Ask Slashdot: Is There a War Against Small Mail Servers?

softegg writes "My company hosts our own mail server. We have high-speed business connections through Verizon and Comcast. Recently, Verizon and Comcast have been blocking port 25, causing our private mail server to stop functioning. Additionally, a lot of ISPs just started blocking any mail coming from any IP in the address block of cable modems. This caused us to start laundering our mail through a third-party service called DNSExit. Now, McAfee's MAPS anti-spam system tells us they are blocking DNSExit for spam. Essentially, we are finding ourselves increasingly cut off from sending any outgoing mail. What is a small company supposed to do if you want to host your own mail?"

Not much to do

[enec]

Most ISPs block outgoing port 25 because 99.99% of that traffic is viruses or otherwise malicious computers trying to send spam. Even more mail services block all dynamic pools used by major ISPs because of the same reason.

Just invest a few bucks a month into a cheap hosted VPS behind a static IP where you can run the server.

Re:

[Anonymous Coward]

You have several options.
1) Get a real internet Service provider.
2) Host mail on a different server such as a vps
3) host mail on a different server and use Fetchmail to pull mail and send mail out bound.
4) Configure your server to send mail through your ISPs send mail server. Receiving mail may be a problem depending on ISP.

Re:

[DJRumpy]

The correct action is to call Comcast or whoever your provider is and get an exception. Comcast at the time I had them, and Time Warner now, have no issue with someone running a server on a business contract. If you are using a personal (home) account and running one however, it shouldn't surprise you if you were blocked (I know the article says a business account but it's relevant to the discussion). Both stated that was against the TOS to run servers on 'home' accounts.

Re:

[AVee]

Indeed, I've been running a mail server from my home (consumer) DSL line for ages. But I've got a proper ISP which provides a static ip, configurable reverse DNS and which actually has a functioning abuse desk which will actually quarantine lines which send spam. I haven't had any issues getting mail delivered anywhere.

However, what stops you from using your ISP's smtp server as smarthost for outgoing mail? You really shouldn't need external services to get your mail out. A block on port 25 (incoming) is

Re:

[Anonymous Coward]

Or stop using a dynamic IP for a business. I know static IPv4 addresses are an endangered species, but come on man.

Re:

[pipatron]

We have high-speed business connections through Verizon and Comcast

Would these be dynamic too?

Re:

[dosius]

Maybe, maybe not. I have "high speed" (4 Mbps ADSL) through Verizon and it's static IP, though I pay out the arm for it.

-uso.

Re:

[Cyberax]

Mail and DNS is easy, just add backup MX records with lower priority. For Web, not so much.

The real solution is getting your own AS ( http://en.wikipedia.org/wiki/Autonomous_system_(Internet) [wikipedia.org] ) and PI range from your RIR. It costs about $1700 initially with $100 a year for maintenance. This will allow you to do real seamless failover.

Re:

[bsane]

GSLB is the way to go here- its not perfect, and it relies on the client to honor the DNS TTL. Its simple, and should be cheap (we do it all in house, but for a couple sites I'm sure you could purchase the service from someone).

Basically set your DNS TTLs low, and the DNS server returns an IP based on the health of those services.

Re:Not much to do

[icebike]

Or stop using a dynamic IP for a business. I know static IPv4 addresses are an endangered species, but come on man.

Agreed.

Our company has the business pacakge from Comcast which includes a static IP.
Its not a problem for our mail server. We don't get blocked, and our reverse is properly set up, and our IP is in a
non-dynamic pool. Yeah, we pay a tad more for this. But we can run all the services we want, and our mail
goes out.

Most of the blockage you get with dynamic SENDING IPs is on the the RECEIVING end, not always your local
ISP.

Re:

[moco]

Static IP is not enough. You also need your ISP to change the reverseDNS records or else you end up on many RBLs. Unfortunately, not many ISPs are willing to do that.

Anyway, you are better off sending your email "to the cloud", contracting an SMTP relaying service or renting a VPS if you can't afford a dedicated (T1/E1) connection.

Re:

[yakatz]

You also need your ISP to change the reverseDNS records or else you end up on many RBLs. Unfortunately, not many ISPs are willing to do that.

