Posted by Virus Bulletin on Nov 15, 2011
Experts sceptical about long-term effects on spam levels.
South Korea intends to require ISPs to block all outbound traffic on port 25 from anything but the "official" mail servers, hoping to help the global fight against spam and to improve the country's reputation as a spam-friendly country.
The blocking of port 25 has long been considered a good practice and many ISPs worldwide already do so. It stops the most basic kind of botnet spam: direct-to-MX spam, where a compromised PC makes a direct connection to the recipient's mail server to send spam.
Because of its large population - most of whom are connected to the Internet via a high-speed connection - it is little surprise that South Korean Internet users are a popular target among cybercriminals who can use compromised machines in the country to send a lot of spam. If implemented, it is likely that this regulation will improve the situation in the country.
However, experts think that in the long run this will not make a big difference. They point out there are other ways for spammers to send spam from compromised machines, such as via proxies or via the official mail servers. They also suggest that ISPs can do more to track malicious traffic on their networks, such as perform transparant spam filtering and monitoring of DNS traffic.
More at the BBC here, with comments from ZDNet here and from Mailchannels here. Naked Security's latest 'dirty dozen' list of top spam relaying countries showed South Korea in second place here.
Posted on 15 November 2011 by Virus Bulletin