Doug's Dynamic Drivel

Comment from Adam Monteith
Time: September 17, 2004, 11:56 am

God damned Telus has blocked all mail on port 25 (SMTP) from moving across their network unless it is through their SMTP server…I hate monopolies!

Most major ISPs do this to prevent their servers being used as open proxies/relays. Nothing to do with monopolies

Comment from Doug Alder
Time: September 17, 2004, 2:14 pm

Holy Sh*t – look whose sorry ass the cat dragged in Hey Adam how the hell are you

But Adam I am on a Telus IP address and just using my domain – if Telus (who I believe you still work for) had it’s act together it would see that and let it through – theonly SMTP mail it should not be letting through is that which originates from an IP off their network entirely. My DSL connection is on Telus my domain is not. It is blocking any attempt from my DSL connection on their network to send through my domain’s smtp port and that’s not right.

and Adam – you’re still fired!

Comment from Doug Alder
Time: September 17, 2004, 2:24 pm

Actually Adam I just realized I didn’t explain myself very well there. Telus is blocking any attempt on the part of my mail client, which resides on a Telus ADSL connection from connecting to the smtp port of my server which is not on a Telus IP. It is not any of Telus’ business which smtp server I choose to use, once I connect to my server and send it is off of Telus’ network. All Telus should be doing is blocking smtp requests to it’s mail server that originate from outside of Telus’ network.

In other words, this is typical Telus crap that is intended to drive more business to them by trying to get people to host their domains (especially business related domains) on Telus’ servers at exhorbitant prices (and crappy service) by making it difficult to send mail, and when the mail is sent any examination of the headers will show Telus as the smtp server and not the domain – which businesses do not like.

Comment from Adam Monteith
Time: September 17, 2004, 3:55 pm

We do quality control on clients. I’ve explicitly put port restrictions on any Doug Alder-type packets being passed around the network. Apparently, if they have a red-beard, complain about young people being stupid, Bill Gates being a nerd, and wish for the good old days where sending jolts of electricity though terminals to shock tech-support callers, we can’t allow their specific viral tendencies to spread

As for the port being blocked, you could try calling them and telling them to fsck off. If they still refuse, tell them to fsck off anyways, and use something like no-ip.com

Port blocking outbound traffic to external SMTP servers is however, still common with large ISPs. Some hullaballo about stopping spam. I don’t quite understand it, but judging from some of the architects that work around here, it doesn’t surprise me.

Comment from Doug Alder
Time: September 17, 2004, 4:14 pm

If anyone else is so unfortunate as to be reading this – Adam used to work for me when we were running tech support for a large ISP in BC (not that I would have ever admitted this to him at the time but he was the best tech I had, which is why I fired him every week) – then he went over to the dark side.

Adam – if it wasn’t for the fact that my Nortel VOIP phone doesn’t work worh a damn on Shaw’s network I’d go back to them. Nah I’m not going to call Telus -not worth the aggravation. Besides after all my work with CMON. KAST and IPWorld my name is somewhat persona non grata in some Telus circles so I don’t think complaining would get me very far

Heheheh – I’ll never forget the look on your face the day I got Brian to fire you in the staff meeting

Comment from Andrew
Time: October 19, 2004, 4:44 pm

Could somebody explain me the theory and reason of blocking 25 (SMTP) ports. And how this can stop spam propagation?
E.g. what will stop me to send spam mail through web-mail, or some other channels?

Why not then to block incoming POP3/IMAP ports with simple reason: don’t read the spam!

Comment from Doug Alder
Time: October 19, 2004, 5:32 pm

The ostensible reason for this is so that when clueless customer A gets his computer infected with a backdoor trojan someon off of Telus’s network can’t use that computer as an open relay SMTP port. The real reason is they want to control their customers. They think that if they do this and you really want to use your domain’s own SMTP port and you are on their ADSL (or whatever) network you will then rent server space off them instead of someone else. Therefor more revenue. That’s the real reason – but it does stop some open relay spam.

