[GRLUG] Comcast and blocking port 25 delivery

Collin Kidder adderd at kkmfg.com
Wed Nov 12 15:21:06 EST 2008


Michael Mol wrote:
> I see their point on this one.  Comcast services one of the country's
> largest collections of spam zombies.
>
> What they *should* do is RDNS all nodes on their network to
> something.comcast.net, and use SPF to flag any email from any
> non-business customer node as "not allowed to send for this domain."
>
> But I don't know that much about SMTP, DNS and SPF.
>
>   

They already do RDNS for all of their nodes. For instance, when I
connect to my email server it says I am:
c-XXX-XXX-XXX-XXX.hsd1.mi.comcast.net
(Obviously sanitized but you get the point)

But, yes, they could use SPF to show that the email was not sent through 
their servers if it wasn't. Still, someone could directly deliver email 
themselves by sending to remote servers on port 25. There isn't any 
decent way to prevent the sending of email, just decent ways of 
determining the legitimacy. For one, any email which comes from a 
hsd1.XX.comcast.net address should be suspect.


More information about the grlug mailing list