Verizon is more than willing to change the DNS PTRs for anyone who calls the business support line and claims to be from the business that has the service.
When I called for the company I work for, they asked for our billing address and phone number, nothing more (and those are public information).

Re:Not much to do

[guybrush3pwood]

"First, they went after port 25, but I didn't care, because I didn't host my own mail server..."

blah blah blah, you know how it goes

Re:

[EdIII]

It's not just the ISPs. This is a problem with SPAM in general.

If you are running a mail server on a dynamic IP address block that your ISP states cannot be running a mail server you are going to be on the Policy.Block.List.

Whether or not the ISP lets your traffic go out is irrelevant. It's whether or not my mail server will accept your connections. It won't. I do scrub incoming IP addresses with multiple RBL providers that I trust to give me fairly clean results. PBL's are included in this, so I won't

Re:

[lofoforabr]

So unfortunately due to a bunch of dickhead marketers and organized crime in foreign countries the email system is largely broken.

Foreign countries? Last time I checked, the USA was the clear leader in sending out spam. But indeed, this is not a problem with the servers. We are just trying to protect ourselves from spam. Blame the spammers. I report all unflagged spam to SpamCop, and by doing that I managed to make a few of them lose their accounts. It's kinda funny to see their responses, claiming they did not spam.

Re:Not much to do

[pehrs]

I am not sure if you are aware of it, but the USA is a foreign country...

Re:

[pipatron]

due to a bunch of dickhead marketers and organized crime in foreign countries

Foreign if you're in europe maybe. Last time I checked, most spam originated from the US. Maybe it has changed the last year or two. Or maybe the dickhead marketers in the US vastly outnumber the organized crime (what's the difference, btw).

Re:Not much to do

[PIBM]

A lot of companies offer static ips for which you can set all the reverse dns & email information, and they are also out of their normal subscriber pool, thus allowing you to send emails from the computer behind it. The cost of that option is usually lower than 5$ per ip per month around here.

SMTP port?

[antdude]

What about those who send e-mails from their e-mail clients like Outlook? I send a lot of e-mails from my home PCs that use port 25 (SMTP) from Mozilla's SeaMonkey mail client. I don't like webmails.

Re:

[mlts]

Even if the traffic is not blocked, a lot of places will not accept mail if dumped through an IP address on a known dynamic range.

So, one needs to split mail two ways:

Incoming mail, cable ISPs tend to block just because. Telcos tend to allow incoming 25. This plus dynamic DNS solves this part.

Outgoing mail can be routed through the ISP's SMTP server, or if the mail volume is too much for that, there are third party outgoing SMTP services which act as relay hosts.

Re:

[geohump]

Both comcast and verizon's business services provide static IP addresses, and those addresses are not supposed to be in the dynamic IP blocks which each ISP provides to the various block list services.

If the ISP itself is blocking the outbound port 25 port, and/or reporting the IP they gave you as dynamic, complain bitterly, and sue. Begin the law suit immediately after they don't fix the problem within a few days after a written complaint. Solict other businesses who have been adversely affected and mount

Re:

[Seng]

Wow, they do their own network reporting? Perhaps SMTP?

Re:

[SimonTS]

Moderator!! Above post +1 for sarcasm and +1 for being pedantic. Mustn't have had his coffee yet.

Re:

[Quarters]

Your friend was getting AOL tech support and you told her about SMTP? You totally misunderstood your audience.

Sounds like an ISP problem.

[raitchison]

If your ISP (Verizon and Comcast) are blocking port 25 outbound it doesn't sound like they think you have a "Business" connection. Check your contract/TOS for any provisions that would prevent you from running a server (common for residential cable connections but not for business) and if there isn't one call and complain. If they won't unblock port 25 for your mail server (assuming it's properly configured) you need to find a new ISP.

Re:

[commodore6502]

>>>you need to find a new ISP.

That would be great, if the government had not given Comcast/Verizon an exclusive monopoly (or duopoly). And then decided not to regulate them.
Choice - we don't haze it.

Re:

[raitchison]

There are no DSL providers available in this area?

Even if there are not Cable or DSL providers there are always more traditional connectivity options, of course those might be cost prohibitive for a small company.

Re:

[ScentCone]

the government had not given Comcast/Verizon an exclusive monopoly

Which government ... your local city government?

Re:Sounds like an ISP problem.

[jimicus]

If your ISP is preventing 25 outbound, you don't have an ISP.

TBH, I'm not quite sure what you do have. I've met that sort of thing once before, I would describe them as a Web access provider.

Re:

[dougmc]

If your ISP is preventing 25 outbound, you don't have an ISP.

You are picking nits, but that setup for end users is quite common.

In most cases, 25/tcp isn't totally blocked outbound -- you can usually connect to the ISP's mail server and use it to relay your mail. That way, they get to make sure you're not spamming (and can monitor and control your mail if they want, though they could just do that by sniffing the network if they wanted too.)

Re:

[v1]

It's been my experience that they block outgoing connections on port 25 to any ip except their mailserver. This prevents spamzombies from using external open relays or directly relaying to destination mailservers.

Sometimes the ISP's dns server requires authentication, which is ideal, but sometimes not. Even with their internal relay open though, it's very easy for them to monitor for abuse if the zombie figures out the IP address of the mailserver, and just cut it off. They usually then just cut off your

Re:

[houstonbofh]

It could be the block lists as well. Make sure you have a business class service with a static IP as those are least likely to be in the block lists. Also add "@ IN TXT v=spf1 mx ?all" and "domain.name IN TXT v=spf1 mx ?all" to your DNS zone record.

Yep, sounds like the issue

[Sycraft-fu]

Most residential providers block port 25. Part of it is they just don't want servers on residential connections but another part is spam prevention. 99.999% of home connections have no reason to run something on 25 and if they are, it just means their system is owned and spamming.

For servers, you need a business class line, which has no restrictions. I have a business class Cox cable line at home for that reason. Lets me have static IPs, no port blocking, more upstream, and no bandwidth limits. It does cost

Re:

[Linux_ho]

They behave differently. A client normally connects to it's local mail server or its ISP's mail server on port 25. Clients normally don't generally connect to port 25 on mail servers outside the ISP's network unless they're spamming, which is why ISPs have been limiting that kind of connection from home networks.

Re:

[dougmc]

Because as soon as you telnet smtp.example.com 25 they will do the same to the source address and if they don't get a HELO with the matching hostname in it they will not accept your mail.

Please, give me some examples of mail servers that do this.

I've never seen this happen, and I would expect this sort of filtering to be full of problems -- not everybody does outbound and inbound SMTP from the same IP addresses.

Re:

[KingMotley]

EXIM can be configured as such.

Dump Comcast

[cstec]

Comcast's idea of the Internet is an increasingly detached 'consumer endpoint' version of the Internet. If you're not in a rural area, then find a true Internet provider and move on.

Re:

[elfprince13]

If you're in a rural area you probably don't have Comcast or Verizon anyway. Neither of them provide service for miles on any side of me.

Re:

[Steauengeglase]

While I understand it 99% of the time, I'm not sure if I should get hit with violating the ToS for firing up a Quake server once a month. I mean, yes, I "should" get hit, but I'm not sure if it leaves me very satisfied with my service, especially when Netflix and torrent guys use much more bandwidth.

PS: Might want to find a better term to use than "freetards". It is kind of vague. Some days of the week tossing that term around means you are out to defend a man's right to feed his family and expand the marke

Comcast Business works for me...

[Frosty Piss]

I haven't had this issue with Comcast Business (static IP). Port 25 works just fine. But, some recipients don't like us.

Re:Comcast Business works for me...

[edmudama]

My Comcast Business account explicitly allows servers on the static IP, including mail, web, etc. Anything allowed unless it's against the law in the local jurisdiction. If you go over bandwidth caps, they reserve the right to promote you automatically to the next tier of service. At the top tier, there are no caps.

It costs a little extra, but it seems to me like a business big enough to run it's own mail server should be able to afford the ~$75-100/mo for a business cable modem account.

Re:

[houstonbofh]

But, some recipients don't like us.

Check your DNS entries. A clean and proper DNS will help keep you off spam block lists.

Do they allow you to turn it off?

[a.koepke]

Over here in Australia quite a few ISPs will have port blocking like this turned on but they do provide you the option to disable it. It can even be done online via their user control panel.

Have you spoken to your ISPs about this issue?

Pay for a business connection?

[way2trivial]

they only (so far as I know) block ports on residential accounts
you don't mention it, I suspect you are using a residential class account.

I have a comcast business account.. 2 actually.
pay for an account where the TOS allow servers... they won't block the port

before I had a 2nd commercial account, (at my home)
my biggest gripe was connections from my home to work
  took too many hops to go 8 miles in very different ip ranges...

see if comcastbusiness.net is on the block lists you fear..

Re:

[slashdotard]

Comcast & Verizon have been known to routinely treat business customers as residential customers. ,

Your ISPs 'smart host'

[W3bbo]

Usually when ISPs block port 25 (ostensibly because of all the botnets sending spam, a wise precaution that I advocate) they will provide a mail relay for their customers to connect to. They might not advertise it as that, but if your ISP (still?) provides a POP3 mail service, then they're going to give you an SMTP one too. Failing that, why not put a relay on any server you have in a datacenter or colocated? Configure it so only your computers can relay though it and it'll be fine.

Re:

[shentino]

What if they block port 25 as an incentive for you to pay for SMTP access?

Anyone with a resource under their absolute control will be tempted to restrict access to it for economic reasons.

more like casualty of war

[trybywrench]

this seems more like a casualty of war with spammers.

Re:

[fuzzyfuzzyfungus]

I suspect that it is a mixture of "collateral damage in the war on spammers" and "convenient mechanism for price discrimination".

Back in the day, the ISPs could use the simple "dialup=cheap gits(unless they inquire about worldwide availability of dial-in numbers, in which case Soak 'em), T1=Soak 'em" heuristic to more or less distinguish between business and home users.

Now that a T1 is pitifully slow by consumer broadband standards(and, depending on location and providers, not much more reliable than

This is a big deal for me. :-(

[Omnifarious]

I've run my own mailserver for over a decade. It's IP has changed every few years if I switch ISPs, but otherwise it remains stable. I have a static IP on a DSL line and have reverse mappings set up. I have SPF records. I've registered with a whitelist. I've done everything I can. And still nobody who uses hotmail gets email from me. And I have increasing difficulty getting email to anybody else.

And I do not believe a single spam message has ever made it out from my network. I even block outgoing port 25 for the network segment my roommates use (when I have roommates) unless I'm administrating their computers.

This whole trend is really upsetting to me, and totally broken. I never have a problem sending email to someone with a gmail.com address, and they have the best spam filtering of any email provider I've ever used. The shortcut of blocking any DSL IP is clearly unnecessary if Google can do such a good job without it.

Re:

[anom]

I remember once upon a time when I was first setting up my mail server I experienced this exact problem. As I recall, there was some kind of hotmail-ish website I went to that helped me get its IP allowed by their system.

Here are some great resources on sending email to hotmail:

http://mail.live.com/mail/troubleshooting.aspx [live.com] (generic troubleshooting page for sending to hotmail)

https://postmaster.live.com/snds/ [live.com] (Signing up here lets you see what hotmail thinks of a specific IP, assuming you control RDNS

Re:This is a big deal for me. :-(

[bcrowell]

I've had similar problems.

The clueful email service providers are yahoo and gmail. They both support dkim and sign all their outbound mail with dkim. They both have mechanisms for reporting dkim-signed spam from their users ( http://mail.google.com/support/bin/request.py?hl=en&contact_type=abuse [google.com] and http://help.yahoo.com/l/us/yahoo/mail/classic/spam.html [yahoo.com] ). If you dkim-sign your own outgoing email, you can go through a process with yahoo http://help.yahoo.com/l/us/yahoo/mail/postmaster/forms_index.html [yahoo.com] to tell them that, and if the info you provide satisfies them, your mails are less likely to end up in users' spam boxes.

The one that doesn't work for me is AOL. Any email I send to their users goes straight to the bitbucket. I have never been able to find any mechanism for convincing them that I'm not a spammer. I'm sending mail from a dedicated server with a permanent IP address, SPF, DKIM, and reverse DNS all set up properly.

This whole trend is really upsetting to me, and totally broken. I never have a problem sending email to someone with a gmail.com address, and they have the best spam filtering of any email provider I've ever used. The shortcut of blocking any DSL IP is clearly unnecessary if Google can do such a good job without it.

It baffles me that some large email providers like hotmail and AOL don't implement DKIM. The added CPU load is negligible on a modern machine. I'm not saying that DKIM is a cure-all, but it works much better than these silly, ad hoc measures like blocking all vanity domains. If someone with a yahoo account sends spam to someone's gmail account, the user can report it to yahoo, yahoo can verify the dkim signature so they know it really came from that account, and they can deactivate the account. If someone sends spam to a gmail account, and they claim to be a yahoo user but they aren't, google can detect that it isn't properly signed and trash the mail.

Re:

[geohump]

.

It baffles me that some large email providers like hotmail and AOL don't implement DKIM. The added CPU load is negligible on a modern machine.

If it's "negligible", why don't you pay for them to implement it? Do you really think your small business solution that adequately handles hundreds of messages a day on a single machine will scale to millions of messages a day on a server farm?

You mean like Google groups and Yahoo who both use it? I think Google understands scaling pretty well. I suspect they aren't having any issues with the compute load of DKIM, to the tune of billions of emails.

Carma Whoring

[I)_MaLaClYpSe_(I]

That's how this looks in a telnet port 25 session from a DSL line:

telnet mx2.hotmail.com 25

220 bay0-mc3-f21.Bay0.hotmail.com Sending unsolicited commercial or bulk e-mail
to Microsoft's computer network is prohibited. Other restrictions are found at h
ttp://privacy.msn.com/Anti-spam/. Violations will result in use of equipment loc
ated in California and other states. Mon, 21 Feb 2011 17:47:40 -0800
EHLO mine.home.net
250-bay0-mc3-f21.Bay0.hotmail.com (3.12.0.56) Hello [xxx.xxx.xxx.xxx]
250-SIZE 36909875
250-PIPELI

Re:

[Omnifarious]

I actually do check blocklists periodically because I use them myself and understand the danger. I don't think I've ever found myself listed in any of them.

That's another thing, my email is always just eaten. I always make sure that either delivery is refused when the email is being sent (in the case of a blocklist) or that it's delivered. I do not reject mail after I've accepted it for delivery to avoid being a source of backscatter spam. But I do use RBLs and other cheap-to-execute tools to reject mail be

Residential or business service?

[peacefinder]

I had a customer (a small town government) recently have port 25 outbound blocked by Comcast. After going around with Comcast for a bit, it turned out that they were subscribed to a residential-class service, which has port 25 outbound blocked by an implacable policy. The only way to get the port unblocked in this case would have been to move them to a business-class service with a static IP. (Fortunately the block wasn't a big deal for them, we were just using it for automated status reporting rather than running an inhouse mailserver.)

Just call them.

[TheDarkener]

I have Comcast business class, but I used to have Comcast at my home and both setups just required a call to customer service to ask to unblock port 25 because you're hosting your mailserver there. They're usually pretty helpful about doing what you need done - I even had them put in a reverse DNS (ptr) record for my mailserver's IP addy because some mailservers do reverse lookups to see if the IP points to a/the hostname (try "nslookup -> set q=ptr -> ip.add.re.ss" to check it) for spam control.

get a real Internet connection...

[pak9rabid]

Sounds like your company is extremely cheap & stupid for not just getting a real Internet connection. I don't blame companies for straight-up blocking any mail traffic originating from blocks of cable modem IPs...it's generally a source of illegitimate spam. Tell your boss to put down the money for a T1 to use for email. Route all other traffic through your cable connection.

Re:

[pak9rabid]

That works too...hell, if they're really that cheap, they could just use their ISP's SMTP server (aka, Smart Host), and rely all outgoing mail through there.

Re:

[NormalVisual]

Depending on what he needs, even $40 may be way too much to spend - decent VPS packages from reputable providers can be had for $15/month, depending on how much RAM/disk space is needed. In any event, the VPS will likely have a symmetric 100 megabit connection to the outside world, and live in a real data center where it's likely to have much better uptime than something hanging off a cable or DSL line. Plus, additional IPs are usually available for little to no cost as needed with justification, and ther

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Attila Dimedici]

Both Comcast and Verizon are inappropriate for small businesses yet continue to grow in popularity due to their heavy marketing and low cost. Contact your local bell, ...

Verizon would be his local bell.

Re:

[houstonbofh]

As someone who has both a 5 mig fiber to Qwest, and a Comcast business class, I disagree. While you are correct that there is no SLA, as long as it is not "full" it performs well, and give much more bang for the buck. But once the connection starts to saturate, performance goes down fast. Horses for courses.

Re:

[Lehk228]

Verizon is one of the baby bells (bell atlantic)

Use smarthost mode

[hidden]

Most mail server software is capable of routing the outbound mail through the isp's mail server in such a way that it gets listed as the origin. You get to keep running your mail server, but the spam labelling and port blocking issues all go away.

The only time this is an issue is if the isp's mail servers do some kind of filtering or mangling, but most of the ones I've dealt with don't

Re:

[sirsnork]

This!

If he can't be bothered to call his ISP and ask them to unblock it, and really does have a Business account that allows server, then this is the solution. It's really quite simple to do on every mail server I've ever tried it on.

If you use SPF you may want to update the records for it to list your ISP's outbound IP addresses, but I'm guessing if there is outbound port 25 blocking issues going on and that required an Ask Slashdot then SPF isn't something in use :)

Cable modem mail server? No

[19thNervousBreakdown]

Rent a dedicated server, or get your own co-location space. I have one that I pay $70 a month for with 1and1 [1and1.com]. I use 'em because I was able to install my own OS image on there, and they're generous with the bandwidth, although I'm not sure I'd run a company's e-mail server through them--the network connection can be flaky. About a year ago they went down after 5pm for an hour or so for a week or two due to a DDoS, then the last week they have been not accepting new connections (existing connections work fine

Business Cable blocking Port 25?

[EMR]

My dad's server is on Business Cable and Port 25 is not blocked and we have had no issues running our mail server on that connection.. Now one thing that we did do to aid in preventing us from being blocked is requesting our 5 IPs setup with reverse DNS entries to our domains instead of the Generic "ISP looking" ones that comcast assigns by default. You should contact Comcast and Verizon to set that up.

Also, make sure when you are testing if port 25 is "open" that you aren't yourself on an ISP that blocks 25 outbound. And make sure you setup port 587 (SMTP submission.. Authenticated SMTP) so that users can send mail from any ISP.

Yes, but the problem is spam filters

[proxima]

Even if you have a non-cable modem IP, it can be difficult to send (opt-in) business email from a small mail server. The reason is that spam filters at major email providers like Yahoo are turning to whitelisting [yahoo.com], and you have to contact each major provider to avoid getting your email sent straight to the spam filter.

Since the implementations of spam filters at the server level seem to vary quite a bit, I tend to avoid sending particularly important single emails through my own small email server for fear they just end up in the spam folder of the recipient.

That said, in general I wouldn't trust a business-class cable modem connection to host an email server for business purposes. Virtualized servers are commonplace now and quite affordable (I pay $15/mo for mostly personal use). Set up the backup on your own connection.

Relay thru smtp.comcast.com

[WaffleMonster]

Most likely your system is misconfigured and sending misdelivery reports rather than rejecting the smtp request in realtime or worse (open relay)

Comcast and Verizon are reacting by shutting you down...you have to beg to get it restored from what I understand...

There is no good solution for most of us other than to just relay thru comcasts SMTP server.

Comcasts user networks are in the subscriber block lists of many RBLs however typically business class accounts are exempted from these lists.

For outgo

Small CoLo's aren't safe either

[Bigbutt]

I host my personal server with a Mosaic forum (Mosaic and Stained Glass.org) out of a CoLo in Florida. It's not the cheapest solution but I do get 100% access to the server to do what I want and a reasonable time on reboots when necessary.

Still, Microsoft will randomly block my mail for a month at a time with no recourse. I've attempted to contact them but they send me to a troubleshooting page which tells me I'm configured correctly but they still won't accept email. This wouldn't be too bad of a problem except that other ISPs use them to manage their e-mail. So I can't get any e-mail to Shaw.ca or AT&T in Canada. They don't even have a whitelist option for their users.

And there are a few smaller ISPs in the US that use anti spam blocking sites that don't have any way to let them know that I'm not spamming.

Most others though have contact information in their bounce and I've used it to check the various sites in the block list, then forward the results to the postmaster at the offended site. Then I get it opened up for the folks on the forum.

Heck, one ISP replied that I needed to get in touch with them and their Postmaster account won't accept further e-mail. I had to send them a note from my Yahoo account. Then they said it was a problem with my ISP and they should fix it. My ISP had no idea what they could do to fix it.

Even the company I work at, who uses MX-Logic can't receive e-mails from me because I'm not able to convince MX-Logic I'm not a spammer.

On the plus side, if I did want to spam Microsoft, they have a program where if I pay them, they'll open their servers up so I can send e-mail to their clients.

I'm not doing any real business on the server. I have my consulting website there but traffic is pretty much non-existent. The biggest impact is when the forum folk try to send the other folks e-mails (the PM notifications). I have a note in the Site Agreement to let folks know on shaw.ca, frontier, and the others that they might want to use a Yahoo e-mail to manage their forum account.

[John]

CableOne's been that way for years

[RogueWarrior65]

CableOne has blocked outgoing mail for years. It's annoying to have to reconfigure your mail program every time you travel somewhere. And it hasn't stopped the flow of prescription drug e-mails and Nigerian-ish scam e-mails. Hell, if all of those e-mail from barristers in foreign countries telling me a long lost relative left me several million dollars were real, I could by that 30,000 acre ranch in western Wyoming...and a helicopter. And why is it always a seven-figure inheritance? Wouldn't more stupid people believe $20,000?

VPS

[dlevitan]

Get a VPS. You can get one for $20/month and set up a full e-mail server on it. You'll get better hardware and better connectivity than your own server. Your IP will be seen as coming from a data center, not a cable modem pool of addresses. You can also host your own website, and leave the server you have at your office for internal things only. For mail access, just set up IMAP and SMTP with TLS, with the latter on port 587 (known as the submission port) which is generally not blocked like 25 is.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Mod parent up

[pavon]

Assuming the domain in question is softegg.com, then reverse DNS is indeed not setup correctly, and it is no surprise that his email is getting blocked.

Re:

[account_deleted]

Comment removed based on user account deletion

A few things to try

[chrisgeleven]

1) Get a static IP address for your mail server if you don't already have one. Many mail servers use DNSBL blacklists that distrust anyone with a Dynamic IP address.
2) Get your ISP to configure Reverse DNS for your mail server's IP address. Many mail servers reject mail because Reverse DNS isn't configured properly.
3) Make sure your server is set to not run as an open relay.
4) Have a proper abuse@ and postmaster@ e-mail addresses so e-mail providers who claim to have spam complaints against your domain can actually send them to you.
5) Setup an SPF record (openspf.org has a great wizard for this) for your domain. SPF records basically specify which mail servers are allowed to send mail from your domain. This will help cut down on spammers spoofing e-mail addresses at your domain and increases the odds of legit e-mail not being marked as spam.

Not all of these will guarentee delivery of any e-mail, but they can certainly improve the odds.

Forward 25 port to SSL one

[paziek]

Forward 25 port to SSL one - thats how we do it at company where I work. 25 port is blocked cause of spam.

ISP Link

[Imagix]

First question... do you have a residential or a business link? That usually changes the network preferences. As I recall most residential agreements prohibit running servers on the network to begin with.

A couple of options

[a9db0]

1) Talk to your ISP and get the block removed.
2) Change registrars / DNS providers to EasyDNS. They do mail forwarding for customers. Don't bother if you send spam - they'll quickly shut you down.
3) Set up a VPS somewhere - Linode's are great. They all come with dedicated IP addresses.
4) Farm it out - let Google handle it for you.

Am I missing something?

[nblender]

I've run my own mail server since the .UUCP domain and comp.mail.maps. For a very long time now, we have not been accepting MUA->MTA mail on port 25. We have been using port 587 for MUA->MTA. MTA->MTA is port 25 and has been for a very long time. However, you don't try to connect to anyone else's port 25 from your cable or DSL modem unless you have setup some sort of non-home internet access and signed an AUP... Even then, chances are your cableco or telco will insist you relay through their mai

Purchas a VPS

[gladbach]

They are cheap, allow you full control over your RDNS, and will solve your problems.

War against small email servers?

