Comcast blocking port 25? (not what you think)

[Dan Jenkins]

Travis Roy wrote:

>  This isn't about Comcast blocking port 25 to prevent you from running
>  a server..
>
>  Recently my parents (that use Comcast) can no longer connect to port
>  25 of my server.. one that is legit, has correct reverse and MX
>  records.
>
>  Has anybody else seen this?

I've heard rumors of it, but have never seen it yet.
The concept, of course, being egress filtering to block the
spread of viruses/worms that send their own emails.

As I know a lot of businesses use authenticated SMTP
to allow workers to email from home, but still pass
it through the company's mail servers (for various purposes),
this will cause some grief if it becomes common.

I have a couple whose CEOs would go ballistic if it happens
to their Comcast connections. (I'll pre-explain it to them so
Comcast takes the brunt, rather than us., FWIW.)

Thanks for the heads up that this may be coming a reality.
Is your parents' physical location local to NH?

>  Can anybody suggest a workaround.

Configure your email server to listen on an alternate port.
Configure their email clients to send on the alternate port.

For example, I've used port 8025. In Postfix I add a line
to master.cf:
your.ip.number:8025     inet    n       -       y       -       -       
smtpd

Model it after your standard smtp listener:
smtp    inet    n       -       y       -       -       smtpd

Sendmail, Exim, Qmail, etc. and email client configuration
is left as an exercise for the reader. ;-)

-- 
Dan Jenkins (dan at rastech.com)
Rastech Inc., Bedford, NH, USA --- 1-603-624-7272
*** Technical Support for over a Quarter Century