Slashdot Mirror
SMTP-Friendly ISPs?
alanpage asks: "My
ISP got out of the dial-up business and sold my account to Earthlink.
They do not allow me to send e-mail (via port 25) on behalf of the
web sites that I maintain. Are any of the major players in broadband
or dial-up port 25 friendly?"
By reading your question, it sounds like you want to send out mail via your ISPs SMTP using an e-mail address for a webdomain not hosted by them. Any GOOD ISP will not let you do this.
You may wonder why. Well, if I can do this, then I can forge e-mail addresses and send out any kind of mail I want. That's a good way to get blacklisted.
Basically "port 25 friendly" is also known as "spam friendly".
What I would recommend is seeing if those sites where those domains are hosted allow SMTP services with password authentication. Some place do, and then you can send out mail from any ISP using those mail server.
My personal e-mail is not connected to my ISP. I have password authentication in place.
The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
Keep in mind that if you want to pay commodity prices for a service, you are going to get a service that has been sanitized and developed for the masses. What you're asking is essentially the same as "How can I get WinXP-home to work as a good server?".
If you want to connect to outside SMTP servers, you'll either have to go with a smaller ISP that doesn't have paranoid, 'we're not going to be the front for spam' policies in place (and make a sacrfice, be it limited dialing area, higher prices, or whatever) or tunnel out to a server that will allow you to connect to foreign SMTP servers.
my sig's at the bottom of the page.
Considering you said "on behalf of the web sites that I maintain", I assume you have some degree of control on at least one site outside your ISP.
Why don't you tunnel ? Then you can use whatever port you want.
If you have SSH running on one of these servers - and who doesn't nowadays - you can easily tunnel. Just check your ssh client configurations. If you're running windows, a good client is SecureCRT. If you're running linux, and the other side is windows NT/2000/XP, use this PPtP client
And there's another advantage with tunnelling: You can compress. Unless you have a very fast connection, you'll visibly notice a speed improvement when compressing.
-
Roses are #FF0000, Violets are #0000FF, find / -name '*base*' |xargs chown -R us && mv zig greatjustice
www.myrealbox.com will let you use their smtp port if you sign up for an account. And you can use it to send from a different account aswell.
With my $50 per month, uncapped, flat rate TDSL line, port 25 is unfirewalled both directions. I can send directly to most places, but sometimes have trouble as the dynamic IPs given to dialup users, are on spam lists. The solution:
They provide 2 outgoing smtp servers, the first one, rewrites any From: header with your official t-online email address.
The second one, which one has to register for, relays and preserves the From: address.
Both these servers only accept connections from ip numbers they own.
This is ideal, as it is flexible, and prevents against spammers. The only thing is the fact I now rely on the t-online server, which hasn't been a problem so far.
Nifty enough (under windows) it comes with a not-dumbed-down dialer program that includes (and updates itself) with all of their access numbers. All of them, from Argentina to Venezuela. Including ISDN numbers.
Amusingly enough, we went to them from Earthlink.
Although not the best DSL provider, they have shapen up in the past few months -- completely revamping all their routers etc, so no its pretty darn reliable. Anyway, DirectTV DSL is giving me great speeds (1.5/256) with good reliability, a static IP, as well as all ports not being firewalled. Only downside is their recent caps of bandwith on USENET groups :(
I would think that charter.net would be the same in many/all areas, since when I have had to contact technical support they've always responded with a southern accent and I'm in the midwest.
The only thing I dislike is that during the windows worm period they blocked port 80 traffic even though I wasn't effected. It was turned on after a while and from what I understand their current policy is to shut down bandwidth to anybody who does become infected, which I think is a good policy.
Chris Kuivenhoven is a thief, beware
Could that ISP be VERIO????
Cyberbite Networks - Web Hosting, Dedicated Servers & Colocati
I'm in the Kansas City area. We get time warner cable with roadrunner internet. It works great, and they have so far let me do whatever I want. The one problem I have heard is that if you run a few too many port scans, they'll cap your speed. This happened to my friend and now he's inching along at 15 instead of 200.
If you have a shell account on a box which is outside Earthlink's jurisdiction, you can do what I do:
ssh -L2001:mail.server.to.use:25 my.shell.server
Any connections to port 2001 on your local machine will then be forwarded (encrypted) to your shell server, and from there be forwarded to port 25 on the mail server.
ssh makes a great tool for busting out of firewalls.
I have my home computer on a Road Runner connection to the internet. I use it to host my domains, and I have it configured to both accept and send email to the internet without any problems.
I was going to post the original url for the acceptable use policy which was like a page long and it didn't say that we couldn't run mail servers on RR, but they seem to have moved it to here which seems to be a much longer and more specific TOS. But on the bright side, it still doesn't really mention that you can't use your own server to send and receive email (hopefully I didn't overlook anything).
-Through the server, over the router, off the firewall... Nothing but 'Net!
I work at a hosting company that offers authenticated SMTP service for it's customers. We hate spam a lot, so we decided ASMTP was the way to go.
:)
Our problem? Half of our customers can't USE the service - we spent 45 minutes on hold with Earthlink one night trying to figure out what was wrong with one of our customer's email settings. Turns out that it's not a bug, it's a feature. *smirk*
So if any knows of any national providers that don't block SMTP, it would help *me* a lot.
(Disclaimer: I understand WHY providers would block outgoing SMTP server connections. It's mostly justifiable. I just also think that they should notify their customers of this fact in a somewhat obvious fashion.. maybe in their online FAQs.)
I strongly disagree with the claim that blocking outgoing SMTP is mostly justifiable.
Several counterpoints:
1) I own my own domains, and mail sent to them is forwarded to my home system. Naturally I respond from the same system, which isn't a problem since all of my network information is set up for these domains, not my ISP connection. But if my ISP forces me to bounce mail through them, the mail will come from my ISP not my own company. This harms my credibility.
2) Worse, many ISPs insert extra content in outbound mail. Again, that little spiel for my ISP harms my credibility.
3) Finally and potentially most damaging, bouncing mail through the ISP means that they can easily monitor everything that goes through their system. Including sensitive business information. This information may get to my competitors.
That last item is why I use encryption when possible, and my MTA uses TLS when possible. But end-to-end encryption is still rare, and TLS is worthless if a third party acts as a middleman.
Is spamming from residential systems a problem? Of course... and I fully support ISPs that have a "death penalty" clause for spammers. They get complaints showing spam came from your IP address, and you get a phone call and a dead line until you discuss the situation with the ISP. First offense is "reinstall the OS, run virus checkers, etc." with account termination for repeat offenders.
But ISPs can't claim that there is no legitimate argument against an anti-spam policy that requires everyone use their mail servers. This is especially true in the broadband market where many people are paying for connectivity, not "ISP" services, and any attempt to force them to convert will cause massive disruption. (E.g., I lost *no* mail during the transition from @home to AT&T because I always use my own domain name precisely to avoid such problems.)
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
1) it is directed to one of their addresses;
OR
2) it comes from one of their static IP addresses (mine -- dunno about their dialup accounts) and is addressed anywhere.
Of course, I make sure my SMTP server does not relay.
As far as I can tell, they have no trouble with SMTP traffic that they just route at the IP level -- they don't appear to firewall port 25 and force tou to send email via their SMTP servers. Theis is generally how I send mail.
So, they will accept mail for their destinations, and will relay mail that comes from their static IPs.
Yes, they know I am running an SMTP server, and ask only that I (a) do not spam (not relaying ensures that I do not permit others to do this); (b) send excessive traffic upstream. This strikes me as a reasonable policy. I am a satisfied customer.
You could've hired me.
Perhaps they're quite worried about spam with dialups, since they're so easy to setup that even giving a spammer a few hours of window will cause major problems for them. But since we've also had people using major dialups (like PacBell) who don't have a problem using the company's dialup to send email with an @OurCompany.com email address, I can't imagine that this should be a really major issue.
Worldnet will remove the port 25 block from your account after 30 days if you request it. I've done this and it works great.
This won't do you any good if your ISP is blocking port 25 traffic... A big load of nothing will hit myrealbox's smtp port.
I reside in Chapel Hill North Carolina and maintain the servers for a small (though growing!) dot com business. We currently use Time Warner's Road Runner (nc.rr.com domain) for our office business connection and regularly use the SMTP gateway from Road Runner for various domains.
Blake
on behalf of the websites you maintain?
if you are trying to send using their smpt server they won't let you, just use earthlinks smtp server for outgoing mail.
/* oops I accidentally made a comment, sorry */
Second, the answer. Earthlink will gladly allow your sendmail to work, just set their mail server as your smarthost. It works like a charm, I use them as a backup net connection.
Adelphia (at least here in Massachusetts), doesn't restrict outgoing port 25 for customers using their PowerLink cable internet service.
I strongly disagree with the claim that blocking outgoing SMTP is mostly justifiable.
And all of your reasons stem from your fundamental misunderstanding of what's going on.
1) I own my own domains, and mail sent to them is forwarded to my home system. Naturally I respond from the same system, which isn't a problem since all of my network information is set up for these domains, not my ISP connection. But if my ISP forces me to bounce mail through them, the mail will come from my ISP not my own company. This harms my credibility.
I'm sorry, WHAT?!?!?!?!
