dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
43

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

1 edit

NetFixer to graysonf

Premium Member

to graysonf

Re: Comcast SMTP whoa's

said by graysonf:

But the IPv6 address for smtp.comcast.net is pingable via ICMP

But the IPv6 smtp.comcast.net server still does not allow active sessions on port 25 (even on a business class connection where outbound port 25 is not blocked):

webhost:/ # telnet smtp.comcast.net 25
Trying 2001:558:fe14:70::30...
Connected to smtp.comcast.net.
Escape character is '^]'.
554 omta15.westchester.pa.mail.comcast.net comcast Port 25 not allowed
 - http://customer.comcast.com/help-and-support/internet/email-client-programs-with-xfinity-email/
Connection closed by foreign host.
 


OTOH, it does still accept authenticated port 587 sessions (even without TLS):

webhost:/ # telnet smtp.comcast.net 587
Trying 2001:558:fe14:70::30...
Connected to smtp.comcast.net.
Escape character is '^]'.
220 omta06.westchester.pa.mail.comcast.net comcast ESMTP server ready
quit
221 2.0.0 omta06.westchester.pa.mail.comcast.net comcast closing connection
Connection closed by foreign host.
 

So perhaps that might be a solution for dczar1. That is assuming that local lack of SSL support is the dczar1's problem (as is the case with Microsoft's SMTP service) as opposed to the inability to change the outbound port, or to use authentication.

graysonf
MVM
join:1999-07-16
Fort Lauderdale, FL

graysonf

MVM

I never said anything about port 25 not being blocked on smtp.comcast.net via IPv6. But I will say that Comcast is not blocking port 25 via IPv6 elsewhere.

Stunnel can be used to work around most client limitations regarding destination ports and lack of SSL.

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer

Premium Member

said by graysonf:

I never said anything about port 25 not being blocked on smtp.comcast.net via IPv6. But I will say that Comcast is not blocking port 25 via IPv6 elsewhere.

Port 25 is not being "blocked" per se for use with smtp.comcast.net (IPv4 or IPv6), the server itself is simply refusing to allow an active session on port 25. However, many (and likely soon all) Comcast residential users do have a universal IPv4 port 25 block (and I suspect that eventually Comcast security will notice the IPv6 oversight).
said by graysonf:

Stunnel can be used to work around most client limitations regarding destination ports and lack of SSL.

Yes, stunnel (and other local proxy solutions) can be used to get around a client config limitation problem. Recent versions of Eudora do support SSL, but dczar1 could not get that to work, so I suspect that setting up an stunnel proxy would be equally problematic. Are you volunteering to set that up for dczar1?
dczar1
join:2013-04-09
Oak Park, IL

dczar1 to NetFixer

Member

to NetFixer
said by NetFixer:

said by graysonf:

But the IPv6 address for smtp.comcast.net is pingable via ICMP

But the IPv6 smtp.comcast.net server still does not allow active sessions on port 25 (even on a business class connection where outbound port 25 is not blocked):

webhost:/ # telnet smtp.comcast.net 25
Trying 2001:558:fe14:70::30...
Connected to smtp.comcast.net.
Escape character is '^]'.
554 omta15.westchester.pa.mail.comcast.net comcast Port 25 not allowed
 - http://customer.comcast.com/help-and-support/internet/email-client-programs-with-xfinity-email/
Connection closed by foreign host.
 


OTOH, it does still accept authenticated port 587 sessions (even without TLS):

webhost:/ # telnet smtp.comcast.net 587
Trying 2001:558:fe14:70::30...
Connected to smtp.comcast.net.
Escape character is '^]'.
220 omta06.westchester.pa.mail.comcast.net comcast ESMTP server ready
quit
221 2.0.0 omta06.westchester.pa.mail.comcast.net comcast closing connection
Connection closed by foreign host.
 

So perhaps that might be a solution for dczar1. That is assuming that local lack of SSL support is the dczar1's problem (as is the case with Microsoft's SMTP service) as opposed to the inability to change the outbound port, or to use authentication.

I have SSL support in all three email clients, Eudora, Thunderbird and Mail. Ccast says it's because the domain of my incoming mail is not from ccast so I can't then send mail.

Seems like a devious plan to put third-party ISP's out of biz...I've had my email address for some 22 years. How many sites have I registered with that have it, clients and whomever else? I literally can't switch as comcast would like me to.

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

1 edit

NetFixer

Premium Member

said by dczar1:

I have SSL support in all three email clients, Eudora, Thunderbird and Mail. Ccast says it's because the domain of my incoming mail is not from ccast so I can't then send mail.

Seems like a devious plan to put third-party ISP's out of biz...I've had my email address for some 22 years. How many sites have I registered with that have it, clients and whomever else? I literally can't switch as comcast would like me to.

If and/or when you decide that you want help troubleshooting your problem and are willing to cooperate with the troubleshooting process instead of just ranting, perhaps you might get some help.

FWIW, I did a test for the OP in this thread: »Re: Comcast SMTP whoa's that did exactly what you are describing (sending email from two different domains using smtp.comcast.net on port 587, and Comcast did not reject my email (as the attached received email source illustrates).

