Corporatenet not yet

Online activists were buzzing last week, thinking monopoly cable and phone ISPs had finally laid the hammer down on the open Internet.

Trouble was, it wasn’t true.

First, a New York Times blog post seemed to say AT&T was about to do deep packet inspections and prevent the transfer of any files it deemed a copyright violation.

In fact, company representatives had only discussed the possibility at CES, along with some other big ISPs. It was all done in public, it was just thinking out loud before what was assumed to be an appreciative audience.

Once the post was corrected this was obvious.

Then Comcast began blocking Port 25, the Internet port through which Internet mail traffic passes. Dave Farber, who runs the Interesting People list where all this is discussed, was personally pissed. “No notice and  no reason,” he complained.

Other Comcast customers in other cities quickly chimed-in. I should say here that I’m a Comcast customer and it has hit me. I can get e-mail to my regular account but I can’t send anything out.

Turns out that while Comcast’s execution was sloppy (notices placed deep on the Web site), it was actually doing a good thing.

To fight e-mail zombies the Mail Anti-Abuse Working Group now recommends that all ISPs close Port 25, and instead run e-mail through Port 587 with authentication as described in RFC 2554.

In fact, ZDNet reported back in 2004 Comcast was beginning to do this, on a selective basis, admitting that bots had made it “the biggest spammer on the Internet.”This has apparently been extended network-wide.

It’s not a complete solution to the zombie problem. Such programs are used for denial of service attacks, for phishing, for ID theft, for cracking passwords, even as repositories for child porn.

The only real solution is called the “walled garden,” isolating PCs running zombies until they are disinfected. But would those complaining of intrusive ISPs now cheer such an action or jeer it?