davidljung
join:2006-01-03
Knoxville, TN
|  New policy: blocking port 25 in *both* directions
According to Cynthia at the Advanced Solutions Group in OH (Level 3 support), Bellsouth has a new policy of blocking SMTP (port 25) traffic in *both* directions (not just outgoing).
That makes Bellsouth the only ISP to block any incoming traffic to my knowledge.
It was my previous understanding that only outgoing port 25 traffic was being filtered/blocked as an anti-spam measure - which makes a lot of sense.
However, Cynthia informed me today that their policy is now to block port 25 traffic in both directions - i.e. also incoming traffic.
I'm not sure I understand the reason for blocking incoming traffic, as it won't help stop SPAM, but I know that it means I have to switch to another ISP after being a BS DSL customer for 6 years.
Until yesterday I have run an SMTP server that recieved around 5000-10000 emails a day (from automated scripts as part of a game system).
But yesterday there was a DSL outage for half the day in my area (Knoxville,TN) and after service was restored all incoming traffic on port 25 is being blocked.
Calls to tech support, level 1,2 and finally 3, lead me to talk to Cynthia who informed me that I was just lucky that my incoming traffic wasn't being filtered before.
Unfortunately, that leaves me with no choice but to switch to Comcast or Knology.
So if you're getting incoming traffic blocked to your address, that's why.
-David. |
|
graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
| Running a mail server on residential server has always been a violation of the AUP. Apparently, now technical measures are being used to enforce the policy.
If you need to do this, then either switch to Bellsouth business class service, find another ISP that allows it, or find a technical workaround. |
|
Not true
@bls.com
| reply to davidljung
Cynthia is full of it. Port 25 is for outbound SMTP only. BellSouth uses the POP3 default Port 110 for incoming mail. Now there may be blocking of specific email servers/domains but they can't block the port that uses POP3 or no one would get any email. |
|
graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL | You don't understand what SMTP is or how it works. It doesn't have anything to do with POP3 on port 110. |
|
ropeguru
Premium
join:2001-01-25
Bridgeport, WV
clubs:
 ·VOIPo
| reply to Not true
Re: New policy: blocking port 25 in *both* directi
said by Not true :
Cynthia is full of it. Port 25 is for outbound SMTP only. BellSouth uses the POP3 default Port 110 for incoming mail. Now there may be blocking of specific email servers/domains but they can't block the port that uses POP3 or no one would get any email.
Sorry, Cynthia may not be full of it. If the OP is running his/her own mail server and Bellsouth decides to block all inbound port 25 traffice to DSL connections, they can certainly do that.
I think you need to read up on POP3 and what it is really used for. It is intended for the client, ie. Outlook Express, thunderbird, etc.., to retrieve mail FROM the server. Not to send mail between servers.
--
FWD#: 223611 |
|
Not true
@bls.com | reply to davidljung
Re: New policy: blocking port 25 in *both* directions
Oops, my mistake. I wasn't thinking and overlooked that he was running his own email server and receiving mail. Never mind. |
|
mikes60
My Paradise
Premium
join:2001-07-31
Boynton Beach, FL
 ·AT&T Southeast
·Vonage
| reply to davidljung
Am I correct in assuming that those of us who do not run servers, but use FastAccess to download email from other ISPs will not have a problem?
I know that we can't send email from other ISPs over FastAccess.
--
Today is the tomorrow you worried about yesterday--so why bother? |
|
ropeguru
Premium
join:2001-01-25
Bridgeport, WV
clubs:
·VOIPo
| Re: New policy: blocking port 25 in *both* directi
said by mikes60  :Am I correct in assuming that those of us who do not run servers, but use FastAccess to download email from other ISPs will not have a problem? I know that we can't send email from other ISPs over FastAccess. Thta is correct. Because getting your email from other ISP's you should be using POP3, port 110, or IMAP, port 143. Or their secure counterparts.
--
FWD#: 223611 |
|
mikes60
My Paradise
Premium
join:2001-07-31
Boynton Beach, FL
·AT&T Southeast
·Vonage
| said by ropeguru :said by mikes60 :Am I correct in assuming that those of us who do not run servers, but use FastAccess to download email from other ISPs will not have a problem? I know that we can't send email from other ISPs over FastAccess. Thta is correct. Because getting your email from other ISP's you should be using POP3, port 110, or IMAP, port 143. Or their secure counterparts. Yes, I use POP3, port 110.
Thanks for the confirmation.
--
Today is the tomorrow you worried about yesterday--so why bother? |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to davidljung
said by davidljung :According to Cynthia at the Advanced Solutions Group in OH (Level 3 support), Bellsouth has a new policy of blocking SMTP (port 25) traffic in *both* directions (not just outgoing). That makes Bellsouth the only ISP to block any incoming traffic to my knowledge. Add Cox to your list:
»[VA] inbound 25 problems?
