AT&T DSL blocks port 465?

[Mercutio]

I can't see any other reason for this, but at a customer site today I found that connections to Google's SMTP servers on port 465 were being denied over AT&T DSL.

I could tether my and run the same mail configuration and everything worked just fine, but not through AT&T.

I can't see any reason for this, and AT&T has snarfed up so many telcos that neither myself nor my customer are fully sure what settings would be appropriate for his AT&T "approved" Email service.

In short, this is unbelievably lame.

 

[ddrueding]

Google's SMTP used to support another, non-standard port for such occasions.

 

[ddrueding]

Still do:

[SIZE=-1]Outgoing Mail (SMTP) Server - requires TLS:[/SIZE] [FONT=Courier New, Courier, mono][SIZE=-1]smtp.gmail.com[/SIZE][/FONT][SIZE=-1] (use authentication)
Use Authentication: Yes
Use STARTTLS: Yes (some clients call this SSL)
Port: 465 or 587 [/SIZE]

 

[MaxBurn]

I know my DSL blocks 80, 8080 and 443 so I wouldn't consider it far fetched at all. They don't block 3389 or 3784 thankfully.

 

[Mercutio]

They block 578 also. I tried that before I did anything else.

How completely bogus.

 

[P5-133XL]

I know my DSL blocks 80, 8080 and 443 so I wouldn't consider it far fetched at all. They don't block 3389 or 3784 thankfully.

I don't understand. If they block outgoing 80, 8080, and 443 they are blocking the web. Are you saying that if you belong to your DSL carrier that you have no access to the web? or that they are only blocking incoming so you have to ability to run a web server?

It is normal for most carriers to prevent people from hosting servers unless you have a "Business" account.

Merc is complaining because AT&T is blocking the ability to use someone else's Email server not that he is being blocked from hosting an email server. I think there is a difference here.

 

[P5-133XL]

I can't see any other reason for this, but at a customer site today I found that connections to Google's SMTP servers on port 465 were being denied over AT&T DSL.

I could tether my and run the same mail configuration and everything worked just fine, but not through AT&T.

I can't see any reason for this, and AT&T has snarfed up so many telcos that neither myself nor my customer are fully sure what settings would be appropriate for his AT&T "approved" Email service.

In short, this is unbelievably lame.

Web mail as a solution?

 

[Mercutio]

Web mail as a solution?

The whole thing is, the guy has a couple web-based apps that make extensive use of Mailto: links to automate customer management. He's got an @sbcglobal.net webmail address now that he can check through Yahoo (seemingly without POP3 access) but that doesn't let him use Mailto: and it doesn't look very professional. I spent the $10 to get him a domain name and set him up with Google Apps, but it looks like AT&T's policy is to not allow its customers to use non-AT&T mail servers, and to not allow email with a From: line other than AT&T hosted domains, given the variety of different error codes and timeouts I've gotten.

 

[P5-133XL]

My guess is that AT&T had problems with customers sourcing spam from within their network and decided to put a stop to it.

 

[Tannin]

That's just crazy.

 

[MaxBurn]

I don't understand. If they block outgoing 80, 8080, and 443 they are blocking the web. Are you saying that if you belong to your DSL carrier that you have no access to the web? or that they are only blocking incoming so you have to ability to run a web server?

It is normal for most carriers to prevent people from hosting servers unless you have a "Business" account.

Merc is complaining because AT&T is blocking the ability to use someone else's Email server not that he is being blocked from hosting an email server. I think there is a difference here.

Yes I see what you mean, they are blocking my outgoing stuff.

 

[P5-133XL]

Yes I see what you mean, they are blocking my outgoing stuff.

Are you sure you are not accidentally blocking the ports yourself? I have noticed occasional very weird firewall activity from people with Zone Alarm or other outgoing firewalls where the customers (or their children) have answered no to an application wanting to access the internet after the firewall did a popup box asking for permission. Some of the more clueless have said no to things like internet explorer ...

When things like that happen, I've found it is much easier to uninstall all their firewalls and reinstall from scratch than to decipher and reconfigure their firewalls. Then do a re-education of the customer and their family.

 

[P5-133XL]

Of course if it really your DSL carrier, I would immediately change ISP's for you are not getting any benefit from the internet: Why pay for something you can't use.

 

[MaxBurn]

Are you sure you are not accidentally blocking the ports yourself? .

Well I have a 3Com firewall that I have used here for years and have successfully configured it for lots of things. I don't use the windows stuff or zone alarm etc. As far as the web server 80 goes that's really the only one that irked me but I fully understand why, so I just configure apache and the firewall to port 85 and that works fine. BTW they also block FTP serving so I stuck that up on some really high number.

 

[sechs]

They block 578 also. I tried that before I did anything else.

I have no problems using Gmail with AT&T DSL.

My key Eudora settings:
incoming server: pop.gmail.com
secure sockets: required, alternate port (reports using TLSv1 on port 995)
outgoing server: smtp.gmail.com
authentication allowed
use submission port (587)
secure sockets: if available (same as above)

I'd suggest that the problem is likely somewhere between the chair and the DSL modem.

 

[Mercutio]

I have no problems using Gmail with AT&T DSL.

I'd suggest that the problem is likely somewhere between the chair and the DSL modem.

Not working, even wired directly to the modem without involving his router.

 

[sechs]

Did you plug it right into the chair?

 

[Mercutio]

I ended up creating an on-demand VPN to a host a less retarded ISP to send out E-mail. At different times, AT&T told me that the only mail servers they authorize their clients to use are the official AT&T ones (smtp.att.yahoo.com), that I cannot run my own mail server (I wasn't trying to), and that there is no network-wide policy of blocking ports (which there is, at least on the local segment, or my clients would be able to connect to gmail normally).

 

[sechs]

Once again, sounds like a case of user error....

 

[Mercutio]

Tell you what: I'll give you RDP access to a client machine there and if you can make an SMTP connection using any combination of settings or encryption with any mail server other than smtp.yahoo.att.com from that client without resorting to stunnel or a VPN, I'll give you a nice, shiny quarter.

 

[sechs]

Why don't you actually fix your client's problem, rather than work around it, and keep the shiny quarter.

You can use it to pay for parking.

 

[Howell]

I'll put up $50USD to go with Merc's quarter.

 

[Mercutio]

Well sechs, what would you suggest I do?

 

[MaxBurn]

I think he is implying you should be complaining to AT&T to fix the block. I assume you have considered putting a couple letters out to whatever authority you can find at AT&T locally? I would threaten to dump them and go with that other ISP you mentioned, then when nothing happens recommend to the client to follow through with that other service. Maybe consumerist.com would be interested in this exchange?

Also client knows whats going on right? Not your inability to configure it, you are being blocked?

 

[Mercutio]

My client has a configuration that works (through a demand-dial VPN), which is all he cares about.
I've talked to AT&T several times now and gotten a different and contradictory reply each time as to the existence and nature of the blocked ports.

I suspect it's a local issue only, but I'm not going to spend non-billable hours chasing a solution since they've given me nothing but a runaround already.

 

[Fushigi]

AT&T would be wise to stop blocking the port. There's a decent chance net neutrality will be passed. http://www.openinternet.gov/



But then I've never claimed AT&T to be wise.