[c-nsp] ISP POP Location - Blocking Ports - Advice

[Paul Stewart]

Hi there..

We have decided to start being more strict on what we permit our customers
to send through out system as an ISP.  Basically I'd like to start blocking
smtp traffic except to our mail servers from dynamic addresses.  Static IP
customers will still be able to send smtp traffic.

What I am wondering though is what ports are commonly blocked now on ISP's?
Anyone care to share their lists?

We are thinking of blocking port 25, 137, 138, 139, 445 at this point.  The
reason is to cut down on the crap coming from virus infected customers.
It's easier  to slow them down than  it is to  chase thousands of customers.
We tried  cutting some customers off last week who were obviously infected.
They were thankful for the phone call, got their PC fixed  up at the local
shop and  then a day later got infected again.  This time around they were
not so friendly about the scenario...

Any thoughts would be most helpful... We are looking at putting access lists
at each POP site  for now and go from there...

Paul