Comcast Gets Tough on Spam 405
WeakGeek writes "The Washington Post is reporting that Comcast, the nation's largest broadband ISP, has started blocking port 25 to reduce Spam. Jeanne Russo said Comcast is not blocking port 25 for all its users because it does not want to remove the option for legitimate customers who process their own e-mail. So the company is monitoring traffic and picking out machines that look suspicious. By blocking port 25, they say they cut Spam by 20% last week." ZDnet has another article, with a nice statistic: Comcast generates 800 million email messages/day, but only about 100 million of those are sent through Comcast's SMTP servers.
Why not work with the blacklists? (Score:5, Insightful)
Seems the right way to me... (Score:3, Insightful)
Nice to see a large soulless corporation not just shaft its customers wholesale.
We'll see how effective this is (Score:5, Insightful)
We can watch to see how effective this is by seeing how many of comcast's IPs show up in real time spam blocklists. Take CBL [abuseat.org] and WPBL [pc9.org] for instance, two of my favourite lists...
% grepcidr -c -e 68.80.0.0/13 1501
% grepcidr -c -e 68.80.0.0/13 351
Now we see if those numbers go down over time
Getting close to the solution... (Score:4, Insightful)
Re:Reverse That (Score:3, Insightful)
Re:what about mistakes? (Score:5, Insightful)
That's a good one to ask AOL..
They've been blocking virtually anyone sending lots of mail towards them. You have to sign up for their feedback loop, then for their whitelist. In our case, we send a lot of mail to users, because they write to us asking questions. There's plenty of mail going back and forth, but none of it is spam. Most are written by humans, some are automated (You just completed this function, your tracking number is....). They've been doing hit and miss blocking just because they can. It's really annoying. They blocked my workstation because I sent out 4 messages to AOL users in the same day. {sigh}. For my workstation, it's not a big thing, I just changed the IP. But, it's more of a pain for servers.
It doesn't make a lot of sense. I've known spammers. They'll get multiple lines from multiple providers, and keep switching IP's and networks to keep from being blocked. It's all a big act just to make it look like they're being all progressive, even though they're really just annoying legitimate people. Kinda like the TSA.
One of our clients, with his own server and a completely opt in mailing list (like, you specifically have to ask to be on the list) was blocked. He spent hours on the phone with AOL, and got me in on a conference call with them. The support people I spoke with were completely dense. We gave up on any political approach, and just moved his mail server off to another network. He only has about 2000 people who receive his newsletter, and the people not getting it on AOL were actually complaining that they weren't getting them.
Hopefully Comcast will be more professional about it. I know Roadrunner (now Bright House Networks) were absolute dicks about it. They once disconnected my service because I had a DNS server running. I tried to explain to them that their DNS servers sucked (about 5 to 10 seconds to resolve any name). Instead of fixing their problem, they were busy blocking users. {sigh}
As a Comcast User... (Score:5, Insightful)
With wonderful dynamic DNS services like no-ip.org I am able to do this on any dynamic IP and I have no reason to worry about needing one of those pesky static IP addresses.
Hopefully if something were to happen where I'd start getting blocked I could just use my connections at work and contact their e-mail admins directly to resolve the issue. However this slash and burn tactic is just the wrong way to go about fighting spam. Hence one of the reasons I left Earthlink/Mindspring, who block e-mail from ALL Dynamic IP addresses and also block outbound port 25 on their networks.
Re:Largest in the nation? (Score:2, Insightful)
The Washington Post is reporting that Comcast, the nation's largest broadband ISP, has started blocking port 25 to reduce Spam.
Re:Reverse That (Score:3, Insightful)
This is the best move an ISP can make. As a rule they shouldnt block anything, but if a machine is suspected of being a spam shooter, they should step in and take care of it for the sake of their network and the internet community.
Also, the second smartest move is to ask people if they ever bought anything from a spammer and if they say yes just punch them in the face. Now there's a deterrent we can all get behind!
Re:Largest in the nation? (Score:2, Insightful)
Nor is it slashdot.us
I do not have an ass [cambridge.org] from which to take my head out of, I am sure that would be in breach of some law though, at least in the UK, perhaps it is common practice in the US - I can only hope not.
Re:It's crap (Score:3, Insightful)
When sending to SMTP you only have 25, 587, and sometimes 2525. (and some others)
So if I want to spam your company. I would have to connect to your company's smtp service. Most likely its running on port 25. Thus if 25 is filtered for me, I'm screwed.
Mostly, everything but 25 requires authentication and even if this cuts a few percentage points of spam thats (in real life) millions of stopped spam.
