U

Visitor

 • 

9 Messages

Wednesday, January 18th, 2023 7:29 PM

Closed

Port 25 unblock, CSA "unable to help"

Per other requests here, I am trying to get port 25 unblocked for personal use on my internet. I have an IH ticket (you can probably see it from the backend, but can provide number if needed).

Like this post: https://forums.xfinity.com/conversations/email/port-25-unblock-art-of-the-business-as-usual-runaround-and-is-there-anybody-out-there/636861fc92a15b227c29043f, I got the runaround from CSA. Telling me it is not possible, FTC says it's not allowed, spamming me with articles on why it's a security risk, informing me of spamhaus. And eventually saying they tried to unblock it but it failed, so I'm out of luck.

@XfinityCSAEmail, can you please assist and get my port 25 unblocked? I am aware of what it is, what it does, and why it could be bad. But I need it to run my internal SMTP mail relay for my domain. I am aware that I am responsible for traffic going out over port 25 from my network. The relay only accepts email from my domain, and only internally from my network, and I have the SPF record setup to ensure it will get received by destination mailservers.

Problem Solver

 • 

1.4K Messages

11 months ago

I don't think you're going to have any luck with a port 25 unblock on a residential account, and not a static IP with business account.  It's also going to be blocked every time you get a new IP address out of the pool, or anytime the IP block is shuffled. 

What you can do is use a relay service for a secondary MX that will redirect your mail to a port of your choosing.  Pick one that isn't blocked.  Runs about $10-15/year usually and can even work with dynamic DNS. 

This can be a spam problem as backup mail servers are usually targeted for spam, just because they figure you are caching mail when the primary goes down and you probably aren't going to have the same protection on it.  The relay source is going to look legit to your mail server, so keep it in mind for your own spam control.  You usually have to do some other content filtering/attachment blocking in this configuration if you don't have a hot fail-over.

What you are really looking for on a mail server is high availability.  That isn't going to happen with random IP address changes on a residential account anyway.

Official Employee

 • 

553 Messages

11 months ago

Hello @user_cbb5b3, thanks for reaching out for help on our forums! At this time we do not support port 25 for transmission for email. Please configure to port 587 instead. Refer to this link here for additional details: https://www.xfinity.com/support/articles/email-port-25-no-longer-supported

Visitor

 • 

9 Messages

@XfinityNico​ I am not trying to access my email over port 25. Using port 587 is not going to work for me. Please stop sending me the same articles I have already acknowledged. Yes port 25 for sending email from an end user email client is bad. Yes port 587 (or 465) is the preferred way to go. I know.

And yes, the FTC suggests that port 25 be blocked as it is too easily abused on the internet. Sure.

I've seen the articles. CSA has sent me all 4 or 5 of them.

Having acknowledged all that, please now unblock port 25 for me as I need it.

Official Employee

 • 

553 Messages

Unfortunately, we do not unblock port 25 while you have service with us. Please find an alternative port to use. 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Visitor

 • 

9 Messages

This article literally says you will: https://corporate.comcast.com/comcast-voices/updated-management-of-smtp-port-25

I am paying for an internet connection, and instead I am getting a regulated semi-blocked connection.

You are my ISP, not my security provider.

If I could switch I would, but you are literally the only broadband provider in town. Please do your job as an ISP and give me the internet connection I am paying for. This includes unblocking port 25 so I can use it.

Official Employee

 • 

806 Messages

We apologize @user_cbb5b3, but you will have to reach out directly to CSA to request this again. 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Expert

 • 

29.9K Messages

@user_cbb5b3 

When you talked with CSA did you explain to them why you needed port 25 unblocked?  If you didn't give them a valid reason they're just going to send you in circles and not do it.

And, FWIW, the customer in the link above was not doing the same thing that you are doing.

https://forums.xfinity.com/conversations/email/port-25-unblock-art-of-the-business-as-usual-runaround-and-is-there-anybody-out-there/636861fc92a15b227c29043f

I do need to run diagnostics to services out on the 'net.

That includes the ability to connect to other mailservers on the 'net, 
to verify operation (e.g., telnet server.example.cpm 25) or grab/check
an SSL certificate (e.g., openssl s_client --connect server.example.com:25 -starttls smtp).

That connection is from a simple command line shell.  It does not involve any email MTA, etc.

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Please mark an Accepted Answer!tick

Visitor

 • 

9 Messages

9 months ago

Latest and greatest (Still working on this. CSA is not helpful at all.

Got CDA, after a lot of effort (and initially trying to send me to internet support, which I told them I did not want as they would be unable to help me), they said they found it, I would need to fill out a form, wait two days and restart my modem. They didn't have the form but would do a HOT TRANSFER to someone who would. Got transferred, she said her goodbyes, and then INTERNET SUPPORT asked me what I wanted and started troubleshooting my issue.

Comcast 11 - User 0.

forum icon

New to the Community?

Start Here