Topic '[Connectivity] Comcast Says I'm a Spammer' in forum 'Comcast HSI'

Topic '[Connectivity] Comcast Says I'm a Spammer' in forum 'Comcast HSI' - dslreports.com http://www.dslreports.com/forum/Connectivity-Comcast-Says-Im-a-Spammer-20103494 en Thu, 09 Feb 2012 23:13:18 EDT Thu, 09 Feb 2012 23:13:18 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20116753 said by NormanS:

I don't think the FCC really cares whether residential ISPs block certain ports, when those ports are not really necessary for residential services. Where is the list of residential services? Why is port 676 open, is that necessary for residential services? (I didn't look it up. With my luck, it will be something like HomePlug.) My point being is the notion of "Residential Services" or "Residential Use" is bogus, it is against the FCC Policy statement, and violates the edge-to-edge principle upon which the net was founded.

Blocks on Port 25 outbound -- while I hate these, this would fall under the "Reasonable Network Management" exception based on the malware-caused spam it prevents. Comcast has struck a good balance with TCP/25 outbound. They don't block it except upon a complaint, then it stays blocked until the customer cleans up the mess.

And, I think you're right, the FCC has no pending action with the FCC regarding inbound TCP/80. There are attacks on inbound TCP/80 (several IIS-attacking bugs are out there). Again, I've been with Comcast a long time, I don't know how other ISPs handle this. I'm not a VZ customer, so I don't know why they have this restriction but remain happy (or happy enough). The FCC doesn't randomly audit these companies -- unless they get a complaint, it doesn't happen at all for all the FCC knows.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
"We don't throttle any traffic," -Charlie Douglas, Comcast spokesman, on this report.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20116753 Wed, 05 Mar 2008 22:58:34 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20116661 said by Hehe :

What is wrong with a home DNS server? I have been doing DNS for about 10 years now.
Nothing. I just wondered why someone would do it.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20116661 Wed, 05 Mar 2008 22:37:52 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20116655 said by Hehe :

said by funchords:

said by Hehe :
I was told if Comcast ever detects ports 25 or 53 open then will drop me permanently.

I've had these open for years at a time. No sweat.

Well, about 1 month after they said I was spamming and made me shut down my ports 25 and 53 I got my service back. 1 month later they disconnected me, when I called I was told ports 25 and 53 are active, so they shut me down. I promised to never use those ports again. They said if they ever detected them open my service would be permanently disabled.
Well, you're in the Comcast forum. Plenty of Comcast customers, technicians, and even some abuse-desk people hang out here. I've been a Comcast customer for years, and I know a little about how things work. Still, most of the time I'm only 94% correct -- so ...

Can anyone cooberate this story?
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
"We don't throttle any traffic," -Charlie Douglas, Comcast spokesman, on this report.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20116655 Wed, 05 Mar 2008 22:36:48 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20113463 said by Hehe :

Well, about 1 month after they said I was spamming and made me shut down my ports 25 and 53 I got my service back. 1 month later they disconnected me, when I called I was told ports 25 and 53 are active, so they shut me down. I promised to never use those ports again. They said if they ever detected them open my service would be permanently disabled. So, who do I call at the FCC about this? Also, I have been told Verizon just blocks those ports (and more). So you can't even attempt a web, email or DNS server. So is Verizon in trouble with the FCC? I would order FIOS today if I could use those ports!
AFAIK, Verizon does not block port 25 inbound, or outbound. Unless they changed something very recently.

I don't think the FCC really cares whether residential ISPs block certain ports, when those ports are not really necessary for residential services. AT&T is certainly not in trouble with the FCC, and they do block outbound port 25 (at&t Yahoo! HSI, AT&T Worldnet DSL and AT&T FastAccess), and inbound port 25 (AT&T FastAccess only).

Some, but not all Verizon regions block inbound port 80. Other ISPs block port 25 and/or port 80, as well; all without a peep from the FCC.

