_____Comcast Corporation_____ • (CMCSA) Stock Quote and News • Historical Chart • Company Description • Analyst Ratings _____Spam In The News_____ • Feds, Private Groups to Educate Consumers About 'Phishing' Scams (washingtonpost.com, Jun 17, 2004) • FTC Rejects Creation of No-Spam Registry (The Washington Post, Jun 16, 2004) • The FTC's View on the Spam Problem (Live Online, Jun 17, 2004) • More Spam News ___Tech Policy/Security E-letter___ Written by washingtonpost.com's tech policy team, the e-mail version of this weekly feature includes an original news article and links to policy and cyber-security stories from the previous week. • Click Here for Free Sign-up • Read E-letter Archive _____PC Headlines_____ • Lockheed, Others Get Liability Shield (The Washington Post, Jun 18, 2004) • Police Link Thefts From Rental Cars (The Washington Post, Jun 17, 2004) • Perfect Pitch (The Washington Post, Jun 16, 2004) • Video Cards Are Big Players (The Washington Post, Jun 13, 2004) • More Headlines E-Mail This Article Print This Article Permission to Republish

Recently, spammers have infected tens of thousands of machines with malicious software code, turning them into "zombies" that operate as mail servers and launching pads for spam.

Legitimate owners of these machines usually don't know their computers have been commandeered. More than 40 percent of all spam now comes from zombie machines, according to some industry estimates.

Russo said Comcast is not blocking port 25 for all its users because it does not want to remove the option for legitimate customers who process their own e-mail. So the company is monitoring traffic and picking out machines that look suspicious.

Richard P. Wong, general manager for messaging at Openwave Systems Inc., said Comcast's efforts are fine as far as they go. But he said his company, which provides software for network operators, recommends that port 25 be universally shut off.

"These open relays will kill the Internet with spam unless they are blocked," said Wong, who also helps lead the Messaging Anti-Abuse Working Group, a coalition of network operators fighting spam. Wong said blocking port 25 is recommended by the group's guidelines of best practices.

Wong said he estimates that about one-third of all Internet service providers block port 25, while another one-third are now considering doing so.

The issue can be especially difficult for small Internet service providers, who don't want to lose customers that want to process their own e-mail. But Wong said forcing customers to have an Internet service provider or other third-party company process e-mail is inexpensive and would pay large dividends for the Internet as a whole.

Large Internet providers vary in their approaches. America Online Inc. and Earthlink Inc. require that all residential e-mail be run through their own servers. Businesses can open accounts and process their own e-mail after being vetted. Verizon Communications Inc. also allows business customers to process their own mail.

George Webb, a group manager of Microsoft Corp.'s anti-spam unit, said getting more aggressive on blocking port 25 "can have a large impact in a short amount of time." He said the company's MSN network is reliant on cable or phone-line partners to provide its broadband service, and Microsoft is "working with them" on the problem.

Webb said he thinks port 25 should be blocked by default, and customers should be required to apply for an exception.