Re: They could hire me in http://www.dslreports.com/forum/r9530297 en Mon, 30 Nov 2009 22:30:34 EDT Mon, 30 Nov 2009 22:30:34 EDT Use A VPN http://www.dslreports.com/forum/remark,9540379 anon : If you are working from home you should be using a VPN - especially if you are in the financial services business.]]> http://www.dslreports.com/forum/remark,9540379 Sun, 29 Feb 2004 18:23:10 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9538618 hobgoblin : akristov showed understanding by posting

"Blocking port 25 is also a problem when say you are a financial advisor and working from home on a rainy day. All email has to be sent using the SMTP server at the financial advisors home office in order that it is archived per NASD rules."

Can you say VPN?

Hob
--
"A foolish consistency is the hobgoblin of little minds." - Ralph Waldo Emerson ]]> http://www.dslreports.com/forum/remark,9538618 Sun, 29 Feb 2004 14:45:45 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9538389 djrobx : Port 25 is used by BOTH servers AND email clients to send mail to the SMTP server. Such a block would prevent the perfectly legitimate use of using an alternative SMTP server.
--
\\ROB - a part of the SCB local network]]> http://www.dslreports.com/forum/remark,9538389 Sun, 29 Feb 2004 14:17:17 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9538145 LrdVader :
said by akristov See Profile:
Blocking port 25 is also a problem when say you are a financial advisor and working from home on a rainy day. All email has to be sent using the SMTP server at the financial advisors home office in order that it is archived per NASD rules.

For sensitive financial information, shouldn't the connection be running over SSL or a VPN anyway? Both will get around a port 25 block.]]> http://www.dslreports.com/forum/remark,9538145 Sun, 29 Feb 2004 13:49:11 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9537906 akristov : Blocking port 25 is also a problem when say you are a financial advisor and working from home on a rainy day. All email has to be sent using the SMTP server at the financial advisors home office in order that it is archived per NASD rules.]]> http://www.dslreports.com/forum/remark,9537906 Sun, 29 Feb 2004 13:22:36 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9537638 anon : keyboard5684... according to RFC standards, relaying mail thru a domain is not permitted. you are only allowed to use the 'local transport agent', i.e. the SMTP server that is located on your domain. i might also add that it is also against RFC to run a public mail system on a dhcp address.

besides... its pretty easy to set up a pop or imap account to download from a remote site, and send out locally.

i work for an isp that does block port 25. we are not huge like comcast, but because of the speeds we offer [9mbps/1mbps] its very easy for a user to pump out a ton of spam VERY quickly [i had the joy of shutting down a spammer on friday :) ]. when we did not have port 25 blocked, we had so many spam complaints that we had difficulty getting thru them all in one day. now, with port 25 blocked, we can better tell who is intentionally sending spam, and our workload in regards to spam is much lower. its also alot easier to tell who is intentionally spamming, and who is infected with the latest virus.

another thing that systems really shoud look at doing is checking ALL incoming connections to the mail server. doing this alone makes sure that the mail system contacting you is legit. ]]> http://www.dslreports.com/forum/remark,9537638 Sun, 29 Feb 2004 12:50:28 EDT They could hire me http://www.dslreports.com/forum/remark,9537346 newview : While I don't normally advocate changes that will effectively reduce the level of service I've grown accustomed to . . . in this case port 25 blocking is the ONLY answer to a continued increase in Comcast blacklisting.

