- Optimum Online blocking outgoing requests to port 25/SMTP
- Posted by Michael Scovetta on August 20th, 2004
I don't know if OO made this public, but they are blocking outgoing
port 25 (SMTP). This means that if you use another mail server (your
own domain, etc), you need to change the port number ON THE SERVER.
Otherwise, it'll appear that the mail server just doesn't respond.
Hope that helps some people!
Mike Scovetta
- Posted by NormanM on August 22nd, 2004
In article <8cbbc1c4.0408200938.2c9fba05@posting.google.com>, Michael
Scovetta says...
I take it that you mean Optimum Online is blocking 'inbound' port 25? To a
server that you run on your home computer? Did it occur to you that, maybe,
they are trying to tell you something? Read their AUP/TOS; pay special
attention to their requirements for running servers. BTW, changing the
incoming port to something other than port 25 will only work if the remote
server also uses that port.
Most often, though, ISPs are blocking port 25 outbound. In this case, you
can't just change your client to use any port other than 25. You need to
know which alternate port, if any, your mail service has set up for email
submissions, and set your local client to use that port.
--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
- Posted by EL on August 25th, 2004
Yes Cablevision is..
My friend had is cable modem installed by a CV tech. The tech spent 3
hours trying to get email to work. The tech had no idea what the
problem was.
It turns out that cablevision did not tell there techs about it
either.
When I talked to the tech he said their help desk did not know either.
NormanM <spammail@blackhole.invalid> wrote in message news:<MPG.1b917c025b70fbda98971c@news.sf.sbcglobal .net>...
- Posted by Michael Scovetta on August 26th, 2004
Actually no, I actually *did* mean OUTBOUND port 25. I expected
inbound ports to be blocked (currently, they block 80, 8080, 135-137,
and a few others). But the strange part is that they do not let me,
from my home computer, connect to another mail server (lets say, in
Ohio), on port 25.
Mike
NormanM <spammail@blackhole.invalid> wrote in message news:<MPG.1b917c025b70fbda98971c@news.sf.sbcglobal .net>...
- Posted by Jamie on August 26th, 2004
nospam_googlegroups@scovetta.com (Michael Scovetta) wrote in message news:<8cbbc1c4.0408251916.51940942@posting.google. com>...
I have debugged the problem, and Cablevision has in fact begun
blocking SNMP SYN packets that originate from an end user. This
implies that you can't set up a mail server at home, but also that you
can't use the mail server at your business to send mail.
To me, this implies that 1000s of people will no longer be able to
work at home, at least if they have to retrieve and answer their email
at home with their business identity. Sounds like a strong case for
"business DSL", as ugly as that sounds.
Note that this only seems to be the case on residential OO, as
business OO doesnt have the problem. So it seems that cablevision has
purposely blocked SNMP. Considering the bunch of buffoons they have
working there, its not impossible that they simply don't understand
that they are blocking more than just spammers, but also most of their
customer base except for little old ladies who are happy with an
optonline email address. Hopefully they won't learn the hard way as
they did when 100,000 customers switched to direct TV to watch the
Yankees. Its the best move I ever made, and this may be the last straw
to getting that ugly black cable off of my house for good.
- Posted by James Knott on August 26th, 2004
Jamie wrote:
There may be ways around it, such as ssh or vpn or even just using a
different port number.
--
(This space intentionally left blank)
- Posted by $Bill on August 26th, 2004
Jamie wrote:
What does reading mail from a POP3 account or forwarding mail to
your ISP from your business account have to do with sending email
through your business account ?
1) you should still be able to retrieve email from your work account
and 2) you can send email from your ISP account (although you may
prefer not to have your personal account known to your business
contacts).
You could also set up a relay on your business account to forward your
email after replacing the from with the business from addr using
a special forwarding email address.
- Posted by Michael Scovetta on August 27th, 2004
tm4525@aol.com (Jamie) wrote in message news:<7934bace.0408260602.58d62a47@posting.google. com>...
Or it makes the case of using a third party proxy server. Note that if
you change the port of the mail server from 25 to anything else (other
than 80, 8080, etc), it works fine. At least for me, they don't
examine the packets, just the port number.
- Posted by Jamie on August 27th, 2004
tm4525@aol.com (Jamie) wrote in message news:<7934bace.0408260602.58d62a47@posting.google. com>...
Of course I meant SMTP here....
- Posted by Jamie on August 27th, 2004
I don't think the issue is how to get over the fence, its why is there
a fence in the first place...its inappropriate
nospam_googlegroups@scovetta.com (Michael Scovetta) wrote in message news:<8cbbc1c4.0408261545.4f217d03@posting.google. com>...
- Posted by lawrence.jones@ugs.com on August 28th, 2004
Jamie <tm4525@aol.com> wrote:
Many ISPs are doing the same thing -- they don't want e-mail comming
from their network without going through their e-mail servers where they
can easily monitor it to shut down spammers and other low-lifes.
-Larry Jones
From now on, I'm devoting myself to the cultivation of
interpersonal relationships. -- Calvin
- Posted by James Knott on August 28th, 2004
lawrence.jones@ugs.com wrote:
However, it's easy enough to bypass. For example, with my VPN, I can
connect to my ISPs mail from anywhere I can connect to the internet,
provided I'm not behind a firewall that blocks my VPN. If necessary, I can
use any TCP or UDP port for my VPN, to get through.
