Botnets have adapted once again to become more evasive and reliable. They are now working in a more organized and coordinated fashion. Botnets are now employing load-balancing and high-availability techniques similar to those used by high traffic web applications. Here is some good reading material on the newest trend in bots...Fast-Flux Botnets.
Fast flux foils bot-net takedown
Know Your Enemy: Fast-flux Service Networks
Recently, I've noticed that more and more broadband ISPs are blocking outbound SMTP connections (TCP Port 25). I'm guessing this is an attempt to slow down all the spam relayed from infected computers on their networks. Instead of taking a more proactive approach and looking to better protect their user base some ISPs have opted for an easy and abrasive solution. They say lets just block outbound SMTP. Well, this affects many legit customers that are road warriors that work from home. Some of these remote workers VPN into work and should not encounter this issue, but I'm sure there is still a large number of remote workers that need to connect directly to TCP port 25. Do you think that maybe this is a ploy to sell more broadband business accounts without restrictions? Who knows! Anyways, this is how I got around this little inconvenience. If your mail server is running linux or unix and you have iptables installed.
iptables -t nat -A PREROUTING -d mail.ip.goes.here -p tcp --dport 26 -j REDIRECT --to-ports 25
Now, instead of connecting to TCP port 25 on your mail server...try connecting to TCP port 26. You should successfully connect and be able to do your business. :) This same technique can be applied if you have a network or host based firewall/nat device. All it's doing is redirecting traffic from TCP port 26 to 25.
