-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael Thomas wrote:
I think this all vastly underrates the agility of the bad guys. So lots of ISP's have blocked port 25. Has it made any appreciable difference? Not that I can tell. If you block port 25, they'll just use another port and a relay if necessary.
I'm pretty sure it has, although without aggregate stats from various ISPs it is hard to tell. Since mail transport is exclusively on port 25 (as opposed to mail submission), a bot cannot just hop to another port.
But the thing that's really pernicious about this sort of policy is that it's a back door policy for ISP's to clamp down on all outgoing ports in the name of "security".
I don't think ISPs have anything to gain by randomly blocking ports. They may block a port that is often used for malicious behavior (135-139, 194, 445, 1433, 3306 come to mind) as a way to reduce their support calls-- but they would have to balance that with the risk of loosing customers. It's not as much a slippery slope as much as it is a tightrope act (yes-- I am metaphorically challenged). ... alec - -- `____________ / Alec Berry \______________________________ | Senior Partner and Director of Technology \ | PGP/GPG key 0xE8E9030F | | http://alec.restontech.com/#PGP | |-------------------------------------------| | RestonTech, Ltd. | | http://www.restontech.com/ | | Phone: (703) 234-2914 | \___________________________________________/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIvsINREO1P+jpAw8RAvKNAKC83NJgwv4EakAv/jw5biO79D/xEwCgldZ+ JHkb3LboeAD2GC77vcb06Y4= =nfVP -----END PGP SIGNATURE-----