[110803] in North American Network Operators' Group
Re: Cisco ASA / Comcast SMTP problem workaround
daemon@ATHENA.MIT.EDU (lorell@hathcock.org)
Sun Jan 18 20:00:56 2009
Date: Sun, 18 Jan 2009 19:06:40 -0600
From: lorell@hathcock.org
Cc: nanog@nanog.org
In-Reply-To: <bb0e440a0901181640i83c0806lc5a492cead9cc02b@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
The Control Panel is H-Sphere.
Quoting Suresh Ramasubramanian <ops.lists@gmail.com>:
> On Mon, Jan 19, 2009 at 6:07 AM, <lorell@hathcock.org> wrote:
>> I have the problem when working out of my house that Comcast will lock do=
wn
>> outbound SMTP on the regular ports. This may be due to the kids' compute=
r
>> getting infected with a virus from time to time. That is its own problem
>> and I want to deal with it on its own.
>>
>> The problem I want to discuss is a workaround to Comcast blocking outboun=
d
>> SMTP.
>
> That's what port 587 is for and comcast hasnt been locking that down, eh?
>
> Have your server listen on the smtp submission port (587) as well - if
> you want you can use 465/smtp+ssl but that's deprecated to a large
> extent (though yes, I had to switch it on after I figured out my
> phone's push email service seven.com only supports smtps currently)
>
>> 1. I don't want to change the email server configurations because it is
>> run by a control panel software and if I take it out of spec, the next
>> update could wipe out my custom config.
>
> If that's cpanel there are ways to do it in the config + save it. An
> update wont wipe it out if you use the cpanel management console
> rather than edit files using vi. In fact, chances are, your cpanel
> box ALREADY listens on 587.
>
> For more details - and these are best practices from MAAWG, which is
> sort of like a nanog for mailops and antispam - very operational and
> relevant content there. http://www.maawg.org/port25
>
> Oh, and RFC2476 (about port 587) and 2554 have been around for ages now.
>
> --srs
>
