North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Port 587 vs. 25 [was: DNS Hijacking by Cox]

  • From: Patrick W. Gilmore
  • Date: Mon Jul 23 04:08:10 2007

On Jul 23, 2007, at 2:18 AM, Florian Weimer wrote:
* Sean Donelan:
On Sun, 22 Jul 2007, William Allen Simpson wrote:
Comcast still blocks port 25. And last week, a locally well- known person
was blocked from sending outgoing port 25 email to their servers from her
home Comcast service.

MSA port 587 is only 9 years old. I guess it takes some people longer
than others to update their practices.

You missed the "to their servers" part (I don't think it's singular "they" 8-). At the intra-ISP level, submission vs. SMTP does not really matter because it's all local policy. If they block her on 25/TCP on their own servers, they can easily block her on 587/TCP, too.

They can, but they do not. AFAIK, not a single ISP redirects port 587 to their own servers.

Which is a good thing, since port 587 is usually backed by authentication. Which means you know who sent the mail (or at least which password was stolen to do so). And that is all people are looking for at this level - some way to tell who sent the mail so it can be stopped.

IOW: ISPs have no real reason to stop port 587, they do have a reason (whether you agree it is sufficient or not) to filter port 25.