Fighting spam requires many fronts, I'm glad to see comcast join the fight. If they don't screw it up, that is.
Re:All in the name of stopping spammers... (Score:5, Insightful)
You know that'll never happen.
All things considered, spam isn't the only problem out there. The ratio of junk to legitimate mail is about the same in my postal mailbox. I may get one letter or bill in, and the rest is junk.. Why aren't people screaming "We need to make laws.." "they need to be in jail.." etc, etc.. That won't happen because the post office turns a profit on it.
Most US bandwidth providers do a pretty decent job of trying to stop spam. Most have pretty strict standards, and will shut off a line for spam. I've been in on several of those actions, although not against me or my networks. It would be nice if all providers did that, but again, it probably won't happen. Many overseas companies make good money selling overpriced bandwidth to spammers. Think of it in business terms. If you're a [insert country here] provider, you can charge double or more for hosting and bandwidth to a spammer. You don't really have to answer to anyone but yourself, why not take the sale? Big spammers can use up some pretty substantial bandwidth, so it's worth it for them to sell to this customer. If I have the choice of barely paying my bills, or buying a new house and cars this year, I think the choice is obvious.
One of the magic questions is, who do you go after? Just a couple days ago, a site hosted on a network belonging to a friend of mine was the "source" of spam. I know they didn't do it, it had absolutely no relationship to them or what they did. So I got on the machines, and found the source. They had a feedback program that was fairly well written, but someone exploited a bug in it, to send out to a few thousand people before I stopped it. Should they throw this perfectly legitimate businessman in jail because someone managed to exploit something. I had to look at it a few times to figure out how they exploited it, the script was fairly well written.
Since plenty of the spam relates back to overseas sources, you'll never see them spending time in a US jail. Simply enough, you'd never see every government in the world agreeing on enforcement of any law, even an anti-spam law. In a lot of countries, it's rather difficult to even report the spam. What happens when you're trying to report it, and the support people don't speak English. And don't be so egotistical to say "they should all speak English", the universe or even the Internet doesn't revolve around America.
There is no need to receive mail from dynamic IPs (Score:4, Insightful)
What does your average user need with 3 gigs/day? (Score:5, Insightful)
Re:E-mail Advertising? (Score:4, Insightful)
Hehe.
I know you're being funny here, but I think there is a general misconception that the people recieving spam actually have to buy stuff. The spammers are paid to get the messages out to x number of people. Their success is not dependent on the actual return rate on the advertising money. It will, however, affect reoccurring business.
To put it another way, I doubt that lack of customers will make the spam go away. I mean, geez, there are still N-Gage commercials on TV.
Re:what about mistakes? (Score:4, Insightful)
Re:Seems the right way to me... (Score:3, Insightful)
This story is interesting timing for me. Today (as in like an hour ago) I had cable modem service from Comcast installed. "Large soul-less corporation" was the last thing on my mind. Not only were they pleasant on the phone when I called yesterday, but they also provided next day service *and* called when they got there so I could drive on over. (I'm staying at a friend's house until the stuff gets moved over.) Previously to this move, I've been a customer of theirs for... well I guess a year, I'm not sure when AT&T was purchased by them. I have YET to hear the phrase "it is our policy..." from them.
So, yeah, I agree, they do seem to understand that making the customer happy is important. This is in stark contrast to Washington Mutual. I tried to open a checking account there, but since I was moving out of my 'permenant address' in two weeks, and I hadn't gotten my new apartment yet, they wouldn't give me an account. "Well it's not our policy to.." yeah yeah.
I guess my point isn't really going anywhere. Your post just kind of reminded me that the phrase 'policy' has made me grit my teeth a number of times. I just hope this type of "we can be reasonable" service catches on with the bigger corps.
Re:Fine by me (Score:3, Insightful)
Why would you use their server from a cafe? You should use the cafe's ISP's smtp server.
Every time this issue comes up, I just get depressed. People range from being upset about having to use the smtp server they agreed to use when they signed up for their account, they work fine, there is no reason a home user paying $39/mo should have the "right" to run smtp of their own, or be able to willy-nilly go connecting to other smtp servers on the net.
Fact is, if every ISP did this, we'd see a huge reduction in spam. What is the cost of this? Just using the appropriate smtp server for your connection.
Why (not the parent) must I see 300+ posts of griping? If you want to run an smtp server so bad, get a commercial class DSL account and pay for it. That, or just get a job as the mail admin for your local ISP.
