Thursday, June 17, 2010

SMTP Filtering on ISPs

I've fielded a number of questions about this over the past couple of weeks, so I thought it would be worth writing about. While I generally prefer to write about policy issues these days, I'm not above a good nerd piece.

If you experienced an abrupt disruption in your ability to send email from home, it's likely that you're the victim of SMTP filtering by your home ISP. Verizon, Comcast, and other ISPs implement SMTP filtering to stop spammers from taking over computers on their networks and using them to send SPAM. If you find that you can no longer send mail from home because of this, there are a couple of solutions.

1) Use an alternate port, if your server supports it -- the default port for SMTP (sending mail) is 25. ISPs block messages by filtering out any traffic bound for port 25. Many mail servers also support ports 587 and 465 for sending mail. Try going into your SMTP settings and changing your port to 587; see if that fixes it. If not, try 465.

2) Use your ISP's SMTP server. Most ISPs will provide you with an email account (which you may or may not use), which is useful in bypassing this issue, as ISPs will not filter their own servers. Properly configured, you'll be able to send mail using their servers and have your mail appear to come from your usual email address.

Also see my previous post on port 587 -- the most popular post on the site, according to Google Analytics.

Hope this helps!



Mad Irish said...

The problem with using your ISP to forward your mail (in and or out) is that they then have access to read your mail (unless you're using encryption). I'm not using a mail server at home any more because my ISP filters all the outbound traffic destined for other mail servers (over port 25). Inbound mail faces the same issue. So you have to utilize an external provider for your mail. Although you can forward your outbound mail to a high numbered port to get around the filtering, you can't receive mail on a high numbered port reliably. This means you have to use some sort of a mail relay, either your ISP, a cloud provider like Google, or someone else. This means that external entities are storing and forwarding your e-mail, and potentially reading it. It also means that subpoenas for your e-mail are easier to get (in some cases I've heard that POP mail left on a server for over 90 days is considered abandoned and is much easier for law enforcement to seize). All in all filtering port 25 means that the consumer loses privacy because they then have to work with a third party to ensure mail delivery. Many of these providers (such as Google) explicitly index the contents of the e-mail. Others may simply present a threat because they could turn over e-mail to authorities without notifying the account holder. Although there are technical work arounds for port 25 filtering there are definitely no privacy work arounds.

Chris Mustazza said...

Thanks, as always, for the insightful comment! Everything you note here is correct. A couple of points:

1) I think that mail providers running encrypted SMTP on alternate ports - 587 or 465- is a good temporary, technical strategy strategy. I think you're right about incoming mail using TLS (which would use the standard IMAP port, but I think that if a provider runs SSL, it will allow for another port [993?]). If incoming mail were filtered, this could be a tech solution.

Have you actually heard of ISPs filtering IMAP/incoming mail? That is super scary.

2) I think the rule is 180 days, and it goes for IMAP, too. At that point, mail stored on a server becomes stored data rather than correspondence, which does make it easier to obtain.

Anyway, thanks again -- that is a good caveat that I should have mentioned!