dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
13591
share rss forum feed


owlyn
Premium,MVM
join:2004-06-05
Newtown, PA
reply to CSampson

Re: Comcast decides to block port 25 IN and OUT with no notice.

I got the Comcast email, read it, and took the 20 seconds to change the ports for the accounts in my email client. What do you want them to do, call you on the phone? Come to your house? They have to contact you somehow.



tomp

@comcast.net
reply to 56885201

Wow, I smell arrogance. I was not notified about the port change. I spent a significant amount of time wondering why what worked yesterday does not work today. Comcast wasted my time and has done so in many other situations. They have a monopoly in my area, we have lost choice in communications providers. Anti monopoly laws were put in place to maintain healthy competition that benefited consumers and promoted innovation. Those days are almost gone if we continue to tolerate this kind of behavior.



56885201
Ain't Nothin' But A Hound Dawg
Premium
join:2005-05-01
Dawg House

said by tomp :

Wow, I smell arrogance. I was not notified about the port change. I spent a significant amount of time wondering why what worked yesterday does not work today. Comcast wasted my time and has done so in many other situations. They have a monopoly in my area, we have lost choice in communications providers. Anti monopoly laws were put in place to maintain healthy competition that benefited consumers and promoted innovation. Those days are almost gone if we continue to tolerate this kind of behavior.

Hmm, shall I tell you what I smell?

Comcast sent a notification email to subscribers; there have been other posters in this thread who have verified that (even if you don't believe me). I have no way of knowing if your email was eaten by a spam blocker or simply ignored, but nonetheless, the notification email was sent.

Even if there had been no email notification, port 25 for residential users is listed as being blocked on the Comcast support site (and it has been listed there for many months). The link to that document has already been posted in this thread and in this related thread: »[Rant] Crazy port blocking . Exactly how much notification do you think that Comcast should have given to you personally?

As for competetion, blocking port 25 for residential users is a very common practice; so even if you had a choice, most likely your alternative ISP would also block port 25.
--
Some days you're the dog; some days you're the hydrant.


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to tomp

said by tomp :

Wow, I smell arrogance. I was not notified about the port change. I spent a significant amount of time wondering why what worked yesterday does not work today. Comcast wasted my time and has done so in many other situations.

It took me all of 3 seconds to find:
»www.google.com/search?client=ope···=suggest

They have a monopoly in my area, we have lost choice in communications providers. Anti monopoly laws were put in place to maintain healthy competition that benefited consumers and promoted innovation. Those days are almost gone if we continue to tolerate this kind of behavior.

In my area, I have:

• AT&T
• Comcast
• DSL Extreme
• Sonic.net, LLC

... and probably some others. Port 25 is mostly blocked by default, but various customer service options will permit port 25 access for all competitors. A little judicious Internet searching would have turned up answers in less than half an hour.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2
reply to tomp

said by tomp :

Wow, I smell arrogance. I was not notified about the port change. I spent a significant amount of time wondering why what worked yesterday does not work today. Comcast wasted my time and has done so in many other situations. They have a monopoly in my area, we have lost choice in communications providers. Anti monopoly laws were put in place to maintain healthy competition that benefited consumers and promoted innovation. Those days are almost gone if we continue to tolerate this kind of behavior.

Well, you do have options. If there really is no competition in your area that will allow outbound TCP port 25, then absolutely, positively refuse to tolerate it:

Become your own ISP and run things the way you want to, or move to an area that has a service provider that will allow your use of outbound TCP port 25.


AnonMan

@comcast.net

I love people that say become your own ISP.

Too bad all the big companies have monopolized the states so much and lobbied for so many restrictions and laws it's almost impossible.

The only reason Google got to do it was they have deeper pockets.
When is the last time you really saw a new ISP start up much less expand far? ISP is a profitable business to run, no reason to not expand it but rules/laws make it hard. Stupid agreements may not allow competition or not allow one the same access as another etc.

