South Korea to ask ISPs to block port 25 traffic
Experts sceptical about long-term effects on spam levels.
South Korea intends to require ISPs to block all outbound traffic on port 25 from anything but the "official" mail servers,
hoping to help the global fight against spam and to improve the country's reputation as a spam-friendly country.
The blocking of port 25 has long been considered a good practice and many ISPs worldwide already do so. It stops the most
basic kind of botnet spam: direct-to-MX spam, where
a compromised PC makes a direct connection to the recipient's mail server to send spam.
Because of its large population - most of whom are connected to the Internet via a high-speed connection - it is little
surprise that South Korean Internet users are a popular target among cybercriminals who can use compromised machines
in the country to send a lot of spam. If implemented, it is likely that this regulation will improve the situation in
However, experts think that in the long run this will not make a big difference. They point out there are other ways
for spammers to send spam from compromised machines, such as via proxies or via the official mail servers. They also
suggest that ISPs can do more to track malicious traffic on their networks, such as perform transparant spam filtering
and monitoring of DNS traffic.
More at the BBC here, with comments from
and from Mailchannels here.
Naked Security's latest 'dirty dozen' list of top spam relaying countries showed South Korea in second place
isp, regulation, south-korea, spam.
Posted on 15 November 2011 by Virus Bulletin.
Leave a comment.
del.icio.us digg this