Slashdot Mirror


Comcast Gets Tough on Spam

WeakGeek writes "The Washington Post is reporting that Comcast, the nation's largest broadband ISP, has started blocking port 25 to reduce Spam. Jeanne Russo said Comcast is not blocking port 25 for all its users because it does not want to remove the option for legitimate customers who process their own e-mail. So the company is monitoring traffic and picking out machines that look suspicious. By blocking port 25, they say they cut Spam by 20% last week." ZDnet has another article, with a nice statistic: Comcast generates 800 million email messages/day, but only about 100 million of those are sent through Comcast's SMTP servers.

10 of 405 comments (clear)

  1. what about mistakes? by mp3LM · · Score: 5, Interesting

    And what if they make a mistake and block someone who just happens to send a lot of mail?

    Is there a place to appeal?...as good as this could be, I think it's going to inconvenience a lot of people.

  2. Fine by me by drinkypoo · · Score: 4, Interesting
    In fact it's A-Ok in my book if they block port 25 outgoing for all users. If you want to send mail to outside mailservers directly you are free to use a VPN connection or other types of tunnels.

    Now, if comcast would sell me a static IP address, I might care, but since they don't it's clearly not meant for servers. As long as I can come up with a way to get my mail out (presumably you could set up sendmail or another MTA to use smtp.comcast.net as a relay even though you need to authenticate to use it, but I've never looked into it) it doesn't seem like an issue to me.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  3. Reverse That by Elecore · · Score: 5, Interesting

    I bet it would be a lot more effective to automatically open accounts with that port 25 blocked. If you want to use it, you give them a call and ask for it to be opened. I bet at least 95% of the spam being created is being created without the user knowing so closing port 25 won't affect them.

  4. All in the name of stopping spammers... by anakin357 · · Score: 5, Interesting

    Just put these dickhead spammers in jail for 5-10 years for causing so much disruption and cost to the world. I was reading a few days ago (and feel free to correct me/link to the URL) that spam causes ~$1,900 in lost productivity per employee, per year, in the US. THAT is absurd!

    On a side note, people with virus infected machines will now notice they can't send email to their external SMTP servers, and call Comcast, which they will reply that you have a mass mailing internet worm, and you've been spamming thousands of messages a day. Due to your incompetence, we have turned off your external access, forever.

    --
    http://www.fsckin.com/
  5. Here is what I paste into spam complaints. by Serious+Simon · · Score: 4, Interesting
    I check out the Received: headers for the IP address that the spam is coming from, then use whois to find out who it belongs to. I then forward the spam, including full headers, and the following text:

    Hi, I received this spam from out of your network. I trust sending spam is in violation of your terms and conditions.
    Please take appropriate measures.
    I read recently that about 80% of spam is sent via hacked computers on broadband: http://www.sandvine.com/news/pr_detail.asp?ID=50
    You might consider closing port 25 per default and only open it for customers who explicitly want to run their own mail servers.

    Thanks,

    ...my name here...

  6. Re:Seems reasonable, as long as... by techno-vampire · · Score: 5, Interesting

    I used to work for an ISP. We blocked all outgoing Port 25 to keep our customers from relaying. We also blocked inbound at first, to keep out spammers. This ran into trouble quickly. Not only are there services that don't offer SMTP, there are some that insist you use an address at their domain on all outgoing. We had customers that either couldn't send at all, or not with our address because their broadband carrier wasn't accepting their messages. The way we fixed this, we put up an authenticating server. This way, if you ouldn't connect directly through us you still had one of our servers you could use. Worked just fine, and made a lot of people very happy. I doubt we had as many as 0.01% of our customers complain about this, mostly because they needed to send work mail from home and their company insisted that all mail with the company address went through their own servers.

    --
    Good, inexpensive web hosting
  7. Why not pass through their mail servers? by LostCluster · · Score: 4, Interesting

    For those who do operate home mail servers, why can't such people just configure their outgoing SMTP server to pass all outgoing mail through the ISP's SMTP server to get around such blocks, and therefore have a more "trustwrothy" and less likely to be blocked IP address in the headers?