Re:what about mistakes? (Score:2, Insightful)
Re:what about mistakes? (Score:4, Insightful)
Re:As a Comcast User... (Score:3, Insightful)
Re:what about mistakes? (Score:2, Insightful)
> Enough with this blocking of spam!
The point of this action (and this article) is NOT the blocking of spam on the receiving side.
This is an action, by an ISP, to prevent their networks (and their customer's computers) to be used as spambots/drones. This is a legitimate (if possibly "burn the village to save it") action.
I'd even go so far as to say that it is quite likely that the use of their (Comcast's) networks for the sending of spam would be against the AUP/TOS. The only reason this is NOT dealt with by canceling service is b/c the customers are not doing it on purpose (As in, their computers were exploited by a trojan). Yet, such an action may very well be legitimate according to their contracts (tho obviously bad for their PR/CR image).
Yes. blocking spam is kinda pointless, on the receiving side. even spamfiltering is pointless (in the long run). But, your suggestion of legislation is to address on the sending side. Which is what this is. Is this not the side we truly need to deal with?
Thanks to Spamhaus, Spamcop, Njabl RBLs (Score:5, Insightful)
Hell no!
The only reason they got off their asses is because admins started wholesale blacklisting of their IP space and their customers started complaining.
Blacklisting WORKS! It's the only way to force these ISPs to be responsible.
If you're running content-based filtering, you're part of the problem. If you refuse SMTP traffic from confirmed spam sites, you are part of the solution.
Re:Fine by me (Score:1, Insightful)
Umm, you just above said you DIDN'T want them to use that server, you wanted them to use some internet cafe's ISP's server that they have no agreement with whatever.
they work fine
They *don't* work fine. Every third-party mail server, including my corporation's, had dropped, bounced, or otherwise broken perfectly legitimate personal communication from me. That's why I *started* running my own.
or be able to willy-nilly go connecting to other smtp servers on the net
Right. Heaven forbid people be permitted to do anything without appropriate supervision.
Why (not the parent) must I see 300+ posts of griping? If you want to run an smtp server so bad, get a commercial class DSL account and pay for it.
Poor baby. News flash: I HAVE a commercial class DSL account. I DO pay for it (for my hundred or so personal messages/month). It doesn't work now, sometimes, because OTHER ISPs are blocking INBOUND SMTP connections from "DSL ranges" of various providers.
That's my particular ox. But there's no good reason why users on dynamic accounts should be blocked either, except that it makes life easier for mail admins.
I love how Slashdot-ers get so enraged at any OTHER technology that infringes on people's freedoms in order to crudely address some problem. But when it's an IT issue - what the hell. BLOCK those ports!
KeS
Re:What does your average user need with 3 gigs/da (Score:4, Insightful)
I'm sure Slashdot has put more than 3gigs load on some of the websites it has linked to. Many are hosted out of somebody's basement. (Ok, so that is a one-day load.)
Do you really have to be a business to need to send stuff to other people?
Re:Reverse That (Score:1, Insightful)
You mean one percent?
since 12Mbps > 11Mbps
Damn it! I've had it backwards all along!
Re:Curses, curses and more curses (Score:4, Insightful)
Did you try to get TDC to make an exception for you? Some ISPs actually go out of their way to please their customers. They might customize their filters to let your SMTP traffic thru. Seeing how you are the exception, rather than the rule (not many people with PPP/ADSL run their own servers), this is not unreasonable. Heck, they might even give you a separate network and set up reverse DNS for you (your SMTP server should have it).
Does your TOS have enything to say about this? If your TOS say that you can't run a server (and given the nature of the internet and specially p2p traffic this might be semantic hair splitting), then you'll have to acomodate them. Maybe change to a service that will let you.
Of course, I know by personal experience that telco's (specially if they are the dominant one) can be pretty unreasonable, but you won't know until you try.
Re:What does your average user need with 3 gigs/da (Score:3, Insightful)
Re:Fine by me (Score:2, Insightful)
My God! How dare I "willy-nilly go connecting to other smtp servers on the internet"?
I mean, wow! Why stop at SMTP? Let's take it one step farther! How dare people go willy-nilly connecting to other servers on the Internet?! It's disgusting! For the health of the Internet as a whole, people must stop this insane practice!
What's that in the back? Hmmm? You mean the principle of the Internet is to be able to connect to other computers? But Awptimus Prime says that we shouldn't be able to go connecting willy-nilly to other systems!
Please don't slip in the puddle of sarcasm.
