South Korea to ask ISPs to block port 25 traffic

Posted by   Virus Bulletin on   Nov 15, 2011

Experts sceptical about long-term effects on spam levels.

South Korea intends to require ISPs to block all outbound traffic on port 25 from anything but the "official" mail servers, hoping to help the global fight against spam and to improve the country's reputation as a spam-friendly country.

The blocking of port 25 has long been considered a good practice and many ISPs worldwide already do so. It stops the most basic kind of botnet spam: direct-to-MX spam, where a compromised PC makes a direct connection to the recipient's mail server to send spam.

Because of its large population - most of whom are connected to the Internet via a high-speed connection - it is little surprise that South Korean Internet users are a popular target among cybercriminals who can use compromised machines in the country to send a lot of spam. If implemented, it is likely that this regulation will improve the situation in the country.

However, experts think that in the long run this will not make a big difference. They point out there are other ways for spammers to send spam from compromised machines, such as via proxies or via the official mail servers. They also suggest that ISPs can do more to track malicious traffic on their networks, such as perform transparant spam filtering and monitoring of DNS traffic.

More at the BBC here, with comments from ZDNet here and from Mailchannels here. Naked Security's latest 'dirty dozen' list of top spam relaying countries showed South Korea in second place here.

Posted on 15 November 2011 by Virus Bulletin

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Throwback Thursday: Holding the Bady

In 2001, ‘Code Red’ caused White House administrators to change the IP address of the official White House website, and even penetrated Microsoft’s own IIS servers.

Paper: The Journey of Evasion Enters Behavioural Phase

A new paper by FireEye researcher Ankit Anubhav provides an overview of evasion techniques applied by recently discovered malware.

Guest blog: Espionage toolkit uncovered targeting Central and Eastern Europe

Recently, ESET researchers uncovered a new espionage toolkit targeting targeting Central and Eastern Europe. They provide some details in a guest post.

Avast acquires AVG for $1.3bn

Anti-virus vendor Avast has announced the acquisition of its rival AVG for 1.3 billion US dollars.

Throwback Thursday: You Are the Weakest Link, Goodbye!

Passwords have long been a weak point in the security chain, despite efforts to encourage users to pick strong ones. 13 years ago, Martin Overton wrote an article highlighting the weakness and explaining why it is the human element that presents the…