Is this an ethical thing to do...

frederick

frederick

Well-Known Member
Reaction score
154
Location
Phoenix, AZ
I have a client, who is unable to send emails using outlook. She can receive emails, but not send. I tried sending out a few test emails, watching the router logs, and the router opens the port, and data passes through. So I'm thinking... Turns out, the ISP, COX Communications, rejects all inbound and outbound requests and connections through Port 25, unless they are a cox email account, for their residential services.

I contact Cox, do the sit and wait...still on hold...wow, 15 minutes and still nothing. Finally I get a person. Nice person, he says they don't block any ports to his knowledge (level 1 tech). I told him they are, so he goes and checks. Back on hold for about 5 minutes. He comes back, asks if it is a cox email account, I tell him no, it's her work email account. He says hold on. Back on hold for another 5 minutes. He comes back again, "yeah, we block port 25 for all non-cox email account". Well this is great, so I say to him "can you unblock it for her, because she works from home and needs to send emails related to work through this account."

Him - "No. We can not do that."
Me - "Well why not?"

So he goes on about how when port 25 is opened, it just stays open, and all these viruses and trojans and illegal immigrants come through and destroys their (Cox Communications) network.

Me - "What port does your 'cox email accounts' use then? Are they using 465/SSL or 25?"
Him - "Port 25...oh..."

So he transfers me to level 2 technician guy.

Lvl 2 - "See, we create an encrypted connection that closes the port once the email has made it to its destination, using port 25. And routers don't know how to secure the connection, so we do it for them. And routers are crap, and you should buy one from us cause they can close the port..." Summed up, buy a router from us...and we block 25 cause we can...so sit on it

Me - "Well, what are her options then. Cause her employer does not want to configure the exchange server for port 465, or any other port, just for her. They are in Florida, she is not."

Lvl 2 - "There are no other options. She'll have to get a cox email account, which comes with her subscription, and send emails out that way."
Me - "Her companies policy states all business related emails have to go through her business email account. Not Cox."
Lvl 2 - "Hold on, let me transfer you to lvl 3"

At this point, I'm thinking I just talked to the janitor or something. Cause he was about as smart as the screen in front of him.

So the level 3 guy gets on, and here it comes...the actual truth as to why, it's blocked...

From the Lvl 3:
1) The only work around is to purchase a business internet connection.
2) She is currently paying $70/month for a 30/15Mbps residential connection. The cheapest business line they have for her area is $80/month, and is a 5/1Mbps connection.

This raises a problem, because she uses netflix, is kind enough to share her internet with her neighbor who does a lot of business travel (spends about a week every couple of months at home), who also uses netflix. Add in the VoIP line for her business phone, and of course general interweb surfing and basically it all spells disaster running on a 5/1.

3) To continue getting what she is paying for now, she can get a 20/4Mbps connection for $140 or a 50/5Mbps connection for about $300/month. There is a 15/3Mbps option for $100
4) She'll have to cancel her current internet service, and because that would be a breach of contract, it's a $350 penalty fee, and an increase in rates (for TV and Internet). About $30 per service. Factor in $80 for TV + $30, then her home phone which is $21 + the $30 increase, then say she gets el-cheapo internet...remove the bundle discount...its above double what she is paying now...all to be able to send an email...

So my customer is right there next to me, listening in..and before I can even say it...she blurts out "so you block people from being able to work from home, or even being able to do things so you can force us to have to buy a slower internet at an outrageous price?"

His response...might of gotten fired for this comment.."Yes"

He actually said yes to her question. So she asks to speak to a manager..

Lvl 3 - "I'm not allowed to go to my supervisor or manager for any reason concerning customers."
Me - "Why not? Just transfer us."
Lvl 3 - "I can't transfer you either, it's against company policy. If you have a complaint against the company or any of our services, I can give you a web address or a phone number."

My client took both down to voice her complaint. Just to find out both were bogus...the website said the page had moved, but that was it, no redirect or even a new address.

We hung up after getting that information.

This kind of service, in my eyes, is unethical. It prevents people from being able to work from home, unless they spring extra cash from ungodly places to pay for a slower bandwidth. If you want DSL speeds, buy DSL internet. If you want high speed internet, then you buy high speed internet. I have Cox at home, I'm getting a 50Mbps flat out for the same price as her. The business equivalent is... over 3 times as much??? dedicated source or not, that's ridiculous.

If you have any customers, home users, please go to this page to learn more about the blocked ports from Cox Communications. According to my friend who works at Cox as well, because I talked to him after this call, he said the list is actually bigger than this, and encompasses a wide range of things like port throttling. However, they do not block or throttle ports that are specifically used for viruses and trojans.
 
Port 25 blocking made sense when we had major problems with open relays...back in the 90's.

Now, not so much a problem.

Either way, email clients are supposed to use port 587 for mail submission, port 25 is to be used between servers

Level 1 didn't know what he was talking about, level 2 knew enough to sound like he did but he was bullshitting you as well, level 3 wasn't lying to you, they would have placed you in a netblock that doesn't filter port 25 by being a business customers since the business class service allows inbound servers they don't block port 80 or port 25 on there.

It's not really unethtical, there used to be a good reason to block port 25, but since it's near impossible to have an open relay able to send email for more than 15 minutes without being globally blocked it's no longer a problem. Most servers block known dynamic IP ranges also.
 
Last edited:
She can't use outlook at home. Her company does not have a web interface for email, and so remote employees have to use outlook or similar. She says she has to go to Starbucks in order to send emails.

However, their original justification for why port 25 is blocked, is because it damages their (the ISP's) network, and not the consumers. I'm assuming the level 2 was telling the level 1 what to say. And yet, some how, using a cox email account is so much safer over port 25. That made no sense. You are trying to monopolize something that shouldn't. If you provide the email account for "free", cause apparently i can have up to 4 email accounts myself, then why is it you control the interwebs so badly, that you force people to use your email service? If I don't use the 4 email accounts, and use something else, then technically aren't you saving a little money because said server space isn't being consumed by me.

Their second justification is because they want your wallet and all contents of the same.

I think their justification over blocking port 25, in either direction, is unethical, and unnecessary. You are basically saying I can use email, but I have to use your email, and only yours. Alot of companies use Port 25 for SMTP from email client to server. So whats the problem? Open relays as mentioned is not as serious today. And most routers, like mine, will open, say port 25, to send for connection, and once the transfer is complete, it closes. It'll say, "send to 1.1.1.1, shake hands, hand stuff, disconnect. Whose 1.2.1.1? He's not on my list, DENY!!!" I've sat there with my port scanner, watching my router open and close at every request and disconnection, and just working like a champ. My at home router: Netgear WNDR3700, and yeah, I have to reboot it every week (what a POS). I am extremely confident, that most routers these days are better at protecting my network than the ISP is.
 
I'm not a networking guru, and know very little about ports. But what about port 26?

I know from time to time, I have had to change the smtp port to 26 in order to get emails sent.
 
Sure, but the server on the other side needs to be listening to that port.

As stated in the first post, they company doesn't want to configure a new port just so that one employee can send emails.
 
carrcomp said:
Sure, but the server on the other side needs to be listening to that port.

As stated in the first post, they company doesn't want to configure a new port just so that one employee can send emails.
Click to expand...

I realise that Chris, but what are the chances that the server side is already listening to port 26?. Or are they just closing all other ports apart from 25?.

Sorry if these are newb questions.
 
I've come across ISPs that block outgoing port 25 (not including the ISPs email servers), so COX Communications is certainly not unique. It is used to block spammers, and computers taken over by viruses and controlled by spammers.

There are usually other ports you can use for SMTP.
465 # SMTP with SSL
587 # SMTP

Is it ethical?
Your post describes a customer who works from home for a company who expects her to use her own personal internet connection to send company emails and host a VOIP business phone.
That, in my opinion, is unethical.
If working for the business from home requires a business grade internet connection then it is the business's (not the employee's) responsibility to arrange and pay for it.
 
If you or your client have access to a Linux server or VPS, you can work around this via SSH tunnelling. Just tunnel over a port that Cox leaves open, and have the server forward via port 25 to the corporate Exchange server.
 
Eagle21 said:
I've come across ISPs that block outgoing port 25 (not including the ISPs email servers), so COX Communications is certainly not unique. It is used to block spammers, and computers taken over by viruses and controlled by spammers.

There are usually other ports you can use for SMTP.
465 # SMTP with SSL
587 # SMTP

Is it ethical?
Your post describes a customer who works from home for a company who expects her to use her own personal internet connection to send company emails and host a VOIP business phone.
That, in my opinion, is unethical.
If working for the business from home requires a business grade internet connection then it is the business's (not the employee's) responsibility to arrange and pay for it.
Click to expand...

^^^ THIS ^^^

I don't know of an ISP that doesn't block relaying (which is what she's trying to do), including my own.

Rick
 
just ask the mailserver if they have an alternate port setup they usually have an ssl port at the least...many have an alt port of 26 for non ssl smtp.
 
Last edited:
Two things:
1. Port 25 blocking is pretty common on residential ISP around here. A way around it is to create your free cox email, use it for outbound authentication only and send email to cox SMTP server keeping your email address. Spam filters sometimes won't like this though.

2. A properly configured exchange server should only require port 443 on the client side. You should never need to touch port 25 of the exchange server from the client.


