Lemak Lemang

Going gaga over Port 25

Dec 7, 2007 10:38

Internet users are up in arms over the performance of Malaysia's near-monopoly broadband provider TM Net.

This time, the angry customers involve business users who are plugged into TM Net's dynamic IP addresses and World of Warcraft (WoW) fans.

The trigger point for customers' anger has been linked to TM Net's decision to implement an anti-spam measure by giving zero notice to its subscribers. Business users had their outgoing emails crippled, Web and email-hosting providers got scolded by their crippled clients, and WoW fans cursed and swore at the unreliability in broadband connection.

I put up a blog entry on the issue, and it attracted a response from a Canada-based technical support from Comcast, a law firm from Minnesota, an angry Malaysian CEO from an online publisher and, yes you got it, a fan of WoW.

As always, TM Net had a rationale of its own. It said that of late, a large number of IP addresses from its network have been blacklisted (sic! Blocklisted?) by many anti-spam organizations, causing its customers to be unable to send emails from their mail server to companies that might be using databases from these anti-spam organizations.

To mitigate the problem, effective December 3, TM Net decided to block outbound Simple Mail Transfer Protocol (SMTP) traffic--or port 25--for all outgoing emails from dynamic IP addresses. In other words, from now on, all outbound SMTP traffic (outgoing emails) must pass through smtp.streamyx.com and smtp.tm.net.my. No second choice.

It also means that, from now on, TM Net customers, particularly the Streamyx broadband subscribers who use their own mail server running on TM's dynamic IP addresses, will not be able to send their emails out.

As an alternative, the ISP is giving this type of customers a solution--an open relay proxy server.

But Streamyx customers cried foul. They questioned whether TM Net's open relay proxy server was open to fraud.

WEB-HOSTING PROVIDER. One Web-hosting provider emailed me to complain that TM's action has caused the company "a troubling amount of support man hours" as it had to assign staff to tell the clients why their mail servers were no longer accessible. The company also had to spend additional resources to help the client migrate to TM Net's "reliable" SMTP servers. The company's system administrator criticized the ISP for giving them no prior notice and catching the customers unprepared.

ONLINE PUBLISHER. A medium-sized online publisher said that by blocking port 25 for all users on the pretext of fighting spam, the ISP was also forcing genuine users to use a open relay proxy server to send out their emails. He claimed that such act would not only make it extremely easy for everyone using the TM Net proxy to get blacklisted as soon as a spammer hits it, it would mean that all their emails will stay in the proxy server for some time and can be stored, read and filtered by someone.

Meaning, these business customers are questioning if the ISP is sure about privacy and security issues of its proxy server which now acts as a security guard sentry for outgoing mails.

As a matter of fact, I have checked all resources on the TM Net Web site, but no guarantees on these issues have been given.

TECH SUPPORT FROM COMCAST. Next, I asked the following question of relevance: What's the global benchmark action for situations like this?

One of my readers responded by saying that there was a similar action adopted by Comcast in the US, which blocked outbound traffic on port 25 in order to prevent spammers from abusing it. However, the reader also highlighted that the Comcast case was not entirely similar to the one that TM Net has implemented. "Not only is it ineffective against spamming, it could in fact be used to censor, filter and track emails sent by anyone using the TM Net network," the reader said.

He added that forcing all their users with external email servers to send their emails to a open relay proxy server before they are sent out to their destinations is very troubling.

Shortly after, a Canada-based Comcast tech support who said he "happened" to read my blog, related to the issue by saying that Comcast hadn't blocked port 25 completely, as some customers are still using it. "Non-spammers who do get issues with port 25 are advised to switch to port 587," the Comcast person said. "Maybe that can be applied to TM Net as well?"

ONLINE PUBLISHER FROM MALAYSIA. Meanwhile, a medium-sized online publisher in Malaysia was critical of the ISP's methodology in making a colossal ban on Port 25. he said TM Net's methodology will not prevent spamming, but will pose a real and genuine threat to the privacy of Streamyx users.

