Slashdot Mirror


Comcast Port 25 Blocks Result In Less Spam

Dozix007 writes "Ars Technica reports that: 'After Comcast finally owned up to the massive amounts of spam coming from their network, they decided to identify spammers and zombie relays on their network and block port 25 traffic from those IP addresses. Comcast's efforts are starting to pay off. They announced the amount of spam from their network has dropped 35 percent since they began port blocking and traffic estimates from SenderBase seem to confirm the claims. Spam coming from Comcast subscribers who were formerly on AT&T networks also seems to have decreased'."

3 of 381 comments (clear)

  1. Blocking connects from broadband subscribers by perp · · Score: 5, Interesting
    After I first read about this Comcast thing, I looked into how to block connections directly from spambots on home machines to the corporate mail server I admin (~500 users). I set Postfix up to check_client_restrictions and look up the connecting machine's name in a file that lists all the broadband domain names I could find. The results were so good that I have now added every little ISP whose machines send me spam and started using regexes to catch the ones where if I blocked the domain I'd also block their mail server.

    The results are truly staggering. I have cut the incomimg spam by 80-90%. I cut incoming spam by 50% just by blocking client.comcast.net, client2.attbi.com and cpe.net.cable.rogers.com. The users think I'm a miracle worker. So far I blocked 2 legit messages ... one guy with a home mail server and one guy whose Telus mail server I accidentally blocked with my filter. The error message says to mail abuse@mydomain if the message is blocked in error and, of course, check_client _restrictions is turned off for the abuse account.

    I was amazed at how little "legitimate" spam there is out there. It is almost all hijacked home machines.

    --
    There are two kinds of sysadmins: paranoids and losers. I'm both kinds.
  2. Re:Good job on the cut and pase by thedillybar · · Score: 5, Interesting
    >I know I have stopped reporting all my spam. It took too much time.

    I wrote a perl script that I can pipe to from pine. It does a quick check with whois.abuse.net and forwards it off. Soon I may be adding whois.arin.net checks as well as traceroutes to track down the abuse e-mail contact.

    It's real easy to pipe 200 messages to a script everyday before you leave for the day...

  3. less spam isnt acceptible, the only answer is NONE by Indy1 · · Score: 5, Interesting

    Comcast (hereby referred to as Spamcast) has ignored their massive spam problem for years now. Fortunately for me the solution was to firewall all of their dynamic space from my mail server.

    Apparently Spews thought nuking the dynamic users wasnt enough, and blacklisted all of their dynamic space plus most of their corporate servers as well.

    One of these days Spamcast will wake up and realize that a huge chunk of the internet has blackholed them. I only wonder how many months or years it will take for the clue to sink in.

    --
    Lawyers, MBA's, RIAA? A jedi fears not these things!