Comcast already does block 25. They don't require SMTP Auth though so it doesn't do much good.
I contract for a small dial up ISP and we have customers who are on Comcast at home but use us for travelling. It's NOT that difficult to walk most of them through the few steps to change the outbound mail server when they switch locations. Most remember the steps after two or three times. What I'm wondering though is if ALL ISP's blocked port 25 and REQUIRED SMTP Auth -- wouldn't that block all the viruses/zombie worms that use their own SMTP engine? They would need a valid username/password for the server to get mail to go out -- period. Or even if they all left port 25 open and REQUIRED SMTP AUTH! I've been meaning to look for a way to see if our users are sending out viral mails that bounce because of failed AUTH. Ideas? My home system (this box) is on RoadRunner. They don't block snot (except port 80 as a NIMDA holdover) but so few people accept mail directly from a dynamic IP (even RR addresses bounce mail if I try to send it directly from my SMTP daemon even though it does have a valid MX) I do route all my mail through the RR SMTP server. If tey required SMTP Auth to do that it wouldn't bother me a bit, one quick config change and I'd keep right on firing. My home SMTP daemon requires AUTH. In fact it uses AUTH for a rather unique purpose. It sets the Sender: header based on what I auth as so I can send mail from my addresses in several different domains and not have a FROM: and Sender: mismatch making it look like spam. Hmm -- so, UNblocked port 25 with SMTP Auth would be the way to go so users could send through the proper SMTP server to get a proper Sender: header that matches the address they're sending from. G On Wed, 10 Mar 2004 23:21:47 -0500 Matt said something about Re: [Declude.JunkMail] Comcast Update: > Not to start a big argument about the issue, but just to reiterate my > stance on this...while blocking port 25 would work, it is unnecessarily > prohibitive. If my provider was to drop port 25 support, I would be > forced to move to a new provider immediately as would most around here. > I also get enough calls already from the few customers that actually > have E-mail hosting with my company when they can't send E-mail or when > E-mail isn't being received, only to find that they aren't even using my > server for SMTP. > > If they shut off port 25, there would still be hundreds of thousands of > open proxies and other types of relays for spammers to hit, and to > administrators like ourselves, this would have little impact. > > Most importantly though...if these guys find it difficult to relay their > spam directly from such IP space, they will turn in greater numbers to > relaying though the ISP's mail servers as they have already been doing, > and spam relayed through legitimate mail hosts is difficult to score in > comparison to a direct host, and many of the people around here are > already giving legitimate mail hosts extra credit by using tests like > SPF and AHBL-EXEMPT. > > I would personally much rather score Comcast zombies with 8 points for > being DUL, 8 points for XBL, 4 points for BADHEADERS, 3 points for > HELOBOGUS, 4 points for SPAMDOMAINS, 6 points for SNIFFER-PHARMACY, 3 > points for GIBBERISH, 4 points for GIBBERISHSUB, etc., etc. The zombies > that land in my hold file are almost always from obscure ISP's with > untracked DUL space, or virus infected mail hosts. > > If people want to stop the problem, they should go out and arrest the > dozen or so people at the root of every piece of zombie spam out there > currently. There's a very limited number of criminals doing this. > > Matt > > Dave Doherty wrote: > > >I know I don't see eye to eye with some folks here about this, but > Comcast > >could prevent the problem entirely by blocking port 25 and putting some > >solid limits on outbound mail with a product like Ddeeclude Hijack... > > > >If they were really serious about fixing the problem, that is. > > > >-Dave > > > >----- Original Message ----- > >From: "Dan Patnode" <[EMAIL PROTECTED]> > > > >>Seems they're actually aware of the problem: > >> >http://maccentral.macworld.com/news/2004/03/10/comcast/index.php?redirect=1078943859000 > -- Gerald V. Livingston II Configure your Email to send TEXT ONLY -- See the following page: http://expita.com/nomime.html --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
