Webone blocking port 25??

[Stuart Watson]

On 25/07/2002 at 9:41 AM Alex Satrapa wrote:

>On Thursday, July 25, 2002, at 12:13 , David Clarke wrote:
>
>> Not sure that they'll fix it, I emailed them about it and got an
email
>> back about it being in place to stop something from happening....
>
>Any ISP worth their salt *should* block port 25 outgoing, and
require 
>clients to send mail through the ISP's relay.  Mainly to prevent 
>Microsoft Outlook being used as a viral proliferator.  There's also
the 
>advantage of having a virus scanner being run over your mail inbound
and 
>outbound.

Another reason for ISPs to block 25 is poorly configured
wingate/proxy/linux/nt/whatever machines that act as open relays.
Many of you have probably seen the mess a dial up connection can do
as a relay - just imagine a 1mbit connection.


>I'm of split minds as to whether it would be reasonable to expect
the 
>ISP to poke holes in their firewall for clients who ask.  After all
- 
>all it takes is for one virus to get into your only Windows box, and

>you've just become part of the problem.

It comes down to how prepared the ISP is to do custom configurations
on a per user basis, on a large scale setup where multiple systems
have a streamline configuration, admins will probably cringe at the
idea of messing around with rules/conf for a few users. However
smaller operations will probably have no problem with a quick
iptables -I.

I guess this is where the real distinction between a "home" and a
"business" connection come into play - business connections are
really for people who have the need to run their own internal mail
servers and so forth and are 'untouched' connections usually w/ perm
IPs, faster speeds for this reason.

-SW