Kia ora Wietse, [NZNOGgers - Please read this email and the next before you flame me. I won't see the flames until very late tomorrow :) I hope to not be flamed over this. Yes I deserved it earlier, I'll let you have that one.] You're about to be Cc-ed on a tale from me to the NZNOG mailing list. It involves the word Postfix a fair bit, Postfix rocks. Thank's for all the hard work you've put in to your MTA, it's a gem. I won't build an MTA with anything else, it suits me. So, yeah. Thanks. I hope you enjoy the soon to follow tale. Heck, maybe you won't, it doesn't matter in the grand scheme of things ;) Xtra is planning to block port outbound 25 outbound, no doubt a few other xSPs will follow suite at around the same time. Big business is what it is. The people that work at are good people. I personally like to support the underdog and I get on my soapbox occasionally. Xtra is New Zealand's largest ISP, a monolithic monopoly that's in bed with Microsoft ( www.xtramsn.co.nz ) and it's got it's hand playing very heavily in Parliment. What Xtra does impacts New Zealands Internet very heavily. This email is a request for your advice, for me personally and I suppose (as is in the subject heading) a request on behalf of NZNOG. I hope it is well recieved. I was wondering if you might perhaps take the time to chime in and let the NZNOG community know that blocking port 25 isn't a _solution_. One of the root motivators for implementing the block is the sheer number of their customers that have computers which run "rooted" Microsoft OSes. My angle is that blocking port 25 will not _solve_ the root cause of the problem. I believe that Xtra are in a good position to put some pressure on Microsoft with regards to rolling out a much better _solution_ , for example: Transparently scanning customer email for virus / blatant-spam related content. Then identifying and contacting those customers, to sort out their issues. Something that could be fairly easily implemented - it would just cost money, probably lots of it. Xtra and Microsoft are in a good position with regards to finance, as we all know. And this could be opted out of (easily), so the clueful can carry on living under the radar (the pleasant side of the radar). The devil is in the detail... I can imagine it'd be a logistical nightmare. However, I know the above is possible, I scripted something in Perl to do just this, when I worked for Wave Internet (a local ISP). The script did the above (example) automatically minus the automated contacting of customers, that was done manually but the script notified the support team of who was an offender. It also just scanned the Postfix's logs, not port 25 outbound for the entire op etc. I wasn't that savvy at the time. It would not just help the problem it would also curb the expense that is passed on to the customer. I've talked to a handful of customers while at Wave on the helpdesk that had footed thousands of dollars in bills due to trojans etc (Porn dialers, mass mailers etc). Those poor souls didn't get much sympathy from any party, just our condolences, it was the Telco that won in the end. I'm sure everyone on the NZNOG list would value your input on this issue, some may disagree with you. I know some have disagreed with me :) Heck, you may even support the blocking of port 25, though I suspect not[1]. Perhaps you won't, it doesn't matter. There's no harm in asking for the advice of someone that's well respected in the MTA building business. I've done a list subscribe request, on your behalf, to make it easier for you if you'd like to make a difference - either for or against my opinion which is: "Blocking port 25 is bad for the Internet (as a whole).". I know my initial post (to NZNOG) wasn't recieved too well. The thread started here: http://list.waikato.ac.nz/pipermail/nznog/2006-April/011325.html My rant here: http://list.waikato.ac.nz/pipermail/nznog/2006-April/011325.html I broke a few of the NZNOG rules and ruffled some feathers. Oh well, them's the breaks when the soapbox comes out :) A reminder. NZNOGgers - Please read the next email before you flame me. I won't see the flames until very late tomorrow :) Wietse, the next email from me will provide even more background. I can imagine that we'd all look forward to hearing your opinion on the matter. Thanks for your time so far. Perhaps we'll hear from you :) If you happened to have already deleted the subscribe request: http://list.waikato.ac.nz/mailman/listinfo/nznog [1] Sorry, I don't currently have time for _lots_ of list reading etc just a few key announcements and NZNOG, where I typically lurk. I don't *know* your view, I'd typed up to [1] before going "duh, Google...". So I carried on. -- Cheers, James Clark.