Outbound SMTP redirection.

K

korval

Member
Joined
Jul 9, 2007
Messages
25
Reaction score
0
Has anyone else noticed that Mweb intercepts and redirects all outbound connections via TCP 25 to a proxy? You can test this yourself, just port scan any external host and without fail you'll see that 25 is always open on the scanned host. :confused:
 
Old news.

Most ISP's is doing this in order to combat spam.

It is only with static IP's that you can SMTP directly to the Internet, great if you host your own email server.

Dymanic IP's are blacklisted by default with Spamhaus etc.
 
I understand why it's done, but interception is still a shady way to do things. I'd rather have a policy in place which blocks outbound 25 after excessive and obvious spam traffic. Also, redirecting the end user a landing page when they try browse, warning them of a possible infection.
 
korval said:
I understand why it's done, but interception is still a shady way to do things. I'd rather have a policy in place which blocks outbound 25 after excessive and obvious spam traffic. Also, redirecting the end user a landing page when they try browse, warning them of a possible infection.
Click to expand...

Point 1 is possible but with Point 2 you'll cause a problem with open wifi points, should some ijit's phone/laptop spew spam...
 
I program wifi hotspots at work using Mikrotik captive portals. By default, we intercept and redirect traffic outbound 25 traffic. This grabs the connection and routes it through our SMTP. This saves the end user from changing SMTP when using our hotspot. Though I see no need to do it on ADSL. What if I legitimately wanted to use port 25 on a remote host using my private home connection?
 
It's a real PITA with the port 25 block/redirection issue, as most of us have set up report forwarding on port 25 - and said machine uses either ADSL or Telkom Mobile (other may also apply) and port 25 is redirected.

In the case of the TM one, I send out email reports via port 26 to a SMTP server at work, listening on port 26, which then relayed it to our main mail server on port 25. Works, but is quite a kludge.
 
korval said:
I program wifi hotspots at work using Mikrotik captive portals. By default, we intercept and redirect traffic outbound 25 traffic. This grabs the connection and routes it through our SMTP. This saves the end user from changing SMTP when using our hotspot. Though I see no need to do it on ADSL. What if I legitimately wanted to use port 25 on a remote host using my private home connection?
Click to expand...

Blame the spammers for this state of affairs.
 
To get around this, one could always use a ssh tunnel or VPN. I see why Mweb does it though. They're pretty good at it too. The packets are rewritten perfectly with the address headers coming from the fake smtp host.
 
The_Librarian said:
In the case of the TM one, I send out email reports via port 26 to a SMTP server at work, listening on port 26, which then relayed it to our main mail server on port 25. Works, but is quite a kludge.
Click to expand...
You should rather use port 587. That is the designated standard for trusted mail submission.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X