James Clark
I was wondering if you might perhaps take the time to chime in and let the NZNOG community know that blocking port 25 isn't a _solution_. One of the root motivators for implementing the block is the sheer number of their customers that have computers which run "rooted" Microsoft OSes.
It equally stops spam from compromised Linux boxes - yes, I have seen this happen.
My angle is that blocking port 25 will not _solve_ the root cause of the problem. I believe that Xtra are in a good position to put some pressure on Microsoft with regards to rolling out a much better _solution_ , for example:
Transparently scanning customer email for virus / blatant-spam related content. Then identifying and contacting those customers, to sort out their issues. Something that could be fairly easily implemented - it would just cost money, probably lots of it. Xtra and Microsoft are in a good position with regards to finance, as we all know. And this could be opted out of (easily), so the clueful can carry on living under the radar (the pleasant side of the radar). The devil is in the detail...
How are you going to scan the mail unless you force it through your SMTP server? If you don't block 25 outbound, the payloads, whether worms or spam will continue to be sent direct to MX. Personally, I'm all in favour of running snort on all ingress/egress traffic, but that probably doesn't make economic sense for most here. cheers, Jamie -- Jamie Riden / jamesr(a)europe.com / jamie.riden(a)computer.org "That's why I love VoIP. You don't get people phoning up to complain that the network is down." -- Peter Corlett