As for me, I'm done with this thread since you obviously don't want my help. Good luck with solving your problem.

graysonf
MVM
join:1999-07-16
Fort Lauderdale, FL

graysonf to NetFixer

MVM

to NetFixer
I'd venture to say that if it doesn't work for him he's doing something wrong. The most common mistake is to use username/password encryption. This will not work.
dczar1
join:2013-04-09
Oak Park, IL

dczar1 to NetFixer

Member

to NetFixer
said by NetFixer:

said by dczar1:

I have SSL support in all three email clients, Eudora, Thunderbird and Mail. Ccast says it's because the domain of my incoming mail is not from ccast so I can't then send mail.

Seems like a devious plan to put third-party ISP's out of biz...I've had my email address for some 22 years. How many sites have I registered with that have it, clients and whomever else? I literally can't switch as comcast would like me to.

If and/or when you decide that you want help troubleshooting your problem and are willing to cooperate with the troubleshooting process instead of just ranting, perhaps you might get some help.

FWIW, I did a test for the OP in this thread: »Re: Comcast SMTP whoa's that did exactly what you are describing (sending email from two different domains using smtp.comcast.net on port 587, and Comcast did not reject my email (as the attached received email source illustrates).

As for me, I'm done with this thread since you obviously don't want my help. Good luck with solving your problem.

Gosh, and here I thought I explained quite clearly what I had done and you get snarky. How positively nice is that?

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

1 edit

NormanS to dczar1

MVM

to dczar1
said by dczar1:

Seems like a devious plan to put third-party ISP's out of biz...I've had my email address for some 22 years. How many sites have I registered with that have it, clients and whomever else? I literally can't switch as comcast would like me to.

Can you not use a 'comcast.net' email address solely for the authentication? SBC put their customers through this same wringer ten years ago. What I did was to configure my client to use '******@pacbell.net' for authentication, but '********@aosake.net' for the "From:" address. Nobody ever saw the 'pacbell.net' address, just the 'aosake.net' address.

It works the same with my new ISP:

From: and Auth difference.


Addendum:

As an example, here are headers (my server is temporarily offline, so I used another account):
x-store-info:J++/JTCzmObr++wNraA4Pa4f5Xd6uens/GgAwQp04qJrhQ4X0uoZBxy/dkHL
    xXCBwcjWNRRSpd5wSmJIm7sPnF90XvpI8tgDdQqFgQ94hQrwykr8H4IG9Nepp4wYI/bbM9fSYt1l+Dw=
Authentication-Results: hotmail.com; spf=none (sender IP is 64.142.19.5)
    smtp.mailfrom=**********@netscape.net; dkim=none header.d=netscape.net; x-hmca=none
X-SID-PRA: **********@netscape.net
X-AUTH-Result: NONE
X-SID-Result: NONE
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0xO0Q9MTtHRD0xO1NDTD0w
X-Message-Info: aKlYzGSc+LngSIEN9nC7GRaVlXLN7zbKfIbKa3LQPpvRklgyf+bf1scoommzxBTAkAMxYwudjV
    0qga6n0nCDcfOtPllc5DBdQN2m8xxSK/yMpJH5Hzv/zxqZOrK/sk+sVaTixt5quAZd91kfuAq5n0OMMoo45RWa
Received: from b.mail.sonic.net ([64.142.19.5])
         by COL0-MC4-F26.Col0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
 Wed, 10 Apr 2013 22:50:16 -0700
Received: from akari.akari.aosake.net (reki.aosake.net [173.228.7.217])
(authenticated bits=0)
by b.mail.sonic.net (8.13.8.Beta0-Sonic/8.13.7) with ESMTP id r3B5oFIN030506
(version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO)
for <**********@hotmail.com>; Wed, 10 Apr 2013 22:50:15 -0700
Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes
Date: Wed, 10 Apr 2013 22:50:14 -0700
To: "**********@hotmail.com" <**********@hotmail.com>
Subject: [TEST] SMTP Server
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: "NormanS" <**********@netscape.net>
Message-ID: <op.wvc3tza65ghexu@akari.akari.aosake.net>
User-Agent: Opera Mail/12.15 (Win64)
Return-Path: **********@netscape.net
X-OriginalArrivalTime: 11 Apr 2013 05:50:16.0527 (UTC) FILETIME=[714E85F0:01CE3678]
 
Lines 15 through 19 show my ISP (Sonic.net) message submission server accepting email with authentication.

Line 26 shows the From: address as a Netscape domain.

No line shows my Sonic.net email address, though it was needed to authenticate to the server.

This is pretty much what NetFixer See Profile showed in his headers. When I was with AT&T, this still worked the same; different servers, same results.

Comcast expects you to authenticate to their message submission server with a Comcast UserID; they don't require From: to be a Comcast email address.

graysonf
MVM
join:1999-07-16
Fort Lauderdale, FL

graysonf

MVM

Comcast SMTP authentication uses the bare username, not the full email address)

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

Actually, probably Sonic.net, as well. But I got used to using the full email address under SBC/AT&T. With eleven different email domains, they need to distinguish between '******@pacbell.net', '******@nvbell.net', and '******@prodigy.net', among others.

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer to graysonf

Premium Member

to graysonf
said by graysonf:

Comcast SMTP authentication uses the bare username, not the full email address)

Comcast does not require the use of the full email address for their residential smtp.comcast.net server, but they do accept it. Their smtp.xxx.comcast.net business class servers do require the full email address because the host name part of the authentication email address is different for each customer.