MIT Spam Conference Conclusions

RT Alec writes "The 2003 Spam Conference has concluded, reports InfoWorld. (related read: abstracts of the conference discussions). I was unable to attend the conference, but it appears all that was discussed was filters (client and server). I think the key problem is ISPs that do not block egress traffic on port 25. If you need to send mail through a different SMTP server than provided by your ISP, the admin of that server ought to provide you with a means of using it with authentication on a port other than 25 (you do have permission to use that SMTP server, don't you?). It is not too tough to set up an SMTP server to require authentication, or at a minimum to run off a different port. I am suprised that this is never mentioned as a cure for spam. If just AOL blocked port 25, this could reduce spam by 50% (I base this figure on close examination of the headers of the spam I receive). I was pleased to see that Barry Shein, president of The World (a Boston based ISP) was included in the talks. I am not sure by the abstract (see link above) posted if he mentioned blocking port 25. In a recent interview he did not mention it."

Blocking port 25 is terrible!

[IGnatius+T+Foobar]

Blocking port 25 is not the answer. It creates more problems than it solves. I am a senior sysadmin at a mid size hosting center, and we run mail services for a lot of our customers. The single biggest problem with mail is dealing with ISP's that block port 25.

Saying "oh, just run it on a different port" is not as simple as it sounds to us geeks. Sure, we offer SMTP on another port to get around those ISP's, but your typical nontechnical user doesn't even understand the problem, much less know how to apply the workaround. And during the time they can't send mail, they're blaming you. They're blaming your "broken" mail service, because the mailbox their ISP provided them with is working just fine.

So you set up the nonstandard port and tell them "point it here." Now you're wasting untold amounts of tech support time on the phone with the nontechnical users -- you have to figure out what operating system and e-mail client they're using, and hopefully it's a setup that someone in your tech support organization is familiar with. Then you have to walk them through the process of setting up SMTP on a nonstandard port, and setting up authentication if necessary. During that time, you've spent enough tech support time to make that account unprofitable this month, and the spammers have found some other way to deliver their mail anyway.

Blocking egress on port 25 is not a good solution.

Not quite

[leviramsey]

I think the key problem is ISPs that do not block egress traffic on port 25.

No, the key problem is ISPs that don't disconnect spammers and charge them for violating the AUP, as well as ISPs that don't even have anti-spam AUP's. Open relays are next on the list. True, blocking outgoing port 25 traffic on the routers might eliminate a lot of spam (not a significant amount: in my experience the majority of spams I get are from various Asian countries, though configuring Postfix to reject connection attempts from a dozen or so subnets in China has cut down drastically), but then again, dropping every packet would solve the problem even more effectively, because:

It is not too tough to set up an SMTP server... to run off a different port.

As soon as an ISP blocks port 25, any spammers using that ISP will run their spammachines off of different ports. If an ISP requires SMTP AUTH connections to their mailservers, how long before spammers start relaying through their own ISP servers? Ultimately, blocking port 25 will have no measurable effect on spamming, because if the ISP provides a means around it for sending legitimate mail, it will be abused to send spam. All your proposed remedy will do is make life difficult for those who run legitimate mailservers.

Re:Spamming vs. sending legit mail.

[Enigma2175]

I mean really.. what logical reason do AOL and friends have have for allowing customers on a $10/month disposeable account to connect *directly* to other people's mail servers?

I work for a small company that offers web hosting. Along with the web hosting, we give the customer mail accounts, with SMTP, POP and IMAP access. We have had numerous complaints from customers that were unable to connect to the SMTP server because thier ISP blocks port 25. Why shouldn't they be able to connect to any server they like? This is certainly legitimate traffic but it is being blocked because some jackasses send spam and other jackasses run open relays. Why should my users be blocked because of the actions of other users?

All I want from an ISP is an unfiltered network connection. Once the ISP starts filtering the service it is unlikely to stop. What is the next service to go? Surely people don't need to connect to IMAP or POP servers that are not on the ISP's network. Block 110 and 143. Better block 6346 while we're at it, as it cuts into the pocketbooks of our partners. Don't forget 22, it allows people to work on VIRUSES without the ISP being able to detect it! Pretty soon the network connections ISPs provide will be nearly nonexistent. Port 80 will be open to sites on the whitelist, and you can get a connection on 443 to sites that have registered with the ISP (and paid their tax to Verisign) but all other ports will be blocked. After all, why would anyone need to connect to any service that is not web-based? As everyone knows, 'the internet' == 'www' and connections to other services are not needed.

If I pay for internet access, I don't think it is unreasonable to expect access to all available services. Instead of harrassing the ISPs into degrading my service, how about harassing the mail server vendors to produce products that connot be configured as open relays?