| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: vogt at hansenet.com (vogt@...senet.com) Subject: AW: AW: Windows Messenger Popup Spam on UDP Por t 10 26 > >This isn't about you. The ISP also has a responsibility to protect > >the internet at large. If millions of spam are sent each day because > >the average user is too stupid to close off his proxy, then the > >ISP can either shut him down, or block the proxy port. Obviously, > >shutting down isn't an option for business reasons. > > In this case I would request all ISPs to block port 25. > Millions of spams > are sent via this port each day. True, but incomplete. I work for an ISP, but my data is only true for us, so as usual, YMMV. Most spam is NOT sent out via port 25. It arrives via port 25, but it almost always relayed inbetween. Some years back, open relays were the main problem. However, we've dug into things a bit and found to our surprise that not only are they not the main problem anymore, but in fact a tiny minority. The main problem is open socks proxies (port 1080). Ironically, the proposal that everyone should use a firewall makes the problem worse, not better - we believe one or more personal firewalls shipping with a bad default config are the culprits. So what's an ISP to do? We all know nobody wants spam (even the spammers don't want to RECEIVE spam, only to send it). We also know that 90% of the current Internet population doesn't know the difference between an open proxy and a cup holder. best regards / mit freundlichen Gruessen, Tom Vogt Hansenet Webfarm Security
Powered by blists - more mailing lists