--
(This space intentionally left blank)
- Posted by lawrence.jones@ugs.com on August 29th, 2004
James Knott <james.knott@rogers.com> wrote:
Yep. It's just a bit of a nuisance for people with a legitimate need
(or want) to use a different mail server, but it's a serious hindrance
to a spammer who wants to use a bunch of unprotected computers on the
ISP's network as anonymous mail relays.
-Larry Jones
There's never enough time to do all the nothing you want. -- Calvin
- Posted by Jamie on September 6th, 2004
lawrence.jones@ugs.com wrote in message news:<pkj702-6re.ln1@jones.homeip.net>...
A company shouldnt need a VPN for every one of its employees for them
to answer their mail at home.
The justification for this is just as stupid as having a curfew at
darkness to cut down on crime. It might work but its assinine and
shows the technical incompetence of Optonline. Of course seeing what
cablevision has done with the knicks, rangers and the Wiz, its no
surprise that they can't do anything right.
Its easy enough to block the SMTP port when you see unreasonable
patterns (like more than 2 sends per minute, or 10 in 10 minutes,
etc). There are cheap, simple tools that can do this. There's no
reason to be a birdbrain just because you're an ISP. Unfortunately
that seems to be the trend.
- Posted by James Knott on September 6th, 2004
Jamie wrote:
There's also the matter of the security of internal company documents to
worry about. If you access the company mail server directly over the
internet, the corporate mail is open for interception. A vpn, ssl or ssh
should always be used for remote access. Mail via ssl uses different ports
from standard smtp or pop and might not be blocked by the ISP.
--
(This space intentionally left blank)
- Posted by VAXman- @SendSpamHere.ORG on September 6th, 2004
In article <7934bace.0409060949.5f8449e5@posting.google.com>, tm4525@aol.com (Jamie) writes:
I applaud it. If they're going to permit PeeCees and Weendoze with
all it's flaws and security holes to blindly connect then, turn off
access to the ports which these toys can be coerced into abusing.
Now, if only all of the other DSL/Cable services which permit these
wintendo boxes to connect would do the same.
--
http://www.ProvN.com for the *best* OpenVMS system security
solutions that others only claim to be.
--
Cyber-Terrorism (si'-ber tayr'-or-iz-em) n.:
The release of, the sale of, or the use of any Micro$oft software product!
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM
- Posted by Thomas Zielinski on September 7th, 2004
nospam_googlegroups@scovetta.com (Michael Scovetta) wrote in message news:<8cbbc1c4.0408200938.2c9fba05@posting.google. com>...
Try www.smtpport.com. It will let you connect to your own SMTP server
by redirecting the request through a higher port. The detailed
explanation is on the website.
-Tom
- Posted by Shermane Austin on September 10th, 2004
I discovered this rather abruptly. One day it worked. Next day it
didn't. I use optonline for Internet access but use my Verizon email
account always (I also have Verizon DSL). I use Eudora and changed the
outgoing mail server to the optonline server so I can still send email
from xxx.verizon.net It's a hassle though because I'll have to switch
back to the Verizon outgoing mail server when I'm anywhere else.
(Eudora has personalities - different settings - so it's not too bad.)
It seems to work for now...
nospam_googlegroups@scovetta.com (Michael Scovetta) wrote in message news:<8cbbc1c4.0408200938.2c9fba05@posting.google. com>...
- Posted by Jamie on September 15th, 2004
VAXman- @SendSpamHere.ORG wrote in message news:<00A377BC.9B43B734@SendSpamHere.ORG>...
"permit" these windows boxes to connect. These "windows" boxes are
what created the cheap market which allow you to cheaply and freely
express your ridiculous ideas, Vaxman. Get a clue.
Freedom has annoyances. Like I said, there are easy ways to stop
criminals without having to block ports. ISPs are not regulated, and
most of them (particularly in non-metropolitan areas) are renegade
techies who are the last people that I would want handling my mail.
ISPs resell bandwidth, they should have no power to dictate what you
do with that bandwidth. If they arent smart enough to have the
mechanisms in place to make sure you don't use more bandwidth than
you're paying for (regardless of what services you may be using), then
they should try selling shoes or something else. The last thing we
need is for "some guy who knows how to put up an antenae" to decide
what mail I get or don't get. If you choose to buy mail services from
them then they can have their own policies. But if you just buy
bandwidth, and they have a monopoly in providing the service, their
"rights" should take second place to to that of the consumer.
- Posted by VAXman- @SendSpamHere.ORG on September 16th, 2004
In article <7934bace.0409150809.7cc78249@posting.google.com>, tm4525@aol.com (Jamie) writes:
That's right, Weendoze saved the world. We should erect statues to
the Emperor Bill and his criminal cult miniscule-n-flaccid(tm). Why
don't YOU get a clue? What a fuckwit.
It's not about bandwidth you clueless fuckwit. Even one preventable
SPAM or virus laden email is too much to let go by. If you use your
provider's backbone, you use your provider's servers for HTTP proxy,
email, etc. Case closed. If you don't like it, get yourself a T1
service like I have.
--
http://www.ProvN.com for the *best* OpenVMS system security
solutions that others only claim to be.
--
Cyber-Terrorism (si'-ber tayr'-or-iz-em) n.:
The release of, the sale of, or the use of any Micro$oft software product!
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM
