OT: How much traffic does your ISP filter by TCP port no.?

The ISP I was using (temporary wireless connection while living in an apartment doing contract work) had no SMTP servers, so I used my own. They didn't block port 25 access but few ISPs would listen to my email, so gave it up and lived without reliable outgoing email for three months.

I bet there are all sorts of ports that are blocked. "Unlimited" doesn't mean "unrestricted". They likely don't want you having an Internet facing web server either.

They don't know what you're doing. I'm sure you'd scream if they were filtering your email too.

If you don't like the ISP, get another or live with it and bitch like everyone else.

No need to know. I have no need for my own mail server. Got the T- shirt and it didn't fit.

--
  Keith

Since several years ago, blocking port#25 outbound to prevent spam became very common practice among the ISPs in US. For that reason, the SMTP servers usually provide the altenative port (#2525, 0x2525 or something like that).

I didn't like it either. I tried to talk to the ISP tech. support. No luck. All you can do is get used to it.

Vladimir Vassilevsky DSP and Mixed Signal Consultant

when oppression comes in small doses, called discipline, then it becomes easier to spread widely as 'governance'

My ISP (Zen, UK) blocks TCP/UDP ports 135-139 inbound and outbound. They don't block anything else, inbound or outbound, including SMTP.

They specifically suggest running your own outbound mail server if you have "uncommon" email requirements, e.g. running a mailing list, as their outbound SMTP server has some anti-spam filtering (their inbound servers have none; if you want that, do it yourself or use third-party email hosting).

Their position is essentially that sending mail that "looks like" spam risks blacklisting. If you want to take that risk with your own IP address, fine, but they don't want to have to keep asking to have their own SMTP servers removed from blacklists. Actually sending spam would be a ToS violation, but that would be handled manually rather than through automated filtering.

Sounds sensible to me. Especially since it is so easy to count the outgoing SYN segments fromeach host to port 25/week and thus (threshold) detect where spam may be coming from. I wish those here had the brains to do it this way...

Dimiter

------------------------------------------------------ Dimiter Popoff Transgalactic Instruments

------------------------------------------------------

That's very well put indeed, thanks for posting it.

Dimiter

"Vladimir Vassilevsky" skrev i en meddelelse news:kKq3j.66144$ snipped-for-privacy@newssvr11.news.prodigy.net...

..Or just get a better provider/contract. I have a "pro" service with TDC. Among the features are: instant, filterless tech support and I can do whatever I damn like with any port (within the law).

The "con"-sumer service blocks pretty much everything.

Well, the chances that your webhost and your ISP are the same company is generally speaking quite small. Generally you would want your email to have the same domain as your site, right?

However, even if your ISP allows port 25 you still have a problem. Many mail servers worldwide do not allow relaying, meaning people may not get your e-mails. I find this very frustrating.

Any solutions besides the obvious; use your ISP's dinky/stinky email ?

M

On a sunny day (Wed, 28 Nov 2007 19:07:33 -0800 (PST)) it happened Didi wrote in :

Well it is the same here in the Netherlands. I do not have an ISP, but a direct line to the telco, but even then they intercept port 25, use there own server, and resend to me on port 25. I send mail via their mail relay. I must say, that it saves me checking log files etc... Already plenty of work keeping the http and other servers clean. The disadvantage is, that sometimes their server is down, or offline for maintenance. The advantage is, that if my server is down, the incoming email does not bounce, but I get it as soon as my system is up again. That last advantage may be important.

Although my server is up 24/7, and has a backup, still it may offline for several reasons, like a 5 hour long power failure last month because some workers digging cut a power cable. Maybe I should buy a Honda generator....

Here in the UK people have successfully ended their contracts with ISPs for doing precisely that.

It's also the current trend to block newsgroup/usenet access too. Again, a reason to terminate a contract for fragmented service.

This is the result of letting the sundry and all onto The Internet. They

*think* that the Internet is nothing more than port 80 web browsing. My partner has no concept of what a Megabyte is when I'm trying to keep our usage down. He sits on a Playstation-3 all evening downloading GBytes of whatnot without a care in the world. We've been disconnected twice!! And I have to foot the bill.

Here I am on Usenet snipping out previous posts to keep the bandwidth down. And then you get the Google Groups crowd turning up and complaining that someone's just told them to f*ck off! :-)

It's hilarious really. The Internet is so much more than most people (and ISPs) think it is. I still have several dialups to an ISP when I worked for them 10-years ago as a sysadmin. They sacked us all, replacing us with a cushy webadmin interface for their Customer Service staff. I just logged in as root and deleted the customer records before I left! 10-years later..

You have to look at this from your ISP's point of view. Spammers install trojans on unprotected systems and these send out huge volumes of junk using port 25. Since most people haven't got a clue about how this stuff works or how to block it, the ISPs take responsibility to protect their systems.

If you can convince them that you know what you are doing and can configure and protect your system correctly and, they enable outbound port 25 traffic, great. Having an ISP enable such traffic for selected domains/IP addresses is extra work which you shouldn't expect them to do for everybody. Or your rates would have to go up.

--
Paul Hovnanian	paul@hovnanian.com
-----------------------------------------------------------------------
Procrastinators: The leaders for tomorrow.

Some ISPs do this to prevent zombie spam mail servers from doing evil on their network. Find out if your domain mail server can accept authenticated SMTP sessions via another port (I believe it's port

587). Be sure your mail client can handle authenticated SMTP sessions.

--
Mark

I subscribe to an SMTP relay from GoDaddy.com

They use another port number ;-)

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
|  Analog/Mixed-Signal ASIC\'s and Discrete Systems  |    manus    |
|  Phoenix, Arizona            Voice:(480)460-2350  |             |
|  E-mail Address at Website     Fax:(480)460-2142  |  Brass Rat  |
|       http://www.analog-innovations.com           |    1962     |
             
         America: Land of the Free, Because of the Brave

"Relaying" doesn't come into it.

The only differences between running your own SMTP server and using your ISPs server are:

1. Your ISP may force you to use their server by blocking TCP port 25 outbound.
2. Your own IP address may be blocked by spam filters, either because it is on a specific blacklist, doesn't have reverse DNS, or has a reverse DNS entry which "looks like" a dial-up/single-user line (e.g.

12-34-56-78.dsl.yourisp.net)

In case 1, there's nothing you can do. In case 2, you can use a third-party SMTP server.

HapticZ snipped-for-privacy@sbcglobal.net posted to sci.electronics.design:

Yes, but how well do you understand it? From the several points of view necessary.

Aly ajkfhlksjhlkj5hlkjhlkjhslfkjsfd@34kjh324lk3j4hmn.3434'' posted to sci.electronics.design:

That may be UK specific.

Frequent, indeed many "ISP"s never did/will offer usenet news. Many others refuse all binary groups.

Even google executives have that problem, it is rather common.

Kick the SO to the curb for at least a week for that. Willful ignorance is a horror.

Your politeness may be appreciated occaisionally.

"We" did not "let" google do any such thing, the big webhead corporation did it for their own ends. You need to study usenet history a bit better.

Alas the side effects of supporting ignorance to save a penny.

Paul Hovnanian P.E. snipped-for-privacy@seanet.com posted to sci.electronics.design:

Nice statement of the typical business case in the US. I would actually pay more for proper port 25 (SMTP) and fuller usenet access.

I have been considering piggybacking any of several fuller usenet providers for a long time.

Jim Thompson snipped-for-privacy@My-Web-Site.com posted to sci.electronics.design:

OK. But the business use case is different form the personal use case.

[snip]

Cox won't allow any access from outside the Cox system, except that crap "Webmail". By using GoDaddy I can send and receive E-mail from anywhere, including my cell phone. I have it looped so all E-mail actually routes thru my home system, so I have no synchronization issues.

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
|  Analog/Mixed-Signal ASIC\'s and Discrete Systems  |    manus    |
|  Phoenix, Arizona            Voice:(480)460-2350  |             |
|  E-mail Address at Website     Fax:(480)460-2142  |  Brass Rat  |
|       http://www.analog-innovations.com           |    1962     |
             
         America: Land of the Free, Because of the Brave