Matt Sergeant wrote:On 25 Mar 2004, at 22:01, Bryan Scott wrote:On another note, with all these worms and trojans going around, I've seriously considered blocking outbound SMTP on our network and requiring users to "register" their outbound SMTP needs with us (i.e. use another mail provider, company mail server, or host email on their own box). All with the hopes of keeping our network from looking like any of the cable companies.. <sigh>All home ISPs should be doing this. Most of the big ones are doing so already. I think it's a much harder choice if you're a business ISP though.
And that's just the thing. We're both. Most of our residential users are power-user types that like to run servers and stuff at home, or VPN into work a lot; the businesses also host all kinds of servers.
If you genuinely can't block port 25 then the minimum you should be doing is periodically scanning DNSBLs for IPs in your netblock, and notifying the owners of their problems. That helps a lot.
Matt.
