Webone blocking port 25??

Matthew Hawkins matt at mh.dropbear.id.au
Fri Jul 26 09:13:56 EST 2002

Alex Satrapa (grail at goldweb.com.au) wrote:
> If you run an ISP, and allow people with Windows to connect to your ISP, 
> the very least you can do as a public service, is block port 25 
> outgoing.  This protects you (the ISP) from being blacklisted, since 
> your clients can no longer send spam without going through your mail 
> relay.

And that prevents you from being blacklisted how, exactly?

Rather - it lets any customer use the ISP's mail server to relay spam,
and hence get that ISP and ALL their customers blacklisted, regardless
of the fact that the individuals at the ISP and their other customers
did not spam.

It also makes it extremely helpful to spammers.  They can connect, dump
their spam on the ISP's server, disconnect, and let the ISP's mail
server deal with transmitting all the mail and dealing with all the
bounces, timeouts, tarpits, etc. intended for the real spammer.
Also, should spamming become illegal, does the ISP become an accessory
to the crime simply by proxy?

> Ideally, you'd also have spam filters on your mail relay 
> (inbound and outbound).  As a side-effect, blocking port 25 outgoing 
> also protects your clients from exposing important documents thanks to 
> virii like SirCam.

Rubbish.  The Windows virus just looks up your email client's SMTP
relay host and mails via it instead of trying to go directly.  Many
already do this.  Plus there's more ways to expose documents than simply
via email.

> Virus checking software only knows how to catch virii that have already 
> been caught.

Rubbish again.  heuristic scanning picks up "virus-like" code in
anything executing, and can be used to flag potential viruses that the
scanner doesn't yet have a definitive signature for.  This has been
standard practise for 8 years or more.

> Windows is not a secure platform, and anybody responsible for connecting 
> Windows boxes to the Internet is also responsible for protecting the 
> Internet from them.

That would be the people purchasing and using Microsoft Windows.  They
are the people responsible.  The blame doesn't rest on Lennock Motors
when you drive your Daewoo you bought there into your ex-mother-in-law's
house when you're pissed at her, similarly the blame doesn't rest on the
ISP when a customer does something stupid.

I really REALLY loathe the way society now insists that people are not
responsible for their own actions.

The ISP should only be concerned with protecting their own systems from
everyone else.

> Reasons I'd support "consumer grade" ISPs blocking port 25 outgoing and 
> requiring their customers use the mail relay would be that most 
> consumers use Windows, and as such need someone else to take care of 
> them.

Which is pointless as many people have pointed out.

> It's probably a stupid analogy but here goes:  In "real life", there are 
> health regulations that mandate the use of gloves and tongs when 
> handling food.

Which doesn't stop them taking your dirty money in their gloved hand
then go on handling food with it.

> The reason restaurants are forced to behave this way is to protect the 
> large number of people who could be hurt by them.

They're forced to behave this way because society in general have got
lax, and many people subscribe to the athiest religion where the only
thing that matters in the world is self.  So if you sneeze on your hand
then pick up a bread roll and give it to someone, it becomes their
problem.  And this is socially acceptible.

The regulations are nothing more than a band-aid patch to the problem
that people aren't considerate of others.

> Why shouldn't there be similar restrictions on people who connect poorly 
> administered machines to the Internet?

Why doesn't buying a computer require a license so dumb people can't get

"So, logically, if she weighs the same as a duck, she's made of wood, and therefore a witch!"
(Monty Python and the Holy Grail)

More information about the linux mailing list