ALERT - ISP's Blocking Port 25

[Guest]

I just set-up a Windows 2003 Server and Exchange 2003 Mail Server.
Everything is fine but now I need to set-up remote sales people on dial-up to
send and receive mail.

My problem is I think some ISP's are blocking Port 25. Is this old news?
Am I doing something wrong? One person can Telnet Port 25 and then somebody
else through a different ISP can't.

Pls help.

Thanks
Mark

 

[Jeff Stephenson [MSFT]]

My problem is I think some ISP's are blocking Port 25. Is this old news?

Old news, sadly. My guess is that the majority of ISPs now do this (don't
know, though). They're doing it in an (IMO brain-dead) attempt to limit
spam. What they're really doing is drastically reducing the utility of the
Internet. You can try complaining to the ISPs in question, but it probably
won't do any good...

 

[Guest]

Thanks Jeff

Old news, sadly. My guess is that the majority of ISPs now do this (don't
know, though). They're doing it in an (IMO brain-dead) attempt to limit
spam. What they're really doing is drastically reducing the utility of the
Internet. You can try complaining to the ISPs in question, but it probably
won't do any good...

 

[Vagabond Software]

I just set-up a Windows 2003 Server and Exchange 2003 Mail Server.
Everything is fine but now I need to set-up remote sales people on dial-up to
send and receive mail.

My problem is I think some ISP's are blocking Port 25. Is this old news?
Am I doing something wrong? One person can Telnet Port 25 and then somebody
else through a different ISP can't.

Pls help.

Thanks
Mark

I also believe this is old news. I also believe this is a stupid move by the ISPs. However, you may want to have a look here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q173903

Good Luck,

carl

 

[Jeff Stephenson [MSFT]]

I also believe this is old news. I also believe this is a stupid move by the ISPs. However, you may want to have a look here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q173903

Good Luck,

carl

Good point - I forgot the fact that he's got his own server and can thus
pick the port that he uses.

 

[Leythos]

I just set-up a Windows 2003 Server and Exchange 2003 Mail Server.
Everything is fine but now I need to set-up remote sales people on dial-up to
send and receive mail.

My problem is I think some ISP's are blocking Port 25. Is this old news?
Am I doing something wrong? One person can Telnet Port 25 and then somebody
else through a different ISP can't.

Many ISP's block inbound port 80, 25, 21, 135, 139 as they are not
needed for "residential" customers to utilize the internet. I know that
Adelphia in California does this (not all those ports), and may do it in
other areas. I've also seen many other ISP's do this.

You should check your Terms of Serice TOS or your Acceptable Use Policy
AUP to see if your service level is permitted to run servers.

One more thing, if you are on a dynamic block from the ISP, it won't do
you much good to have a mail server anyway, most block lists encompass
the dynamic ranges of most ISP.

 

[Leythos]

Old news, sadly. My guess is that the majority of ISPs now do this (don't
know, though). They're doing it in an (IMO brain-dead) attempt to limit
spam. What they're really doing is drastically reducing the utility of the
Internet. You can try complaining to the ISPs in question, but it probably
won't do any good...

Actually, they do it based on a business model where bandwidth is a
price item. They didn't intend for residential customers to provide
services to the internet, only consume them, so running servers is a
violation of most residential service agreements. At the same time, most
ISP's have a business type service that anyone can purchase that
provides an unrestricted in/out path and does allow users to run servers
- these types of accounts are not often on block lists either.

 

[Ken Slovak]

Most ISP's do that because you don't need port 25 to receive/send POP3/SMTP
emails, you only need that port if you are running your own mail server. In
addition, unless you are using one of the dynamic DNS providers you usually
need a static IP exposed to the Internet DNS so other servers can find your
server.

Residential ISP accounts do that, business ones don't. I use Road Runner
with a business account and have port 25 enabled for my Exchange server. The
business account also provides me with a static IP and I can open any other
ports I want (like 80 for OWA).

 

[Jeff Stephenson [MSFT]]

Actually, they do it based on a business model where bandwidth is a
price item. They didn't intend for residential customers to provide
services to the internet, only consume them, so running servers is a
violation of most residential service agreements. At the same time, most
ISP's have a business type service that anyone can purchase that
provides an unrestricted in/out path and does allow users to run servers
- these types of accounts are not often on block lists either.

If they don't want users using too much bandwidth, that's what they should
control, then.

The problem with blocking port 25 is that it screws roaming users. Such
users have got their mail set up to work just fine with their ISP's
servers, but if they travel and connect through another network (of the
company for whom they're consulting, a hotel's wireless network, or a
friend's broadband through a different ISP) their setup no longer works.
They then have to figure out how to reconfigure their mail accounts to work
in that environment, then reconfigure it back when they get home.

 

[Jeff Stephenson [MSFT]]

Many ISP's block inbound port 80, 25, 21, 135, 139 as they are not
needed for "residential" customers to utilize the internet. I know that
Adelphia in California does this (not all those ports), and may do it in
other areas. I've also seen many other ISP's do this.

If they only block specific ports, then a user can just set up a server on
one that they don't block. I remember a post from sometime back from
someone that was using 2525 to get around such a block...

 

[Leythos]

The problem with blocking port 25 is that it screws roaming users. Such
users have got their mail set up to work just fine with their ISP's
servers, but if they travel and connect through another network (of the
company for whom they're consulting, a hotel's wireless network, or a
friend's broadband through a different ISP) their setup no longer works.
They then have to figure out how to reconfigure their mail accounts to work
in that environment, then reconfigure it back when they get home.

Most of the ISP's have a web mail interface for remote users, and most
companies have some form of remote web mail also. I have configured many
remote connections using a VPN solution to the company network for email
and file access.

Most hotels don't offer SMTP services, and most ISP's don't want people
outside their networks accessing their SMTP servers to SEND. With some
business accounts you can purchase a plan that permits the sender to
"authenticate" with the ISP's mail server no matter where they roam to.

If you need remote email, consider getting a mail provider that gives
you the access you need. Don't blame the residential ISP providers, they
are doing what they need to do in order to stay off block lists and to
fight relaying.

 

[Leythos]

If they only block specific ports, then a user can just set up a server on
one that they don't block. I remember a post from sometime back from
someone that was using 2525 to get around such a block...

Sure, they can change the port it sends on, but other SMTP servers are
not going to know to send to that port - they are going to send to
IP:SMTP, not IP:XXXXX port. So, while the user can send they won't recv
mail.

I asked about this with Adelphia, they look at the router logs and
monitor inbound traffic -if the user is running a server on a non-
standard port, it make take a while, but they said they will just shut-
down the DSL modem without warning.

Either find a ISP that doesn't block or purchase a business package.