Please Don't Tell Me You Don't Block Port 25 When You Actually Do
Geek-speak ahead -- read on, if interested.
I've been going back and forth with a local ISP about whether they block TCP port 25 (the outgoing mail/SMTP port for non-geeks out there). They kept saying they didn't, I kept saying that they did as I couldn't route anything on any SMTP server (including the ISPs) outside this building to port 25. But instead of arguing, I just routed them through a different SMTP server instead of the ISPs that ran on a different port. That put a band-aid on the problem, but I still wanted to find a long term solution.
One of the desktops in the office I was working in completely died on me, taking the hard drive with it. So after I reimaged to a new hard drive to get the windows/office configuration back on there, I tried to resetup his e-mail account. For reasons I still don't understand, the provider of the domain that this person uses does not give them SMTP access, so I have to use some other SMTP server. I tried, for giggles, to try to use the ISPs SMTP server, still no dice. Any server running on port 25, no dice. Gmail servers on port 465, worked fine.
I finally got fed up, called the ISP again, they again said that they didn't filter port 25, and I -- again -- said that something is getting filtered on their end as I've tried it with three different firewalls and routers in place, and still had no luck. Tried connected directly to the cable modem, couldn't telnet to port 25 or send email at all. He put me on the phone with his guy at their uplink provider, and he opens up a packet sniffer, and can't get any SMTP traffic out of my office -- gets lots of HTTP traffic, some POP traffic, but no SMTP traffic. So the guy checked a few more things, and finally, after beating him up and basically saying that it's nothing on my end about 300 times, he finally found the problem: A long while ago, somebody using this modem (before I had my Smoothwall in place) sent out a crap load of spam e-mail, probably because of a virus infection or something. So the modem itself had a port 25 block on it, put on by the upstream provider. He said they rarely have to block that sort of thing, so it must've been something serious. The only thing I can think of happening (if it did indeed happen on my watch) was that the port 25 block on the public wireless access got turned off or it was done before I put the firewall in place.
Needless to say, it was nice to have the ISP put their foot in their mouth, so to speak. I was just happy to have on less problem to deal with. And it always feels good to be right and not feel like you're going nuts.