Spambot networks host fast flux DNS, and other dubious services on compromised residential computers with broadband service, leading to abuse complaints to the affected ISPs. Since most residential customers don't need (or even know how) to host such services, residential ISPs tend to restrict such services.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20113463 Wed, 05 Mar 2008 14:14:55 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20112876 said by bigchris:

said by funchords:

My firewall prevents any IP in my house from sending out on port 25. So I am not a SPAMer. Other than the SPAM I forwarded to my gmail account.

OUT on port 25, or out of the firewall TO a remote port 25?
No internal IP can connect to a remote port 25. However, my sendmail system could.
Sorry for the confusion.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20112876 Wed, 05 Mar 2008 12:39:41 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20112683 said by funchords:

My firewall prevents any IP in my house from sending out on port 25. So I am not a SPAMer. Other than the SPAM I forwarded to my gmail account.

OUT on port 25, or out of the firewall TO a remote port 25?]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20112683 Wed, 05 Mar 2008 12:12:52 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20112478 said by funchords:

As SMTP, there are a couple of different Comcast practices in use here.

One is their Comcast.net mail server policy -- which has limits "per message" and limits "per day" -- I don't know if the numbers quoted above are right, but they're something like that. Accessing it via port 25 or port 587 does not change these limits.

The other is their spam-complaint response policy. If customers provide evidence that your IP is spamming, Comcast will change the configuration of your connection such that you no longer can connect to TCP port 25. This is because most malware that spam connect from the local IP address directly to the mail server of the spam target. This is exactly what happens if you run your own SMTP server, too, however you running your own server will rarely result in spam complaints from others. If Comcast tells you that you no longer can connect to mail servers using port 25, and that you have to use port 587 and authentication instead, then you likely have (or had) spamming activity that you were not aware of. Check your system for malware.

said by Hehe :

I was told if Comcast ever detects ports 25 or 53 open then will drop me permanently.

I've had these open for years at a time. No sweat.

Comcast can't prohibit you from having an open port. Contrary to people who cannot read and understand the TOS, Comcast doesn't prohibit you from running a private server.

They claim to be able to prohibit you (via the TOS) from running a public service. FCC Broadband policy further makes no such restriction, and Comcast promised to comply with that policy in lieu of formal regulation. Still, running a public service on a Comcast connection is roughly the same as bringing a squirt gun to a 5-alarm fire.

Running a public service is not the same thing as having an open port for personal use. I have an SSH server. Anyone can access it from anywhere in the world and try to log in. They'll get nothing without the right cryptographic keys.

You can run your own DNS server (Why you'd want to? I dunno.). You don't have to secure it. But if it starts interfering with the network in any way, I'd expect to come home to slow flashing lights on my disconnected modem -- and rightly so. (DNS servers that are on home networks is one of the habits of zombie-controlled networks. I've written to abuse@comcast on several occasions -- they really do respond to those complaints.)
Well, about 1 month after they said I was spamming and made me shut down my ports 25 and 53 I got my service back. 1 month later they disconnected me, when I called I was told ports 25 and 53 are active, so they shut me down. I promised to never use those ports again. They said if they ever detected them open my service would be permanently disabled. So, who do I call at the FCC about this? Also, I have been told Verizon just blocks those ports (and more). So you can't even attempt a web, email or DNS server. So is Verizon in trouble with the FCC? I would order FIOS today if I could use those ports!

My firewall prevents any IP in my house from sending out on port 25. So I am not a SPAMer. Other than the SPAM I forwarded to my gmail account.

What is wrong with a home DNS server? I have been doing DNS for about 10 years now. My DNS server is (was) the only DNS server for my domains for 5+ years. The last few years I have had 2 slave DNS servers that pull from my master. Than way I still managed my domain directly using vi, not a GUI. I see no reason a home DNS server would differ from a third party provider. I don't get many hits! and 256Kb is more than enough to keep my DNS server happy, even dial-up would almost be enough.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20112478 Wed, 05 Mar 2008 11:46:33 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20109049
One is their Comcast.net mail server policy -- which has limits "per message" and limits "per day" -- I don't know if the numbers quoted above are right, but they're something like that. Accessing it via port 25 or port 587 does not change these limits.

