Is there a good technical reason that port 25 (SMTP) is blocked? It doesn't require a "fixed" IP address; I use DYNDNS to accommodate address changes, unless they occur hourly. Surely business customers would want port 25.
Running your own mail server is so not practical not secure at all and makes mail delivery extremely unreliable.
If ISP's are going to get together and just make it difficult for people to send mail (using dynamic IP), they should universally Layer 7 block outgoing plain text, non-authenticated SMTP transactions over any port. Otherwise its quite useless blocking port 25 by itself, even given the answers in this very post. I think the intent here was lost in the fact people just started circumventing an obviously stupid rule.
I would like to see a minimum of an opt-in scenario, where I can open a ticket and have port 25 unblocked. This at least would serve to put the customer and Sonic themselves on notice we would be sending mail.
Code: Select all
$ dig ewhac.net mx
; <<>> DiG 9.11.3-1ubuntu1.10-Ubuntu <<>> ewhac.net mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10204
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 6
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ewhac.net. IN MX
;; ANSWER SECTION:
ewhac.net. 86400 IN MX 10 ewhac.net.
;; AUTHORITY SECTION:
ewhac.net. 172800 IN NS ns3.pairnic.com.
ewhac.net. 172800 IN NS ns4.pairnic.com.
;; ADDITIONAL SECTION:
ewhac.net. 86400 IN A 18.104.22.168
ns3.pairnic.com. 88904 IN A 22.214.171.124
ns4.pairnic.com. 88904 IN A 126.96.36.199
ns3.pairnic.com. 88904 IN AAAA 2607:f440::d85c:35d
ns4.pairnic.com. 88904 IN AAAA 2607:f441::d892:c0f5
;; Query time: 47 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Fri Nov 08 13:09:25 PST 2019
;; MSG SIZE rcvd: 205
Mr. Jasper, this is a problem. I've had static IP with no port blocking forever. I had it with 100kbit SDSL service through Best.com (long since subsumed by Verio), I had it through Covad (nee Speakeasy), and I've had it through you on Fusion DSL. Now you're telling me that not only can't I have it on fiber, but I also can't run the services I've been running for over 20 years, without incident.