[Chapter-delegates] Blocking port tcp/25 outgoing

Gaurab Raj Upadhaya gaurab at lahai.com
Tue Nov 10 19:22:30 PST 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Marcin,

- From what  I know, a lot of ISPs use this as a standard practice for
their home/dsl/broadband subscribers who are on dynamic IP addresses.  I
know that my ISP doesn't allow third party SMTP servers to be used. They
provide a SMTP server for all customer.

If I want to run my own SMTP out then they ask me to upgrade to a
'professional' plan for a small fee and will give me fixed IP among
other other benefits.

Operationally, this is one of the best ways to limit outbound badness
from your network. Increasingly as more and more spam and badware is
sent from virus infected or bot controlled - broadband connected -  home
PCs, and there aren't many ways to stop that from going out.

In fact, limiting port 25 access is one of the recommended ways to
dealing with badware.

I personally don't think ISOC should be involved in specific
technological choices of ISPs. I'd be very worried and concerned if the
ISP hadn't provided other options to send /receive mails. In fact, ISOC
chapter should be more involved in educating the customers to
upgrade/update their virus definitions, not leave their PCs connected
when they are not online, not install random bits of software.. etc.. etc.

- -gaurab



Marcin Cieslak wrote:
> Telekomunikacja Polska - the largest broadband Internet access provider
> in Poland
> (and the incumbent telecom operator) plans to block traffic outgoing on
> the tcp/25
> port effective December, 1st 2009. This port is used for the Simple Mail
> Transfer
> Protocol (SMTP) traffic.
> 
> Mail submission (tcp/587) from RFC 4009  and SMTP over SSL (tcp/465) are
> going
> to be the recommended ways for their customers to send email using
> third-party
> SMTP relays.
> 
> This change will affect their home (consumer) DSL access customer, This
> will affect I think over 2 million customers.
> 
> 1. How many of providers in your region implement such a measure?
> 
> 2. If so, do customers have an option to lift the block on request for
> their access line? (Assuming customer authentication via MAC-address or PPP
> and variants is used).
> 
> 3. How does that change influcence customers? Does that change limit
> amount of spam being sent, and if so, to what extent?
> 
> 4. To all: Do you think local ISOC chapter should respond to blocking
> of SMTP traffic? If yes, how?
> 
> --Marcin
> _______________________________________________
> Chapter-delegates mailing list
> Chapter-delegates at elists.isoc.org
> http://elists.isoc.org/mailman/listinfo/chapter-delegates

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkr6LfUACgkQSo7fU26F3X0TRQCfe0yjnf4Lb+3/eeJCj8Z9oVmk
5I8An0VCPgWGy69N3YOTXBrTP2QnCo1i
=ppWY
-----END PGP SIGNATURE-----

More information about the Chapter-delegates mailing list