He said:

1. Using open relay proxy SMTP is not an option as there are a lot of email servers that would reject any emails sent from an open relay SMTP server (such as the one suggested by TM Net-Streamyx), and this would mean our legitimate emails would be blocked.



2. What’s the point of implementing the blocking of Port 25 and yet have this open relay SMTP proxy to be used? This would just allow spammers to flood this open relay proxy. In turn, this server would then be included into international RBLs and our legitimate emails would be blocked.


3. If our emails are being proxied through this open relay server, what are the security, audit and privacy standards in put place to assure users like us that our emails would NOT BE STORED on their server and WOULD NOT BE READ or SNIFFED at? Our privacy is at stake here.


4. And in any case that this open relay SMTP proxy server is down, how can we send out our emails then? What are the SLAs in place for this proxy server? Why penalize us users when we PAY MONEY for our own SMTP server to avoid being caught by our dear ISP's "reliability" in the first place?


5. For mobile users who hop around Internet connections, from home Streamyx to public Wi-Fi such as at Starbucks, etc., always changing the SMTP settings isn't exactly a consumer-friendly solution.

LEGAL FIRM FROM MINNESOTA. Meanwhile, a law firm from Minnesota, a loyal reader of mine, responded to the Comcast feedback and rebuked it. "We have Comcast here in Memphis Tennessee as well as our place up in Minneapolis Minnesota and, yes, they in fact do block port 25 and under no circumstances can we get it unblocked unless we are willing to change from the residential account of US$29 a month to the business account of more then US$300 a month for the service," he said.

"My company uses its own SMTP servers and we have not been allowed to access them and have been told in writing from Comcast what I have stated above," he added. "Also, we are limited because of this of only sending emails that are no more then 8MB in size. Comcast is not the only one (which blocks Port 25). So do AT&T, Time Warner, AOL and Sprint networks," he said. "I know this because this is a very sore issue with me and my family."

He also said that the spam blocklists that TM Net talked about are usually run by various people and organizations and their credibility is suspect.

The reader sent me documents about one particular blocklist compiler in Russia who operated off an apartment registered to a museum. That could well be another Pandora Box yet to be uncanned.

FOUND A WAY OUT. Meanwhile, yet another reader emailed me to say that his company has discovered a way to easily circumvent the blocking of Port 25 merely by changing: (1) The port that your mail server listens to; and (2) the outbound port your email client uses.

What this implies is that, sorry to say, TM Net's proxy server relay is actually useless.

"Any decent spammer will be able to circumvent the block and resume spamming in a matter of minutes," the reader said in his email."As far as spam-blocking is concerned, this is a deadend."

WoW FANS UNHAPPY. Roughly the same time, a WoW diehard wrote to me that facing the same spam issue, Australian ISP Internode dealt with it differently. It came up with a resolution within hours after getting the customers' complaints.

All Malaysian WoW players face the same problem as that described by Internode's customers," the WoW fan said. But the difference is:

1) We don't have a public forum like that (http://forums.whirlpool.net.au) to voice out our grievances (email sent to their customer service is like throwing light into a black hole).

2) And even if we did, is it reasonable to expect Streamyx to act the way Internode has, considering the sort of track record shown over the years? I think not.

I reckon the ISP should think hard. WoW is the most successful network computer game in history. Over 9 million paying subscribers worldwide play this game, paying US$15 a month for the privilege. It has an absolutely huge following here in Malaysia.

Currently, there are hot debates on the issue in the Lowyat Forum and elsewhere.

So now, the million dollar question is: Why would TM and TM Net ask everyone to use its open relay proxy server?

Already, understand that a KL-based technology publisher has written a letter of complaint to the the industry regulator MCMC, pointing out the futility of TM Net's action.

No developments so far.

Recent Comments

 

Most Discussed

 

Browse Archive