TMNet Decides to Block Port 25

If you’re a Streamyx subscriber and is actively monitoring your Streamyx email you would already be aware that TM is blocking all outgoing connections to port 25 from the dynamic IP users. Simply put, home users with dynamic IP will not be able to use their email clients (i.e. Thunderbird, Outlook, Eudora, Kmail) to send emails via their own mail server.

For example, as a Yahoo! Mail Plus user I use Yahoo! SMTP at smtp.mail.yahoo.com to send my emails. With the blocking enforced, I will no longer be able to send via this server. The same goes to other users who have their own mail server for their own domains. As of the time of writing this email, I see that the blocking is still not enforced:

SMTP Blocking on TMNET

My Thunderbird and sendmail on my Linux box are still happily sending out emails via my SMTP servers / smart hosts.

Here’s the official announcement: MITIGATING SPAM IN TM NETWORK.

They are doing this to prevent spammers from sending emails from dynamic IP addresses. However they do open up an SMTP proxy as an open relay for dynamic IP users. I am unsure and pretty much would like to see the effect of having an open relay in their network.

One particular thing that is bad for everyone is that the final destination will check for IP addresses as they mentioned. But how are they going to make sure that the IP address of the smtp proxy (smtp-proxy.tm.net.my 202.188.0.174) will not be blacklisted?

Certain anti-spam implementations such as SPF does check whether the email is sent from authorized mail servers (technical: MX records), and sending from TMNET’s SMTP relay will make sure that your email will fail the SPF test. Adding it in the SPF authorized list (technical: “v=spf1 a:smtp-proxy.tm.net.my mx:smtp.yourdomain.com”) is an initial idea – but doing this will allow everyone to be “authorized” as one of your domain users 🙁

And of course, you can forget about DomainKeys as the smtp-proxy will break your signature.

As for me, as long as they don’t block port 465 (SMTP over SSL) I will still be happy.

Oh yes by the way this policy is not only used by TMNET. Last week, one of my users who were in a London hotel had the same problem when he tried to connect to port 25 (a mail server in Malta). In the end we added another listening port and it worked fine. If you own a mail server, consider doing the same thing!

So far, how does this policy effect you?

0 Shares

2 thoughts on “TMNet Decides to Block Port 25”

Comments are closed.