The days of Dial-up are over and that is the days when everyone was becoming and ISP as all was restricted to the same rules. Today is a whole new game. Whoever has the deeper pockets will win. Heck even our presidency goes that way lol


efball

join:2010-08-31
Santa Rosa, CA

I do read my Comcast email, but I didn't get any notice.
When I signed up 2 years ago port 25 outbound was blocked, so I used port 587 and relayed thru comcast. That worked fine, but I was using port 25 inbound to receive mail for my domains, which stopped a couple days ago. Blocking port 25 inbound doesn't stop spam, they are doing this just because they can and they want to squeeze more money out of people. No way I'm upgrading to business class. I can buy a virtual server for $15/year and use that for my email server.



NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC

said by efball:

Blocking port 25 inbound doesn't stop spam, they are doing this just because they can and they want to squeeze more money out of people. No way I'm upgrading to business class. I can buy a virtual server for $15/year and use that for my email server.

I believe the Comcast ToS prohibits servers on residential connections. Blocking inbound port 25 would effectively enforce that prohibition.

FWIW, my ISP, Sonic.net, blocks port 25, both outbound and inbound, on dynamic residential accounts. I have three static options:

• /32 for free.
• /30 for $10 a month extra.
• /29 for $20 a month extra.

I chose the /32.

--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to efball

said by efball:

I do read my Comcast email, but I didn't get any notice.
When I signed up 2 years ago port 25 outbound was blocked, so I used port 587 and relayed thru comcast. That worked fine, but I was using port 25 inbound to receive mail for my domains, which stopped a couple days ago. Blocking port 25 inbound doesn't stop spam, they are doing this just because they can and they want to squeeze more money out of people. No way I'm upgrading to business class. I can buy a virtual server for $15/year and use that for my email server.

Did you read the TOS/AUP two years ago? If so, then you knew what you were doing was not supported, and in fact not a valid use of residential service.
--
My place : »www.schettino.us


ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
reply to graysonf

wait a minute, they block the ability to connect to mail servers that are not even on their network via port 25? That is a standard smtp port. Comcast shouldn't be blocking it.



ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
Reviews:
·RCN CABLE
·Comcast
reply to NormanS

said by NormanS:

OP wants to test an off-Comcast network SMTP server, and definitely should get a business-class account for that purpose.

really? a business class connection just to test if port 25 is working?


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2
reply to ArrayList

They do for residential service because it eliminates the ability to do direct MX, which is the method compromised machines use to send large volumes of spam.

Most ISPs do this on residential service.



ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
Reviews:
·RCN CABLE
·Comcast

most residential ip blocks are blacklisted from even exchanging mail with mail servers. I'm on business class right now. The IP address that I have now, I also had on residential. Port 25 has never been blocked for me to non-comcast email servers. Maybe I slipped through the cracks or something, but it is what it is.



graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2

Not all mail servers block connections from residential IPs. If they all did, there wouldn't be a spam bot problem.

I can still get out on port 25 on residential service. But I imagine if I put it to real use it would wind up being blocked.

I'm pretty sure they will get around to blocking every residential account eventually. It's only a matter of time.



NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to ArrayList

said by ArrayList:

most residential ip blocks are blacklisted from even exchanging mail with mail servers.

That is far from true. The only residential IP address blocks in lists are those preemptively blocked because the IP address block owner requested the listing, or they were reactively blocked for hitting spamtraps. The rest are not blocked.

I'm on business class right now. The IP address that I have now, I also had on residential. Port 25 has never been blocked for me to non-comcast email servers. Maybe I slipped through the cracks or something, but it is what it is.

When SBC announced port 25 blocking in October, 2002 (I still have that email announcement), it took them until March, 2003, to block my account profile.

The Comcast announcement seems to be fairly recent; give them a little time.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to ArrayList

said by ArrayList:

said by NormanS:

OP wants to test an off-Comcast network SMTP server, and definitely should get a business-class account for that purpose.

really? a business class connection just to test if port 25 is working?

Why does a residential user need to "test if port 25 is working" on a server they don't run?
--
My place : »www.schettino.us


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to ArrayList

said by ArrayList:

wait a minute, they block the ability to connect to mail servers that are not even on their network via port 25? That is a standard smtp port. Comcast shouldn't be blocking it.

