[NCLUG] comcast blocking port 25?

Bob Proulx bob at proulx.com
Fri Mar 23 00:14:56 MDT 2007


DJ Eshelman wrote:
> Most mail servers these days (mine included) are doing reverse DNS lookups,
> which means if you are sending from your own machine on Comcast's network
> you would not have a valid reverse DNS, and the mail server would either
> reject your email or send the SA score thru the roof.

I do something slightly different.  If the mail is being sent from a
dynamic IP address then I reject it.  This cuts out a large amount of
virus generated spam coming from the distributed spamming engines of
infected MS machines.

This almost never affects the random windoze user since they usually
use comcast, aol, msn, yahoo, hotmail, gmail, etc. and of course all
of those have static IP addresses.  So it is never a problem for them.

Interestingly the only people that this tends to affect is a linux
user who tries sending directly from a cable modem.  I find that
ironic because they are more tech savvy but in this case a little bit
of knowledge is a bad thing and they get tripped up.

Mail relays should have static IP addresses.  (Okay, I have the flame
proof underwear on, give me your best rebuttal.  Just don't expect me
to receive your email.)  In order to send mail from a dynamic IP
address the message needs to relay through a static IP such as the
ISP's mail relay or perhaps through a VPN or other through another
mail relay.  There are a lot of possibilities to make that happen.
The random linux user on a cable modem shouldn't feel too cramped.

Bob



More information about the NCLUG mailing list