Welcome Guest ( Log In | Register )

Outline · [ Standard ] · Linear+

Streamyx TMNET Streamyx blocking outbound port 25, Can't send out email from email clients

views
     
rajulkabir
post Mar 28 2008, 11:43 PM

Regular
Group Icon
Elite
1,428 posts

Joined: Oct 2004


This is a good policy from TM. Far too much spam comes from p0wned Windows PCs on ADSL lines.

People who are having problems can deliver their email via port 587 or use TM's SMTP servers.
rajulkabir
post Mar 31 2008, 06:02 PM

Regular
Group Icon
Elite
1,428 posts

Joined: Oct 2004


QUOTE(husagi @ Mar 31 2008, 11:19 AM)
Yes, good policy. But someone left his/her brains at home or in the trash.

Their announcement states that "Streamyx customers with dynamic IP addresses, who have their own mail server will not be able to send out-going e-mails", but engineer's implemention was "block everything with source AND destination port =25, unless IP address resolves to smtp.streamyx.com / smtp.tm.net.my". Ceh. Seems to me, their policy makers did not clearly define "outbound SMTP" -- whether that means only traffic whose source port =25, or, traffic whose source OR destination port =25. The annoucement should've been more precise.
*
Yes, if they are blocking port 25 inbound (connections from the internet to a Streamyx subscriber), or blocking based on source port=25, that is useless and stupid.
rajulkabir
post Apr 7 2008, 06:24 PM

Regular
Group Icon
Elite
1,428 posts

Joined: Oct 2004


QUOTE(abubin @ Apr 7 2008, 04:28 PM)
It only solve partial problems. For system admins like me, we need to test email servers directly. We can't have any ports blocked because tmnet engineers are too lazy to use proper way to solve problems.
*
If you are a sysadmin then surely you have plenty of machines out on the net you can use to test from, either by ssh+telnet/nc or via a VPN.
rajulkabir
post Apr 7 2008, 06:47 PM

Regular
Group Icon
Elite
1,428 posts

Joined: Oct 2004


QUOTE(abubin @ Apr 7 2008, 06:28 PM)
yup, i have but it's stupid and annoying for tmnet to do such a thing. It's too extreme to block outbound SMTP.

To the contrary, I think it is a very good idea for them to do this. The vast majority of all spam comes from zombie PCs in people's homes that just make outbound connections on port 25.

That's a huge amount of traffic clogging TM's network, making everything slower for the rest of us. Not to mention the hassle that the spam causes.
rajulkabir
post Apr 8 2008, 02:18 AM

Regular
Group Icon
Elite
1,428 posts

Joined: Oct 2004


QUOTE(mytescocom @ Apr 7 2008, 10:14 PM)
So does this means if the car accident rate increases, we shud just reduce the highway speed limit to 50km/h?? Because the highway has many potholes, and the authority has no means to fixed the potholes, we conviniently introduce a speed limit reduction to everyone??

Of course. The most important thing about the roads is that they are safe.

It would be great to have safe, fast roads, but if they are unable to provide that, then safe slow roads are the next best thing.

QUOTE
Eventhough spammers uses port25, but there are also alot of legitimate users out there that uses port 25 for real business purposes.

The spammers inconvenience millions of people every week and use a lot of resources.

I doubt there are more than 20 people in all of Malaysia who could make a good case that they "need" to use port 25. Their company mail servers should be accepting mail on port 587 which is the correct port for SMTP submission from end users. If the company mail servers are only accepting it on port 25 then they are misconfigured. The problem in this case is with the company running the mail server, not with TM.

QUOTE
There are many methods to combat spam, but TM is taking the shortcut by just blocking port25.

I don't think you understand the reason for this block. It is to prevent compromised customer machines from sending spam elsewhere (99% of it goes to non-TMnet destinations). This is not about stopping spam to Streamyx customers, it's about stopping spam from them. There's not much else they can do along these lines, unless you want them to do as some other ISPs, and close your account down if they notice that your computer is infected.

QUOTE
Ppl like me where my company email server is in the US, i rely on my email client to be able to send emails out via port 25.

My company email server is in the US too. I deliver send mail to it on port 587. I can send mail using TM's SMTP server. I can use a VPN to reach my company server on port 25. I can set up a redirector at the company to allow to use some other arbitrary port. There are many different solutions, most of them very easy.
rajulkabir
post Apr 9 2008, 12:37 AM

Regular
Group Icon
Elite
1,428 posts

Joined: Oct 2004


QUOTE(abubin @ Apr 8 2008, 10:41 AM)
Next, spammer with be using port 587 to spam. Virus/malware will be written to use port 587. Next, tmnet block port 587, then what?
*
As WK says, my server only allows you to send on port 587 after you have authenticated with username and password. I assume this is the case with most (or maybe all). So it's a totally different situation.

Port 25 is for server->server, port 587 is for user->server.

 

Change to:
| Lo-Fi Version
0.0174sec    0.30    6 queries    GZIP Disabled
Time is now: 29th March 2024 - 12:52 PM