That is the standard for SMTP server to server communication. Users should submit mail on port 587. A residential user does not lose any functionality.
--
My place : »www.schettino.us


ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
reply to JohnInSJ

the server is not run on the business class connection. That alone says that you don't need business level service.



ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
Reviews:
·RCN CABLE
·Comcast
reply to NormanS

said by NormanS:

The Comcast announcement seems to be fairly recent; give them a little time.

fair enough


Demog

@cebridge.net

Boy if you have anything that will only work if port 25 is open, I'd scream at the OEM, not Comcast. Anything that needs port 25 is very old or was poorly designed/implemented.

Comcast was late to this game, ISPs have been blocking port 25 for years to protect their network which I appreciate.



NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

said by Demog :

Boy if you have anything that will only work if port 25 is open, I'd scream at the OEM, not Comcast. Anything that needs port 25 is very old or was poorly designed/implemented.

I agree about the old or poorly designed/implemented statement. However, sometimes the OEM is Comcast, as in the Comcast branded Netgear WNR1000v2-VC which has custom Comcast firmware (and the firmware in the device below is the latest IPv6 firmware which was released after Comcast made the decision to block port 25 for residential accounts):



--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2

Will that router connect to an stunnel listening on a LAN host on port 25 which forwards to smtp.comcast.net on port 465?



NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

said by graysonf:

Will that router connect to an stunnel listening on a LAN host on port 25 which forwards to smtp.comcast.net on port 465?

Actually, I run a local email server, but this particular router seems to only use the WAN port for email notification and for NTP sync (at least that is my recollection from when I was using it as only an access point with no WAN connection for a while...but that was also several firmware revs ago). Also, this particular router is currently on an isolated VLAN with no IP connectivity to my LAN (although I do have an administrative backdoor link that could be activated and left live if necessary). Fortunately, I have a business class account and port 25 is not blocked for me, so it still works (for now) using port 25 over the WAN interface.

Thanks for the reminder/tip though, if I suddenly find that my dynamic IP business class has port 25 blocked, I will give the LAN email server IP a try again (maybe the current firmware supports it).
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to ArrayList

said by ArrayList:

the server is not run on the business class connection. That alone says that you don't need business level service.

I have no idea what you're saying here. You aren't allowed to run any server on residential. Only an SMTP SERVER needs to send traffic on port 25. Therefore you need to be on business class to send traffic on port 25. QED
--
My place : »www.schettino.us

Kearnstd
Space Elf
Premium
join:2002-01-22
Mullica Hill, NJ
kudos:1
reply to pclover

Dont blame Comcast. Blame the millions of people too stupid to know that banner ad that says "Get a free iPad" is actually turning their computer into a bot.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports



NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to ArrayList

said by ArrayList:

wait a minute, they block the ability to connect to mail servers that are not even on their network via port 25? That is a standard smtp port. Comcast shouldn't be blocking it.

That is a standard "server-to-server" port. End users should be using the standard "user-to-server" port:

»tools.ietf.org/html/rfc6409
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC

1 edit
reply to ArrayList

said by ArrayList:

said by NormanS:

OP wants to test an off-Comcast network SMTP server, and definitely should get a business-class account for that purpose.

really? a business class connection just to test if port 25 is working?

Yes, because port 25 is no longer a standard user port; hasn't really been since RFC 2476 was published in December, 1998.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
Reviews:
·RCN CABLE
·Comcast
reply to JohnInSJ

said by JohnInSJ:

said by ArrayList:

the server is not run on the business class connection. That alone says that you don't need business level service.

I have no idea what you're saying here.

I don't run a server on my connection, why can't I open a tcp connection to a remote server over port 25 without paying more money for the privilege to do so? I really don't care either way. Spammers will spam regardless of what Comcast does.

AVonGauss
Premium
join:2007-11-01
Boynton Beach, FL

Blocking outbound 25/tcp significantly lowers the amount of e-mail spam coming from an ISP. If you run a mail server, it's very easy to tell who is blocking and who is not blocking based on the spam mail attempts.

I probably already said this in this thread, but Comcast should have done this years ago.



graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2

1 recommendation

reply to ArrayList

Get a free shell account on »www.cjb.net

Connect anywhere you want to destination port TCP 25.