[l008com]

Did comcast just start blocking outgoing SMTP connections this morning? Boston area comcast. I've never had any problems, and suddenly today I can't send email through my server. This is crazy. Like I would have no need to use any other email besides comcast or something. ****ing comcast.

[MarkLT1]

Originally Posted by l008com 

Did comcast just start blocking outgoing SMTP connections this morning? Boston area comcast. I've never had any problems, and suddenly today I can't send email through my server. This is crazy. Like I would have no need to use any other email besides comcast or something. ****ing comcast.

Not sure about comcast, but many ISPs do this.. and yes, it is annoying.

[turtle777]

Many ISPs only block port 25, to prevent spammers and bots from flooding spam messages.

Typically, 587 or 465 should work.

[E-mail] Comcast just start filtering SMTP both ways ??? - dslreports.com

You could also try 2525. Some ISPs have that open.

-t

[l008com]

They're not just blocking outgoing, now it's incoming too. So my mail has been bouncing all day. This is nuts. There is no logical reason at all to block people from receiving on port 25. Sending is one thing. but receiving is just pure BULLSHIT.

[l008com]

OK so comcast put a block on me because there was 'too much activity' on port 25. They also threatened to cancel my service if I don't close port 80 (because apparently its a big deal to host your own bookmarks on a private, password protected web page).

Once they put a block on your port 25 they will not remove it. Even if I'm going to cancel my service otherwise, they absolutely, positively don't give a ****. The guy at the 'Comcast Customer Security Assurance' department even told me so. Repeatedly he told me "its not my job to debate this" and "it is what it is".

This is such a completely load of bullshit, I can't even comprehend this.

But I have questions. I've been looking into RCN but I can't get that much info on them. If there are any RCN users here, please help me fill in the blanks if you can.

Do they have any port 25 blocks? All of port 25? Incoming? Outgoing? All outgoing or only outgoing to their servers?

Whats with the static IP stuff? I read that if you have a static IP, you are allowed to run "your own servers" etc. But I can't find any mention of this static IP on their website.

How is reliability with RCN?

They have a pretty good deal going right now, 10Mdown, .8M up, and cable tv for $70.

Will I still only get local broadcast channels in HD, with RCN, and an HD TV, but NOT using an external RCN cable box?

I hate comcast so much.

[amazing]

Blocking outgoing in Denver, also.

Thanks, turtle 777, resetting to 465 worked.

[krove]

Anyone having trouble with iChat video/audio conferencing with one user on Comcast and another on another ISP? For the life of me, my brother can no longer iChat (he uses comcast). He's made no changes in his network setup, nor have I or those of us he chats with outside comcast made any networking changes.

Every time we try to initiate a chat (either me -> him or him -> me), we both get error messages stating that the other party did not respond.

Could Comcast be blocking video conferences?

[l008com]

I doubt it.

[krove]

I doubt it too, but I have found no other explanation for the continued failure of connections.

[amazing]

I've noticed it as well, but hadn't had time to explore the issue (I actually though it was just an isolated failure, until I saw your post.)

two possible avenues to explore: using a gmail account to chat, and whether the OS X firewall is interfering. Do ports need to be opened or does iChat need to be added to allowable outbound traffic?

[besson3c]

Originally Posted by turtle777 

Many ISPs only block port 25, to prevent spammers and bots from flooding spam messages.

Typically, 587 or 465 should work.

[E-mail] Comcast just start filtering SMTP both ways ??? - dslreports.com

You could also try 2525. Some ISPs have that open.

-t

Port 465 is reserved for email clients that do not support TLS authentication. This includes Outlook Express and Entourage v.X. OS X Mail will not work over port 465, since it does not support SSL SMTP authentication.

[besson3c]

Originally Posted by amazing 

Blocking outgoing in Denver, also.

Thanks, turtle 777, resetting to 465 worked.

Really? What email client are you using? My understanding is that OS X Mail does not support SSL SMTP auth, but maybe it will silently revert to this option when TLS fails... If at all possible you will probably want to find out what port supports TLS, as that SSL port may not be open forever. SSL SMTP auth is considered obsolete.

[besson3c]

Originally Posted by amazing 

I've noticed it as well, but hadn't had time to explore the issue (I actually though it was just an isolated failure, until I saw your post.)

two possible avenues to explore: using a gmail account to chat, and whether the OS X firewall is interfering. Do ports need to be opened or does iChat need to be added to allowable outbound traffic?

iChat conferencing does seem to have problems passing through certain routers/firewalls. You can test this theory by temporarily connecting your Macs directly to your uplink and attempting a video chat session.

[krove]

I'll have to double check the firewall settings.

[turtle777]

Originally Posted by besson3c 

Really? What email client are you using? My understanding is that OS X Mail does not support SSL SMTP auth.

You disappoint me.

Apple Mail supported SSL SMTP auth at least since 10.2, and still does.

-t

[besson3c]

Originally Posted by turtle777 

You disappoint me.

Apple Mail supported SSL SMTP auth at least since 10.2, and still does.

-t

TLS is the successor to SSL, although TLS is essentially SSL. Apple is just being lazy in their labeling in not making the distinction between TLS and SSL:

Transport Layer Security - Wikipedia, the free encyclopedia

OS X Mail in fact uses TLS, not the older SSL for SMTP auth. Setup a mail server that only accepts auth via TLS and you'll see that OS X Mail works just fine. One config I have not tried is to see whether OS X Mail will dumb down its auth request to SSL where necessary, but I wouldn't be surprised if it didn't bother, since the vast majority of the world is using TLS for SMTP auth now.

TLS does not require a secondary port to handle its encryption. Therefore, for both IMAP server auth and SMTP auth you can auth on the standard ports (143 and 25 respectfully). TLS IMAP server auth is less common of a configuration. For SMTP auth, port 587 is also an alternate standard port for TLS while 465 is used for SSL by older clients.

Turtle man, why are you always looking for a fight with people? Hint: if you really insist on a fight, being right helps.

[ghporter]

Functionally, TSL fills the same niche as SSL, and Apple is not the only manufacturer that still calls their implementation "SSL." Why be so pedantic? If the mail server supports TSL, then you can use it (whether the option is labeled "TSL" or "SSL"). If the server doesn't, it doesn't matter what the security option is labeled. It's also my understanding (which may be inaccurate) that most current mail clients that support TSL also fall back to SSL if they need to in order to connect with servers that don't support TSL.

This is a forum for technical discussions, but not for people to get rude about technical details. Let's remember that, shall we?

[besson3c]

It's TLS, not TSL. The distinction was relevant in bringing up port 465 vs. port 587. If you are using port 465, your client will be using the older SSL.

[turtle777]

Originally Posted by besson3c 

Turtle man, why are you always looking for a fight with people? Hint: if you really insist on a fight, being right helps.

I'm not looking for a fight. Nobody made clear that there is a difference between TLS and TSL.

So, I didn't know, you did. You won.

But, funny you might say, even though I didn't know, my tip made it work for the OP.

-t

[besson3c]

Originally Posted by turtle777 

I'm not looking for a fight. Nobody made clear that there is a difference between TLS and TSL.

So, I didn't know, you did. You won.

But, funny you might say, even though I didn't know, my tip made it work for the OP.

-t

Yeah, it is No worries, I just sometimes read hostility into some of your posts that may not be intended... (Just FYI though, the difference is between TLS and SSL. There is no TSL).

Another option is running your own SMTP server. The problem with this approach is that if your ISP is blocking inbound port 25, bounces and other returned mail will not be delivered. As well, with no RDNS entry or MX record for your mailhost, there is a good chance that your messages will be flagged as spam by many milters, so this is a pretty weak solution.

Does Comcast support their own SMTP auth? If so, can you send non-Comcast mail through this server? Often times SMTP servers are figured to accept any mail that authenticates successfully.

I'm in an area which just switched to Comcast, I just hope I don't find that the ports I use are blocked one day.

[OreoCookie]

I had to use Comcast's smtp server in Berkeley, but it would accept e-mails from any of my accounts. It was quite annoying.

[krove]

I discovered why the iChat issue wasn't working: Time Machine.

