Port 25, The Nuclear

By Larry Seltzer  |  Posted 2005-04-08 Print this article Print

Option"> But the technique that generates the most controversy is when an ISP blocks port 25, as SBC recently began to do.

As one prominent researcher put it, blocking port 25 begins the process of shifting the cost burden for spam from the end user to the ISP and others whose sloppiness in administration is responsible for the unchecked proliferation of spam, and these same people are in a position, through responsible system administration, to choke off most of the abuse. He also argued that the cost benefits of fixing their systems are enough incentive to do it.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

The depressing counterargument is that many of these systems have excess capacity enough to handle the abuse and that laziness is its own reward. When this is the case, theres no choice but for other ISPs to start blocking the offending ISP, as AOL has done many a time.

This is another point on which a consensus is emerging: that ISPs dont take action to stop spammers on their networks until there is a gun to their heads, generally in the sense that their customers are prevented from sending mail. This is where the major RBLs like Spamhaus and MAPS can play a big role. They have a bad reputation among some, and Ive personally been among the collateral damage from an RBL block. But it was my hosting services fault that my server got on the block because they didnt do anything about the spammer on the same address that I had. Enough of us called and screamed, and something was done about it.

Not every little domain has the clout to block a major ISP. The little guy ends up hurting and angering his customers, but the big ISP wont even notice. But when one major ISP, or a service like MAPS, blocks a major ISP, it gets their attention. The corollary to this is that when you block someone, you need to be responsive when they fix the problem.

The fact that ISPs have no reason to not let users opt out of the system is what cinches it for me. One researcher suggested to me that it was much easier for ISPs just to block a whole range of addresses than to have to put up a system for tracking who was to be blocked and who shouldnt, but this is basically just arguing laziness as an excuse. Besides, the SBC system supports letting users request an opt-out. Why can SBC do it and others cant?

The same researcher was concerned that the opt-out system would be taken over by spammers who would opt-out their zombie systems. But its not hard to imagine well-designed authentication systems that mail back a message to the customer and require them to connect back.

And as for the added cost to the ISP for this, Id suggest that they might just save a lot of money by eliminating spammers and mail worms from their networks, but even if you think this is a costly solution, let them charge for the opt-out. Doesnt bother me.

Next page: Port 25, The Counterarguments

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel