SMTP Port Blocking: A Confession
My name is James, and I am an AOL user.
Like they say, the first step is admitting you have a problem, and I have certainly been having those in the past few days.
When I bought my computer 3 years ago, I knew next to nothing about anything computer-related. I subscribed to AOL dialup because my flatmate had as well, and the nice integrated browser/email/chat software looked slick and functional to my untrained eye. A year or so later, embarking on my Open University web design course (building table layouts in Netscape Composer), alarm bells started to ring when my pages were mangled by AOL’s browser. Fine in Internet Explorer, and in Netscape, but AOL, despite being basically a combination of the two, couldn’t cope. More digging around revealed that AOL does many things in a non-standard way, from its popup blocking to the strange email system which did not at the time allow you to use an external mail client. I lived with these peculiarites for a while and then upgraded to broadband, which to my delight meant I didn’t have to use the AOL client at all, and was one of the better deals for high-speed unmetered access around.
However, a couple of weeks ago I suddenly noticed I couldn’t send email on any of my hosted accounts. I tried a number of different server names, having a vague idea it might have something to do with a number of different reseller domains referencing the same mail server, but no joy. An equally vague instruction from Ehostpros’ tech support people suggested changing the port number, or trying AOL’s outgoing server, but still to no avail. As soon as AOL’s tech support heard the words “not an AOL address”, out came the standard “We suggest you contact your web hosting provider” (for this read “We either can’t be bothered helping you, or don’t understand what you’re talking about”). I realised I needed to do some digging on the subject, and spent the next couple of days wandering around various permutations of the same Google search.
For the uninitiated, an Internet connection operates over a number of “ports”. Every application, be it a browser connection, a secure connection, inbound or outbound email, your own server or a database, operates on its own port. In the case of my culprit, SMTP outgoing email, this port is 25.
Or at least, it usually is.
Recently a number of ISPs have started blocking port 25 to all outgoing email servers except their own. That’s fine for your average home user, but for people like me, who have a number of different email addresses for a variety of reasons, or who would rather not spoil the professional face of their business with an email address from an off-the-peg provider, it presents a problem. They do this, they claim, in the name of cutting down on “spam” - it is, technically, possible for a worm or some other virus to get on your machine and sit there sending out thousands of emails without your knowledge. I know very little about whether blocking port 25 actually does any good, but I’m prepared in my ignorance to give them the benefit of the doubt.
Fine. So what do you do about it? Well, the stock answer is to use your ISP’s outgoing server to send your emails - this shouldn’t matter as the information on where the message has come from isn’t added by the server but is contained in the HTTP header that your email client generates. The problem is that AOL won’t let you do this either, unless you configure your client basically to pretend you’re using your AOL email address, which kind of defeats the point of having your own domain email in the first place.
The other solution is to use a different port. In theory this is easy, but it means you have to find a port that your ISP allows outgoing traffic on, and your mail server allows incoming traffic on. What I’ve found out (and there isn’t all that much published material available on this) is that policies on which port or ports to use differ widely from company to company. My hosting provider allows connections on port 25 or 26, AOL’s help pages recommend port 587, using a secure connection. They don’t say, however, that they explicitly block any other ports than 25. So I can use 26, right? Right, they tell me.
Wrong.
AOL deny that they block other ports, but I spent the best part of a day trying permutations of ports, server names, authenticated and not, and could not get a single email out. The worst aspect of this kind of problem is that technical support people take the fact that you are trying to get two different companies’ technologies to work together as an excuse to pass the buck to their opposite numbers, thus making it nigh on impossible to get useful information out of anyone. Once sent over to Ehostpros to check the details of email account settings (which you’ve already done six times), you are told to go back to AOL to investigate allowable ports. The person on the end of the phone, who is normally used to dealing with faults involving failing to plug something in, and who being in an Indian call-centre doesn’t quite understand what you mean by “Do I use SSL or TLS authentication?”, meekly offers “Well, you put your email address in the box that says “email address”, and you manfully resist the temptation to unleash the sort of tirade that Mr Blair would probably now have you banged up for. You then make the mistake of saying your server name is mail.jamestopp.com and are told “to contact mail.jamestopp.com and ask them for advice”, at which point you either go and stick your head in the oven, or go back to Ehostpros and repeat the whole sorry tale to your fourth different email help ticket guy of the morning.
As someone who believes strongly in an open Web and deplores the kind of practices that are designed to tie you in to one product for life, I find this frustrating in the extreme. I have to say also that I have generally been more than satisfied with AOL’s service over 3 years, and recognise that I do not really fall into the market they are aiming for. However, in the absence of any better ideas I am about to give them the push and move to an ISP that offers the same bandwidth at the same price, a fixed IP address and a promise not to block any ports. (It’s Eclipse.net.uk if you’re interested). Out of fairness, I’ll probably end up switching hosting providers as well, since mine doesn’t offer secure connections to their email servers.
As I mentioned above, there is a lack of information available on the Web on this subject, so I’d like to start a list of ISP’s and hosting providers and their port blocking policies on this page. I can only speak with authority on AOL and Ehostpros so far, so here they are:
Port blocking policies for third party email servers
- ISP: AOL
- Allows ports: 587 (SSL connection)
- Allows connection to own server: Well technically yes, but MAIL FROM and AUTH headers must match in order for the connection to be accepted, which is no use to anyone.
- Claims not to block any other ports, but I suspect this is untrue.
- Host: Ehostpros
- Allows ports: 25, 26 (no SSL connection)
If you’ve had a similar experience, please leave details in my comments on your own ISP and host, similar to above. I would urge you only to give information you’ve found out through experience, rather than simply by asking your tech support people, since I suspect that what these companies claim and what they actually do are rather different. Hopefully this will build into a handy reference for anyone considering compatibility between hosts and ISPs. There is of course the larger issue of how a web designer can help their clients configure email on a multitude of different platforms and service providers without wrangling with tech support every time.
Of course, I could be wrong about all this, and if you think I’ve missed something I’ll be grateful for suggestions. But the next person who asks if I’ve checked my firewall will instantly regret it.
March 13th, 2006 at 7:36 pm
In an attempt to prevent spamming, most ISP’s block outgoing mail sent through their SMTP servers from accounts that do not show an email address that is valid for that ISP. This is done to try and ensure that spammers can be easily identified. For the same reason in most cases you will have to use your ISP’s SMTP server to send mail. Basically the requirement is that when you create the account you will need to enter an email address from your ISP in the email address field or you will be blocked from sending mail.
This is a pain, but spam has become such a huge problem that something needs to be done.
As far as AOL goes, they recomment that you completely uninstall their software from your computer, set up your 3rd party email accounts and then reinstall the AOL software, this will allow the AOL port manager to configure itself to the other email accounts requirements.
This is a pain, but remember that AOL was designed as a protected little world where people who have absolutely no knowledge of computers or the internet could share the internet experience, and as such it is very restrictive to any exposure to the dangers of the World Wide Web.
You sound pretty knowledgable so I’m really suprised you haven’t trashed your AOL account by now.
March 14th, 2006 at 1:40 am
Thank you Brian.
I have now trashed my AOL account. I’m surprised to find there was in fact a solution - AOL “technical support” did not suggest this to me.
April 25th, 2006 at 8:19 pm
Thanks for the link to ‘eclipse’, at the end of this month i’ll probably switch. As I don’t want to pay and not use the whole month!
April 25th, 2006 at 11:41 pm
Yep, they do not block any ports and so far I’ve had no problems with the service. Their 2Meg is faster than AOL’s 2Meg as well.
May 24th, 2006 at 4:14 pm
AoHELL’s public policy is not to port block, however behind closed doors it is a different matter altogether. They actively block 25, 26 & 27. which forces you to use 587 for SMTP traffic. This is bloody useless if you need to talk to a different mail server on 25 though. As a work around I now have set up an authenticated intermediate server that recieves mail on port 587 and relays it out on 25 for my customers that I could not talk away from AoHELL. I do make a small charge for this service on a monthly basis because It costs me money to run the server.
As a footnote AOHELL do block other ports in the range as well. Just try a port scan from inside AOL’s service and see what you com up with… You’ll be surprised at what has been castrated!
August 7th, 2006 at 8:55 am
Thanks for the info. I too spent hours with incompetent techi’s, before I did my own investigation and found that AOL is the problem.
