Mailing List CGatePro@mail.stalker.com Message #98615
From: Uwe Baemayr <cgate@baemayr.com>
Subject: Verizon port 25 block!
Date: Mon, 28 Sep 2009 22:33:09 -0500
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: Pegasus Mail for Windows (4.51)
Howdy!

This past weekend, Verizon apparently decided to start blocking outgoing
port 25 for one of the biggest users of our Communigate Server (v5.2.11 on
Windows 2003).  So she can no longer send mail using her domain.

After countless hours on the phone talking to support people who know less
than this user does, they made a suggestion: Use port 587 for SMTP instead
of 25.  While failing to see how that could possibly foil spammers (can't
they just use 587 instead of 25?), it didn't work anyway.  While, from Road
Runner, I could send using either port and use TELNET on either port to get
a SMTP prompt, for her (using Verizon DSL), either TELNET or attempting to
send mail via either port just hangs.

This page:

http://www22.verizon.com/ResidentialHelp/HighSpeed/General+Support/Top+Questions/QuestionsOne/124274.htm

clearly states that port 587 is supposed to work, but we couldn't access
port 587 on our server via Verizon.  I configured 525 (and 465) as well,
with no success.

So I figured that maybe Verizon only allows SSL or TLS connections to 587.  
generated a certificate, set "Init SSL/TLS" in the SMTP listener on 587,
reconfigured Pegasus Mail (my mailer of choice) to first use TLS and then
SSL and and also enabled port 465 for SSL (I figured it wouldn't hurt any
other users since nobody was using any of these ports).  I had no trouble
sending messages using any of those ports, but the Verizon user still can't
connect.  Really frustrating.

Finally, I configured port 995 to accept SSL POP3 connections and 993 for
SSL IMAP connections -- Pegasus worked great with those ports, but it
appears Microsoft Mail (her mailer of choice) doesn't.  So I'm a bit
suspicious about whether things are configured correctly by the end user,
but not being able to TELNET to 587 (with Init SSL/TLS disabled) makes me
think that this port is also blocked by Verizon.

Has anyone else run into this problem with Verizon?  Should we expect 587 to
work with Verizon?  We require authentication on all connnections, although
the SSL connections are new.  

It's just impossible to get a straight answer from Verizon -- everybody she
talks to tells her something different.  Some insist port 25 isn't being
blocked, some say that 587 is supposed to work, and some say that you must
use their SMTP server.

so, as a last ditch effort, we configured her mailer to use the Verizon SMTP
server.  But when she sends email through Verizon using her FROM address on
our server and CC's her Communigate account, the Communigate Pro server
rejects the message when the Verizon SMTP server tries to deliver it with
"sender requires authentication".  I assume this is because the MAIL-FROM
supplied by the Verizon server matches the name of her local account, but
isn't authenticated.  So I'm stuck between a rock and a hard place there.

Any suggestions would be most welcome.

--- Uwe

P.S. The only other suggestion Verizon made was to switch the account to use
a fixed IP; they don't block port 25 if you have this extra-cost service.
But they also said there would be 2-3 days of downtime for our user while
the service switched over, and that's not acceptable.  Plus, she uses
Verizon both at home and at the office, so she'd be paying for two fixed IPs
just to access her email.

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster