Re: Killing a fly with a jackhammer in http://www.dslreports.com/forum/r10522429 en Wed, 25 Nov 2009 03:55:00 EDT Wed, 25 Nov 2009 03:55:00 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10562043 techn0mad :
said by jester121 See Profile:

If people want to run their own SMTP server, pony up the money and pay for an account that supports it.

I'll be curious to see how SPF manages to cause headaches, assuming it ever gets widespread acceptance. If companies don't adopt the alternate port approach, they're going to have a ton of extra work.


I can't speak to the validity of this solution, but I have to point out that there are folks like myself who do not have any alternatives for broadband except Comcast.

I like to think of myself as competent enough to run my own SMTP server without causing more spam and problems for my ISP. My beef is that Comcast does not provide an account that supports me running my own SMTP server at any price. So telling people to pay up isn't the answer either.
--
Larry Gadallah, VE6VQ gadallahl@yahoo.com Key fingerprint = D679 5D9D 4127 7403 68FD D7F3 8668 EBA5]]> http://www.dslreports.com/forum/remark,10562043 Sun, 20 Jun 2004 17:31:52 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10547791 netscape 6 :
said by jester121 See Profile:
Errr... I spend MY money to run MY server. You spend YOUR money to run YOURS. THEY will spend THEIR money to run THEIRS.

Are we 100% clear on this now?


Well you seem to be so insitent on how they can spend it. Why can't I be insitent on how you spend yours?]]> http://www.dslreports.com/forum/remark,10547791 Fri, 18 Jun 2004 18:20:22 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10522429 jester121 : Errr... I spend MY money to run MY server. You spend YOUR money to run YOURS. THEY will spend THEIR money to run THEIRS.

Are we 100% clear on this now?]]> http://www.dslreports.com/forum/remark,10522429 Tue, 15 Jun 2004 23:47:30 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10522311 netscape 6 :
said by jester121 See Profile:

If people want to run their own SMTP server, pony up the money and pay for an account that supports it.


How about you pony up the money for them. I mean it's so easy for you spending other peoples money. I figure you should'nt mind me spending yours.]]> http://www.dslreports.com/forum/remark,10522311 Tue, 15 Jun 2004 23:34:34 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10490891 RARPSL :
said by jester121 See Profile:
If people want to run their own SMTP server, pony up the money and pay for an account that supports it.


It is not only those who want to run their own server who want to use a SMTP Server other than that of the ISP that is AT THAT TIME providing their connectivity. It is anyone who has a laptop who does not want to have to alter all their MUA settings every time they connect via a different ISP's network. Yes I know about using Port587 to bypass the "Control Freak" blocking of Port 25 but that relies on the 'foreign" ISP supporting this port. I have seen ISPs that block outgoing Port25 (You must use OUR Servers or Port 587 to get to THEIR Server) who then will not allow Port25 OR PORT587 connects to their Internet facing Servers. ]]> http://www.dslreports.com/forum/remark,10490891 Sat, 12 Jun 2004 13:21:39 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10465430 jester121 :
said by russotto See Profile:

The "workarounds" depend on having a machine with a first-class internet account. If you've seen no convincing arguments, it's because you won't accept any arguments.


What is a first-class internet account? I didn't know there were classifications for that, but I'll bite.

The workarounds depend on having a server admin who knows WTF they're doing, who can set up alternate ports for SMTP. Barring that, pay a few bucks a month for a hosting service that will let you send through them.

If you're referring to being prevented from running a server at home as a workaround, then you're way off base -- subscribers who want to run their own servers are already USING a workaround, because they don't want to use Comcast's servers or they like to tinker.]]> http://www.dslreports.com/forum/remark,10465430 Wed, 09 Jun 2004 19:31:55 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10463594 russotto :
said by jester121 See Profile:
I've listened to this debate for months and NO ONE has come up with a convincing argument for permitting outbound port 25 from an ISP's subscriber block. The workarounds are too easy, the benefits too monumental, and the drawbacks are nill.

The "workarounds" depend on having a machine with a first-class internet account. If you've seen no convincing arguments, it's because you won't accept any arguments.]]> http://www.dslreports.com/forum/remark,10463594 Wed, 09 Jun 2004 15:54:58 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10463533 kpatz :
said by Brazbit See Profile:
Didn't they say that in the last lines of the BBR article?
Not when it was first posted, unless I overlooked it.
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend.]]> http://www.dslreports.com/forum/remark,10463533 Wed, 09 Jun 2004 15:48:17 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10463500 Brazbit :
said by kpatz See Profile:
What isn't mentioned in the BBR article but is mentioned in the Comcast forum and a CNet article, is that Comcast plans on targeting the blocks toward subscribers that are sending out spam, rather than foisting the blocks on everyone. This way it won't affect the majority of subscribers. After all, there are probably more people out there who legitimately use 3rd party SMTP servers, which would be negatively affected by such a block than there are spamming zombies.