  8. Finally ... now for all the other ISPs by Random+BedHead+Ed · · Score: 4, Interesting

    I generally don't like the idea of ISP's interfering with the network, but port 25 is the exception. I like the idea of them blocking 25 by default, but this plan of keeping an eye on their customers is the next best thing. Most people don't realize how much spam comes from broadband accounts. There is some legitimate mail, yes, but those people need to find a new way of life, because it's mostly spam. I use Sendmail at work, and realizing how things have changed on the spam front I updated my /etc/mail/access file so it now starts like this:

    # Reject cable and DSL users who are now Damned Zombie Spam Bastards - keep adding to this
    cable.mindspring.com ERROR:"550 Blocked"
    cq.shawcable.net ERROR:"550 Blocked"
    cg.shawcable.net ERROR:"550 Blocked"
    ed.shawcable.net ERROR:"550 Blocked"
    vc.shawcable.net ERROR:"550 Blocked"
    vf.shawcable.net ERROR:"550 Blocked"
    vs.shawcable.net ERROR:"550 Blocked"
    wp.shawcable.net ERROR:"550 Blocked"
    ss.shawcable.net ERROR:"550 Blocked"
    gv.shawcable.net ERROR:"550 Blocked"
    ls.shawcable.net ERROR:"550 Blocked"
    tb.shawcable.net ERROR:"550 Blocked"
    mj.shawcable.net ERROR:"550 Blocked"
    fm.shawcable.net ERROR:"550 Blocked"
    du.shawcable.net ERROR:"550 Blocked"
    ok.shawcable.net ERROR:"550 Blocked"
    rd.shawcable.net ERROR:"550 Blocked"
    va.shawcable.net ERROR:"550 Blocked"
    dsl.att.net ERROR:"550 Blocked"
    client.attbi.com ERROR:"550 Blocked"
    client2.attbi.com ERROR:"550 Blocked"
    client.comcast.net ERROR:"550 Blocked"
    client2.comcast.net ERROR:"550 Blocked"
    ks.comcast.net ERROR:"550 Blocked"
    fl.comcast.net ERROR:"550 Blocked"
    ny.comcast.net ERROR:"550 Blocked"
    ma.comcast.net ERROR:"550 Blocked"
    pa.comcast.net ERROR:"550 Blocked"
    mia.bellsouth.net ERROR:"550 Blocked"

    And it goes on, and on, and on, for well over a thousand lines. After implementing this I did some calculation and determined that I was blocking about 22% of our incoming mail. There have been some hiccups, but in general I'm really glad I did this. A few people have contacted me to complain that they can't send mail to my users, and I usually tell them to get a static IP address for their mail server or send through a designated relay. This inconvenience to cheap-o owners of SMTP servers with DHCP-assigned addresses has been a real shame, but my users have commented on how much less spam theiy've been getting recently. Blocking broadband users and using Spamcop have been a great combination. Perhaps one day if more ISPs follow Comcast we'll be able to trust those domains again.

  9. Curses, curses and more curses by Inf0phreak · · Score: 4, Interesting
    The Danish telco TDC has blocked both in- and outgoing connections on port 25 to all other servers than their own smtp.mail.dk for all PPPoE using ADSL customers. I have several issues with this:

    1) What if I want to create a mailing list for a project that I (hypothetically) am making and host the e-mail server myself?
    2) I have absolutely no idea what their virus filter du jour is. Nor do I have any influence on it. If it nukes a ZIP file that I was trying to send (or hoping to receive) then it's just bad luck I guess.
    3) The performerance of smtp.mail.dk has been known to be abysmal at times... I wouldn't call it smart to force all e-mail to go through your server if it couldn't even handle the load when only some percentage of what your customers sent went through it earlier...

    And I have to deal with this crud because some morons don't belong on the internet, aren't using a firewall and get infected with every single fscking e-mail "virus" [*] that is sent their way.

    Not to mention how frustrating it was when my e-mail suddenly one day just stopped working.

    [*]: Trojan of course. But noone ever seems to use the right terminology.

    --
    ________
    Entranced by anime since late summer 2001 and loving it ^_^
  10. And while we're on the subject of Comcast email... by cshuttle · · Score: 4, Interesting
    Here's a question that I have contacted Comcast support for previously, and of course, I haven't been able to replicate the problem for them.

    Has anyone noticed that email which passes through Comcast's servers is delayed for an amazing amount of time? I had a customer that I consult for miss deadlines (and consequently sales) because of mail that was sent at 0800 and got recieved at 2200 the next day. I'm not exaggerating.

    Hearing this and playing around with it a bit, it became obvious that the mail was simply lounging around on Comcast's servers.

    Now, of course, I can talk to their tech support until I'm blue in the face and ask them what's going on, but I'd like to take this chance to appeal to the Slashdot community, who usually have a much better understanding of these matters than the droids at the Comcast call center.

    If you do a couple quick searches around dslreports and newsgroups and so on, you'll see that there are in fact many people who have the precise same issue, and have recieved no significant reply.

    Are there any Comcast insiders who know why these emails float around in limbo for 24 hour periods?