Comcast is increasingly being seen as ineffective in policing their own network, and downright "spam friendly" by some. The reports of increasing blocks of large amounts of Comcast IP space by the likes of AOL, Earthlink & Mindspring are just a portent of worse days ahead, if Comcast doesn't do something to establish a trust with those networks who are doing the blocking. Port 25 blocking sends that "trust" message, and effectively communicates to the rest of the internet that they do, in fact, take abuse of the internet seriously.
--
The Rules of Spam | Maryland's New Anti-Spam Law
Where are we going? And what's with the hand basket? ]]> http://www.dslreports.com/forum/remark,9537346 Sun, 29 Feb 2004 12:13:35 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9537201 b1gdr3 : Blocking port 25 makes the most sense. Don't have to educate tard customers that way. I fully support blocking port 25.
--
I wasn't born with enough middle fingers.]]> http://www.dslreports.com/forum/remark,9537201 Sun, 29 Feb 2004 11:56:29 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9534704 en102 : I agree... unless you have a business account (with a static IP), port 25 should be blocked for outbound to anywhere except your ISP's SMTP servers]]> http://www.dslreports.com/forum/remark,9534704 Sun, 29 Feb 2004 01:01:30 EDT They could hire me http://www.dslreports.com/forum/remark,9534266 newview :
said by quibbly See Profile:
1) When a system if found to be infected with a trojan/virus/worm or considered open relay or in any form, relaying spam, have the persons Internet provider cut off their internet access. When the end user calls and states their internet isn't working, the ISP tech support will already have a note and can informing the customer of the problem. The tech support can help the end user fix the problem.
Comcast appears to have an abuse department that either;

•Does not care
•Is so understaffed that they cannot possibly address the current problems
•Is "micro-managed" by upper management to the point that they are not empowered to make termination decisions
•All of the above

The abuse@ mailbox is often full and bounces complaints sent to it, and the postmaster@ address is non-existant . . . a direct violation of RFC2142.

Without an efficient and effective abuse department who reads and acts upon abuse complaints, any and all measures to clean up their network will fail.
--
The Rules of Spam | Maryland's New Anti-Spam Law
Where are we going? And what's with the hand basket? ]]> http://www.dslreports.com/forum/remark,9534266 Sun, 29 Feb 2004 00:00:01 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9533676 quibbly : A cure to help stop spam and virus infected system
My two cents, but here is a simple solution to help stop SPAM and virus/worm infected systems.

1) When a system if found to be infected with a trojan/virus/worm or considered open relay or in any form, relaying spam, have the persons Internet provider cut off their internet access. When the end user calls and states their internet isn't working, the ISP tech support will already have a note and can informing the customer of the problem. The tech support can help the end user fix the problem.

2) Make every high speed user required to have a firewall (hardware) in place.

3) If on dialup, a software firewall installed.

4) If a large amount of spam comes from other countries, block that country until they fix the problem on their end.

All the above would stop all the infected systems, in turn, this will help speed up the internet. Number 1 would probably be one of the hardest because this will require all ISP's to become a little more organized and liable for their actions. Also, it would be great if the government could mandate all the above.

The key would require better communication from ISP to ISP, then from ISP to end user.

I for one receive a large amount of SPAM from Comcast. They seem to have the most unsecured systems around, or it could be they are making money off the systems and do not want to decrease their revenue.

Again, this is just my two cents. The solutions are simple, but in this day and age, simple seems to be the hardest thing to do.

Quibbly]]> http://www.dslreports.com/forum/remark,9533676 Sat, 28 Feb 2004 22:45:29 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9533419 wentlanc : Hosting a mail server from a residential account is not a legitimate service that is being provided to you on your residential account. You are getting that service by violating the TOS/AUP. Since you are not paying for that service in the first place, you are out nothing if they block it.

puritan]]> http://www.dslreports.com/forum/remark,9533419 Sat, 28 Feb 2004 22:06:38 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9531531 TimSpencer : In theory that makes perfect sense. In practice, paying for Comcast's Small Biz package does nothing for you. No static IP, can't run a server, I'm still using the same hardware I was on the residential side. All I'm getting for the addition $40/mo is a quicker response time if my circuit goes down.
--
"Don't think Meat, it can only hurt the ballclub." - Crash Davis]]> http://www.dslreports.com/forum/remark,9531531 Sat, 28 Feb 2004 17:50:10 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9531518 technick :
said by Jeremy341 See Profile:
said by natter See Profile:
How do you use non-standard ports for email? Other servers won't look at 28 or something.
Other servers won't, but a hosting company can set their servers so that they accept mail on port 28 from their customers. It's a very simple thing to do, and I'd do it for my customers in a second if anyone needed it.