Didn't they say that in the last lines of the BBR article?

"With a "targeted" approach, Comcast likely plans to block port 25/tcp traffic for only the most egregious offenders. We'll soon see if that's going to be enough."]]> http://www.dslreports.com/forum/remark,10463500 Wed, 09 Jun 2004 15:43:36 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10462644 pvera : More like a swarm of Cicadas!]]> http://www.dslreports.com/forum/remark,10462644 Wed, 09 Jun 2004 13:53:03 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10462348 N10Cities :
said by DonLibes See Profile:
said by kpatz See Profile:
What isn't mentioned in the BBR article but is mentioned in the Comcast forum and a CNet article, is that Comcast plans on targeting the blocks toward subscribers that are sending out spam, rather than foisting the blocks on everyone.
How does Comcast's proposed implementation only target subscribers sending out spam? I need to use my employer's SMTP server (Comcast's SMTP server has too many limits on outbound mail plus it's much lower reliability, has long latency, etc.) So would I still be able to use my employer's SMTP server? How would Comcast differentiate?


There was an article somewhere (I can't remember the link, but it was on C-NET), that said they can go into the customer's modem and block the port there once a known spam machine is identified.]]> http://www.dslreports.com/forum/remark,10462348 Wed, 09 Jun 2004 13:17:22 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461926 jester121 : Your employer can (and should) set up an alternate port for you to use, preferably with SMTP-Auth, and you'll have no problems.

I've listened to this debate for months and NO ONE has come up with a convincing argument for permitting outbound port 25 from an ISP's subscriber block. The workarounds are too easy, the benefits too monumental, and the drawbacks are nill.

If people want to run their own SMTP server, pony up the money and pay for an account that supports it.

I'll be curious to see how SPF manages to cause headaches, assuming it ever gets widespread acceptance. If companies don't adopt the alternate port approach, they're going to have a ton of extra work.]]> http://www.dslreports.com/forum/remark,10461926 Wed, 09 Jun 2004 12:32:01 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461919 alien9999999 : it's more "killing billions of flys with a bunch of jackhammers"

furthermore, even if every ISP blocks the port, it won't mean spam would be ended, but it would mean that every spam would be perfectly traceable and sueable (hopefully) and that spammers would have no place to run anymore...

...effectively ending 90% of all spam.
--
Alien is my name and headbiting is my game.]]> http://www.dslreports.com/forum/remark,10461919 Wed, 09 Jun 2004 12:31:22 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461913 djtim21 : ;)Why don't you use VPN and solve your problem ;)]]> http://www.dslreports.com/forum/remark,10461913 Wed, 09 Jun 2004 12:30:38 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461800 nixen :
said by Link Logger See Profile:
While this will help as there are lots of open email servers out there, it will not stop spam, as sonofjay is correct that other ports are used to bounce spam (559 and 65506 are two very common virus installed proxies and I would bet filtering those two ports would have more of an effect then filtering port 25).

The only solution is to go after the infected systems and spam servers spewing out this junk, but right now I'm happy to see someone trying something to help.

Your argument makes no sense. It doesn't matter where a proxy listens. If it's trying to reach an SMTP system outside of a blocked network, then blocking port 25 outbound is STILL going to destroy the effectiveness of that proxy.

-tom
--
"There are 10 types of people in the world... those who understand binary and those who don't."
"That's only 2 types of people, moron"]]> http://www.dslreports.com/forum/remark,10461800 Wed, 09 Jun 2004 12:15:03 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461757 nixen :
said by sonofjay See Profile:
said by Steve See Profile:
Um, the enormous volume of spam coming from Comcast hardly qualifies as "a fly"


True, but this is simply treating the symptom and not the problem itself. And who long will it really be before a virus is written to use a different port? What will they do then block all ports?

That's a REALLY naive argument. You assume two things: that all SMTP service providers will provide alternate port service on the same alternate port and that there's no authentication required on that alternate port.

Unless every ISP sets up to listen on the same port, how is the virus going to know what port to connect to? Port-scan every MX host? That will just end up auto-blacklisting the scanning host - defeating the purpose of the virus. Granted, there is an RFC stipulated alternate port, the MSA port, 587, that viruses could try to go against, but doing so is problematic, as well. Mail services that bother to set up SMTP on alternate ports typically require authentication to pass traffic. Without authentication credentials, those viruses that are written to use alternate ports aren't really going to go anywhere.

