Slashdot Mirror

← Back to Stories (view on slashdot.org)

Comcast Port 25 Blocks Result In Less Spam

Posted by timothy on from the choke-it-off dept.

Dozix007 writes "Ars Technica reports that: 'After Comcast finally owned up to the massive amounts of spam coming from their network, they decided to identify spammers and zombie relays on their network and block port 25 traffic from those IP addresses. Comcast's efforts are starting to pay off. They announced the amount of spam from their network has dropped 35 percent since they began port blocking and traffic estimates from SenderBase seem to confirm the claims. Spam coming from Comcast subscribers who were formerly on AT&T networks also seems to have decreased'."

5 of 381 comments (clear)

  1. Good job on the cut and pase by Anonymous Coward · · Score: 5, Informative

    Here's the actual Ars Technica story that wasn't linked, but copied and pasted as the Slashdot story.

    Something I've been wondering about though is SpamCop's yearly stats. Since April, spam reporting has been going down. Is it simply fewer people reporting/people reporting fewer spam, or is it a sign that actual spam is going down or at least being better handled? I know on my mail server I've implemented some straight blacklist checks primarily using sbl-xbl.spamhaus.org and it's been working great with no false positives. Some spam still gets through, but SpamAssassin usually catches it with other checks.

  2. Re:OK, that's step 1... by cmowire · · Score: 5, Informative

    The problem is those machines aren't actually the spammer, they are comprimised machines that the spammer is controlling.

    Although, it seems to me like it would be a nice project to send a Comcast truck around the neighborhood with a list of comprimised machines, armed with a laptop running an ethernet sniffer, then use that information to track down who's controlling the machines.

    Only problem is that it probably leads to machines not within the reach of US-based subopaenas.

    --
    Gentoo Sucks
  3. AT&T - Comcast by murderlegendre · · Score: 5, Informative

    Spam coming from Comcast subscribers who were formerly on AT&T networks also seems to have decreased.

    Seems as as we are *still on* an ATTBI network. I was originally an ATTBI subscriber, and the Comcast transition occured many months ago. Interestingly enough, my rDNS still resolves to:

    [ip].[state].client2.attbi.com

    Seems awfully odd that this remais.. one would think, at least for the sake of the brandname, that this would be reporting comcast.net

    --
    There's a Starman, waiting in the sky / He'd like to come and meet us, but he hasn't got the time.
  4. Re:Incoming or outgoing 25? by ScrewMaster · · Score: 5, Informative

    No, that is a problem. As a software developer, I frequently send large attachments to customers that have no other means of receiving them. Being forced to bottleneck ALL my mail through an ISPs mail server (with all the irritating limitations that entails) is simply unacceptable. Furthermore, I personally have Comcast and they were the reason I originally set up my own mail server: theirs was so unreliable that about 20% of my mail just never got through it. Supposedly they've improved that, but I still have my system set to try a direct connection first and only route through Comcast's SMTP server if the direct attempt fails.

    Furthermore, given that the court system has decided that it is entirely okay for ISPs to read their customers' mail at will, I don't necessarily want my confidential emails passing through, and being logged by, their mail server. Perhaps you don't particularly care about that but many people do. Yes, I know they can monitor my IP traffic any time they wish, but there isn't any reason to make it easy for them by just stuffing my messages onto their hard disks.

    Fortunately, at this point Comcast has not chosen to simply block all SMTP transfers, just those from known abusers, so I don't really have a problem with that (for now.) But I do think that reducing or eliminating the capability of the Internet is not the way to solve problems like this, because once ISPs get in the habit of limiting what we can do with the network we will be hard pressed to get back the freedom we have now. I like the fact that any computer on the Internet can connect to any other and communicate in ways defined by the users of those machines. That fundamentally egalitarian aspect of the Internet is what makes the network so useful (and so scary to certain powerful people.) Allowing those that provide our connectivity the power to pick and choose how we communicate is a bad precedent, and one that we will regret. It won't be long, mark my words, when Port 25 access is simply GONE for anyone but a big corporation or Internet provider, unless you want to pay a monthly "SMTP access charge" or something similar. There's already been talk of charging for access to specific types of connectivity. Imagine having to pay an extra $5.00/month "Instant Messaging access charge" for ICQ users, or a "mandated RIAA maintenance fee" for P2P. Keep the damn ports open, block those systems that cause problems, and let the rest of us use the Internet in ways that benefit us.

    --
    The higher the technology, the sharper that two-edged sword.
  5. Have you tried SpamCop's "quick reporting"? by Alexey+Nogin · · Score: 5, Informative

    Do you know that SpamCop has a "quick reporting" option (you have to ask to get it enabled for you)? With quick reporting, you only need to submit the spam via email and the source IP gets automatically reported (but no reporting of spamvertized web sites this way). This way you do not have to go to clicking through their web site, and the bl.spamcop.net still gets all the data.