dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1082
share rss forum feed

octanejunkie

join:2013-02-27
Santa Monica, CA

1 edit

[Southwest] Unblocking Port 25 on my A90-9100VM15-10 router

I have VZ FiOS and a Westel A90-9100VM15-10 router running 1.03.06.00 firmware.

Verizon is obviously blocking outbound port 25, which I need for connection to a particular exchange server.

Called VZ to ask them to unblock port 25 for me and they connected me with some gal who tried to sell me a one-time 30 min tech session for $40, or $15 per month "advanced services," since my request is outside their basic service for my account.

I explained that I didn't believe it was a local router issue, based on FW log entry:
Protocols = TCP
LAN/Port = 192.168.248.***
Wireless Broadband Router IP:Port = 71.189.109.***
WAN/Port = 64.60.136.***
Status LAN/WAN = SYN_SENT/CLOSED
TTL = 53
Kbytes Rx/Tx = 0.0/0.5
Packets Rx/Tx = 0/10
Device = WAN VDSL
Routing Mode = NAPT
Direction = Outgoing
Flags = FP-CAP
Action = X

She assured me "they can fix this for you" and she mentioned Port Forwarding.

I tried adding Advanced Filtering rules on both the WAN VDSL and Final Rules sections to allow, but no love...

Does anyone know if I can actually edit the router to allow outbound port 25 traffic or is this a VZ NOC issue?


killerbobjr

join:2005-10-20
Santa Monica, CA

Port 25 is blocked by default AFAIK. You can test outgoing port 25 with this online tool.


hubrisnxs

join:2009-12-30
Fountain Valley, CA
kudos:1

1 recommendation

reply to octanejunkie

Verizon won't unblock that on ANY Dynamic IP services whether you are business or residential.

the only way to get outbound 25 unblocked is to upgrade to static IP addresses.

If you are a business static and that is blocked, then yes you would escalate that issue through tech support.

»Verizon Online FiOS FAQ »What ports are blocked using Verizon FiOS?


octanejunkie

join:2013-02-27
Santa Monica, CA
reply to octanejunkie

Thanks for confirming what I already suspected and knew based on googled results, including KB article on vz website; good tool link too.

I'm kind of peeved that the gal on the phone was adamant that her router-ninja could "fix it"


Hooper
Premium
join:2001-10-22
Castle Rock, CO
reply to octanejunkie

Click for full size
I relay through Verizon smtp servers all the time on port 25 for my scanner, NAS etc. You can send as any email address. Exchange server if running locally can use a smart host to relay mail. Inbound 25 is open too.

hubrisnxs

join:2009-12-30
Fountain Valley, CA
kudos:1

Do you have static IP's?


Hooper
Premium
join:2001-10-22
Castle Rock, CO

said by hubrisnxs:

Do you have static IP's?

Nope. Port 25 outbound is open to verizon's smtp servers for all.

hubrisnxs

join:2009-12-30
Fountain Valley, CA
kudos:1

Interesting, i know it was blocked at one point, I wonder if VZ silently opened it back up like they did with port 80.


Shady Bimmer
Premium
join:2001-12-03
Northport, NY
Reviews:
·Verizon FiOS

1 edit
reply to octanejunkie

Port 80 outbound has never been blocked (that would break pretty much all browsing by clients served by VZ). Inbound is a different story and I believe inbound port 25 is also still blocked.

If you are sending mail outbound via your own hosted exchange server, you can configure the outbound smart relay to both use authentication as well as use any alternate port (IE: you are not forced to use port 25). A little googling can go a long way on this.

Edit: Note also that while port 25 to VZ servers may be open, port 25 to servers external to VZ is blocked. For outbound mail you need to either use an alternate port or use VZ relays.


Hooper
Premium
join:2001-10-22
Castle Rock, CO
reply to octanejunkie

FWIW I have had an exchange server running locally on DSL and then Fios since 2001 with no issues. I have always used a relay for outbound email since the dynamic IP's from Verizon are all blacklisted, even when port 25 outbound was wide open. As such, you really have to relay these days through a trusted outbound mail server unless you are able to setup rdns.


killerbobjr

join:2005-10-20
Santa Monica, CA

1 recommendation

reply to octanejunkie

Outbound 25 is blocked except to VZ servers. Inbound is not blocked. Most blacklists include dynamic IPs, so even if outbound 25 beyond VZ was open, the majority of servers would reject the connection.

I run my own mail server. When I had DSL, 25 outbound was not blocked, but I had to use VZ's mail servers as a relay since most of my mail was rejected, even with a proper lookup through DDNS to my A records. When I got FIOS through DSLExtreme, I no longer had access to VZ's mail server (since I was on a specific-to-DSLX FIOS network) and had to buy SMTP service from a relay provider. Once VZ took over DSLX's FIOS customers, I switched back again to using VZ's servers for relaying.

So like hubrisnxs above posted, if you need to connect to an external server over port 25, your only choice is static FIOS. If you're not in absolute need of an external connection to a specific server, relaying is your best bet. Don't forget to create proper SPF records for your relay too.



More Fiber
Premium,MVM
join:2005-09-26
West Chester, PA
kudos:29
reply to Hooper

said by Hooper:

Port 25 outbound is open to verizon's smtp servers for all.

True, but this thread was about port 25 outbound to non-VZ servers, which is blocked on residential accounts.
--
There are 10 kinds of people in the world; those who understand binary and those who don't.

Shady Bimmer
Premium
join:2001-12-03
Northport, NY
reply to octanejunkie

I knew I remembered seeing a thread on this topic some time ago: »[northeast] Important Changes to Your Email Service -