The other is their spam-complaint response policy. If customers provide evidence that your IP is spamming, Comcast will change the configuration of your connection such that you no longer can connect to TCP port 25. This is because most malware that spam connect from the local IP address directly to the mail server of the spam target. This is exactly what happens if you run your own SMTP server, too, however you running your own server will rarely result in spam complaints from others. If Comcast tells you that you no longer can connect to mail servers using port 25, and that you have to use port 587 and authentication instead, then you likely have (or had) spamming activity that you were not aware of. Check your system for malware.

said by Hehe :

I was told if Comcast ever detects ports 25 or 53 open then will drop me permanently.

I've had these open for years at a time. No sweat.

Comcast can't prohibit you from having an open port. Contrary to people who cannot read and understand the TOS, Comcast doesn't prohibit you from running a private server.

They claim to be able to prohibit you (via the TOS) from running a public service. FCC Broadband policy further makes no such restriction, and Comcast promised to comply with that policy in lieu of formal regulation. Still, running a public service on a Comcast connection is roughly the same as bringing a squirt gun to a 5-alarm fire.

Running a public service is not the same thing as having an open port for personal use. I have an SSH server. Anyone can access it from anywhere in the world and try to log in. They'll get nothing without the right cryptographic keys.

You can run your own DNS server (Why you'd want to? I dunno.). You don't have to secure it. But if it starts interfering with the network in any way, I'd expect to come home to slow flashing lights on my disconnected modem -- and rightly so. (DNS servers that are on home networks is one of the habits of zombie-controlled networks. I've written to abuse@comcast on several occasions -- they really do respond to those complaints.)
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
"We don't throttle any traffic," -Charlie Douglas, Comcast spokesman, on this report.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20109049 Tue, 04 Mar 2008 19:58:13 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20106752 I was told the limit is 100 emails per day or 10 address in 1 email.

I was running my own domain, sending and receiving. Only personal email. But I was forwarding a copy of all in-bound email to my gmail account for a backup. All of my received SPAM ws sent back out. I was forwarding all my outbound email to the Comcast email servers because some email systems black-list me because I have a DHCP IP address. Anyway, I exceeded the 100 limit because I received near 100 SPAMS per day and forwarded them through the Comcast SMTP servers. I was SPAMing myself! Comcast did not care who was receiving the SPAM.

I now use gmail to host my email. Makes me sad. I am a geek and I want to run my own email system. I also had my own DNS server. I now use free DNS servers, mine is still the master, but not used for lookup. My firewall blocks all port 53 hist unless from the free DNS servers. So, Comcast can't detect my DNS server. I was told if Comcast ever detects ports 25 or 53 open then will drop me permanently.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20106752 Tue, 04 Mar 2008 13:29:42 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20105928 http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20105928 Tue, 04 Mar 2008 11:17:11 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20104987 I wouldn't read more into it than that.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20104987 Tue, 04 Mar 2008 07:52:28 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20104301
It's unlikely related to your wireless network. It's more likely related to that free "screensaver" or "download accelerator" that that senses when you're not at your computer and then starts emailing away.

The traffic won't be coming from port 25, it will be going to someone else's port 25. The thing to monitor for is DNS lookup for MX records (UDP port 53).

But first, scan your machine for crapware.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
"We don't throttle any traffic," -Charlie Douglas, Comcast spokesman, on this report.]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20104301 Tue, 04 Mar 2008 01:06:27 EDT Re: [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20104059 --
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum]]> http://www.dslreports.com/forum/Re-Connectivity-Comcast-Says-Im-a-Spammer-20104059 Tue, 04 Mar 2008 00:10:10 EDT [Connectivity] Comcast Says I'm a Spammer http://www.dslreports.com/forum/Connectivity-Comcast-Says-Im-a-Spammer-20103494
Do these warnings go out accidentally, or do I have an issue here that needs to be investigated?]]> http://www.dslreports.com/forum/Connectivity-Comcast-Says-Im-a-Spammer-20103494 Mon, 03 Mar 2008 22:17:57 EDT