----- Original Message -----
From: "David Brodbeck" <gull(_at_)gull(_dot_)us>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Monday, April 19, 2004 12:06 PM
Subject: Re: [spf-discuss] first spf-enabled spam
Technically, you're quite correct. Politically and socially, it's a
serious
problem. This is a *BIG* issue among my "Internet libertarian"
friends. They
absolutely do not want their ISP's interfering in any way with their
home
connectivity
I'm not really an "internet libertarian", but I'm against arbitrary port
blocking because it breaks things randomly. I've already had the
experience of trying to set up a custom service on a high-numbered port
and having to play "minesweeper" with my users, trying to find a port
number that no one's ISP was blocking outbound connections to.
That *is* a problem. The ISP's doing the port blocking should definitely
publish the blocked ports, but also you should yourself look up the ports
before trying to grab them in order to verify that your clients and their
customers are not already using the port for something else: that's a pretty
basic requirement of grabbing a static high-numbered port.
And since the ISP's, to the best of my knowledge, are blocking only the
ports used by specific service attacks, I think you'd avoid this anyway,
unless the script kiddes themselves grab arbitrary ports and flood them with
their s00pEr s3cr3t IRC channels....