FTC Recommends ISPs Disconnect Spam Zombies

Mike Markley writes "CNN is carrying a story about the the FTC's plans and concerns around spam zombies. They say they will be identifying such zombie hosts and notifying ISPs, and are recommending that the ISPs disconnect indicated users. There's also a recommendation likely to raise the ire of the geekier sorts: that ISPs only permit users to send mail through their own servers (presumably by blocking port 25 outbound)." From the article: "Law enforcers in 25 other countries, from Bulgaria to Peru, are also participating in the campaign, the FTC said. Absent from the list of cooperating countries was China, where experts say rapid growth and a relative lack of technical sophistication have led to a large number of zombie computers."

So what?

[grub]

That ISPs only permit users to send mail through their own servers (presumably by blocking port 25 outbound)

My ISP doesn't block 25 outgoing but a few spam blacklists have my IP range on their "DSL/Cable/Dialup" listings so I send mail from my internal server through the ISP.

The result? No more "You're on a dynamic IP" bounce messages.

Re:25? Already blocked.

[The+Cisco+Kid]

Yes, so you make sure you pick a clueful ISP that has MSA (RFC 2476) support, which uses port 587, then you set his mail client to use that, and it works fine both when hes in the office, or at home, regardless of port 25 restrictions wherever he's getting his connectivity from.

Since MSA requires him to *authenticate* (which most clients, even OE and ilk will do happily) when he connects on port 587, and the ISP only accepts *outbound* mail on that port (other ISP's wanting to delvier mail *to* your ISP still use 25) it isnt terribly attractive to spammers.