[GRLUG] new Comcast mail blocking?

John-Thomas Richards jtr at jrichards.org
Fri Dec 12 12:45:24 EST 2008


On Fri, Dec 12, 2008 at 12:29:33PM -0500, Collin Kidder wrote:
> John-Thomas Richards wrote:
> > Am I correct in assuming that Comcast is blocking me from connecting to
> > a specific port elsewhere?
> >   
> 
> Yes, why wouldn't that be the way they'd block things? Their whole point 
> is to prevent botnets from being able to send spam. You send from a 

I wasn't thinking about the spam angle; I was thinking only of Comcast
preventing me from running a server at home.  Good point.

> random port but you need to connect to port 25 to send mail to an 
> external network. And so they block you from sending to port 25 so that 
> nobody can easily spam from your IP or any other IP on their network. If 
> you control both ends of the link then you can feel free to change the 
> port # to something (like you did to send the above message.)
> 
> Personally, I still don't agree with wholesale port blocking for 
> everybody but I'm not an administrator at Comcast so I get no say at all.

I don't have control at the Dreamhost end; they have port 587 available
for this very reason.  Interestingly, RFC2476 seems to indicate that
port 25 should be used only when port 587 is "not possible or
convenient" yet Comcast is not blocking it.

If Comcast simply wants to block botnets, why was this port blocked
*last week*?  Botnets aren't new…
-- 
john-thomas
------
Nothing is more humbling than to look with a strong magnifying glass at an
insect so tiny that the naked eye sees only the barest speck and to
discover that nevertheless it is sculpted and articulated and striped with
the same care and imagination as a zebra. Apparently it does not occur to
nature whether or not a creature is within our range of vision, and the
suspicion arises that even the zebra was not designed for our benefit.
Rudolf Arnheim, psychologist and author (1904-2007)


More information about the grlug mailing list