Comcast blocks port 25 incoming, yet again

Ben Scott dragonhawk at gmail.com
Thu May 15 14:15:21 EDT 2008


On Thu, May 15, 2008 at 1:04 PM, Coleman Kane <cokane at cokane.org> wrote:
> I got Verizon DSL this week, and it turns out that they do block some
> traffic.
...
> I learned this, after the sales person assured me
> that they don't block inbound traffic.

  Wow.  I'm shocked -- *SHOCKED* -- to hear that.

  I know everyone always likes to only pay for what they can get away
with, rather than paying for what is delivered, but when push comes to
shove, the TOS/AUP is always the controlling document.  People really
need to come to terms with that.  What the sales guy or tech rep or
anyone else says is not worth the paper is isn't written on.  Just
stop wasting your time (and everyone else's) worrying about what the
sales person said, because *it doesn't matter*.  The TOS is the boss,
and the TOS spells this out in clear, unambiguous language.

  Specifically: The TOS of big ISPs pretty much *always* forbid
hosting services on residential connections.  If you get away with
more, don't ever forget that you're getting something more than what
you've been promised, and as such, it can evaporate at any time.  They
can change it at any time.  They can block TCP/25 ever other day and
still be within their rights, because they are still giving you
exactly what they said they would.

  Don't be surprised when you get exactly what you signed up for.

> Additionally, their usage policy doesn't state anything about blocking
> incoming traffic.  It turns out that there is a paragraph that states that
> they don't want you to run a server ...

  Um...  they explicitly forbid you from doing what you're trying to
do.  While they don't say that they may block TCP ports to enforce
that policy, the fact that *they explicitly forbid you from doing what
you're trying to do* is kind of a clue, don't ya think?

  For those of you playing along at home:

http://www2.verizon.net/policies/tos.asp
Section 4, Subsection 3

> Additionally they don't block any other inbound traffic.

  So?

> The policy is quite absurd, in my mind. It is almost like they are
> choosing to pick on home-web-servers because of some inbred prejudice.

  It is extremely rare, in any part of any activity of any kind
anywhere in the world, to find that a law, rule, or policy is enforced
with absolute totality.  You don't get a ticket every single time you
exceed the speed limit.  You don't die every time you do something
risky in life.  I don't get fired every time I screw off at work.  I
don't ban people from the list server every time they break a rule.
This is pretty much the way the entire world works, and thank goodness
for that.

  I suspect the reason they're just blocking TCP/80 inbound is that is
where the problems were.  Whatever motivation they have for blocking
the hosting of services, they found that the sore spot was web
servers.  People running SSH servers or IRC servers or whatever
haven't been irritating enough for them to care yet.

  As for what the motivation for prohibiting the hosting services, I
don't know.  I can make some inferences based on the simple rule of
"follow the money", though.  To wit: It is hard to tell the difference
between someone using something for "personal" vs "business" reasons.
But looking at "hosting services" is an easy way to separate out the
huge majority of people who are just looking to get email, watch
YouTube, and download porn, from the much smaller group of people who
actually want to use the Internet as a two-way link.

  Believe it or not, there *are* costs associated with this.  Aside
from asymmetric bandwidth demands (most home Internet users are
consumer sheep, not producers of content, and the big ISPs design with
that in mind (there may be a self-reinforcing component to this, but
it's still the way things are)), hosting services is decidedly more
complex and thus will involve more support calls.  Why do you think
the guy you got was so useless and clueless?  Because he's trained on
helping people through tasks like plugging in their modem and
configuring Outlook Express.

  It costs a lot more money to train someone to, for example, know
what a datagram is.  Or to know that when somebody's home web server
coughs up the default "Your Apache installation is working" page, it's
not the ISP's fault.  Sure, *you're* clueful enough to understand
that, but there's a lot more people who have just enough knowledge to
be dangerous.  Anyone who's ever done any support work knows that the
support burden of those types can be quite large.

  People interested in hosting services tend to have higher
expectations and bigger demands than the average consumer herd-animal.
 There's nothing inherent in a running a server that makes it that
way, but it still is that way.  Just like being a teenager doesn't
automatically make one a bad driver, but statistically, the insurance
companies know they should charge more for them.

  In short, people hosting services cost the ISP more than most of
their customers.  Why should they charge everybody for the needs of a
few?  Certainly, the big telcos and cablecos abuse the hell out of
their monopolies, but it isn't all the case of the big-bad-ISP.  If
you go to a better ISP, you find that -- lo and behold -- they charge
more.  I'm thinking there is a correlation there.

> I am looking into mv.com right now, as my best option.

  I think they've been mentioned once or twice... ;-)

  Remember: You get what you pay for.  If you don't pay for it, don't
be surprised when you don't get it.

-- Ben


More information about the gnhlug-discuss mailing list