Slashdot Mirror
How Pervasive is ISP Outbound Email Filtering?
Erris writes "A member of the Baton Rouge LUG noticed that Cox checks the text of outgoing email and rejects mail containing key phrases. I was aware of forced inbox filtering that has caused problems and been abused by other ISPs in China and in the US. I've also read about forced use of ISP SMTP and outbound throttling, but did not know they outbound filtered as well. How prevalent and justified is this practice? Wouldn't it be better to cut off people with infected computers than to censor the internet?"
I can understand and am sympathetic to ISPs who force outbound traffic to go through their servers. I'm not saying I agree with it, but I really do get what they're trying to accomplish. I also understand ISPs having spam filters on their outbounds, and think that's actually a pretty good idea. If you really need to send a virus so someone, then you should be technically competent to encrypt it or otherwise shield it from a scanner.
But never in a million years can I even remotely condone actually scanning the text of emails and rejecting ones an ISP doesn't like. That's just Evil.
Dewey, what part of this looks like authorities should be involved?
I also have Comcast, I was able to send email over SMTP (port 25) any time I pleased. That was until my brother decided to bring over his virus ridden, spam spewing, zombified windows machine over and hook it up to my network (while he was house sitting). They promptly blocked port 25, I got home and couldn't send email.
/flamebait
I had to call their very rude Security Something Department, they said my options were
1. 'Use a different port because other ports can be secured while port 25 cannot be secured.'
2. Use the Comcast alternate port SMTP-AUTH Server (of which I don't know my login/password for)
I told them I wanted option 3:
3. Re-open port 25.
They decided to tell me that they could as a ONE TIME courtesy re-open the port, but 'it will probably be blocked again because the problem that caused it to be blocked probably wasn't fixed' (even after I told them that I had found the problem and fixed it, in addition to monitored all transmissions over port 25 for an hour)... So I fixed my OpenBSD firewall pf rules to only allow 'trusted' computers to only be able to contact MY email server, and access the whole internet unfettered, the 'guest' machines have access to web and a handful of other ports (none of which is 25)...
Moral of the story: Stop using windows...
Sleep: A completely inadequate substitution for Caffeine.
Cox does have business level cable and I've been quite happy with it. Used to use Speakeasy DSL but got spooked when Best Buy purchased them and switched to Cox. Thus far (little over a year) it has been great. I run 3 servers which do a moderate amount of traffic (maybe 50-100GB up a month) and have heard not a peep out of them. No ports are blocked that I can see, the servers run HTTP, HTTPS, SSH, IMAPS and SMTP between the group of them and it all works fine. They even have an SLA such that in extended downtimes you get monetary credit.
The difference, of course, is that I pay a good bit more. I'm not sure what a consumer level cable connection costs for 10mb/1mb but my understanding is it is somewhere in the range of $50/month. I pay more like $150/month for the business grade with 8 static IPs (the IPs do add a good portion of that).
However I'm ok with that. My usage is much in excess of what you'd get from a normal consumer, I'm ok with the fact that I have to pay for that. It's still not a bad price all things considered.
If you want the cheap consumer connections, then you need to deal with the consumer restrictions which usually include "no servers". It isn't as though they are being assholes and saying "No you can't ever do this," they are just saying "If you want to do this, you need a more pricey service."
You know, I'm getting sick of the prevailing attitude that ISPs and other "institutions" should limit legitimate activities with a technology and filter everybody's behaviour because some customers are bad apples (either intentially or through ignorance).
Don't penalise me and limit my activities - limit those who are adversly behaving. ie, block those that do have malware infected machines not mine! I do the right thing and protect my systems. Why should I should I be penalised by the highest common ignorance factor?
You are promoting this attitude by saying "We will do business with them because they bottled up their customers nicely and it saves us work" instead of "They have lower quality customers and have to bottle them. Not going to touch that crowd".
What am I saying? We live in a moddle-coddled world where nobody takes responsibility for they're own actions but instead focuses on fretting and controlling everybody else's actions. Arse above tit. With liberty comes responsibility.
We do not inherit the Earth from our parents. We borrow it from our children.
25 blocked ubiquitously here too. Instead of using cox's smtp service, I use the SMTP relay service at http://www.smtpport.com/ to tunnel regular smtp to my own company server through a nonstandard port. A decent workaround for when you don't have shell access or secure smtp. So far cox hasn't filtered or blocked it.
A friend of mine uses Comcast in the Indianapolis area. I talked to him on the phone and he was surprised that I hadn't received an email from. We went through several tests and concluded that Comcast was indeed scanning his outbound email and filtering items that hit some type of keyword filter. He was able to send the email only when he slightly altered the subject text. The annoying part of it was that it was a "silent" filter - he got no indication that the email had been rejected. It just went straight off to /dev/null (so to speak).