On Thu, 25 Dec 2025, Mukund Sivaraman via NANOG wrote:
Some of these may be double-edged (on how a person may feel, depending on their perspective).
As an example, some virtual private server operators will drop outgoing SMTP traffic by default. Someone who's the target of spammers may cheer this. Someone who wants to use it to run a mail server (non-spamming) will not. Some operators can be contacted through a form to remove the default filter.
IMO, this has been best practice for cloud/VPS providers for >10 years. Having been on both edges of that sword, I can tell you from first hand experience, there are just too many PoS spammers who will sign up for service with stolen credit card numbers just to spam (if you let them). Defaulting to outgoing 25/TCP blocked puts a stop to that. Legitimate customers can contact the provider to get the block removed. I'm not a fan of CGNAT, but it's become a fact of life for many people and most customers subjected to it will never notice it. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Blue Stream Fiber, Sr. Neteng | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________