If the AUP/TOS prohibits running a mail server, the ISP is within their rights to take steps to enforce the prohibition.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
zachsnc
Webhosting Nerd
Premium
join:2005-12-15
Lexington, SC
clubs:
| reply to davidljung
Port 25/26 filtering is meant to keep mass-spammers at bay, by default, customers are listed as "Default Blocked" meaning they can't use any other mailserver other than mail.bellsouth.net/mail.lig.bellsouth.net. The only way 'i know of' to unblock yourself is to become a BusinessDSL customer. Unless you insist on sending your entire family that 25MB video of your daughter's graduation. |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| said by zachsnc :Port 25/26 filtering is meant to keep mass-spammers at bay, by default, customers are listed as "Default Blocked" meaning they can't use any other mailserver other than mail.bellsouth.net/mail.lig.bellsouth.net. The only way 'i know of' to unblock yourself is to become a BusinessDSL customer. Unless you insist on sending your entire family that 25MB video of your daughter's graduation. Been through this on the Cox forum. Blocking port 25 outbound is quite effective at blocking mass mailing viruses and proxy spam from customer computers on the network of the blocking ISP. Blocking port 25 inbound is much less effective. Most viruses do not set up open SMTP relays; nor do spammers. It has been almost a year since I have seen any open SMTP relay spam. Keep in mind, an open SMTP relay is not the same thing as an open proxy. Ultimately, blocking inbound port 25, which I have only heard is being done by Bellsouth and Cox, is mostly effective at preventing people from running SMTP servers on their residential connections. Again, if the ISP AUP/TOS prohibits running a mail server, blocking inbound port 25 will be very effective in enforcing that prohibition.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
knightmb
Everybody Lies
join:2003-12-01
Franklin, TN
·AT&T DSL Service
| said by NormanS :said by zachsnc :Port 25/26 filtering is meant to keep mass-spammers at bay, by default, customers are listed as "Default Blocked" meaning they can't use any other mailserver other than mail.bellsouth.net/mail.lig.bellsouth.net. The only way 'i know of' to unblock yourself is to become a BusinessDSL customer. Unless you insist on sending your entire family that 25MB video of your daughter's graduation. Been through this on the Cox forum. Blocking port 25 outbound is quite effective at blocking mass mailing viruses and proxy spam from customer computers on the network of the blocking ISP. Blocking port 25 inbound is much less effective. Most viruses do not set up open SMTP relays; nor do spammers. It has been almost a year since I have seen any open SMTP relay spam. Keep in mind, an open SMTP relay is not the same thing as an open proxy. Ultimately, blocking inbound port 25, which I have only heard is being done by Bellsouth and Cox, is mostly effective at preventing people from running SMTP servers on their residential connections. Again, if the ISP AUP/TOS prohibits running a mail server, blocking inbound port 25 will be very effective in enforcing that prohibition. It's good in blocking, but not in quality of service. It's the whole reason I don't use Bellsouth e-mail servers. I've run my own for years and I'm not going into the details here on how to get around the port 25 blocking since everyone insist that bellsouth is going to shut down my connection at any time (LOL). Read the numerous threads on slow e-mail, if Bellsouth wants to be the good neighbor, they need to really beef up their e-mail servers for all the extra traffic and spam they send out now. I say spam because a ton of it still comes from bellsouth and that's why it gets on a lot of blacklists.
My opinion, bad implementation of a good idea. |
|
logic1977
Premium
join:2001-02-11
Tucker, GA
| said by knightmb :
said by NormanS :said by zachsnc :Port 25/26 filtering is meant to keep mass-spammers at bay, by default, customers are listed as "Default Blocked" meaning they can't use any other mailserver other than mail.bellsouth.net/mail.lig.bellsouth.net. The only way 'i know of' to unblock yourself is to become a BusinessDSL customer. Unless you insist on sending your entire family that 25MB video of your daughter's graduation. Been through this on the Cox forum. Blocking port 25 outbound is quite effective at blocking mass mailing viruses and proxy spam from customer computers on the network of the blocking ISP. Blocking port 25 inbound is much less effective. Most viruses do not set up open SMTP relays; nor do spammers. It has been almost a year since I have seen any open SMTP relay spam. Keep in mind, an open SMTP relay is not the same thing as an open proxy. Ultimately, blocking inbound port 25, which I have only heard is being done by Bellsouth and Cox, is mostly effective at preventing people from running SMTP servers on their residential connections. Again, if the ISP AUP/TOS prohibits running a mail server, blocking inbound port 25 will be very effective in enforcing that prohibition. It's good in blocking, but not in quality of service. It's the whole reason I don't use Bellsouth e-mail servers. I've run my own for years and I'm not going into the details here on how to get around the port 25 blocking since everyone insist that bellsouth is going to shut down my connection at any time (LOL). Read the numerous threads on slow e-mail, if Bellsouth wants to be the good neighbor, they need to really beef up their e-mail servers for all the extra traffic and spam they send out now. I say spam because a ton of it still comes from bellsouth and that's why it gets on a lot of blacklists.
