[NCLUG] comcast blocking port 25?
Bob Proulx
bob at proulx.com
Wed Mar 7 12:56:09 MST 2007
Dennis Clark wrote:
> I use a wireless broadband service (MESA Networks) that has no such
> TOS restrictions on my network usage.
It all depends upon if you have a dynamic IP address assignment or a
static IP address assignment. There is no need for restrictions with
static IP addresses. But for any dynamic IP address assignment I
would definitely implement SMTP port restrictions.
Think about the problem of knowing which IP address is talking to a
mail server and blocking abuse of it. For static addresses it is
possible to block an IP that is causing abuse. But for dynamic
addresses this is problematic. Different users may rotate into and
out of any particular IP address slot at different times. Blocking an
abuser at one moment might block a non-abuser the next. It just does
not work very well in practice.
Therefore dynamic IP assignments really need to relay through a static
IP assignment. Standard practice now is that the ISP will provide a
static IP mail relay that will be responsible for the ISP's dynamic IP
range. Effectively their customers on dynamic addresses will relay
through their mail relay and they will rate limit and spam and virus
filter as required to make sure they are good neighbors on the 'net.
Bob
More information about the NCLUG
mailing list