"[B]eing upset about having to use the smtp server [I] agreed to use when [I] signed up for [my] account"? I don't know about you, but I've read a lot of ISP contracts, and never has one said that I need to use my ISP's SMTP server. If it had, I would take my business elsewhere, or obey said restriction.
"[T]hey work fine", you say? You call six-hour delays fine? You call randomly lost email fine? I don't know about you, but I use my email for more than getting advertisements for hot goatse. Clients contact me, friends talk to me, automated systems scream "Help!", and if I don't get those messages in a timely fashion, I'm fucked. Along with said servers. Oh, and some of us like to use personal domains, y'know? And have multiple accounts for sorting purposes and different usages; one for automated, one for clients, one for friends?
You are of course entitled to your opinion, Awptimus Prime, just as I am mine. But personally? I am so glad that you aren't setting policy at my ISP or for the Internet, and if you ever start, I'll go elsewhere. Not that I think Speakeasy would ever listen to you as anything but a humor generator, but still, on principle.
Re:All in the name of stopping spammers... (Score:3, Insightful)
Maybe we could redirect some of that money to pensions and retraining for current poverty industry employees, and spend what's left (easily the majority) on the space program or education or something that will actually provide some benefit other than employing people in corrections.
Re:what about mistakes? (Score:2, Insightful)
Re:what about mistakes? (Score:3, Insightful)
The management of it would be the same. AOL put a policy into place that is obnoxious, and expect people to jump through hoops to do perfectly legitimate things. Their solution is slow and backwards.
If Comcast is responible about it, cool. I'd be happy to see more people taking his kind of aggressive stance, if they're responsible about it.
After dealing with several different cablemodem companies, I'd be willing to bet it to get the access turned back on would take an hour on hold just to get a support person who's clueless to the issue and another week before it gets sent up to someone who knows what to do.
sympatico in .ca (Score:2, Insightful)
it kind of bugged me at first to think "damn them for controlling my usage!"
but then I realized how much spam actually comes directly from idiot systems out there I changed my mind. My server doesn't process all that much mail; maybe 50,000 messages a week. But ever since I stopped allowing mail from unauthorized dynamic hosts (using securitysage's rules and postfix) I've been able to monitor where it comes from. (4400 or so messages/week from comcast hosts)
This type of thing shouldn't affect 'normal' users. For the clients I have that do use sympatico; I've setup an alternative method for them to still use my system as an outbound server -- with authentication, natrually.
It's a lot easier to control spam if email is channeled through an ISPs server rather than a bunch of rogue systems sending directly to destinations... lets see if my numbers on comcast mail rejections drop...
Re:Fine by me (Score:3, Insightful)
Funny you should mention this. I worked at Speakeasy for 2 years as an SA. The topic came up several times, it was not laughed at, but considered something that they will eventually be forced to do if ever targeted by spammers (or at least to the extent other ISPs have been hit). The only thing saving them is their comparatively small size compared to EarthLink, AOL, and Comcast, that is, for residential DSL service.
Personally, if I were running a small ISP of my own, the default would be to deny the ability to do outbound tcp/25, then if a customer requested it, I would allow them to do so.
You have to keep in mind I am thinking about the 4.3 million subscribers who will open some
Mind you, I see you just complain about inadequate servers at the ISP. It's funny to see you tout Speakeasy as such a great ISP, but then say their mail servers have a 6 hour queue. Personally, I've never seen them get anywhere near that high, at least for messages under 3 megabytes. If their smtp is really that bad, then go ahead and generate some mail traffic and post message ids of the ones that take more than 30 minutes to deliver. I'll forward them to a cohort who still works there and get you an explanation.
That is, if you aren't just another mindless troll. I assume you are because of the willy-nilly ports remark was just an over-the-top remark that blows everything well out of proportion here. Personally, I would like to see you suggest a solution to the spam problem today. Don't have one? Didn't think so. At least port blocking helps to an extent, and it keeps your ISP from getting on other ISP's mail-deny lists. If you think blocking port 25 is bad, imagine having a few million customers and then AOL and EarthLink start denying mail from your IP ranges. You'll have some serious PR issues and will be forced to change practices.
Finally, I will state again that I have been online for 12 years. I have never had mail (to a non-freebie mailhost) get lost. I have seen delays up to 9 hours, but those are very rare. You also have to consider the mail queues at the destination, too. Just because a server is quick on one end, doesn't mean it's delivery will be any faster on the other.
Re:Largest in the nation? (Score:3, Insightful)
No, you just forgot where Slashdot was located.
If I'm reading a British website and they say "the nation," it doesn't take a rocket scientist to infer GB.