izaac at setec.org
Wed Sep 5 21:12:07 UTC 2012
On Wed, Sep 05, 2012 at 11:46:34AM -0400, Greg Ihnen wrote:
> On Wed, Sep 5, 2012 at 11:11 AM, Izaac <izaac at setec.org> wrote:
> > On Wed, Sep 05, 2012 at 07:50:12AM -0700, Henry Stryker wrote:
> > > signature. They are adaptive, like cockroaches.
> > This is why tcp port 25 filtering is totally effective and will remain so
> > forever. Definitely worth breaking basic function principles of a
> > global communications network over which trillions of dollars of commerce
> > occur.
> But as someone pointed out further back on this thread people who want to
> have their mail servers available to people who are on the other side of
> port 25 filtering just use the alternate ports. So then what does filtering
> port 25 accomplish?
I suspect your ISP is also stripping <sarcasm> tags. Let's try it out
You can tell that tcp port 25 filtering is a highly effective spam
mitigation technique because spam levels have declined in direct
proportion to their level of deployment. Today, we barely see any
spam on the internet due to amazing ability of these filters to
prevent bad people from sending bulk email.
Was that properly marked? Or this one?
Since tcp25 filtering has been so successful, we should deploy
filters for everything except tcp80 and tcp443 and maaaybe tcp21 --
but NAT already does so much to enhance the user experience there
already. And what with ISP customers using their provided DNS and
mail service exclusively, there's no reason to permit udp53, tcp110,
tcp143, tcp993, tcp995 either. Really, only evil people use anything
but the web. Any other traffic undoubtedly a bot from which they
ought to be protected.
. ___ ___ . . ___
. \ / |\ |\ \
. _\_ /__ |-\ |-\ \__
More information about the NANOG