Telus P*sses me off
[update June 11, 2008. From my referrer logs this appears to be a very popular post. If you are coming here just to find out how to get around Telus' blocking of Port 25 (SMTP) for servers off their network, the answer is simple. In your email program switch to an authenticated login on port 465 and make certain your mail server listens on that port - you can thank me in the comments 
]
I just spent a somewhat frustrating evening making the network here an even more complicated hodge-podge. I was working off of a Shaw Cable connection but it was not workin well with the Nortel IP phone I use for work, too much echo and breaking up of voice. So just before I went on vacation we installed a second DSL line in the house (now we have 2 ADSL and one Cable connection) .
I tried it at that time but could not get the Telus aDSL connection to see both the phone and my router. I left it unfinished while I was away and when I came back Brian and I ran another CAT 5 cable up from my room on the 2ndfloor to theattic, across the attic then down the other side of the house to the first floor where the modems are. Have I said before how much I despise cabling? Anyway, I put ends on the new cable, registered the MAC address of my IP phone and the router with Telus and the phone worked but the router didn’t. Not certain why but it has something to do with the switch in the phone itself. The DSL connection comes into the phone and then leaves the phone and goes to the router. It is done this way because the phone will not work if it has a NAT (network address translation) devise in front of it. The phone itself must be wide open to the net.
Then all of a sudden the phone stopped working on thenew cable we had run. No idea why. I clipped off the ends and abot a foot back in case I had over bent the wires while terminating htem and put new ends on - twice - it just wouldn’t work. Now this posed a problem as I only had one good cable running downstairs now and if I was going to be onTelus I needed two, one for the phone and one for the router (it worked OK with one cable on Shaw but not on Telus) . I kept examining the other part of our network that feeds Brian’s office and the downstairs computers for Lora and the kids, and got myself into one of those mental traps you just can’t see your way out of. On that part of the network the DSL line comes in andis then put to a simple switch (no NAT) and the Brian’s IP phone is plugged into that switch then a second line is plugged from the 8 port router downstairs into the switch and Brian’s computers and the downstairs computers and printers are plugged into that router.
I knew the only the only way I could make my phone and computers work off the second Telus line was to copy that setup and here;s where I got myself into that mental trap. My router is up in my office on the second floor. There is only one working line going downstairs. I thought I had to put the switch downstairs (why I don’t know I just got myself trapped in that) and plug my router and he phone into it down there - not possible with only one line. Finally Brian mentioned the obviuos - use the one good line to plug into the ADSL modem then upstairs here put a non NAT switch with that line plugged into it, plug the phone into the witch and plugmy router ointo the switch - that scenario only requiredtwo short cables, of which I have plenty. Fast trip down to Trail, $30 switch and 20 minutes work later and I’m back up and running.
So far so good until a few minutes ago when I went to send my first email. It simply would not go. I could receive but not send. God damned Telus has blocked all mail on port 25 (SMTP) from moving across their network unless it is through their SMTP server. So I can no longer use mail.thealders.net to send my mail with. I hate monopolies!
And that’s what the network “looks” like now (we’ll ignore the various rats nests of cabling that runs through the house and under my desk )
Related posts:
Golf: Because it’s good for you »
Comments
Comment from Doug Alder
Time: 9/17/2004, 2:14 pm
Holy Sh*t - look whose sorry ass the cat dragged in Hey Adam how the hell are you
But Adam I am on a Telus IP address and just using my domain - if Telus (who I believe you still work for) had it’s act together it would see that and let it through - theonly SMTP mail it should not be letting through is that which originates from an IP off their network entirely. My DSL connection is on Telus my domain is not. It is blocking any attempt from my DSL connection on their network to send through my domain’s smtp port and that’s not right.
and Adam - you’re still fired!
Comment from Doug Alder
Time: 9/17/2004, 2:24 pm
Actually Adam I just realized I didn’t explain myself very well there. Telus is blocking any attempt on the part of my mail client, which resides on a Telus ADSL connection from connecting to the smtp port of my server which is not on a Telus IP. It is not any of Telus’ business which smtp server I choose to use, once I connect to my server and send it is off of Telus’ network. All Telus should be doing is blocking smtp requests to it’s mail server that originate from outside of Telus’ network.
In other words, this is typical Telus crap that is intended to drive more business to them by trying to get people to host their domains (especially business related domains) on Telus’ servers at exhorbitant prices (and crappy service) by making it difficult to send mail, and when the mail is sent any examination of the headers will show Telus as the smtp server and not the domain - which businesses do not like.
Comment from Adam Monteith
Time: 9/17/2004, 3:55 pm
We do quality control on clients. I’ve explicitly put port restrictions on any Doug Alder-type packets being passed around the network. Apparently, if they have a red-beard, complain about young people being stupid, Bill Gates being a nerd, and wish for the good old days where sending jolts of electricity though terminals to shock tech-support callers, we can’t allow their specific viral tendencies to spread
As for the port being blocked, you could try calling them and telling them to fsck off. If they still refuse, tell them to fsck off anyways, and use something like no-ip.com
Port blocking outbound traffic to external SMTP servers is however, still common with large ISPs. Some hullaballo about stopping spam. I don’t quite understand it, but judging from some of the architects that work around here, it doesn’t surprise me.
