If you don't use Web-based email or send your mail through an Exchange server, you're probably sending via SMTP (Simple Mail Transport Protocol). This protocol was codified almost twenty years ago, in an era when "spam" meant tinned meat, or perhaps a Monty Python sketch. Those long-ago academics had no idea that people would misuse their protocol to send advertising for erectile dysfunction drugs or false promises of Nigerian fortunes.
There's next to no security in SMTP. Malefactors can hide the source of a message by modifying sender information in the header, for example. And even if your own email uses a different system, your PC is still fully capable of sending mail using SMTP. Bot networks like the recently defeated Kelihos Botnet rely on this fact, using hordes of infected PCs to crank out spam.
As reported by the BBC, the South Korean government has proposed "Block 25", a radical plan asking Internet Service Providers to block all port 25 traffic (SMTP uses port 25). Legitimate mail would have to go through "official computer gateways."
According to Sophos's Graham Cluley, South Korea is the second biggest source of spam in the world. (The first? Why, the United States, of course!). The South Korean government's concern makes sense, but their proposed solution does not.
First, as noted in the BBC article, there are legitimate uses for port 25 that can't reasonably go through "official servers." A member of the UK's ISP association pointed out that corporate mail servers use port 25 for authenticated access. Blocking that port would prevent people working at home.
More importantly, the spammers won't be foiled for long. Perhaps they'll find a way to use another port, or subvert Web-based mail. The big business of spam and spambots won't be stopped. The only victims will be legitimate users of port 25. Yes, spam is a problem. But the real solution lies in preventing bot infestations in the first place.
0 comments:
Post a Comment