On Mon, 18 Jun 2007, Suresh Ramasubramanian wrote:
On 6/18/07, Jeroen Massar <jeroen@unfix.org> wrote:
Of course, though 25 is (afaik ;) the most abused one that will annoy a lot of other folks with spam, phishings and virus distribution, though the latter seems to have come to a near halt from what I see.
Read these and weep, then - http://darkwing.uoregon.edu/~joe/port25.pdf http://darkwing.uoregon.edu/~joe/zombies.pdf
As Joe says (and I agree), trying to fix infected hosts on your network by blocking port 25 is like treating lung cancer with cough syrup.
The great thing about opinions is everyone has one. See also http://www.maawg.org/port25 Or how about http://www.securitymanagement.com/library/Sans_Ulrich1203.pdf http://www.networkworld.com/edge/news/2003/0908studyisps.html The best answer is probably paying for a strong ISP abuse team. But for whatever reasons, some ISPs prefer to invest in other areas.