That is the easy way of solving a problem, but it will cause more problems than it solves. I do not use my isp's mail personally for many facts, I prefer my own mail server as I can customize it, set other rules, and basically be the boss.

Maybe something like by default they block those ports on a per customer bases by default, and you can call in and have them remove those blocks.
--
AMD 2500, 1024 MEG PC 3200, 180 GIG HDD, MSI KT4 Ultra Board, MSI GEFORCE 4 TI 4600 »www.streamfire.net/portfolio]]> http://www.dslreports.com/forum/remark,9531518 Sat, 28 Feb 2004 17:48:37 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9531153 LrdVader :
said by ki1o See Profile:
I have a reason, I have my own domain email address and I use to use Comcasts smtp servers for my domain email until some isps blocked Comcasts smtp servers for "spam complaints". One example is, about every two months, when I tried to send email to my grandparents on webtv, the email would bounce back with "spam complaints."

Unfortunately, that solution has its own set of problems. I found out the hard way that some systems don't like this arrangement.

I tried sending a test message from Yahoo to my main email address. When it arrived, I found that Spamassassin had tagged it as being sent from a machine listed in SORBS. Upon further investigation, I determined that the SORBS-listed machine was my RoadRunner IP, listed in SORBS list of dynamic IP space. If I sent the same message through the RR SMTP server, Spamassassin didn't tag it. My IP appeared in the headers in both cases.

As far as I can tell, Spamassassin noticed that the Yahoo message was sent directly from my IP to Yahoo's server (via Yahoo web mail) without going through RR's SMTP. It interpreted this as an attempt at direct-to-MX spam from a dynamic IP, and flagged the message. In my case, this meant a small increase in the message's spam score. If my mail provider was simply bouncing suspected spam, the message wouldn't have gotten through at all.

So even though you don't use Comcast's SMTP, you still have an interest in the spam problem getting fixed. If it continues at the current rate, I wouldn't be surprised to see mail administrators start rejecting messages that have comcast.net anywhere in the headers. I know I'm getting damn close to setting my account to do just that.]]> http://www.dslreports.com/forum/remark,9531153 Sat, 28 Feb 2004 17:02:55 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530858 wheelzoff : That could be it too, with the millions of subscribers they have, they would definitely lose some cash getting rid of the many many infected users. Plus the cost of actually finding and removing them.
--
"The Stars Win The Stanley Cup, The Stars Win The Stanley Cup", Ralph Strangis.]]> http://www.dslreports.com/forum/remark,9530858 Sat, 28 Feb 2004 16:22:08 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530831 kpatz :
said by wheelzoff See Profile:
The more I think about it, it seems they aren't even hoping it goes away, they just don't care about the spam problem.
Could be they don't want to lose the revenue stream they get from the spammers on their network.]]> http://www.dslreports.com/forum/remark,9530831 Sat, 28 Feb 2004 16:19:36 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530821 wheelzoff : The more I think about it, it seems they aren't even hoping it goes away, they just don't care about the spam problem.
--
"The Stars Win The Stanley Cup, The Stars Win The Stanley Cup", Ralph Strangis.]]> http://www.dslreports.com/forum/remark,9530821 Sat, 28 Feb 2004 16:18:33 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530799 kpatz : Blocking ports to stop infected boxes from sending spam is like putting a bandaid on an infected sore - it masks the symptom but doesn't solve the problem.

Comcast has crappy email servers, and we'd be forced to use them if they block 25. What would be next, blocking 53 so we can only use their crappy DNS servers? Only allow port 80 to comcast.net? We don't need access to the rest of the web. ;) Think about it.

As I said, I would switch to DSL in a heartbeat if they ever pull this sort of crap.]]> http://www.dslreports.com/forum/remark,9530799 Sat, 28 Feb 2004 16:14:38 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530756 ki1o :
said by natter See Profile:
They need to block 25. No reason you can't use thier smtp servers.
I have a reason, I have my own domain email address and I use to use Comcasts smtp servers for my domain email until some isps blocked Comcasts smtp servers for "spam complaints". One example is, about every two months, when I tried to send email to my grandparents on webtv, the email would bounce back with "spam complaints." Then I would have to contact Comcast and eventually (after they stopped playing the blame game) get them to contact webtv to get off the spam list. After a month or two later I could send email to webtv again. Then two months later, the same "spam complaint" problems started again.