[Chuck Chunder]

Unless you have people breaking down your doors, shooting anyone who gets in their way and lobbing a grenade into your server room then no, there isn't a "war" against small email servers.

VPN+VPS

[toby]

Works for me.

Reading between the lines, again...

[Anachragnome]

Here I am, reading between the lines, again.

The laws that apply to government having access to ISPs, to access email records, are very different then the laws that apply to your own server. It is MUCH harder to get emails, legally, from you directly (or, more specifically, your server), primarily because you probably wouldn't just hand them over like ISPs do. Secondary is the fact that they often don't want us to KNOW we are being scrutinized and a subpoena pretty much blows that particular fish out of the

So talk to them.

[MrL0G1C]

My ISP blocks port 25 and I'm glad they do because it stops botted machines from setting up spam servers. The point is that if I want port 25 opened, all I have to do is ask - Have you asked Verizon and Comcast to open the port?

Get with a small ISP

[cptdondo]

I use a small local ISP. When my server got blocked because it was in a block of IPs normally assigned as dynamic, I called them, explained the situation, and they assigned me a fixed IP from another block.

Sure, I could save $20/month by using comcast, but I talk to a real engineer who sits at a desk 60 miles from me. What's more they actually understand what I'm talking about. When one of their routers took a dump, and I traced my failure to it, they took my traceroutes seriously and dispatched a crew.

Y

Re:

[pipatron]

Uhm. It would also require that they contact every other company they are doing business with and ask them to change their mail server port, right?

Re:

[drhlx]

Actually it would require a rewriting of the SMTP protocol :P However, the standard solution is to use port forwarding on an external unencumbered host accepting inbound port 25 and forwarding to your unblocked port (e.g. 1025). You can use a smarthost to similarly forward external email via another 'unblocked' host. This generally gets you closer to the benefits of a "local" mail server vs simply hosting your mail server external to your network.

Re:

[Manip]

I read the summary. Don't believe him. He is using a consumer connection. I've never heard of an ISP blocking ports on a business connection since the entire point of the damn connection is to get servers on to the internet and to allow VPN passthrough. If they blocked ports required for e-mail they might have well discontinue offering business accounts at all.

Most business connections also come with fixed IPs for exactly that purpose, and those aren't ever blocked by spam lists, since again the entire

Re:

[Sarten-X]

I once worked at a company whose ISP blocked all incoming connections, period. That was on a mid-level business connection (which at the time was DSL, at something under 1 MB/s), on the only ISP in town. Getting a port unblocked required a few hours on the phone, trying to explain to the support monkeys that yes, we really did need to run our own server, it really was allowed in the contract, and our connection really was already fast enough for what we needed.

That was in the mid 90's, before every company

Re:ITs the end of the small business mail server

[Sarten-X]

Outsourcing is often not feasible. As an example off the top of my head, any American company working with medical data needs to be certain that personal medical data does not leave their control, or they get hit with huge penalties from HIPAA and HITECH. That eliminates a lot of outsourcing options, and especially anything cloud-related, because one mistaken message, even from someone outside the company, can have devastating effects.

This is just plain wrong

[sgent]

As long as you have a business associate agreement there is no problem outsourcing medical information. Hospitals and clinics routinely outsource everything up to and in including electronic medical record systems.

Re:

[SnoopJeDi]

Outsourcing it is cheap because it needs to compete with these roll-your-own systems. If small mail were totally blacklisted, I wouldn't be surprised to find mail services prices bump a bit. Afterall, they'd be the only people with an ISP allowing port 25...

Re:

[houstonbofh]

Assuming that you trust the outsource company. It is only as secure as the monkeys running it. Go ahead and get gmail for business if you want. I will host and control my own server, thank you.

Re:

[Sarten-X]

For only $9.99 per month, per port!

Re:

[houstonbofh]

Just use google business apps for your mail. Hosting it yourself is a huge headache.

Hell... Just post your e-mail to Usenet. That way it is backed up everywhere and you will never delete it by mistake.

Re:

[houstonbofh]

Who do you trust more, your own skills or someone else's? For arthroscopic surgery, I will outsource. For mail services, I KNOW that I know more than the idiots I have spoken with at several "Hosting providers." You may be different.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[houstonbofh]

And how do you think gmail communicates with yahoo?