52 Comments - Add A Comment
Comcast stared blocking outgoing port 25 traffic. You can only send out mail on port 25 if you are sending to comcast's own mail servers. This is a pain in the ass for many customers because it makes it very difficult to use non-comcast email. So at home, I have a server that accepts incoming email for johnmasone.com. It doesn't send email directly, it relay's all mail through comcast's SMTP server. So I'm very much inline with their rules, though technically they don't differentiate between incoming and outgoing mail servers... an incoming only mail server doesn't send anything, so if these blocks are really about preventing spam like they say, they I am very much inline with the spirit of the rule.
So starting Friday March 28th, my port 25 became blocked almost completely. I could send out to comcast's mail serves (actually I assume this is the case. I don't use comcast email so i could have been completely blocked). I went online to comcast's tech support chat, and here is the hilarity that ensued:
[21:05] John > Can't send or receive email
[21:10] advanced_tool_log > user John_ has entered room
[21:10] advanced_tool_log > analyst David has entered room
[21:10] David > Hello John_, Thank you for contacting Comcast Live Chat Support. My name is David. Please give me one moment to review your information.
[21:10] John_ > hi
[21:10] David > I apologize and would be happy to assist you in correcting this.
[21:10] David > Are you getting an error message? If you are what does it say?
[21:10] John_ > as of this morning, i am no longer able to send mail or recieve it
[21:10] John_ > port 25 is blocked in both directions, except out going to comcast mail servers
[21:10] John_ > i am unable to send mail through any of my email addresses
[21:11] John_ > and i'm unable to recieve any mail at all
[21:11] David > what email program are you using?
[21:11] John_ > apple mail
[21:13] David > I have reviewed your account and determined that our Customer Security Assurance team has placed a block on your connection, preventing the use of Port 25. This block was put in place because we have received complaints that a PC connected to your modem has been compromised and is being used as a Spam zombie. In other words Spam is being generated from one or more of your computers without your knowledge. To restore mail service, we require that you reconfigure your application to use Port 587 and you enable authentication. This link has walk throughs for reconfiguring common email application:
[21:14] David > For your incoming server you would want to use port 110
[21:14] John_ > oh WAAAAAIT a minute
[21:14] John_ > i have NO pc's at all on my network, only Macs
[21:14] John_ > there is ZERO chance that a computer on my network is a spam bot
[21:14] John_ > tell me how i can get this port 25 block lifted ASAP
[21:15] David > I apologize, we cannot lift this block but once you convert to port 587 you will be able to send and receive with no issues
[21:16] John_ > this is completely unacceptable, you have to remove the block
[21:16] John_ > i'm paying for internet service, and i can't even sent email.
[21:16] John_ > i don't use comcast email, i use email through my own websites
[21:16] John_ > this has to go over port 25
[21:16] John_ > that is how smtp works
[21:18] David > I apologize for the inconvenience if you are accessing a different smtp server you can contact them for an alternate secured port as port 25 is unsecured and has been blocked on your modem
[21:18] John_ > ok well how can we unblock it
[21:18] John_ > if i specifically have been blocked, then i can be unblocked
[21:19] John_ > if there really is spam coming from my network i will work with you in every way i can to identify and stop it, but in the end i need prot 25 opened up
[21:20] David > I apologize we are unable to do this. Like I said converting to a different secured port will resolve this and protect everyone from spam
[21:20] David > Is there anything else I can assist you with today?
[21:21] John_ > you have yet to help me with my first proble
[21:21] John_ > m
[21:21] John_ > why is my INCOMING port 25 blocked also?
[21:21] John_ > how could that possibly effect spam?
[21:21] David > Your incoming mail should be set to port 110
[21:21] John_ > undertand something
[21:21] John_ > i am NOT using COMCASTS mail servers
[21:22] John_ > i am not talking about pop
[21:22] John_ > i am talking about SMTP
[21:23] David > Again, I apologize but the port has been blocked and you will need to re configure for a different port.
[21:23] John_ > incmoing smtp mail can ONLY come in on port 25
[21:23] John_ > does comcast want me to continue being a customer?
[21:24] John_ > if so, then we need to figure out what needs to be done to get my port 25 opened again.
[21:24] David > Do you have a mail server set up at your home?
[21:24] John_ > yes for incoming email
[21:24] John_ > outgoing email all goes through comcast, or other mail
servers (until yesterday)
[21:27] David > Any personal email should come in on port 110. If you are running an online business or mail server at your home this wouldnot be allowed in our terms of service for residential high speed internet
[21:27] John_ > i don't run any outgoing mail servers at home, all my outgoing mail goes through YOUR mail server. i only recieve email
[21:30] David > what is the smtp server name?
