Slashdot Mirror
How Pervasive is ISP Outbound Email Filtering?
Erris writes "A member of the Baton Rouge LUG noticed that Cox checks the text of outgoing email and rejects mail containing key phrases. I was aware of forced inbox filtering that has caused problems and been abused by other ISPs in China and in the US. I've also read about forced use of ISP SMTP and outbound throttling, but did not know they outbound filtered as well. How prevalent and justified is this practice? Wouldn't it be better to cut off people with infected computers than to censor the internet?"
I use Comcast, and my outbound tcp/25 is blocked entirely. I can _only_ go to their SMTP relay.
25% Funny, 25% Insightful, 25% Informative, 25% Troll
Digging further into the Cox situation, the Cox subscriber said:
I tried to send an email. The email only contained text. The text Cox
objected to was "http://my_homebox_IP_number/"
I haven't checked the Cox TOS lately, but don't they prohibit running a home web server like all the other residential internet providers? Hasn't this been the case since for essentially the same length of time that the Internet has been a commercial venture?
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
I will no longer be able to point to my home server on these lists because Cox
rejects such messages as spam. The message given when I try is:
Sending failed:
Could not write file The message content was not accepted.
The server responded: "ID_INTENTIONALLY_REMOVED This message was
undeliverable. This message has been found to be a potential spam message,
and has therefore been blocked. Please visit http://coxagainstspam.cox.net/
for more information.".
Disk full.
The message will stay in the 'outbox' folder until you either fix the problem
(e.g. a broken address) or remove the message from the 'outbox' folder.
The following transport protocol was used:
smtp.east.cox.net
. . .
I could care less that their disk is stuffed and suspect it is misdirection.
This censorship is only a minor inconvenience but the message it sends is
ugly. It says, in so many words, that the internet is for your consumption
not participation. Changing messages to point to my physics page gets around
the immediate problem, but most people do not have such a thing nor should
they be forced to host things on someone else's computers. I'm paying for my
bandwith, why can't I use it for what I want? Finally, subscribers now know
that every word of every message sent is filtered. Will they filter my IM
conversations next?
You can't talk about Wikipedia's flaws on Wikipedia
hmm thats strange, i'm using comcast in the atlanta area and can easily do smtp to other hosts on the internet.
I also note that Cox's TOS specifically prohibits the hosting of servers:
A more accurate title for this story would be: "User in violation of Cox TOS upset over Cox efforts to enforce TOS."
My advice to said user? Buck up and get business-level service, or find yourself a real hosting service for your mail server.
I would like to first state that I am a Cox cable internet subscriber in the Phoenix area. I also happen to wear the abuse desk hat for Arizona's oldest ISPs.
:)
I can say without question that the amount of spam we get from cox is almost NIL. I constantly see spam coming out of Comscat's network, also Verizon and from time to time Time Warner but RARELY Cox. In fact I can't remember the last spam I received that originated from their network.
I don't mind that my egress SMTP port is blocked forcing me to use a MSA (mine is configured to use SMTP AUTH with TLS, which works nicely). The fact is that Cox has their act together in my opinion. The fact that they are a white hat in the abuse category makes me want to continue doing business with them. I don't think what you're seeing here is intentional censorship. It would actually be irresponsible for Cox not to filter outbound mail traffic, since they are bound to have customers that run malware infected / zombied host computers.
Anyway, I say "good job Cox"
P.S. I work for an ISP that is NOT Cox--which one might think after reading my glowing statements (in fact we compete against Cox)
It's true no man is an island, but if you take a bunch of dead guys and tie 'em together, they make a good raft.
that's actually been a pretty common net-wide standard for awhile to block port 25. Logic being that many old spam virus's used to set up an smtp server on the infected machine and start spamming directly from the infected computer bypassing the isp's SMTP server. By blocking port 25 on the outskirts of the ISP network and forcing customer to use their SMTP it allowed better access controls to prevent spam. and more importantly, kept entire ranges of Dynamic IP's from getting blacklisted due to spam.
In the past few years with the increase in teleworking, remote access of email, and personal domain names, as well as the evolution of the spam-virus, that ISP's have moved to allow access to port 25 outside their network, instead doing IP access controls on their outgoing SMTP server, and using SMTP Auth to allow people to connect from outside their network.
I own part of a small ISP and CLEC in the South.
We do not use spy on our customers phone calls or throttle their P2P traffic. We are not considering monitoring their Internet traffic for copyrighted (or any other) data.
Maybe some of the big boys are out there using these draconian tactics, but your average, everyday, garden variety, small ISP is just trying to make a living providing a quality alternative to the behemoths out there.
Please don't lump us in with those guys.
All that said... We *do* filter inbound email traffic for viruses and SPAM. We do block inbound port 25 to our dynamic IPs.
We view these actions as our duty to our customers and to the rest of the Internet to do our small part to help at least slow down the rampant propagation of SPAM on the Internet.
We currently block about 95% of the email that hits our domains - and that number is slowly climbing. Do we occasionally throw out the baby with the bath water? Probably so, but it is rare. I can't even remember the last complaint we have gotten about this, so this tells me that our filters are highly effective.
As for blocking port 25, we do this to guard our address space against our own customers being irresponsible with their PC's and not keeping virus software up to date. Getting our address space blacklisted would effect ALL of our customers.
It is not about getting rich. Hardly so. Email is the probably the biggest drain on resources that any ISP faces. If we didn't take these steps, we probably would not be in business.
Everyone wishes we had the less evil Internet of yesteryear back, but it isn't going to happen. The Internet is a cesspool. We have to defend ourselves in the best way we know how.
You may have at one point been flagged as being 'infected with a virus'. This is when my comcrap connections always got nuked (I host a mailing list). But instead of filtering just outbound, they would kill everything.
I got tired of fighting with them (and after the headaches they caused with my overpriced business class connection when they took over for the ISP they bought out I was not going to pay for that service again), and discovered DynDNS's mailhop outbound and mailhop relay services. Problem solved. You can have stuff forwarded in on a nonstandard port and sent out that way too.
http://www.dyndns.com/services/mailhop/outbound.html
http://www.dyndns.com/services/mailhop/relay.html
I use an alternate-port SMTP service: my mail doesn't go through my ISP's server. That was after my outgoing mail got blocked and their customer service (I use the term loosely) people couldn't tell me why. I was just told that the problem should "correct itself" in a week or so. Well, it eventually did but by then I'd taken steps to never be in that position again. Now I just poll their mailbox for the occasional notification but I haven't sent a message through my ISP's SMTP server in years.
The higher the technology, the sharper that two-edged sword.
Thank you for your e-mail. I understand you are experiencing
difficulties sending e-mails stating messages are being rejected by the
server. I am really sorry for this inconvenience.
Our messaging team is adding functionality to the email platform that
will have the ability to detect spam emails and notify the you that you
are attempting to send spam, and that it will not be sent. Therefore,
when a your email has been identified as a spam, you will see an error
message. Please visit the link below for more information:
http://coxagainstspam.cox.net/
I hope you have found the information above useful. If the difficulty
persists or if there are any further inquiries you would like to
address, do not hesitate to contact our dedicated department for further
assistance.
Have you tried our customer support site? Visit
http://support.cox.com/
to find answers to many of your Cox High Speed Internet questions FAST,
including "click to fix" automated solutions and LIVE online chat
support 24/7!
Thank you for choosing Cox Communications as your friend in the digital
age. In other words, Cox said "Yep, your outgoing e-mails were flagged as spam and not sent, and we don't care. Have a nice day." Sheesh.
I was able to get around the problem by sending my resume as an attached RTF instead of DOC (both created with OpenOffice.) I'm guessing this change was enough to convince their filter that the messages with RTFs attached were not the same as the previous ones with DOC files.
Eventually the problem went away, and happily I did find a job. Still, I was pretty dismayed at how dismissive and unhelpful their "dedicated department" was.
If it weren't for deadlines, nothing would be late.
5000? In Canada, ISPs won't let more than 400 out *per day* through their mail gateways even on a commercial line. You have to set up your own mail sending system. Standard practice is to force all mail through their gateway. Checking message content (no I haven't read TFA) seems reasonable. You want privacy, that's your business, but average use is going to get checked out all the time. Nobody talks on 25 in Canada unless you pay commercial rates.
I don't know how Comcast detects it, but if they see spam or receive a spam report involving your modem they block port 25. No warning, apparently Comcast will refuse to lift the block. It has happened to a few of my clients and friends.