Cisco ASA / Comcast SMTP problem workaround

lorell at hathcock.org lorell at hathcock.org
Sun Jan 18 19:06:40 CST 2009


The Control Panel is H-Sphere.


Quoting Suresh Ramasubramanian <ops.lists at gmail.com>:

> On Mon, Jan 19, 2009 at 6:07 AM,  <lorell at hathcock.org> wrote:
>> I have the problem when working out of my house that Comcast will lock down
>> outbound SMTP on the regular ports.  This may be due to the kids' computer
>> getting infected with a virus from time to time.  That is its own problem
>> and I want to deal with it on its own.
>>
>> The problem I want to discuss is a workaround to Comcast blocking outbound
>> SMTP.
>
> That's what port 587 is for and comcast hasnt been locking that down, eh?
>
> Have your server listen on the smtp submission port (587) as well - if
> you want you can use 465/smtp+ssl but that's deprecated to a large
> extent (though yes, I had to switch it on after I figured out my
> phone's push email service seven.com only supports smtps currently)
>
>>   1. I don't want to change the email server configurations because it is
>> run by a control panel software and if I take it out of spec, the next
>> update could wipe out my custom config.
>
> If that's cpanel there are ways to do it in the config + save it. An
> update wont wipe it out if you use the cpanel management console
> rather than edit files using vi.  In fact, chances are, your cpanel
> box ALREADY listens on 587.
>
> For more details - and these are best practices from MAAWG, which is
> sort of like a nanog for mailops and antispam - very operational and
> relevant content there.  http://www.maawg.org/port25
>
> Oh, and RFC2476 (about port 587) and 2554 have been around for ages now.
>
> --srs
>






More information about the NANOG mailing list