My opinion, bad implementation of a good idea.
Good points mentioned here. I do not know the specific plans around the email servers, but I do know that the customer disatisfaction is well known and a hot topic for management. Thats not to say things will be better overnight, but making things better than what they are is definately being worked towards |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to knightmb
said by knightmb :...if Bellsouth wants to be the good neighbor, they need to really beef up their e-mail servers for all the extra traffic and spam they send out now. I say spam because a ton of it still comes from bellsouth and that's why it gets on a lot of blacklists. My opinion, bad implementation of a good idea. Odd. I can't recall ever getting spam sent through BS mail servers. Occasional spam from a BS customer with a compromised computer, but not from BS SMTP relay clients.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
knightmb
Everybody Lies
join:2003-12-01
Franklin, TN
·AT&T DSL Service
| said by NormanS :said by knightmb :...if Bellsouth wants to be the good neighbor, they need to really beef up their e-mail servers for all the extra traffic and spam they send out now. I say spam because a ton of it still comes from bellsouth and that's why it gets on a lot of blacklists. My opinion, bad implementation of a good idea. Odd. I can't recall ever getting spam sent through BS mail servers. Occasional spam from a BS customer with a compromised computer, but not from BS SMTP relay clients. I haven't tried sending out "buy porn" or "buy viagra" kind of e-mail either, but I know a lot of those e-mail virus have no problem spamming everyone. When I look up the IP, it all comes from Bellsouth, probably from a hijacked outlook e-mail account (usually has outlook as the client in the headers).
It may stop computers from spamming directly from port 25, but it won't stop them from spamming out of bellsouth through their e-mail servers. I would suspect that's part of the reason the e-mail is slow is because all that bot and spam traffic is going directly through their e-mail servers where as before it passed through out the network through port 25 like they were hosting e-mail for example. |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| said by knightmb :I haven't tried sending out "buy porn" or "buy viagra" kind of e-mail either, but I know a lot of those e-mail virus have no problem spamming everyone. When I look up the IP, it all comes from Bellsouth, probably from a hijacked outlook e-mail account (usually has outlook as the client in the headers). It may stop computers from spamming directly from port 25, but it won't stop them from spamming out of bellsouth through their e-mail servers. I would suspect that's part of the reason the e-mail is slow is because all that bot and spam traffic is going directly through their e-mail servers where as before it passed through out the network through port 25 like they were hosting e-mail for example. More likely "Outlook Express" than "Outlook"; MS Outlook Express is to MS Outlook as butterflies are to butter.
I would suspect that viral email is being "bounced" from BS servers, not routed through them. Viruses use their own, native SMTP relay clients. Any virus going to a non-existent BS email address may well get returned by a BS MX server, if the server isn't properly configured.
OTOH, if BS isn't requiring SMTP authentication for access to their servers, there could be abuse of there servers...but I am not seeing it.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
dpfreak
join:2001-12-27
Montgomery, AL
·AT&T Southeast
| reply to knightmb
There are methods around this, I have had the problems with my owne servers. Since BS blocks outbound port 25, I was unable to send SMTP mail trough my web server in New Jersey. Fixed the problem by changing the port to 2525.
My big complaint is all the spam I get on my BS accounts. They come in Addressed to Other Users and not my accounts.... It has really gotten bad in the past few weeks over 30 a day, and that is with Mailguard on. The big problem is that none of the emails are addressed to my accounts....I keep forwarding them to This_is_spam@bellsouth.net, but they keep coming. |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| said by dpfreak :My big complaint is all the spam I get on my BS accounts. They come in Addressed to Other Users and not my accounts.... You run your own servers, yet you don't understand that email to your account was sent you your email address? The "From:" field in an email message doesn't count; it it the SMTP RCPT TO email address which determines where the email will go.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
Mizzat
Will post for thumbs
Premium
join:2003-05-03
Atlanta, GA
·AT&T Southeast
| said by NormanS :said by dpfreak :My big complaint is all the spam I get on my BS accounts. They come in Addressed to Other Users and not my accounts.... You run your own servers, yet you don't understand that email to your account was sent you your email address? The "From:" field in an email message doesn't count; it it the SMTP RCPT TO email address which determines where the email will go. You forgot to mention that spam tyically doen't list but one "to" e-mail address. You're email was sent in the bcc field, so you, nor anyone else can see your email address. |
|
