Telecom New Zealand Ltd. says blocking outbound traffic on TCP port 25, used for sending email, is one of the options being considered by its ISP, Xtra, to minimise the impact of "zombie" computers.
Zombies are internet-connected computers that have been compromised by viruses or trojan horse applications, often many times, and which can be controlled by spammers and other network criminals. Large numbers of "zombies" can be aggregated into "botnets" and used for distributed denial of service attacks and major spam runs, sending vast amounts of messages directly to email servers. Industry estimates say up to 80% of all spam emanates from zombies.
Blocking outgoing email traffic from customers would need careful consideration, however, so as not to inconvience customers, the telco says. "While protecting customers from spam, worms and viruses is our priority, port 25 blocking can have implications for legitimate users," says Telecom"s spokesman for internet affairs, Nick Brown.
The U.S. Federal Trade Commission recently said it would ask some 3,000 internet providers around the world to make sure that their customers haven"t been hijacked by spammers. Apart from blocking outgoing customer email traffic to servers other than those belonging to the ISP, the FTC recommends that providers disconnect users whose computers have been identified as being infected by viruses.
Brown confirms that Xtra already does disconnect some users, to ensure mail and other network services aren"t impacted unnecessarily. He says Xtra also does this also to protect customers from getting hit by large data usage costs. Before disconnection takes place, Xtra attempts to contact customers to advise of the problem and what needs to be done to clean up the machines, Brown adds.
Brown says Telecom is a member of the Microsoft-initatied Global infrastructure Alliance for Internet Security (GIAIS)
and constantly liaises with leading ISPs around the world on security issues. Telecom uses the relationships created through GIAIS and its own analysis to ensure it is employing best practices and protecting the interests of its customersm, he says.