On Thu, 25 Dec 2025, Mukund Sivaraman via NANOG wrote:
Some of these may be double-edged (on how a person may feel, depending
on their perspective).
As an example, some virtual private server operators will drop outgoing
SMTP traffic by default. Someone who's the target of spammers may cheer
this. Someone who wants to use it to run a mail server (non-spamming)
will not. Some operators can be contacted through a form to remove the
default filter.
IMO, this has been best practice for cloud/VPS providers for >10 years.
Having been on both edges of that sword, I can tell you from first hand
experience, there are just too many PoS spammers who will sign up for
service with stolen credit card numbers just to spam (if you let them).
Defaulting to outgoing 25/TCP blocked puts a stop to that. Legitimate
customers can contact the provider to get the block removed.
I'm not a fan of CGNAT, but it's become a fact of life for many people and
most customers subjected to it will never notice it.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Blue Stream Fiber, Sr. Neteng | therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/[email protected]/message/V33IN2XMVRGB7SSPOKO4LVNQENQDXG7L/