Comment from Anonymous
Time: November 16, 2004, 12:00 pm

I got the same problem, guys. Furthermore, some organizations are using a Telus ISP account for the basis of hotspots, meaning people who connect to these hotspots cannot send email. I’ve found 2 such hot spots recently.

I can’t understand why they block port 25. So much for personal freedom on the Internet! Telus always has been a screwed up company.

I WONDER WHAT THEY WILL DO TO BLOCK VOIP ???

Comment from Tim
Time: November 27, 2004, 1:05 pm

I’m not to sure when Telus starting blocking this as it was only today that all of a sudden i couldn’t send outgoing mail. from research on the net it would seem a little further back but it seems someone at telus discovered…oh hey this guy is still sending through a third party smtp server let’s shut it off.

anyways with searching around i finally found this link which lists everything telus has blocked:

Ports Blocked By Telus

Comment from Kirk Lins
Time: December 31, 2004, 11:46 am

You went through the telus bs too eh!

I have a mail account on another server not on telus.
Changed my account settings in outlook to use the ssl port and it now works again.

To do this edit the properties of your email account that is not on telus.
Click Servers tab
Under outgoing mail server, check off my server requires authentication.
Then click your advanced tab
Check off my server requires a secure connection (ssl)
Change the Outgoing Mail (SMTP) port to 465

Comment from Doug Alder
Time: December 31, 2004, 12:01 pm

Hey – it’s the one and only Kirk – how goes it?

Comment from Kirk Lins
Time: January 4, 2005, 7:15 am

Hi Doug, everything going good. Now that I know that telus is blocking.

Sh*t I can’t beleive I missed that in the beginning. I had a web server that I was doing development on hosting it on my home dsl connection. Since the last time I accessed it remotely I had installed xp sp2. I thought it was something to do with sp2. I removed firewalls, re-installed firewalls, rebuilt network connections, said screw it and reloaded os. Again could not reach site from outside telus. I even went back to a different os – ahha finally the light came on, searched google and found out that Telus was blocking ports.

I do understand that it is a home connection but it would have been nice to have a notification from telus. What a waste of my time.

Anyway, I now have forwarding for my subdomain that points to my server using a different port.
mysubdomain.mydomain.com – myforwardedsubdomain.mydomain.com:81

This way I can still use mysubdomain.mydomain.com with no specific port number on the end. If I decide to move it to a dedicated server I have no problems with broken links.

BTW – Happy New Year!

Comment from Doug Alder
Time: January 4, 2005, 7:56 am

Happy new year to you too. I’m not certain how I figured it out, but I did figure it out before the guys at work did I found myself answering trouble tickets from people who all of a sudden couldn’t send mail. It’s not just Telus – it has become commonplace now.

Comment from Diane
Time: January 17, 2006, 11:13 am

I’m having a problem that might be similar – suddenly yesterday i can’t send emails – i can send out if i connect one computer directly to my adsl modem, but as soon as a go through my router i can’t send any emails – my smtp server is telus. Do you have any ideas what might be causing my problems?

Comment from Doug Alder
Time: January 17, 2006, 12:56 pm

That appears to be a router issue Diane. Try powering down the router the restarting it – that will refresh the IP address on it. If your router has a clone feature where you can set it to clone the MAC address of the ADSL modem you should use it. THat way Telus will only see one MAC address and you’ll have fewere problems. If your router does not have that capability then log into your account at Telus and make certain the MAC address for both your router and DSL modem are registered.

Comment from Alan Smithee
Time: June 16, 2009, 5:53 pm

It’s quite simple to use your Telus email that was assigned to you, I used to work in tech support for various US cable internet co’s, you check “server requires authentication” then use the telus email login and password – it’s as simple as that, and you have port 25 back, good in case your mail server doesn’t support port 465. I understand it’s frustrating but I think you’ll find almost every residential ISP does block port 25 now. They have to allow for the idiot factor/lowest common denominator – those people whose computers are riddled with viruses and are clueless.