-tom
--
"There are 10 types of people in the world... those who understand binary and those who don't."
"That's only 2 types of people, moron"]]> http://www.dslreports.com/forum/remark,10461757 Wed, 09 Jun 2004 12:10:20 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461721 Steve : Huh?

Blocking inbound 25/tcp to Comcast subscribers would have the effect you suggest - use a different proxy port - but I believe we're talking about blocking outbound 25/tcp. This will stop all email coming from these infected machines.

Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site]]> http://www.dslreports.com/forum/remark,10461721 Wed, 09 Jun 2004 12:05:32 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461689 kpatz :
said by DonLibes See Profile:
How does Comcast's proposed implementation only target subscribers sending out spam? I need to use my employer's SMTP server (Comcast's SMTP server has too many limits on outbound mail plus it's much lower reliability, has long latency, etc.) So would I still be able to use my employer's SMTP server? How would Comcast differentiate?
I presume they would go by Spamhaus etc. reports and/or abuse complaints, and just block those who are known to have sent large amounts of spam.

Sending legitimate mail to a legitimate 3rd-party server shouldn't get their attention.
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend.]]> http://www.dslreports.com/forum/remark,10461689 Wed, 09 Jun 2004 12:01:20 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461675 Link Logger : While this will help as there are lots of open email servers out there, it will not stop spam, as sonofjay is correct that other ports are used to bounce spam (559 and 65506 are two very common virus installed proxies and I would bet filtering those two ports would have more of an effect then filtering port 25).

The only solution is to go after the infected systems and spam servers spewing out this junk, but right now I'm happy to see someone trying something to help.

Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel]]> http://www.dslreports.com/forum/remark,10461675 Wed, 09 Jun 2004 12:00:15 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461662 DonLibes :
said by kpatz See Profile:
What isn't mentioned in the BBR article but is mentioned in the Comcast forum and a CNet article, is that Comcast plans on targeting the blocks toward subscribers that are sending out spam, rather than foisting the blocks on everyone.
How does Comcast's proposed implementation only target subscribers sending out spam? I need to use my employer's SMTP server (Comcast's SMTP server has too many limits on outbound mail plus it's much lower reliability, has long latency, etc.) So would I still be able to use my employer's SMTP server? How would Comcast differentiate?]]> http://www.dslreports.com/forum/remark,10461662 Wed, 09 Jun 2004 11:58:48 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461643 Zshen : It's about time they do something. It's obvious they don't pay attention to any spam/abuse reports since I'm still getting hammered 6 months later from the same compromised open relay computer.
--
"The most overlooked advantage of owning a computer is that if they foul up there's no law against whacking them around a bit."]]> http://www.dslreports.com/forum/remark,10461643 Wed, 09 Jun 2004 11:56:10 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461607 Steve :
said by sonofjay See Profile:
And how long will it really be before a virus is written to use a different port?
They won't: as long as 25/tcp is the only port that recipient mailservers listen on, blocking that outbound port stops the spam once and for all.

I don't care of Comcast customers are infected, I just care that the spam stops.

Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site]]> http://www.dslreports.com/forum/remark,10461607 Wed, 09 Jun 2004 11:51:08 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461553 sonofjay :
said by Steve See Profile:
Um, the enormous volume of spam coming from Comcast hardly qualifies as "a fly"


True, but this is simply treating the symptom and not the problem itself. And how long will it really be before a virus is written to use a different port? What will they do then block all ports?
--
The war is over??]]> http://www.dslreports.com/forum/remark,10461553 Wed, 09 Jun 2004 11:44:52 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461512 Steve :
said by sonofjay See Profile:
Killing a fly with a jackhammer
Um, the enormous volume of spam coming from Comcast hardly qualifies as "a fly"
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site]]> http://www.dslreports.com/forum/remark,10461512 Wed, 09 Jun 2004 11:41:04 EDT Re: Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461510 kpatz : What isn't mentioned in the BBR article but is mentioned in the Comcast forum and a CNet article, is that Comcast plans on targeting the blocks toward subscribers that are sending out spam, rather than foisting the blocks on everyone. This way it won't affect the majority of subscribers. After all, there are probably more people out there who legitimately use 3rd party SMTP servers, which would be negatively affected by such a block than there are spamming zombies.
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend.]]> http://www.dslreports.com/forum/remark,10461510 Wed, 09 Jun 2004 11:40:54 EDT Killing a fly with a jackhammer http://www.dslreports.com/forum/remark,10461477 sonofjay : Hope it works!]]> http://www.dslreports.com/forum/remark,10461477 Wed, 09 Jun 2004 11:38:02 EDT