Antispam Group Outlines Defenses to Block Botnet Spam
But MAAWG said that idea may not be possible for some ISPs, and its guidelines offer another alternative: ISPs should share information about their dynamic address space. That would let other ISPs refine their spam filters.
Spamhaus publishes its own DNS Blacklist, with information on ISPs' dynamic address ranges. "Listing your addresses in a dynamic IP list makes those ranges less attractive to spammers because they know they can't deliver to many networks which use those lists," according to Spamhaus' Web site.
Those on dynamic IPs are allowed to send e-mail using port 587, which is dedicated to sending e-mail via servers that require authentication first. That's the way most employees, for example, remotely connect to their company's mail servers, Cox said.
Major ISPs such as Comcast in the U.S. do block unauthorized e-mail on port 25 from going straight to the Internet, but about half of other ISPs -- many located outside Western countries -- do not, Cox said.
"That's the area where we are pointing the finger at," Cox said.
Given the international scope of the spam game, spammers use the infected computers "to send their unwanted traffic to mail servers around the world," MAAWG said.
$firstKeyword
Receive the latest security news as it breaks.
