Blocking outbound port 25 blocks the vast majority of non authenticated smtp. The remainder being authenticated (or channelled via the same service provider, who can trace you by your IP, dynamic or not), provides some accountability and makes spam much easier to trace... acknowledging that much spam comes from compromised machines on residential grade connectivity (on port 25).

Blocking port 25 outbound (with an opt out option) makes sense if you can't quickly deal with offenders on your network (as often seems to be the case with big players). This doesnt the provide those players with an excuse to under-resource abuse@ (as the remaining spam is finding another way out) but this does seem to happen regardless... so its not even close to a silver bullet but it does helo more than hinder.

Mark.


Sent from a mobile device.


-------- Original message --------
From: Steve Holdoway
Date:05/11/2014 14:56 (GMT+12:00)
To: Peter Lambrechtsen
Cc: nznog
Subject: Re: [nznog] UFB 1 gig plans for retail and impact they have

On Wed, 2014-11-05 at 14:14 +1300, Peter Lambrechtsen wrote:
> Have to say that blocking inbound port 25 and 53 is highly recommended
> for all RSPs. Plus blocking outbound port 25 to only SMTP servers you
> run if you wanted a sense of if customers are using their connections
> for mass spamming. With an opt out of course.
Given that mail servers also listen on 587 ( thanks billg ) and 465,
isn't blocking just 25/tcp just a bit pointless?


Steve
--
Steve Holdoway BSc(Hons) MIITP
http://www.greengecko.co.nz
Linkedin: http://www.linkedin.com/in/steveholdoway
Skype: sholdowa

_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog