ingress SMTP

Jay R. Ashworth jra at
Wed Sep 3 11:14:00 CDT 2008

On Wed, Sep 03, 2008 at 11:56:51AM -0400, Justin Scott wrote:
> As a small player who operates a mail server used by many local 
> businesses, this becomes a support issue for admins in our position.  We 
> operate an SMTP server of our own that the employees of these various 
> companies use from work and at home.  Everything works great until an 
> ISP decides to block 25 outbound.  Now our customer cannot reach our 
> server, so they call us to complain that they can receive but not send 
> e-mail.  We, being somewhat intelligent, have a support process in place 
> to walk the customer through the SMTP port change from 25 to one of our 
> two alternate ports.
> The problem, however, is that the customer simply cannot understand why 
> their e-mail worked one day and doesn't the next.  In their eyes the 
> system used to work, and now it doesn't, so that must mean that we broke 
> it and that we don't know what we're doing.

I feel your pain, local compadre, but I'm on their side.

Here's your script:

"Allowing unfiltered public access to port 25 is one of the things that
increases everyone's spam load, and your ISP is trying to be a Good
Neighbor in blocking access to anyone's servers but their own; many ISPs
are moving towards this safer configuration. We're a good neighbor, as
well, and support Mail Submission Protocol on port 587, and here's how
you set it up -- and it will work from pretty much anywhere forever."

Which is a safe thing to tell people because it is decidedly *not* best
practice to block 587.

-- jra
Jay R. Ashworth                   Baylink                      jra at
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates                     '87 e24
St Petersburg FL USA             +1 727 647 1274

	     Those who cast the vote decide nothing.
	     Those who count the vote decide everything.
	       -- (Josef Stalin)

More information about the NANOG mailing list