You're saying that it "harms your credibilty" that someone might look at the headers, trace the SMTP server, and figure out that you check your mail from multiple locations?!?!?! I can't even BEGIN to fathom what you're talking about.
2) Worse, many ISPs insert extra content in outbound mail. Again, that little spiel for my ISP harms my credibility.
With the exception of the "free" services (hotmail, yahoo, etc.. - and these aren't even SMTP, they're web-based!) I don't know of ANY mail server that does this - anyone who does this is in violation of the applicable RFC's (a MTA should NEVER modify the body of an email.)
3) Finally and potentially most damaging, bouncing mail through the ISP means that they can easily monitor everything that goes through their system.
And you think that using SOMEONE ELSE'S SMTP server will prevent them from doing this, should they be so inclined? You're so stupid it's not funny..
Blocking SMTP servers is a GOOD thing - it prevents "whack-a-mole" spammers from abusing people.. there is NO legitimate need for a dial-up user to connect directly to someone else's SMTP server. EVER.
toad.net is a GREAT provider based in Severna Park, MD. They have nationwide coverage (if you can get DSL from any other company, you can get it from them too), and have no restrictions on port traffic. I run several sites with mail, web, SSL, SSH, etc, and have never had a problem.
I use nauticom.net for dialup when I am on the road. (I have DSL at home) When I signed up, I called them and specifically asked if they were "blocking mail like Verizon is doing," and they told me "absolutely not."
Haven't had any problems. At $21.95 it's a little pricey, but the service is good.
Seriously, this is a Good Thing(tm). I know NOC guys at Earthlink/Mindspring, they keep on top of their servers. (Although I've got better overall uptime on mine. Hah!) So there's really no need to use foreign SMTP servers.
Aside from that, as a seperate ISP, I BLOCKED Earthlink dialups from directly contacting port 25 here long before they put the filter in place. It's neigh-impossible to police the 6 or 10 million accounts they have right now for spammers... much easier to put heuristics on the mail gateways watching for spam-levels of mail going from one dialup. Effective, too. They're not my #1 source of spam.
Also, it's not just earthlink. A lot of their POPs are partnered with port-resellers. The major resellers automatically put a port-25 block on, and punch a hole back to the ISPs mailserver. There's nothing Earthlink can do about it. I have Qwest as a port-provider on our national dialup, and they do that for us as well.
In summary, after 2000, any ISP that provides clear access to port-25 outside their network is no longer a techie-friendly ISP, they're spammer-friendly and techie-hostile.
--Dan
I believe that Speakeasy.net is port 25 friendly, but their TOS says if one piece of reported spam gets sent through your SMTP server, they cut your account.
GOD
install qmail
or the equivalent for win32
problem solved. forever.
Time Warner's Road Runner service in Austin, TX doesn't block port 25.
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart
If you're logged in to an ISP's network, you can generally do whatever you want because they know who you are.
;-)
If you're not on their network, you can't just use their SMTP because they don't know who you are.
Those of you who are saying "I don't have any problem with this".... well duh. You're logged on to the network in question. The original poster evidently is not.
FYI, Earthlink does NOT allow you to authenticate to their SMTP from outside their network.
From the standpoint of clients who want to have domain-based email without being on the same network as their domain host, if they are using Outlook (I know, I know), which many are, they can use their own ISP's SMTP and put their domain email address in the replyto: field. Makes it look like it came from their domain. This has saved me a few migraines along the way. Thanks Microsoft! heh
Fried ice cream is a reality. - George Clinton
the logical solution woul dbe the MSA port, 587. Refer to sendmail.
I have the best dial-up isp availible and they don't block port 25. They are also dirt cheap. Talent Group
-- Devin
Earthlink's SMTP server allow you to send out messages with return address for all domains, not just @earthlink.net etc. Just set your mail software to use Earthlink's mailserver instead.
My genius ISP, optimum online, decided that blocking INCOMING connections to port 25 would stop spam. So now I have to point my MX to another machine that forwards to mine on another port to get around this, in the meantime they do nothing to stop someone from sending all the spam they want from their network. I can still send mail just fine from my domains (and any I wanted to spoof, if I was a spammer). Genius.
I have a small network (about 10 computers) behind a simple firewall box (Xsense's XRouter Pro) that does NAT. One of those computers is hosting FreeBSD, including Sendmail, running on an old P90 behind the firewall. From any of the other machines on the network, a mail client such as Eudora can be set up to use that SMTP server for outbound mail. Sendmail does what its name implies: it sends the mail out. Presumably on port 25, since I did not specify a custom port. A mail client can also be set up to use Comcast's SMTP server. That works perfectly well, but a mail client typically gets rid of the mail much faster when using the internal SMTP server. Is this what you mean? It works just fine.
Sigmund