June 10, 2004 12:56 PM PDT

Comcast takes hard line against spam

Comcast, the nation's largest broadband Internet service, this week began selectively blocking a network loophole commonly exploited by spammers.

The cable giant, whose broadband Internet service has more than 5.7 million subscribers, said it will block what's known as "port 25" for accounts suspected of sending mass amounts of unsolicited e-mail. The company will implement blocks based on subscriber accounts with the most outbound activity.

Port 25 is a gateway that most computers use to send e-mail. That's because a technical specification called SMTP (Simple Mail Transfer Protocol), which lets people send and receive e-mail, operates on the port.

"We are singling out spammers on our network and blocking port 25," said Mitch Bowling, Comcast's vice president of operations. "We don't think it's the right approach to blanket port 25. The right approach is to seek out people who are spamming our network and others."

Comcast's port 25 blocks were first noticed in online public forums such as Broadbandreports.com.

The move comes amid mounting criticism against Comcast for not taking enough steps to thwart spam. Some measurement companies have highlighted Comcast as the greatest source of spam, most of it from subscribers who have no idea their computers have been transformed into spamming engines. Measurement site SenderBase estimated that 665 million e-mails a day come from Comcast domains, more than Yahoo and Time Warner Cable's Road Runner service combined.

In Comcast's defense, the company is not a direct source of unsolicited e-mail, but a convenient distribution point due to its size and speedy bandwidth. E-mail virus writers have targeted Comcast, among other broadband Internet service providers, to turn subscriber computers into spam "zombies" without their knowledge.

One Comcast engineer estimated the daily e-mail flow on the company's network at about 800 million messages, with only 100 million originating from its servers. The remaining 700 million came from zombie computers.

"This is a problem faced by many broadband providers, because as speeds increase, those broadband connections become a low-cost, high-efficiency delivery connection," said Ray Everett-Church, chief privacy officer at TurnTide.com and an antispam advocate.

Blocking port 25 would prevent computers from sending e-mails from any non-Comcast SMTP server. This, in turn, would shut down people using Comcast's bandwidth to send spam from their own SMTP servers. It would also limit PCs acting as spam zombies from connecting to mail servers outside Comcast's network.

While many spammers use an open port 25 as a workaround, there are legitimate uses as well. More technically savvy subscribers and small businesses use the open port to connect to outside mail servers or to run their own SMTP servers.

"We have commercial customers that aren't spammers that we don't want to impact," Comcast's Bowling said.

Comcast is not the first ISP to take this measure. In fact, many service providers such as America Online and EarthLink have been doing this for many years. Other cable ISPs such as Cox Communications also have implemented port 25 blocks to fight spam.

For general subscribers who use Comcast as their primary e-mail account, the changes will go unnoticed, the company said. Already, Comcast has noticed a 20 percent reduction in spam since the blocks began and a 75 percent decline in the past two months.

Whether this amounts to any significant reductions of spam on the Internet at large is unlikely, because there are other sources of junk e-mail overseas. But some people consider it to be a step in a seemingly hopeless war against spam.

"I don't care if Comcast customers are infected. I just care that the spam stops," wrote one BroadbandReports.com reader in the site's message board.

2 comments

Join the conversation!
Add your comment
Comcast is the Spammer
Over half of the Spams that I receive originate at the
comcast.net domain!
Posted by (2 comments )
Reply Link Flag
.
That is probably because the original address is masked and shows only the originating server of the email, which is comcast.net. I too have noticed that around 65% of spam I recieve is from a ComCast source.
Posted by KDoggMDF (25 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.