On Oct 24, 2009, at 3:17 AM, Joe Greco wrote:
Isn't blocking any port against the idea of Net Neutrality?
Yes.
Owen
No.
The idea of net neutrality, in this context, is for service providers to avoid making arbitrary decisions about the services that a customer will be allowed.
Right.
Blocking 25, or 137-139, etc., are common steps taken to promote the security of the network. This is not an arbitrary decision (and I am defining it this way; I will not play semantics about "arbitrary". Read along and figure out what I mean.) For 25, SMTP has proven to be a protocol that has adapted poorly to modern life, and a variety of issues have conspired that make it undesirable to allow random home PC's to use 25. Reasonable alternatives exist, such as using 587, or the ISP's mail server. A customer isn't being disallowed the use of SMTP to send mail (which WOULD be a problem). A customer may use any number of other mail servers to send mail. Not a serious issue, and not arbitrary... it's generally considered a good, or even best current, practice.
A common practice of breaking the network for your customers does not make the network any less broken and does not make the action network neutral The SMTP protocol has adapted just fine. Certain operators of SMTP servers, on the other hand, are a different issue. I don't take exception if you want to block those SMTP servers. I do take exception if you block the protocol entirely. 587 is the exact same protocol as 25, just with different host configuration policies. As such, I would hold up 587 as an example to prove my point.
Blocking VoIP from your network to Vonage, because you want your customers to buy your own VoIP service? That's a very clear problem. There's no justifiable reason that any viable broadband service provider would have for blocking VoIP. Yet there could be a reason to forbid VoIP; I can, for example, imagine some of the rural WISP setups where the loads caused on the infrastructure interfere with providing service.
Some providers block outbound 25 to other email service providers because they want your outgoing email to go only through their own unauthenticated, unsecure mail servers. (I have had at least one former ISP refuse to unblock port 25 or 587 for me to a host that was running TLS and SMTPAUTH while they insisted that I use their port 25 server which did not listen on port 587 and would not accept TLS or SMTPAUTH).
Similarly, it'd be ridiculous to expect an 802.11b based rural WISP to be able to support HD Netflix streaming, or dialup ISP's to be able to support fast downloading of movies. These are not arbitrary restrictions, but rather technological ones. When you buy a 56k dialup, you should expect you won't get infinite speed. When you buy WISP access on a shared 802.11b setup, you should expect that you're sharing that theoretical max 11Mbps with other subs.
Right... Those are not arbitrary, they are valid. Blocking all access to port 25 is, on the other hand, arbitrary.
There's lots of interesting stuff to think about. Net neutrality isn't going to mean that we kill BCP38 and port 25 filtering. It is about service providers arbitrarily interfering with the service that they're providing. Customers should be given, to the maximum extent reasonably possible, Internet connectivity suitable for general purpose use. Where service providers start infringing on that, that's what should be addressed by network neutrality.
BCP-38 is good. SMTP blocking is not in BCP-38. Not allowing a user to send forged packets is a perfectly legitimate action. Not allowing a user to send or receive valid packets properly formatted, carrying legitimate traffic for purposes which are not a violation of the providers AUP, on the other hand, is not good. Owen