Comment from Doug Alder
Time: 9/17/2004, 4:14 pm
If anyone else is so unfortunate as to be reading this - Adam used to work for me when we were running tech support for a large ISP in BC (not that I would have ever admitted this to him at the time but he was the best tech I had, which is why I fired him every week) - then he went over to the dark side. 
Adam - if it wasn’t for the fact that my Nortel VOIP phone doesn’t work worh a damn on Shaw’s network I’d go back to them. Nah I’m not going to call Telus -not worth the aggravation. Besides after all my work with CMON. KAST and IPWorld my name is somewhat persona non grata in some Telus circles so I don’t think complaining would get me very far
Heheheh - I’ll never forget the look on your face the day I got Brian to fire you in the staff meeting
Comment from Andrew
Time: 10/19/2004, 4:44 pm
Could somebody explain me the theory and reason of blocking 25 (SMTP) ports. And how this can stop spam propagation?
E.g. what will stop me to send spam mail through web-mail, or some other channels?
Why not then to block incoming POP3/IMAP ports with simple reason: don’t read the spam!
Comment from Doug Alder
Time: 10/19/2004, 5:32 pm
The ostensible reason for this is so that when clueless customer A gets his computer infected with a backdoor trojan someon off of Telus’s network can’t use that computer as an open relay SMTP port. The real reason is they want to control their customers. They think that if they do this and you really want to use your domain’s own SMTP port and you are on their ADSL (or whatever) network you will then rent server space off them instead of someone else. Therefor more revenue. That’s the real reason - but it does stop some open relay spam.
Comment from Anonymous
Time: 11/16/2004, 12:00 pm
I got the same problem, guys. Furthermore, some organizations are using a Telus ISP account for the basis of hotspots, meaning people who connect to these hotspots cannot send email. I’ve found 2 such hot spots recently.
I can’t understand why they block port 25. So much for personal freedom on the Internet! Telus always has been a screwed up company.
I WONDER WHAT THEY WILL DO TO BLOCK VOIP ???
Comment from Tim
Time: 11/27/2004, 1:05 pm
I’m not to sure when Telus starting blocking this as it was only today that all of a sudden i couldn’t send outgoing mail. from research on the net it would seem a little further back but it seems someone at telus discovered…oh hey this guy is still sending through a third party smtp server let’s shut it off.
anyways with searching around i finally found this link which lists everything telus has blocked:
Comment from Kirk Lins
Time: 12/31/2004, 11:46 am
You went through the telus bs too eh!
I have a mail account on another server not on telus.
Changed my account settings in outlook to use the ssl port and it now works again.
To do this edit the properties of your email account that is not on telus.
Click Servers tab
Under outgoing mail server, check off my server requires authentication.
Then click your advanced tab
Check off my server requires a secure connection (ssl)
Change the Outgoing Mail (SMTP) port to 465
Comment from Doug Alder
Time: 12/31/2004, 12:01 pm
Hey - it’s the one and only Kirk - how goes it?
Comment from Kirk Lins
Time: 1/4/2005, 7:15 am
Hi Doug, everything going good. Now that I know that telus is blocking.
Sh*t I can’t beleive I missed that in the beginning. I had a web server that I was doing development on hosting it on my home dsl connection. Since the last time I accessed it remotely I had installed xp sp2. I thought it was something to do with sp2. I removed firewalls, re-installed firewalls, rebuilt network connections, said screw it and reloaded os. Again could not reach site from outside telus. I even went back to a different os - ahha finally the light came on, searched google and found out that Telus was blocking ports.
I do understand that it is a home connection but it would have been nice to have a notification from telus. What a waste of my time.
Anyway, I now have forwarding for my subdomain that points to my server using a different port.
mysubdomain.mydomain.com - myforwardedsubdomain.mydomain.com:81
This way I can still use mysubdomain.mydomain.com with no specific port number on the end. If I decide to move it to a dedicated server I have no problems with broken links.
BTW - Happy New Year!
Comment from Doug Alder
Time: 1/4/2005, 7:56 am
Happy new year to you too. I’m not certain how I figured it out, but I did figure it out before the guys at work did I found myself answering trouble tickets from people who all of a sudden couldn’t send mail. It’s not just Telus - it has become commonplace now.
Comment from Diane
Time: 1/17/2006, 11:13 am
I’m having a problem that might be similar - suddenly yesterday i can’t send emails - i can send out if i connect one computer directly to my adsl modem, but as soon as a go through my router i can’t send any emails - my smtp server is telus. Do you have any ideas what might be causing my problems?
Comment from Doug Alder
Time: 1/17/2006, 12:56 pm
That appears to be a router issue Diane. Try powering down the router the restarting it - that will refresh the IP address on it. If your router has a clone feature where you can set it to clone the MAC address of the ADSL modem you should use it. THat way Telus will only see one MAC address and you’ll have fewere problems. If your router does not have that capability then log into your account at Telus and make certain the MAC address for both your router and DSL modem are registered.
Comment from Adam Monteith
Time: 9/17/2004, 11:56 am
God damned Telus has blocked all mail on port 25 (SMTP) from moving across their network unless it is through their SMTP server…I hate monopolies!
Most major ISPs do this to prevent their servers being used as open proxies/relays. Nothing to do with monopolies