If I still used Comcast smtp servers, over half of my friends and family wouldn't be able to receive any of my emails. Now I use my domains smtp server which lets me send up to 50 emails a day for free. The most emails I send in an average day is about 10 or less.
--
Boycott The RIAA]]> http://www.dslreports.com/forum/remark,9530756 Sat, 28 Feb 2004 16:08:28 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530754 hescominsoon : adelphnia introduced a firmware upgrade here in brunswick(when i had them) that enabled the cable modems(or cmts) to block port 25 on all users...i had to use adelphia mail servers..but this was not a problem for me..:)
--
God Bless »www.emmanuelcomputerconsulting.com]]> http://www.dslreports.com/forum/remark,9530754 Sat, 28 Feb 2004 16:08:02 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530700 nshulga :
said by natter See Profile:
They need to block 25. No reason you can't use thier smtp servers.


There are two very good reasons not to use Crapcast' smtp servers
1) they are down most of the time
2) thewy lose mail even when they are up.]]> http://www.dslreports.com/forum/remark,9530700 Sat, 28 Feb 2004 16:01:32 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530575 KUppiano : Rather than blocking ports at the server, ISP-supplied modems could be equipped with routers that block most "advanced" services by default.

For some reason, cable modems usually don't come with a NAT router or any kind of firewall/port filtering. ADSL modems often do, and it's not only a good security feature, it makes it easy to set up a nice little SOHO LAN.

They usually ship with all ports open by default, but they are quite easy to OEM with custom settings from the ISP.]]> http://www.dslreports.com/forum/remark,9530575 Sat, 28 Feb 2004 15:46:42 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530565 kpatz : If they do resort to blocking port 25, they should offer a "power users" or "home office" service tier with the port unblocked, and/or email servers allowed, maybe for a little more $ per month. The extra $ could go into monitoring power users to make sure they don't get infected and spew spam, and shut them down if they do.

Although one "can" use smtp.comcast.net for all their mail, there may be reasons one cannot - say because they're working from home or taking online classes and are required to use another server. Or becuase the address they're trying to send to blacklisted comcast's IP range. Also, Comcast's email servers aren't particularly well administered. They tend to block anything that "could" be the virus of the week, for example, try sending an email with an attachment named update.zip, regardless of content, to a comcast.net address. It won't arrive, and no notification that it wasn't sent.]]> http://www.dslreports.com/forum/remark,9530565 Sat, 28 Feb 2004 15:45:41 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530515 KUppiano :
said by keyboard5684 See Profile:
You get my point. ISPs should not block ports, they should terminate users that break the rules.

Amen to that. Removing legitimate services from all users to keep a few users from "going bad" is a rotten strategy.]]> http://www.dslreports.com/forum/remark,9530515 Sat, 28 Feb 2004 15:39:46 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530460 RARPSL :
said by natter See Profile:
How do you use non-standard ports for email? Other servers won't look at 28 or something.


Most/Many SMTP Servers monitor not only Port25 (The MTA [Mail Transmission Agent] Port for Server-to-Server forwarding of Email) but Port587 (The MSA [Mail Submission Agent] Port that is SUPPOSED to be used to submit Email into the System instead of Port25). If an ISP REQUIRES the use of Port587 (along with SMTP AUTH as Required by the Port587 RFC) for all To-Be-Relayed mail submission to their Servers (no matter if it comes from their LAN or the Internet WAN) then they solve the issue of Trojan Spam Code pumping SPAM through their system. ]]> http://www.dslreports.com/forum/remark,9530460 Sat, 28 Feb 2004 15:31:56 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530297 jsouth : If you need to run a server or have business needs you should use the business end otherwise you use the residential version. If you are running a server on a residential line be careful. A lot of ISPs consider that a TOS violation and could cancel your service. Cox blocked port 25 and it made people mad. I am glad they did it though. A lot of people who were complaining about not being able to do business and stuff with port 25 blocked were on residential lines and they were forced either to cancel service or get the business service. Either way it cut down the crap on residential lines.]]> http://www.dslreports.com/forum/remark,9530297 Sat, 28 Feb 2004 15:11:21 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9530259 Freezone : They will lose a % of customers that need to send mail via there jobs e-mail server.

