Sorry, guess I wasn't clear on blocking open proxies. I was meaning that if the current trend of abusing open proxies continues, we'll end up denying any inbound traffic destined for customers on proxy ports. Those that don't will end up blocklisted as more and more people bounce spam off their customers. We've already started denying port 25 connections from DSL netblocks in parts of the U.S. We're returning a 553 with a message to relay through their ISP. It helps, but I don't think its an ideal solution. The lack of any form of redress against spammers doesn't help the issue either. Unfortunately, we end up carrying the traffic costs. Joe Jared's lists at relays.osirusoft.com do contain open proxies, but these aren't actively maintained. Once listed, the user must request re-testing before the block is removed. Re-tests are not automatic. The biggest problem, especially with DSL, is those users on dynamic addresses and running open proxies. In that case, the only solution is to block the entire range. Given the wide range of client software used, I don't think there's any easy answer to this issue. If the SMTP protocol is re-written to enhance security and accountability for traffic, the negative effects on legacy systems would be huge. Attacking the problem at the client end would pose similar problems. Spamassassin still looks to be one of the best options at this stage. Gordon