[21:31] John_ > that i send through or recieve through?
[21:31] David > that you receive through
[21:31] John_ > johnmasone.com
[21:33] David > I apologize. You would need to contact your webhost for an alternative port
[21:34] John_ > you clearly do not understand what i am saying to you because none of your answers are relevant
[21:34] John_ > i'm going to start over
[21:34] John_ > i am having two problems
[21:34] John_ > first problem is
[21:36] John_ > my port 25 is being blocked for inbound traffic. This means that i can't recieve mail on johnmasone.com, which points to my comcast IP. This is not buisness traffic, this is not an outgoing mail server, this is a computer that JUST recieve mail and thats it. This block has NOTHING to do with spam because it is blockign INBOUND connections which could not possibly be used to send anything at all.
[21:36] John_ > my SECOND problem is...
[21:36] John_ > i can no longer connect to any outbound SMTP servers except comcast's
[21:36] John_ > so i cannot send email from any of my email addresses which are hosted on 3rd party servers, LIKE my business email address, which is hosted on a server in a data center in michigan
[21:38] John_ > And note that both of these problems started TODAY. Yesterday, and for years and years previous, i had no problems at all.
[21:40] David > Your other outbound SMTP servers would be able to provide you with an alternative to the unsecured port 25 as we provide port 587 you could contact them for this. Our user agreement also bars the use of mailservers on the account
[21:41] John_ > First of all, you understand that either port 25 or 587 can be secure or insecure. Second, i am not running an outbound mail server, i'm just recieving mail. Third, you said that I am blocked because spam was detected coming from me. I'm telling you that is impossible, so lets talk to the security team, go over their logs, get this settled and have them unblock me
[21:42] David > I am sorry once you are blocked this cannot be unblocked.
[21:42] John_ > i'm sorry that is simply untrue. you are lying to me
[21:42] John_ > i am a systems administrator myself, i know this is not true
[21:43] David > Our security department will not unblock you.
[21:44] John_ > this is not acceptable. i am willing to work with your security department to make CERTAIN that no spam is coming from my network. But telling me 'once your blocked you can't be unblocked' is completely bullshit and you know it
[21:45] David > They determined there was too much traffic and closed the port. You can call 1-856-324-2025 to speak to our security assurance group if you has additional questions
[21:46] John_ > is there a specific person i should talk to? an extension?
[21:47] John_ > also is there some sort of reference number?
[21:47] John_ > trouble ticket?
[21:47] John_ > etc?
[21:47] David > That number will get you right to the security group
[21:48] John_ > ticket number, anything like that?
[21:48] David > There is no trouble ticket for this
[21:48] John_ > can you make one?
[21:49] John_ > i want record of ALL OF THIS
[21:49] John_ > because i do not trust comcast
[21:49] David > I apologize I cannot
[21:49] David > I will note your account for you
[21:50] David > Again for your residential comcast email you can easily convert to port 587 with the instructions on the link I gave you
[21:50] John_ > i am nost sending comcast email, the link you gave me is of no use to me
[21:51] David > You can contact the security assurance and your other email providers for alternatives
[21:51] John_ > ok
[21:51] John_ > i will do that
[21:52] John_ > i am unable to copy text from this chat window, is there a way i can get a transcript of it?
[21:53] David > You can always highlight the text of this chat, and then Copy and Paste it into a document such as Microsoft Word, or Notepad etc. You will also be given an opportunity to either Print or Copy the entire transcript at the end of the session after you are given a chance to fill out a survey.
[21:54] John_ > thats what i mean, i cannot highlight the text. it doesn't let me select any text in the chat window. but as long as i can print it that will suffice.
[21:54] John_ > ok i beleive we are done here. I'd say things but you really haven't solved my problem. Hopefully the security people can.
Note how he absolutely doesn't give a shit. Also note how he seems to have no idea that SMTP both sends and receives email. All he understands is basic "send through smtp, check through pop" client side stuff. Also note that at first he says I'm blocked because of SPAM complains, THEN later on he says I'm blocked because of too much activity.
Another fun part is the end. So this online survey, once you fill it out, there is a submit and a view transcript button. If you submit the survey, the transcript is gone forever. I guess thats their sneaky way of making sure people don't post this crap in their blogs. I had to contact them again Monday, talk to a supervisor, and have him look up this transcript in the big comcast database of unsatisfied customers.
Stay turned for Part 2 of the story, which is when I actually called the Comcast Customer Security Assurance Department. I was actually foolish enough to think "OK let me call these people, they'll straighten this mess out" HAHA ...