kash
join:2005-08-13
Houston, TX | [E-mail] Port 25 Inbound Blocked?
For some reason i cannot telnet to my mail server nor receive mail any ideas? |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
 ·Pacific Bell - SBC
| Inbound port 25 suggests that you are running your own server. I do so, myself. I have a router, and I can't Telnet into my server from inside the LAN using the public IP address. It is the nature of the way that most routers work; loopback from inside the NAT barrier to the public IP address on the WAN port fails.
If you can dial a connection to the Internet, you manually set up a route to your Comcast IP address through the dial modem, and reach your connection from the outside.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
kash
join:2005-08-13
Houston, TX
| i remote desktop'd to another pc outside of my home network to telnet back in.. still no dice.. i mean i can totally understand 25 outbound blocking, thats fine were happy with using comcast as our e-mail relay agent but 25 inbound is 
... i was just wondering if anyone else in houston is having this problem or if it is just me.. |
|
bigchris
Do Not Shoot The Messenger
Premium,MVM
join:2002-04-29
Leesburg, VA | Well there's always the TOS to consider.. |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to kash
What does GRC ShieldsUP! say about your ports? Port 25 inbound is not on the Comcast list of blocked ports. Also check the name of your modem config file. Sorry, I don't know the details of how to find (I am DSL), it, only that it carries information about your specific modem profile.
This is what GRC ShieldsUP! reports when port 25 is open:
----------------------------------------------------------------------
GRC Port Authority Report created on UTC: 2008-04-29 at 17:01:17
Results from scan of ports: 0-1055
1 Ports Open
0 Ports Closed
1055 Ports Stealth
---------------------
1056 Ports Tested
NO PORTS were found to be CLOSED.
The port found to be OPEN was: 25
Other than what is listed above, all ports are STEALTH.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.
----------------------------------------------------------------------
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
1 edit | reply to bigchris
A low volume MTA on a residential connection is less strain on network capacity than P2P file transfers.
The way the TOS is written appears to restrict running a server for other than personal use.
Addendum:
But there is still the fact that the way it is written gives leeway to Comcast to act against their users, if they desire. I have just never heard of a TOS action for running a server. Comcast has sent letters to people who have exceeded some threshold of outbound SMTP traffic (regardless of whether they were running servers, or not), and high bandwidth usage (the only ones reporting that letter were running P2P, not mail servers).
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
Cabal
Premium
join:2007-01-21
Boston, MA
| reply to kash
Certainly not a blanket block, if that helps you any.
$ telnet mydomain.net 25
Trying 76.119.abc.xyz...
Connected to mydomain.net.
Escape character is '^]'.
220 host.mydomain.net ESMTP Sendmail 8.14.2/8.14.2; Tue, 29 Apr 2008 18:09:57 GMT
^]
telnet> quit
Connection closed.
--
Interested in open source engine management for your Subaru? |
|
Hehe
@ssa.gov
thumbs down from:
Cabal 
| reply to NormanS
said by NormanS :A low volume MTA on a residential connection is less strain on network capacity than P2P file transfers. The way the TOS is written appears to restrict running a server for other than personal use. Addendum: But there is still the fact that the way it is written gives leeway to Comcast to act against their users, if they desire. I have just never heard of a TOS action for running a server. Comcast has sent letters to people who have exceeded some threshold of outbound SMTP traffic (regardless of whether they were running servers, or not), and high bandwidth usage (the only ones reporting that letter were running P2P, not mail servers). Comcast cut-off my service.
I called and was directed to their security group.
I was told if they ever detect port 25 open again they will cut-off my service forever.
They said I was sending spam. I was only forwarding a copy of all email I received to my gmail account.
My firewall prevents all outbound to port 25 except from my email server.
I no longer have an email server?
My email server is only used for personal email, no business.
I would switch to FIOS if they allowed ports 25 and 53. 80 would be nice. |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
 ·Skype
| reply to bigchris
said by bigchris :Well there's always the TOS to consider.. Running a PRIVATE MAIL SERVER does not violate the TOS. |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to Hehe
said by Hehe :
They said I was sending spam. I was only forwarding a copy of all email I received to my gmail account.
An open port 25 has zero to do with sending spam. Open ports are for receiving connections.
You MAY have had an open relay.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
HTTP is the new Bandwidth Hog...
|
|
Hehe
@ssa.gov
| said by funchords :said by Hehe :
They said I was sending spam. I was only forwarding a copy of all email I received to my gmail account.
