[Chapter-delegates] Blocking port tcp/25 outgoing

Patrick Vande Walle patrick at vande-walle.eu
Tue Nov 10 23:13:45 PST 2009 

Marcin,

I concur with Franck and others. I am actually surprised the main Polish
ISP did not implement this earlier. 

Over here, ISPs generally accept port 25 traffic on their main outgoing
SMTP relay from their customers, but block SMTP traffic going outside their
network for residential customers. Outgoing e-mail traffic on port 587 or
465 goes through with no problem. 

This is the good way to block e-mail traffic generated by virus-infected
Windows boxes.  Anyway, most serious e-mail service providers will not
accept any SMTP connection from dynamic IP blocks, using lists like
Spamhaus PBL http://www.spamhaus.org/pbl/index.lasso

I am much more concerned with ISPs blocking *incoming* connections. I know
of one in Belgium which blocks incoming connections to all ports below
1024. This prevents users from hosting their blog on a home machine, for
example. It is becoming realistic to do so on garden variety DSL/cable
connections where the return channel can be as high as 1 Mbit. 

Patrick




On Wed, 11 Nov 2009 02:42:34 +0000, Marcin Cieslak <saper at saper.info>
wrote:
> Telekomunikacja Polska - the largest broadband Internet access provider
in
> Poland
> (and the incumbent telecom operator) plans to block traffic outgoing on
> the tcp/25
> port effective December, 1st 2009. This port is used for the Simple Mail
> Transfer
> Protocol (SMTP) traffic.
> 
> Mail submission (tcp/587) from RFC 4009  and SMTP over SSL (tcp/465) are
> going
> to be the recommended ways for their customers to send email using
> third-party
> SMTP relays.
> 
> This change will affect their home (consumer) DSL access customer, 
> This will affect I think over 2 million customers.
> 
> 1. How many of providers in your region implement such a measure?
> 
> 2. If so, do customers have an option to lift the block on request for
> their 
> access line? (Assuming customer authentication via MAC-address or PPP
> and variants is used).
> 
> 3. How does that change influcence customers? Does that change limit
> amount of spam being sent, and if so, to what extent?
> 
> 4. To all: Do you think local ISOC chapter should respond to blocking
> of SMTP traffic? If yes, how?
> 
> --Marcin
> _______________________________________________
> Chapter-delegates mailing list
> Chapter-delegates at elists.isoc.org
> http://elists.isoc.org/mailman/listinfo/chapter-delegates

-- 
Blog: http://patrick.vande-walle.eu
Twitter: http://twitter.vande-walle.eu
Identica: http://identica.vande-walle.eu

More information about the Chapter-delegates mailing list