What's up with Port 25?

   
 

This document is intended to provide you with a brief overview of current email changes being implemented across the internet, and the reasons why these changes are being made.

How Spammers Killed port 25

According to long-standing norms of Internet use (specifically RFC 821) mail has been transferred using TCP/IP port 25. Mail servers relay messages to each other for delivery to their recipients via this method, as they have for over twenty years. By the very nature of the Internet, there is no master list of which computers are allowed to participate in the email system. This way universities, government agencies, ISPs, and other businesses can freely add mail servers to the network.

As most people that use email are aware, some people caught onto the idea of using email for direct advertisement. They started up unsolicited bulk email (spam) systems that would send thousands or millions of copies of a given message at nearly no cost to themselves, simply taking advantage of their ISP's mail servers. This lead to a great many complaints against the spammers' ISPs, who were forced to protect their businesses by disallowing their customers to send bulk email (link to bulk email FAQ).

Unable to use respectable ISPs' mail servers to distribute their advertisements, spammers resorted to putting mail server software onto their own computers, to send directly to recipients' mail servers on port 25. Again this resulted in a great many complaints to the spammers' ISPs, and the termination of the spammers' accounts and Internet access.

Some less-than-reputable businesses are willing to provide access to spammers, but it requires a great deal of bandwidth and computer power to send spam continuously. This increases the cost of sending the messages. To mitigate these costs, spammers have resorted to breaking into other users' computers, turning them into "zombie" systems that spew unsolicited bulk email continuously. With the advent of affordable residential broadband connections, a typical home computer can become a prolific source of spam. With the plethora of trojans, viruses, backdoors, and what-have-you, many innocent Internet users were acting as a direct to MX (port 25) mail server delivering spam.

Recently, some ISPs, especially those providing residential broadband access, have taken defensive action to prevent this misuse of their networks. Whenever spam is sent from a zombie system, complaints arrive at the abuse department of the zombie's ISP. This ties up valuable manpower and tarnishes the professional reputations of the ISPs involved. A more efficient, preventative means of controlling this problem is to simply block port 25. Any traffic coming from a customer system that uses port 25 (the mail port) is simply discarded. To make sure that their customers can still send legitimate mail, they allow port 25 traffic which is destined for their own mail servers only. By authenticating with the mail server directly, using a valid logon, you can usually send email from any other connection (road-warriors, etc.)

How does this affect me?

If you use your domain's SMTP mail service rather than the company that connects yout to the Internet, you may find that you cannot send mail anymore. In late January, 2005, several large broadband providers started blocking port 25. This resulted in hundreds of customers having to change their mail program settings.

What Are We Doing?

We are investigating changes to allow you to be able to use an alternate port to access and use the SMTP service that is part your website's services. Please be patient, as we must analyze our network operations and consider how this may affect all aspects of providing a secure, shared-hosting environment; without compromising the security restrictions of ecommerce users' merchant accounts.