>> From: Doc Shipley [mailto:doc@mdrconsult.com]
>> You just defined most spammers, with
respect to network
>> and MTA configuration. Add to that that a large percentage
>> of spam is relayed through compromised systems, and
>> blocking outgoing port 25 from a dynamic netblock is
>> reasonable. It *helps* the spam and Windows worm traffic a lot.
Yes, it WILL decrease spam, but so would pulling the plug on the entire net.
Seriously, look at the entire route a piece of spam takes and who it
impacts.
The generation of a large number of e-mails definitly impacts the people who
RECEIVE them, the networks that CARRY them, the servers that GENERATE them.
IMNSHO any of these people are quite within their rights (and even
responsibilites)
to block them.
If my ISP had determined that the SMTP server at
somespammer.net was being a
bad boy, then let them blacklist that server.
As I stated before, this policy (blocking outbound SMTP) does not impact the
millions of people who are generating spam outside the ISP and ten clogging
the ISP bandwith and my Inbox with spam. A polict of blocking both inbound
and outbound traffic to specific IP addresses would address this also.
Even setting a default of blocking all port 25 access would be reasonable IF
THEY WERE WILLING TO OPEN SPECIFIC IP's upon reciept of a document
validiting the need for the access.
>> Earthlink, Comcast, and several other major
providers
>> block port 25.
>> I travel quite a bit, and most of the hotel fast-access
>> providers do the same. My email users (
mdrconsult.com
>> accounts) cover all the above with their home & road
>> accounts, and none need any secondary configuration. Our
>> relayed SMTP uses SSL/TLS and SMTP AUTH on ports 465 and
>> 587. Nobody blocks those ports, nor are they likely to ever do so.
True, but what would you do IF your ISP decided do block those ports (maybe
they just don't like the numbers). Consider the impact on you (especially
from a support point) if tomorrow morning ALL of your
clients started
reporting that they could not send e-amil and were blaming you
[especially
until you figured out WHAT was happenin!].
That is what /I have put up with this week.....
>> My users' mail is secured, my server
can't be used as a
>> relay, and $ISP's self-protective measures are irrelevant.
Except for as mentioned above!