Free and Open Port 25 Use Is Doomed

It's a shame in a way and it will inconvenience many legitimate users. But it's inevitable: Rules for using port 25 will be tightened up by ISPs and eventually authentication will make the rules global.

Its hard to blame Comcast for beginning, as the Washington Post reported, to block port 25 on systems on their network that appear to be spammers. Everyone knows that a huge amount of spam is sent through broadband client systems that have been taken over—through backdoors—by spammers—zombied—and nobody has more broadband clients than Comcast.

While this move costs money and is potentially troublesome for Comcast, slowing down spam is not the only upside to doing this. The article claims that the change has brought about a 20 percent reduction in spam. Assuming that means 20 percent of the spam coming into Comcasts system, thats a lot of freed-up bandwidth.

Since spam makes up at least 50 percent of all e-mail, a 20 percent reduction in spam translates into a more than 10 percent reduction of overall mail, increasing the quality and reliability of that e-mail. And of course its an improvement for even those of us not using Comcasts network because a lot of those zombies send spam to us.


Im no big fan of Comcast, being a victim of their cable TV service, but their cable modem service is probably the best broadband deal for most people who have it available. I have to admire any steps they take to improve it, and this one isnt an easy decision. Comcast isnt typically a bunch of fascists when it comes to enforcing their rules. Its a violation of your Comcast agreement, for example, to run a mail server, but they havent been going around enforcing those rules. So I dont assume that they will suddenly swing over to abusive enforcement.

Within a couple years there will be widespread adoption of one of the emerging standards for SMTP authentication, perhaps the MARID specification currently under development by an IETF group. This will help to prevent spam from getting through to recipient mail servers, but its still going to be worth it for ISPs like Comcast to try to block spamming systems. If they dont, the mail still goes out and burdens the recipient servers into having to block it as unauthenticated. Both approaches are useful for cleansing the Internet of spam.

Next page: After authentication ...