What they need to do is stop selling modems, but sale routers with these ports filtered and have directions on how to unblock.

Any user smart enough to unblock a router should be reasonably responsible.]]> http://www.dslreports.com/forum/remark,9530259 Sat, 28 Feb 2004 15:07:32 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9529994 Plldwnyrpnts :
said by natter See Profile:
People forget it's a residential service and not a business one. If you want to send email, use smtp.comcast.net. Otherwise, block it. I'm sick of putting in cable modem users in my spam list. The few/stupid ruin it for the many. A shame, but life goes on.


Bullshit! Many people use their internet connections for things other than just surfing web pages and email friends and family. Once ISPs start blocking ports to protect/correct the stoopid (not the cable modem users,) the rest of us lose!

Rules, rules, and yet more rules won't make anything any better. It will make it stoopider!]]> http://www.dslreports.com/forum/remark,9529994 Sat, 28 Feb 2004 14:30:11 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9529895 Jeremy341 :
said by natter See Profile:
How do you use non-standard ports for email? Other servers won't look at 28 or something.
Other servers won't, but a hosting company can set their servers so that they accept mail on port 28 from their customers. It's a very simple thing to do, and I'd do it for my customers in a second if anyone needed it.]]> http://www.dslreports.com/forum/remark,9529895 Sat, 28 Feb 2004 14:17:37 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9529866 natter : Agreed. They need to get off their butts. They will probably overeact in some way.]]> http://www.dslreports.com/forum/remark,9529866 Sat, 28 Feb 2004 14:13:31 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9529805 wheelzoff : Well, at this point it couldn't hurt to try SOMETHING, because so far it seems Comcast thinks it will just go away on it's own.
--
"The Stars Win The Stanley Cup, The Stars Win The Stanley Cup", Ralph Strangis.]]> http://www.dslreports.com/forum/remark,9529805 Sat, 28 Feb 2004 14:04:54 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9529724 natter : How do you use non-standard ports for email? Other servers won't look at 28 or something.

People forget it's a residential service and not a business one. If you want to send email, use smtp.comcast.net. Otherwise, block it. I'm sick of putting in cable modem users in my spam list. The few/stupid ruin it for the many. A shame, but life goes on.]]> http://www.dslreports.com/forum/remark,9529724 Sat, 28 Feb 2004 13:54:35 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9529683 keyboard5684 : I think that is a bad idea. By ISPs blocking port 25 they cannot connect to other servers (like there domain hosting company) to send legitimate email. By doing this others create a work around, you can use a different port. After a while the non-standard port becomes standard. Then ISPs begin blocking other ports.

P2P has the majority of users doing illegal stuff (I know, some of it is legal but most is not). Does this mean ISPs should block those services too?

What about VOIP? Using VOIP services from other companies means a loss in profits for the ISP if they offer VOIP. Block that too?

IRC generates a ton of non-legitimate "chatter".

You get my point. ISPs should not block ports, they should terminate users that break the rules.]]> http://www.dslreports.com/forum/remark,9529683 Sat, 28 Feb 2004 13:49:34 EDT Re: They could hire me http://www.dslreports.com/forum/remark,9529487 natter : They need to block 25. No reason you can't use thier smtp servers.]]> http://www.dslreports.com/forum/remark,9529487 Sat, 28 Feb 2004 13:21:47 EDT They could hire me http://www.dslreports.com/forum/remark,9529420 kpatz : I need a job, I could do it.

I hope they go about it the right way, instead of limiting service by blocking port 25, etc. I'll switch to Verizon if that happens.]]> http://www.dslreports.com/forum/remark,9529420 Sat, 28 Feb 2004 13:12:51 EDT