If you choose to run a business type operation from a residential account – and many people do – especially teleworkers etc, it’s just a hurdle we have to deal with. It’s not really that big a deal, and rather than beating your head against a wall, if in doubt call your isp or view their webpage for info on mail servers, or use the telnet command : For example, type:
telnet mail.examplemailserver.com 25

Comment from Doug Alder
Time: June 16, 2009, 6:10 pm

Alan – I think you misunderstood the problem. None of us actually want to use our Telus email accounts. In my case I was trying to send out via me Telus connection through Port 25 on my own server that is most definitely not on a Telus IP (I work for a data center). Because that port 25 was off Telus’ network I had to resort to port 465 and authenticate, not with my Telus account info but with the account info for my user name on my own server mail.thealders.net

Comment from Doug Alder
Time: June 16, 2009, 6:15 pm

To add to that it’s not that they are blocking Port 25 for IPs off their network (like you said everyone is doing it now) it’s just that they didn’t tell anyone they were doing it and if you look at the date of the original post you’ll see that it was around the time that ISPs started doing that so it was not all that common. In other words it was a head banger at the time. Also please note that in addition to me working for a data center I used to manage tech support for a large ISP in BC back in ’97-99 I’ve been on net since 1992 and I’m not exactly new to the game

Comment from Alan Smithee
Time: June 17, 2009, 2:18 pm

Fair enough, not to be a troll but (and I agree it would have been better for Telus to have told us) but, rather than being a head banger, wouldn’t it have been easier to ask telus or check or telnet sooner rather than later? If I can rx mail and not tx it, that’s one of the first things I’d look at, as well as firewall, although I must say I’ve had a lot of practice, that was one of the most common issues I dealt with.

Who otherwise monitors Telus for such news? I suppose they could print something on their bills but it’d be gibberish for so many customers, and it might really wig out the tinfoil hatwearers. I doubt many people even visit the Telus pages, I only do when I have an issue, or I want to get some specific info, otherwise I might not look for months. So I’m not sure how they could effectively let us know. I guess ISPs still run very much on the model of pocos or telcos, we didn’t care what they did, and didn’t expect to hear from them unless there was a pending known issue that’d affect us, we just wanted it to work without knowing too much about it.

As for ‘using’ your telus email account, you wouldn’t have to, except for the authentication – no email would actually pass in or out of the telus email, all the telus mail server does is check – “telus user? Yep, there’s the authentication, and we have them registered – pass the mail through.” As I explained to my customers, the telus email address was no more than a placeholder or id card, just to gain entry.

Very occasionally I will use telus or whatever isp I’m on’s email if I have to, but it’s good to have up one’s sleeve.

I would not trust an isp’s free email account for anything important. I’ve seen Openwave crap out too many times (and I assume Telus uses Openwave like most others do) – and if you were late on your bill, you’re cut off from your mail.

If I went back into business again, whilst I think having an email address @yourownnameorserver.com is a lot more professional, I’d be wanting to probably use a free service like Yahoo or gmail to host the actual mail (by forwarding or some such) – not that many small enterprises have the backup and redundancy of a Yahoo or Google. Can’t think of the last time I had any of those sorts of issues.

I think in small enterprises it may become more prevalent to use ‘cloud computing’ eg google apps as a way of keeping overheads down, then you’re letting them provide all the backup etc. Of course that does involve other sorts of risk.

Comment from Ken
Time: October 8, 2009, 8:47 pm

Interesting how I have come upon a similar problem with a Telus hosted business adsl service circuit. I have this client that has a MS SBS server with exchange 2003 using a POP connector. If you don’t know a POP connector pulls mail from an isp to the exchange IS but only every 15 minutes so in this light speed world we live my client is not satisfied with waiting on the phone at times for people to send business critical emails while they or on the phone. So the solution is to configure via an MX record the SNS server as a mail host – should not be a problem in the world of IT I come from there are email servers all over the world that do this. Here is where it gets complicated and my experience with Telus begins to show what kind of ethics and service they provide.