I have an Airport Extreme that runs as pure-N extended by Time Capsule. Since I'm most often closer to the Time Capsule, I get my wireless signal from there. When I attempted to video conference after making sure I was connected to the main base station, I was able to connect every time. Move back to the Time Capsule and nothing.

The funny thing is that it only doesn't work with my brother, I can iChat with others when I'm connected to Time Capsule. Clearly, the networking path when I try to connect to my brother is funky enough that it fails. Odd that bypassing Time Capsule solves the issue, though.

Any thoughts?

[amazing]

Perhaps the Time Machine issue has to do with some mechanism that prioritizes backup streams, to the detriment of other networking? After all, you don't want your backups to fail or to be corrupted.

[krove]

I doubt that because I do plenty of other bandwidth-intensive stuff on the network that works fine. Additionally, this activity occurs whether a backup is currently in progress or not. This seems to be related to the relatively new and much-easier-to-use "Expand network" option in 802.11n (as opposed to b/g's complicated WDS).

[jeffus]

Originally Posted by krove 

Could Comcast be blocking video conferences?

I believe that they are blocking iChat. I used to iChat (using Comcast) to my father in California (using some other provider) all the time. Then one day it stopped. I could use Skype video, and now Gizmo beta, but they are nowhere near as good at iChat.

He was able to iChat with Apple support no problem, but I never got around to trying it on my end. I did look through the error log and got this:

Video Conference Error Report:
87.027765 @SIP/SIP.c:2719 type=4 (900A002D/65)
SIPConnectIPPort failed

I snagged that one from a recent post on the apple support discussions because it was pretty much the same as mine.

IChat from our laptop worked when we were in Austria 2 weeks ago, and the quality was great.

jeff

[besson3c]

Jeffus: the real test is what happens when both computers are directly connected to their respective uplinks without involving a router/switch/hub.

[jeffus]

Originally Posted by besson3c 

Jeffus: the real test is what happens when both computers are directly connected to their respective uplinks without involving a router/switch/hub.

Yeah, I'll try to test without the airport this weekend. Will report the results.

regards,
jeff

[jeffus]

Originally Posted by besson3c 

Jeffus: the real test is what happens when both computers are directly connected to their respective uplinks without involving a router/switch/hub.

I unplugged the airport from my end, but my father did not remove his router because it is too much work for him.

Results: I could see and hear him for about 5 seconds, he could not hear/see me. Then it froze with this error:
2008-04-19 16:28:31 -0700: No data has been received for the last 10 seconds.
Audio channel info: local machine using 76.121.139.132:16402, expecting remote machine to send to 76.121.139.132:16402
Video channel info: local machine using 76.121.139.132:16402, expecting remote machine to send to 76.121.139.132:16402

So maybe if we both change our router/firewall settings we could make it work.

Thanks for encouraging me to start with the basics...
jeff

[Cold Warrior]

iChat handles routers very poorly, so this is most likely your problem. Find the ports it uses and configure port forwarding on both routers.

[jeffus]

<sarcastic post deleted>

Just plain tired of computers and their hangups.

[Cold Warrior]

Skype OTOH works great.

[jeffus]

Skype does not work well for us. After he bought the 24" iMac the echo problem got so bad that I can only speak 2 words at a time. I can hear him just fine no matter how long he talks, and we both use the same USB mic/speaker device (BlueGears). Used to work perfectly with his 17" iMac.

Gizmo5 beta gives a 2 second delay for the audio, but no echo problem.

Any suggestions on the Skype problem?
regards,
jeff

[Cold Warrior]

Headphones/earbuds eliminate the echo and whine. I have it when using a MBP & MB.

[jeffus]

Headphones would work indeed, but video time is family time and we have multiple people on each end of the computer, so we all have to hear what is being said - and then we bring in the dogs and the barking starts and chaos ensues. Except for family time we just use the phone (CDV).

[Cold Warrior]

That sucks.

Port forwarding on both ends should make iChat work smoothly.

[turtle777]

You might wanna check out this thread:

iChat port forwarding question - Mac - Apple

It seems like Port Forwarding is NOT the magic bullet.

-t

[Cold Warrior]

I've copied a lot of the later posts about iChat into its own thread in this forum (Networking). Let's continue that discussion there; maybe we can help jeffus.