An open port 25 has zero to do with sending spam. Open ports are for receiving connections. You MAY have had an open relay. Open port has everything to do with sending spam! I only forwarded the spam I received. Now that port 25 is blocked I can't receive span, so I can't forward it.
No I don't have an open relay. Or did not anyway.
They assumed I had an open relay. |
|
Hehe
@ssa.gov
| reply to funchords
said by funchords :said by bigchris :Well there's always the TOS to consider.. Running a PRIVATE MAIL SERVER does not violate the TOS. Are you sure of this? I want my port 25 back!  |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
1 edit | IANAL, but yes, I am sure of this. Running "public services" is prohibited by the TOS, and the FCC policy statement also allows you to use any application you like as long as it does not damage the service.
However, running any application that disrupts the network -is- prohibited. Apparently, it sounds like they think that you did exactly that.
Section 15a of the subscriber agreement prevents verbal amendments such as making service contingent on factors like "if we ever catch you with port 25 open" again. Comcast would have been within its rights to quit your service without warning if you were running an open relay and that relay was being abused to send spam. However, they didn't and they have no rights to make your service contingent on any new factors not covered by the agreement. You have an agreement, and part 15a says they can't modify your agreement in whole or in part except as specified in part 16.
Again, IANAL -- but English is still English.
BTW -- some advice that I'm qualified to give -- avoid running your own common Internet services. There are so many out there willing to do it for next to nothing, and they'll take the responsibility for patching the latest exploits so that you don't have to.
If you do play around with this -- for your own education or what not -- don't run it as an always-on service. Run it when you're experimenting, then kill the process and don't let it restart automatically. What often happens is that you'll lose interest and forget, and 3 years later, people will find it and abuse it.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
HTTP is the new Bandwidth Hog...
|
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
1 edit | reply to Hehe
said by Hehe :
Comcast cut-off my service.
I called and was directed to their security group.
I was told if they ever detect port 25 open again they will cut-off my service forever.
They said I was sending spam. I was only forwarding a copy of all email I received to my gmail account.
Then port 25 was not open. You were using outbound port 25 to send email, not inbound port 25 to receive email. Not the same thing as "running a server".
My firewall prevents all outbound to port 25 except from my email server.
I no longer have an email server?
Outbound port 25 is used by clients, not servers. Even though it is a component of my mail server, the "Mercury SMTP Relay Client", which connects to my ISP Message Submission Server, is just what its name says, a "Client". (And it isn't using port 25, either!)
My email server is only used for personal email, no business.
I will reiterate:
quote:
Comcast has sent letters to people who have exceeded some threshold of outbound SMTP traffic (regardless of whether they were running servers, or not)...
Getting cut off for exceeding the threshold of outbound SMTP traffic is what Comcast is notifying people about. It looks, to them, like you have been infected with a spamming 'bot. Not the same issue as inbound SMTP traffic.
I have never heard of Comcast notifying people of abuse for inbound port 25 traffic. Your notice is not the first.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
Guestin94087
@comcast.net
| reply to kash
Since you were forwarding all your mail (some of which included spam) to gmail from other sources, Google (gmail) caught that spam and identified your comcast IP as the sender. They probably notified Comcast that one of Comcast's machines was being used to send spam, and Comcast stopped you. You do not need an open relay to fall into this trap...mail forwarding is not as innocent as it seems.
I've seen small hosting companies having a hard time with email services such as Yahoo Mail and Gmail because their users forward catchall accounts to those services. Then the services, which have users clicking "this is spam", blacklist the 'offending' IP's of the hosting companies, so none of their users can send mail to anyone at those services until they go through hoops to get off the blacklists (the lucky ones get on a whitelist, but it's hard). They aren't the original senders of the spam, but the email services consider forwarding spam just as heinous an offense as originating spam. |
|
justbits
More fiber than ATT can handle
Premium
join:2003-01-08
Chicago, IL
·AT&T Midwest
| reply to Hehe
said by Hehe :
Comcast cut-off my service.
I called and was directed to their security group.
I was told if they ever detect port 25 open again they will cut-off my service forever.
They said I was sending spam. I was only forwarding a copy of all email I received to my gmail account.
My firewall prevents all outbound to port 25 except from my email server.
I no longer have an email server?
My email server is only used for personal email, no business.
I would switch to FIOS if they allowed ports 25 and 53. 80 would be nice.
It sounds like you're accepting mail on port 25 and forwarding it to Gmail on port 25. If you accept incoming email on port 25, then forward it using encryption and authentication to gmail on port 587, Comcast won't be able to look at your forwarded email and they wont be able to identify what you're doing. |
|
Hehe
@ssa.gov
| reply to Guestin94087
said by Guestin94087 :
Since you were forwarding all your mail (some of which included spam) to gmail from other sources, Google (gmail) caught that spam and identified your comcast IP as the sender. They probably notified Comcast that one of Comcast's machines was being used to send spam, and Comcast stopped you. You do not need an open relay to fall into this trap...mail forwarding is not as innocent as it seems.
I've seen small hosting companies having a hard time with email services such as Yahoo Mail and Gmail because their users forward catchall accounts to those services. Then the services, which have users clicking "this is spam", blacklist the 'offending' IP's of the hosting companies, so none of their users can send mail to anyone at those services until they go through hoops to get off the blacklists (the lucky ones get on a whitelist, but it's hard). They aren't the original senders of the spam, but the email services consider forwarding spam just as heinous an offense as originating spam.
You understand! I seem to be having a hard time explaining myself. And I was only forwarding a copy of my mail to my Gmail account. I forgot 1 step. I use Comcast SMTP servers as a smart relay, so comcast saw all the spam I was forwarding.
Once I understood what the problem was, I stopped forwarding to gmail, but that was not good enough for comcast. I had to close port 25. |
|
Hehe
@ssa.gov
| reply to NormanS
said by NormanS :said by Hehe :
Comcast cut-off my service.
I called and was directed to their security group.
I was told if they ever detect port 25 open again they will cut-off my service forever.
They said I was sending spam. I was only forwarding a copy of all email I received to my gmail account.
Then port 25 was not open. You were using outbound port 25 to send email, not inbound port 25 to receive email. Not the same thing as "running a server". My firewall prevents all outbound to port 25 except from my email server.
I no longer have an email server?
Outbound port 25 is used by clients, not servers. Even though it is a component of my mail server, the "Mercury SMTP Relay Client", which connects to my ISP Message Submission Server, is just what its name says, a "Client". (And it isn't using port 25, either!) My email server is only used for personal email, no business.
I will reiterate: quote:
Comcast has sent letters to people who have exceeded some threshold of outbound SMTP traffic (regardless of whether they were running servers, or not)...
Getting cut off for exceeding the threshold of outbound SMTP traffic is what Comcast is notifying people about. It looks, to them, like you have been infected with a spamming 'bot. Not the same issue as inbound SMTP traffic. I have never heard of Comcast notifying people of abuse for inbound port 25 traffic. Your notice is not the first. You did not understand. I was runing sendmail. I was listening on port 25. I was also forwarding a copy of all my received email to my gmail account. Was a really nice to have a backup copy. I was told to close port 25 and 53 and told I can't run servers. 53 was not causing problems, but it was open.
So, my port 25 was open! My mail server was sending TO port 25. My firewall prevents ALL connections to external port 25, except my own mail server.
Oh, Comcast security people told me the email limits are 100 emails per day or 10 addresses per email. 100 per day is plenty, unless you receive loads of spam and then forward it out. However, 10 address per email seems limiting. I know at least 15 people! |
|
Hehe
@ssa.gov | reply to funchords
funchords,
Thanks for the info. I guess I could try to read the TOS. Normally thoese things are written for lawyers. |
|
Hehe
@ssa.gov
| reply to justbits
said by justbits :said by Hehe :
Comcast cut-off my service.
I called and was directed to their security group.
I was told if they ever detect port 25 open again they will cut-off my service forever.
They said I was sending spam. I was only forwarding a copy of all email I received to my gmail account.
My firewall prevents all outbound to port 25 except from my email server.
I no longer have an email server?
My email server is only used for personal email, no business.
I would switch to FIOS if they allowed ports 25 and 53. 80 would be nice.
It sounds like you're accepting mail on port 25 and forwarding it to Gmail on port 25. If you accept incoming email on port 25, then forward it using encryption and authentication to gmail on port 587, Comcast won't be able to look at your forwarded email and they wont be able to identify what you're doing. I like this! However, I did miss 1 step. Since some ISPs use blacklists for DHCP based IP addresses I must forward to Comcast SMTP servers. Comcast "sees" all my sent email. I know with sendmail there is a way to control how email is sent to each domain, but I have not looked into this. I only learned this after I shut down port 25.
Anyway I think I can do what you said with sendmail. So, thanks. Good idea. I guess I should first look for anti-spam software for my email server. |
|
