1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Port Blocking

Discussion in 'Tomato Firmware' started by neil154, Jul 18, 2014.

  1. neil154

    neil154 Serious Server Member

    I am trying to use Outlook 2007 for an email account which has port 110 for incoming POP and port 25 for Outgoing server. When I test the account at home it fails with the message below

    Send test e-mail message: Outlook cannot connect to your outgoing (SMTP) e-mail server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP)

    If I test the same email account at my office the test succeeds. I can only think the difference between the 2 locations is the router. So if someone has a suggestion I would appreciate it.

    I have Tomato firmware 1.28.0000 MIPSR2-117 K26 USB AIO installed on my Linksys E3200 router.

    Please suggest any ideas
     
  2. jerrm

    jerrm Network Guru Member

    It's not the router unless you have added custom rules to do block the port.

    Many ISPs (probably most in the US) block outbound port 25 traffic for all but the ISP mail servers on residential accounts. Some will unblock it if requested, others won't.

    If the mail server doesn't offer an alternate port and the ISP won't unblock, you may be out of luck.
     
  3. lancethepants

    lancethepants Network Guru Member

    Just about to post the same thing. Yes, port 25 gets blocked by some ISPs. 465(SSL) and 587(TLS) are the other commonly used ports.
     
  4. neil154

    neil154 Serious Server Member

    I am sorry but do not understand. My ISP at home and office is Comcast. Are you suggesting that I need to contact Comcast even though they are NOT the provider of my email service?

    The email provider is for my own domain hosted by Inmotionhosting.com
     
  5. jerrm

    jerrm Network Guru Member

    Almost certainly is Comcast. They block 25 by default on residential accounts. Most don't have luck getting it unblocked. Google "Comcast unblock port 25."
     
  6. koitsu

    koitsu Network Guru Member

    Rephrased answer, with some verbosity:

    For sending Email, you use an outbound mail server (SMTP). For receiving/fetching Email, you use an inbound mail server (POP or IMAP). These two servers do not have to be the same (keep reading).

    Comcast (who I also use as an ISP) blocks outbound TCP connections to Internet hosts with a destination port of 25 (standard/classic/original SMTP communication port). TCP port 110 is for POP/POP3 and is not relevant to this discussion (the error you're getting is when trying to send mail).

    Meaning: a computer on your network tries to connect to some.mail.server on TCP port 25, in attempt to send mail through that system. The packet goes through your router, and then out to Comcast's routers. Comcast's routers block this packet before it can reach the Internet. This is by design.

    The reason they (and many, MANY other ISPs) do this is to decrease the amount of spam. Spam software, including trojans and malware, often tend to try and spew out tons of junk spam Email to random SMTP/mail servers by connecting to them on TCP port 25. Comcast has many documents explaining this:

    http://customer.comcast.com/help-and-support/internet/list-of-blocked-ports/
    http://customer.comcast.com/help-and-support/internet/email-port-25-no-longer-supported/

    Instead, what Comcast (and again, MANY other ISPs) do is 1) force you to siphon mail through their own mail servers, and 2) force you to use alternate ports that offer alternate (more secure) capabilities (like TCP port 465 (SMTP with SSL) or TCP port 587 (SMTP with TLS (plaintext that gets upgraded to SSL)).

    Comcast explains the necessary settings to choose here:

    http://customer.comcast.com/help-and-support/internet/email-client-programs-with-xfinity-email/

    And here as well:

    http://forums.comcast.com/t5/E-Mail...s-port-587-only-if-needed/m-p/1583869#M224270

    Here's the setup for Outlook 2007:

    http://customer.comcast.com/help-and-support/internet/configure-outlook-2007-to-use-port-587

    Comcast also requires (when sending mail through them) use of SMTP AUTH (SMTP authentication), where you authenticate using your Comcast credentials that they gave you when you signed up. It's usually an Email address like something@comcast.net and a password.

    If you aren't sure what checkboxes to pick, call Comcast Technical Support at 800-COMCAST and tell them you need help setting up your Outlook 2007 mail client to send mail through Comcast. They can help you.

    I should be crystal clear about something though: Comcast does not filter TCP port 110 (POP) to the Internet, so you can pull down mail from a remote POP server without any problem. But that said: you should be aware classic POP on TCP port 110 is plain-text, meaning your password is transmit without any encryption or even obfuscation. Your POP provider should really offer encrypted POP (POP with SSL) which usually runs on TCP port 995. Alternately you can use things like IMAP with SSL (TCP port 993) to accomplish the same task.

    Finally: none of this has to do with Tomato or even your router. That's the good part. :)
     
    Last edited: Jul 18, 2014
    shibby20 likes this.
  7. neil154

    neil154 Serious Server Member

    Thanks to all, I just got off the phone with Comcast and they confirmed that they are blocking port 25 and they gave me other settings which work (after fiddling around for quite a while).

    BTW, I have checked receive email notification on this post but yet I did not receive any email about the posting above. I also went into my profile but could not see any place wher I could make that my default notification
     
  8. koitsu

    koitsu Network Guru Member

    This is a forum software question and off-topic from the thread subject matter, but I'll answer it:

    By default, a reply to a post you're watching will cause an "Alert" to pop up in the upper-right corner of the site when you visit it. However, again by default, the forum will not Email you in this situation.

    If you wish to change that, in the upper right corner of the site, click your username (yes there will be a hover/pulldown that shows up, but just click your username). You'll be taken to a "Personal Details" section, where there's a menu on the left. In that menu, under "Personal Details", choose "Preferences". Under there, there are two checkboxes that look like this:

    Code:
    [*] Automatically watch threads that you create or when you reply...
      [ ] and receive email notification of replies
    
    The 2nd checkbox there is the one you want enabled. (In my above example it is disabled, because I do not want to get an Email for any thread I'm watching / involved with. This would irritate me greatly given how many threads I participate in. :) )

    Before enabling it, please make sure that your Email address is valid (in said menu, under "Settings", "Contact Details").

    I know the forum Emailing people works because I have things configured to Email me when someone sends me a private message (and I do get those Emails). An example/proof:

    Code:
     142   + 05/29 05:24  LinksysInfo Forums  (7.7K) {hidden} started a conversation with you: "port forward problem"
     143   + 05/29 05:36  LinksysInfo Forums  (7.4K) port forward problem - New reply to your conversation
     144   + 06/23 10:34  LinksysInfo Forums  (8.3K) {hidden} started a conversation with you: "Amazon Gift Card Attached (I'm serious th
    
    So if you don't get an Email when someone replies to you, you should post on this forum and ask the site administrator for help. The Email may be getting blocked somehow due to anti-spam tactics (ones completely unrelated to the Comcast ones we just discussed -- yes really!) of recipient SMTP servers (i.e. the SMTP servers responsible for hosting your Email address). The site administrator should be able to review forum and outbound mail server logs (for the forum/site) and determine if the mail is being sent at all, and if so, if it's being rejected (and if so, why). You can contact the forum admin by going to the bottom of any page and clicking Contact Us. The conversation will be a private message between you/site admins.
     
  9. neil154

    neil154 Serious Server Member

    Thanks for the information on the email option, I checked and am set the way you suggested and I did get your response by email. So I guess everything is set up okay.
     
    koitsu likes this.

Share This Page