dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
24

ArrayList
DevOps
Premium Member
join:2005-03-19
Mullica Hill, NJ

ArrayList to graysonf

Premium Member

to graysonf

Re: Comcast decides to block port 25 IN and OUT with no notice.

most residential ip blocks are blacklisted from even exchanging mail with mail servers. I'm on business class right now. The IP address that I have now, I also had on residential. Port 25 has never been blocked for me to non-comcast email servers. Maybe I slipped through the cracks or something, but it is what it is.

graysonf
MVM
join:1999-07-16
Fort Lauderdale, FL

graysonf

MVM

Not all mail servers block connections from residential IPs. If they all did, there wouldn't be a spam bot problem.

I can still get out on port 25 on residential service. But I imagine if I put it to real use it would wind up being blocked.

I'm pretty sure they will get around to blocking every residential account eventually. It's only a matter of time.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS to ArrayList

MVM

to ArrayList
said by ArrayList:

most residential ip blocks are blacklisted from even exchanging mail with mail servers.

That is far from true. The only residential IP address blocks in lists are those preemptively blocked because the IP address block owner requested the listing, or they were reactively blocked for hitting spamtraps. The rest are not blocked.

I'm on business class right now. The IP address that I have now, I also had on residential. Port 25 has never been blocked for me to non-comcast email servers. Maybe I slipped through the cracks or something, but it is what it is.

When SBC announced port 25 blocking in October, 2002 (I still have that email announcement), it took them until March, 2003, to block my account profile.

The Comcast announcement seems to be fairly recent; give them a little time.

ArrayList
DevOps
Premium Member
join:2005-03-19
Mullica Hill, NJ

ArrayList

Premium Member

said by NormanS:

The Comcast announcement seems to be fairly recent; give them a little time.

fair enough

Demog
@cebridge.net

Demog

Anon

Boy if you have anything that will only work if port 25 is open, I'd scream at the OEM, not Comcast. Anything that needs port 25 is very old or was poorly designed/implemented.

Comcast was late to this game, ISPs have been blocking port 25 for years to protect their network which I appreciate.

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer

Premium Member

said by Demog :

Boy if you have anything that will only work if port 25 is open, I'd scream at the OEM, not Comcast. Anything that needs port 25 is very old or was poorly designed/implemented.

I agree about the old or poorly designed/implemented statement. However, sometimes the OEM is Comcast, as in the Comcast branded Netgear WNR1000v2-VC which has custom Comcast firmware (and the firmware in the device below is the latest IPv6 firmware which was released after Comcast made the decision to block port 25 for residential accounts):



graysonf
MVM
join:1999-07-16
Fort Lauderdale, FL

graysonf

MVM

Will that router connect to an stunnel listening on a LAN host on port 25 which forwards to smtp.comcast.net on port 465?

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer

Premium Member

said by graysonf:

Will that router connect to an stunnel listening on a LAN host on port 25 which forwards to smtp.comcast.net on port 465?

Actually, I run a local email server, but this particular router seems to only use the WAN port for email notification and for NTP sync (at least that is my recollection from when I was using it as only an access point with no WAN connection for a while...but that was also several firmware revs ago). Also, this particular router is currently on an isolated VLAN with no IP connectivity to my LAN (although I do have an administrative backdoor link that could be activated and left live if necessary). Fortunately, I have a business class account and port 25 is not blocked for me, so it still works (for now) using port 25 over the WAN interface.

Thanks for the reminder/tip though, if I suddenly find that my dynamic IP business class has port 25 blocked, I will give the LAN email server IP a try again (maybe the current firmware supports it).