[will_hughes]

Net Neutrality doesn't prevent network operators from stopping malicious activity on their network.

Blocking Port 25 to specific providers unless they pay up would be a problem, but blocking port 25 globally (except, say, to their own SMTP servers) is perfectly okay.

[derefr]

What the parent is talking about is the more generalized "net-neutrality violation" of assuming that users on residential plans have no legitimate reason to be hosting any public-routable services. It's the ~30-years-back ISP coup of dividing the flat space of Internet "peers" into separate categories of "servers" and "home PCs", where default-deny policies are enforced on "home PCs" to prevent them from doing most of the things "servers" can do.

Theoretically, true "net neutrality" (in quotes because it's not really the same thing that the law that got struck down protected) would require that ISPs not discriminate what types of traffic a customer can use their pipe for, any more than a bank is allowed to discriminate what you use your checking account for.

Under this true-Scotsman net neutrality, ISPs should be required to let people host web servers, or mail servers (if they're not open relays), or whatever-else servers, on their residential Internet. If that causes uplink saturation, then price uplink bandwidth in your plans to match your costs! (Which basically would eliminate the difference between residential and business Internet plans anyway.)

[Pilfer]

Please direct me to a source explaining why malicious network traffic is exempt from net neutrality. Under the net neutrality definition linked above, blocking specific ports is a clear violation.

Also, the port 25 ban directly affects legitimate customers. At least for Verizon, port 25 is blocked for residential customers, but it's not blocked for commercial customers. Over the past decade, many residential customers have called to enable port 25 so they can run their own mail server, and I've read Verizon refuses to unblock the port. Verizon's "solution" for them is to upgrade to their commercial package where it's not blocked.

[will_hughes]

> Under the net neutrality definition linked above, blocking specific ports is a clear violation.

I don't see how you can read that from the linked wikipedia page. I assume you're conflating blocking ports with blocking/slowing protocols.

> Please direct me to a source explaining why malicious network traffic is exempt from net neutrality.

It's not an exhaustive policy document of every possible reason why network access might be terminated/restricted. eg no discussion of terminating/filtering BGP peering announcements from a misconfigured device.

Few people, if any, have ever said that network management activities are would be prohibited under NN. If someone is actively disrupting the network, or is otherwise acting maliciously, then clearly as a network operator you're going to be permitted to block that traffic.

> Over the past decade, many residential customers have called to enable port 25 so they can run their own mail server

Sure, but even if they did permit it - the chances you will be able to run a mail relay from an IP that's clearly in the same network block as a bunch of other residential networks is near zero.

Most major mail providers will outright block you for existing in that range, and most others will block you for being unable to demonstrate control over the IP (by setting Reverse-DNS).

[Pilfer]

> I don't see how you can read that from the linked wikipedia page.

Here's how net neutrality is defined.

"Net neutrality is the principle that Internet service providers must treat all data on the Internet the same, and not discriminate or charge differently by user, content, website, platform, application, type of attached equipment, or method of communication."

Blocking all TCP/IP packets with first two bytes set to 25, and not blocking TCP/IP packets with the first two bytes set to 24, is a clear violation of the Net Neutrality principle of no discrimination based on application. If I send a TCP/IP packet with source port 24, my ISP does not block it. However, if I change just one bit in that packet, my ISP refuses to send it.

An ISP blocking an entire class of applications from the internet (in this case, SMTP servers) is most certainly a net neutrality violation.

> If someone is actively disrupting the network, or is otherwise acting maliciously, then clearly as a network operator you're going to be permitted to block that traffic.

Where specifically in the definition of net neutrality does it permit ISPs to block such traffic? Blocking such traffic is a violation of the net neutrality principle that "Internet service providers must treat all data on the Internet the same".

> Most major mail providers will outright block you for existing in [a residential IP block]

ISPs have blocked residential customers from using SMTP for over a decade now, therefore it's no surprise mail providers have little incentive to support residential SMTP servers. They've been forced out of the market.

[JumpCrisscross]

Claiming network operators must route unlawful traffic is a solid strategy for ensuring the death of net neutrality.

[Pilfer]

ISPs should be dumb pipes. They should not be inspecting nor blocking packets and should transmit data regardless of its content.

The alternative, that ISPs should not route unlawful traffic, would require ISPs to search packets and block the ones they find unlawful. That is censorship.

[will_hughes]

You're going to find it a hard road to convince anyone that ISPs shouldn't be able to perform standard network management activities on their network.

It's also extremely unhelpful to bring it up in the context of NN.

[drdeca]

the negation of "operators must block all unlawful traffic" is "operators are permitted to not block all unlawful traffic", not "operators must not block any traffic on the basis of it being unlawful."

[kalleboo]

> Please direct me to a source explaining why malicious network traffic is exempt from net neutrality

All the Net Neutrality legislation proposals I've seen contain explicit wording to the effect of "lawful network traffic". If malicious traffic violates the CFAA or CAN-SPAM, they would be in their right to block it.