Personally I think port 25 blocking these days is more to stop people from running mail servers on residential internet accounts. I have also seen them block inbound port 80 so someone can't run a web server either.
 
Last edited:
Blocking port 25 is pretty common and justified in the light of spambots. Who you should be mad at is the idiot running that exchange server that doesn't know how to configure it properly. In this age of smartphones it is hard to believe that only ONE employee is trying to access the exchange server from outside the network.

Are you certain that no one has other ports configured or have you been told this by the employee, who might be making assumptions?
 
Outbound SMTP (port 25) has been limited to within the ISPs own network for many years now, this is not news. It's been common practice for many years.

The correct approach by the tech should be to find out what the e-mail server setup is she needs to connect to. As mentioned in several replies below...port 25 on POP mail servers has been replaced by alternate ports or more standard SSL ports. So her "work" e-mail server should at least accomodate those ports...as their IT guys (if they have any experience at all) should expect home users to have problems on port 25...so they should have alternate ports ready.

However...why isn't her office following common business e-mail setups? She should be about to do (as mentioned by someone above) "Outlook Anywhere". Which you said "she can't use outlook at home"....but Outlook Anywhere does NOT run on port 25, it runs on 443. ISP do not block outbound port 443.

For you to best help this client...you need to contact the helpdesk/IT dept of her place of employment, and find out their e-mail setup requirements for outside users. We're almost down to the bottom of page 2 on this thread and you haven't even hinted at that yet. Should have been one of the first things you need to get answers to.
 
YeOldeStonecat said:
Outbound SMTP (port 25) has been limited to within the ISPs own network for many years now, this is not news. It's been common practice for many years.

The correct approach by the tech should be to find out what the e-mail server setup is she needs to connect to. As mentioned in several replies below...port 25 on POP mail servers has been replaced by alternate ports or more standard SSL ports. So her "work" e-mail server should at least accomodate those ports...as their IT guys (if they have any experience at all) should expect home users to have problems on port 25...so they should have alternate ports ready.

However...why isn't her office following common business e-mail setups? She should be about to do (as mentioned by someone above) "Outlook Anywhere". Which you said "she can't use outlook at home"....but Outlook Anywhere does NOT run on port 25, it runs on 443. ISP do not block outbound port 443.

For you to best help this client...you need to contact the helpdesk/IT dept of her place of employment, and find out their e-mail setup requirements for outside users. We're almost down to the bottom of page 2 on this thread and you haven't even hinted at that yet. Should have been one of the first things you need to get answers to.
Click to expand...

Well said....
 
Cadishead Computers said:
I realise that Chris, but what are the chances that the server side is already listening to port 26?. Or are they just closing all other ports apart from 25?.

Sorry if these are newb questions.
Click to expand...

Well, let's look at this from my viewpoint.

I assume that any port you aren't actively wanting to use for something would be closed. Otherwise you're asking for problems.

And, chances are that if they are actively using port 26 for something, their mail server isn't listening for that port.

No need to apologize either by the way :)
 
The companies mail servers should be setup to listen on an encrypted port, anyway.

Encrypted SMTP on 25 is nuts, anyway.


She cannot expect to get business services for residential rates, and you are never going to convince Cox of anything. That said, she needs to see her contract with Cox because unless it says they can block certain ports... they cannot legally block them.

Options:

1. Upgrading to a business account and having her company pay for it.
2. Have the company offer encrypted access to their email (cheaper)
3. Sue Cox if the contract doesn't specify these restrictions.
 
NETWizz said:
She cannot expect to get business services for residential rates, and you are never going to convince Cox of anything. That said, she needs to see her contract with Cox because unless it says they can block certain ports... they cannot legally block them.
3. Sue Cox if the contract doesn't specify these restrictions.
Click to expand...

Doesn't have to be in the individual contracts....most ISPs have this written up on their websites....because it's commonly done, and rightfully so!
http://ww2.cox.com/residential/oran...rticleId=cacf82f0-6407-11df-ccef-000000000000
See abovel in for several clearly written explanations.
 
You must log in or register to reply here.

Similar threads

frase
My Mothers prized Pet passed away.
Replies
13
Views
379
frase
frase
thecomputerguy
Will this work properly as a forwarding rule in O365?
Replies
5
Views
217
britechguy
britechguy
Rosco
[SOLVED] weird outlook calendar issue
2
Replies
21
Views
789
britechguy
britechguy
thecomputerguy
Employee is about to be canned and management wants to see what/if she is sending.
Replies
8
Views
544
Sky-Knight
Sky-Knight
GTP
Tell me again how Google doesn't spy on me!
Replies
11
Views
573
Sky-Knight
Sky-Knight
Back
Top