[GRLUG] new Comcast mail blocking?

Greg Folkert greg at gregfolkert.net
Fri Dec 12 14:22:19 EST 2008


On Fri, 2008-12-12 at 12:45 -0500, John-Thomas Richards wrote:
> On Fri, Dec 12, 2008 at 12:29:33PM -0500, Collin Kidder wrote:
> > John-Thomas Richards wrote:
> > > Am I correct in assuming that Comcast is blocking me from connecting to
> > > a specific port elsewhere?
> > >   
> > 
> > Yes, why wouldn't that be the way they'd block things? Their whole point 
> > is to prevent botnets from being able to send spam. You send from a 
> 
> I wasn't thinking about the spam angle; I was thinking only of Comcast
> preventing me from running a server at home.  Good point.
> 
> > random port but you need to connect to port 25 to send mail to an 
> > external network. And so they block you from sending to port 25 so that 
> > nobody can easily spam from your IP or any other IP on their network. If 
> > you control both ends of the link then you can feel free to change the 
> > port # to something (like you did to send the above message.)
> > 
> > Personally, I still don't agree with wholesale port blocking for 
> > everybody but I'm not an administrator at Comcast so I get no say at all.
> 
> I don't have control at the Dreamhost end; they have port 587 available
> for this very reason.  Interestingly, RFC2476 seems to indicate that
> port 25 should be used only when port 587 is "not possible or
> convenient" yet Comcast is not blocking it.

From the looks of it 587 definition has been superseded from RFC2476
(December 1998) to RFC 4409 (April 2006). It defines 587 as a message
submission agent port.

So, they want to make *ANYTHING* not a REAL MTA use this port for
message submission and not for general use by any MTA. In other words,
Thunderbird/Evolution/Lookout/kmail/balsa/mutt/ effectively any MUA
shoudl use 587 for messages it wants delivered.

Personally I am all for it. But if it becomes a standard thing, spammers
will use it as well and it'll be blocked or what have you anyway.

Blah, blah, blah... yeah spam sure is getting old.
-- 
greg at gregfolkert.net
PGP key 1024D/B524687C 2003-08-05
Fingerprint: E1D3 E3D7 5850 957E FED0  2B3A ED66 6971 B524 687C
Alternate Fingerprint: 09F9 1102 9D74  E35B D841 56C5 6356 88C0
Alternate Fingerprint: 455F E104 22CA  29C4 933F 9505 2B79 2AB2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://shinobu.grlug.org/pipermail/grlug/attachments/20081212/bffb10a0/attachment.pgp 


More information about the grlug mailing list