I am an experienced professionally certified MCSE with 10 years experience and have lots of experience with exchange in the corporate world. Being diligent I know that for me to make this change I need to be able to send and receive smtp on port 25. My way of testing is to fire up TELNET and open it to xxx.xxx.xxx.xxx 25, a successful connection is rewarded with an ESMP response from my exchange server. No such luck on this circuit even though it is a Telus business plan with a static IP. My next step is to call telus support. Speaking with a few techs I have never heard so much garbage technical advice in all my life. For starters according to one of the techs at shared hosting services for my TELNET test to work I would have to be connected to the internet on telus. I respond to this by telling that that makes no sense, explaining that mail gets delivered on the internet from mail server to mail server. What if I am a mail server in Australia on telstra and a user with a mailbox sends to a user on my exchange server, it should be delivered to whoever hosts my domains mail even if thats me in my office with the telus business plan. That got my problem escalated to a level 2. He then did the same trouble shooting with telnet that I did and the connection continued to fail for him. Then he explains that it must be a hardware problem and that I should remove the router I am using re-ip my exchange server and put it directly on the internet. I decide I dont really want to do this and explain to my client I am going to get a new router and try that out incase its the hardware I am using.

A month later I install the new router configure the rules (sonicwall) do some external port scna against it and see that port 25 does not respond and in fact my scanner basically jumps over 25 like it does not exist. I test my exchange server from inside my network and I can connect on port 25 from the server locally, and to the loopback ip. I test externally and still no connection with telnet on port 25. Hmmm so I call telus and open a ticket, this time they escalate immediately, an hour later I get a call from a tech named David who tells me he has checked with the network team and there are no blocks on port 25 and that there is no problem and it must be my hardware. I debate this with him for a while and explain all the tests i have done. He tells me if I want to continue trouble shooting this problem I need to connect the mailserver to the adsl modem. In haste i decided to comply. We registered it on the network and rebooted, and still no connection on port 25 just like i thought.

So to make a long story short, there is still no resolution to this problem and my client who is paying for business class service is not able to host their own mail server because inbound smtp on port 25 fails. I tested it on port 26 just to see and it works. The frustrating part about this is the attitude of every telus employee I have talked to is that telus is right and no matter how much proof you have showing that there is a problem with their network they point the finger right back at you implying it something you are doing. They all seem like lazy corporate deflectors of work and systemic beauro cratic ticket generators who’s mere existence is to perpetuate a bi weekly pay stub.

Comment from Doug Alder
Time: October 8, 2009, 9:20 pm

You got it Ken – personally if I were you I would switch to the secure port (465) and tell Telus to go fuck themselves – their tech support is so bad it is enough to make even the somewhat geeky like me cry. You couldn’t pay me enough to talk to them, and fortunately I don’t have to btw – if you ski Red or Granite Mountain let me know – we’ll get together for a coffee or something

Comment from Ken
Time: October 15, 2009, 7:32 pm

I have had a few calls back and forth to telus and the outcome is that ‘I give up’ my client will not be able to receive emal directly. The call was closed today by the telus escalations team. The belive that there is no problem with their network and they have had no other complaints and they consider it a server side problem which they do not support. I give up because I know the server work s fine and accepts connections on port 25.

I really think I am being lied to. This lie is a very small one perpetuated by a large corporation. I dont think Jason in telus escalations is a lier, but someone in the telus NOC definitely is. Who does this lie help – my guess is know one, what it really does is perpetuate poor ethics and further solidify the the new age of corporocity. Its clear evidence to me that the corporate collective mind is not going to guide our world into an age of enlightenment if it continues to support its own self serving ways.