Rob Stampfli wrote:
> In article <firstname.lastname@example.org>, William Warren
> <email@example.com> wrote:
>> Comcast has been blocking port 80 (HTTP) for a while now, and they've
>> recently started blocking port 25 (SMTP) as well. IMNSHO, it's only a
>> matter of time before they start blocking all syn packets and charging
>> extra for ANY incoming connection, but for now you can do it with some
> With cable's relatively limited upload speed, I can readily understand
> blocking inbound port 80, where the traffic distribution is highly
> skewed towards outbound packets. But why inbound port 25? It can't
> be to prevent spam from infected PCs since they don't use it. Inbound
> port 25 can only be used to receive mail and one could argue that
> whether you receive your mail via SMTP (port 25), or POP or IMAP or
> otherwise, the bits have to eventually flow in one way or another.
> So, why block port 25? The only answer I can come up with is "just
> for spite".
I suspect it's *outbound* port 25 that is blocked, to prevent zombie
machines and active spammers from using their own SMTP servers to send
email directly to their victims' ISPs' MTAs. Many ISPs block outbound
port 25, requiring most users to go through the ISP's SMTP server to
send email, which can have limits imposed in an effort to deter spam.
It could also be a block of inbound port 25, to prevent zombie
machines from acting as open relay SMTP servers, but if outbound port
25 is blocked, those zombies couldn't send the mail that is sent to
them for relaying, so there is no need to block inbound port 25.
> For that matter, the whole concept of "no servers" has always seemed
> flawed to me: Technically, sshd and telnetd are servers. Does Comcast
> really desire to have a policy of preventing one from contacting a
> home machine when they are travelling?
I suspect the "no servers" rule is like the rule against going 56 in a
55 zone, the rule against loitering, or the rule against parking too
close to or too far from the curb -- it allows selective prosecution,
so to speak. It gives the ISP an excuse to terminate a spammer or
zombie owner without having to prove much of anything, because it
could make the same finding against anyone.
Michael D. Sullivan
Bethesda, MD (USA)
(Replace "example.invalid" with "com" in my address.)