Comcast Pissed Me Off

Comcast SuxIronically, this post and the image that you’re viewing are being hosted by a server on the residential side of a Comcast internet connection. I’ve been running my own web server and email server at home using a dynamic DNS service for well over 10 years now. Never has there been an issue… until this past weekend.

My internet went down for a bit on Friday last week. I didn’t think anything unusual of it because it’s Comcast after all, and they have a habit of dropping out for a minute or two here and there. My firewall emails me whenever it goes down and when it comes back up again so I have a detailed record of every outage for the past couple years. It was actually down for a couple hours, which is not unheard of yet still unusual. So it comes back up, and life goes on…

I really didn’t think anything of it until late Sunday night when I looked at my phone and realized that I hadn’t received a single email all weekend. In fact, I hadn’t received a single email since that outage. Something was amiss, and I had to find out what. Sure enough, the mail logs show that not a single SMTP server had tried to contact me since then. Not spam, not legit, not anything. Yep… Comcast had decided to block incoming TCP port 25. So I tried to send a message out. Well, that didn’t work either. Comcast had also blocked TCP port 25 outgoing. So after 10 years of running my own email server, I was now being shut down… but I don’t give up that easily.

The email standard is archaic and fettered with backwards compatibility and desperately needs to be overhauled. Had someone shown even a little bit of foresight, they would have included a way to specify a port in an MX record instead of just a DNS name and a preference. I could have solved my problem in 5 minutes, but because they didn’t, I’m stuck having to find a server somewhere that can accept email for me on port 25 and then send it to me on another port. Luckily, I’m just the type of person who has such resources.

So after a couple hours of configuring MX records, setting up a Linux server, configuring remote firewalls, configuring Postfix, and trying to figure out how to make my spam proxy look for mail on an alternate port, I was finally able to see some email start rolling in. A little more configuration magic, and I am now relaying out on an alternate port as well. My spam filter is a little less effective because it is no longer receiving the connections directly. Things like greylisting, RBL’s, RDNS, and HELO checks don’t work in this configuration. I’m doing some basic RBL filtering using free lists on the relay but it’s still not as effective as the corporately supported solution I was using at home.

Unfortunately because of my geographical location, Comcast is the only ISP option I have unless I want to go wireless. If money were no object, I would just pay extra for a business class connection and be done with it. I still may at some point, but I’m not ready to fork over more money to Comcast just because they decided to punish all of us for the spam of just a few.

2 thoughts on “Comcast Pissed Me Off

  1. Dave, I ran into the same problem too… 🙁 I was running postfix+dovecot+dynamic dns for years before Comcast initiated the port blocking. I had to move my e-mail to a VPS en masse. Sad. What config did you use to get around this?

    • I was able to set up a server elsewhere that can receive email on port 25. It then relays my email to my home server on an alternate port. For outgoing, I can still relay my mail through comcast’s SMTP server, but I had to change to another port and authenticate to it via my comcast credentials.

Leave a Reply