I have already convinced over 500 of my customers to switch to another provider, and I am working on the remaining 2000. Goodbye AOL!
September 2nd, 2006 at 6:50 am
Godaddy (www.godaddy.com) allows email relay setups in Outlook.
September 18th, 2006 at 6:45 pm
Thank you for the above information. It is just a shame it has taken me a week of hair pulling frustration to find it. AOL tech support have absolutely no idea about these issues and have given me the complete run around.
I have requested my migration code and shall be leaving AOL forthwith. Its sad because I’ve been with them 3 years but their policies interfere with work. I am not technically minded and cannot understand work-around options etc. I just need to fire up Outlook Express and send emails from my own domain. Is that asking too much? Anyway I’m sure this is not a ranting blog i’ll stop there. May I suggest that you might try to optimise this page in the search engines by including keywords ‘0×800ccc0e’ etc, etc and ever so boringly, etc!
Thanks again.
September 26th, 2006 at 9:08 pm
I’ve just moved to AOL (I know it’s stupid but my exchange has no LLU’s and it’s cheap) after the demise of Euro1Net and I quickly came to the same findings as yourself - no thanks to AOL or eHostPros. This information should be published by both sides so an informed decision can be made when you’re signing up.
September 29th, 2006 at 1:30 am
Thanks everyone for your input so far. After 7 months with Eclipse I am pleased to report that they do not block ports, or at least not port 25. Their service is pretty good - there has been a fair amount of downtime recently but I’m told it’s temporary and is to do with BT upgrading the lines.
October 7th, 2006 at 8:08 am
Had the same problem and change the SMTP port to 587 WITHOUT selecting the SSL checkbox.
But that can vary from provider to provider.
November 7th, 2006 at 1:13 am
F.Y.I: Yes thank you all for the info .. . very helpful.
My ISP is AOL and using Outlook Express sharing both AOL and BT emails. I have noticed the SMTP port 25 etc stopped working since afew weeks ago, with your comments above, I have just updated the BT SMTP setting to 587(instead of 25, 26etc) without clicking on the SSL . . . it worked… but agan who knows how long for before they change their mind again?
November 28th, 2006 at 11:14 am
I have been connected with eclipse for 4 months now.
Suddenly my email is now saying, eclipse will not allow connection on port 25 ???
what do you guys think ??
November 29th, 2006 at 2:19 am
Still working fine for me Dan, though I suppose they could be phasing it in across several servers. Have you asked them? I haven’t had cause to deal with Eclipse’s tech support yet but they can’t be any worse than AOL’s.
December 17th, 2006 at 1:45 am
Intersting feedback here, I am with AOL and have been using port 26 no problems. However I have just moved all my websites to a new hosting company where the servers are based in the states. Once this was done I was unable to send anything via port 26 and can send probably 1 email every 10 mins via port 25. however the guy that runs the server has set up port 587 and has sent a test mail though my account from his provider and it sent fine. Now i have treid every configuration under the sun with port 587 and it wont send anything. I wonder if the email is blocked depending on where the IP of the server is based. Just an idea i really know little about smtp apart from my aohell problems.
MY Rant:
Agree with the above posts about AOL tech support. I know all companies have to employ a small amount of special needs people but AOL’s policy seems to employ 99% special needs. If anyone with special needs reads this dont mean to offend, however if you require a job try AOL, tech knowledge wont be required.
Thanks for listening I feel better now
January 11th, 2007 at 3:41 pm
use secure tunnel (easy to find from google) proxy all your traffic thru one port this stops any scumbag isps blocking traffic
January 16th, 2007 at 11:20 am
Wow - so everyone else had/has the same problem with AOL. Yes I can happily send using AOL on port 587 but hey I don’t want to - I use a real company. I convince everyone to move away from AOL as it just causes too many problems and is not consistent - the same settings sometimes work and sometimes they don’t.
Get a life, get a MAC.
Sorry haven’t got a life as I can’t afford a MAC but my wife has and all she now worries about is using the MAC to complete work.
Running a PC is like spinning plates!!
April 13th, 2007 at 2:52 pm
Dandy,
Please elaborate how using a MAC would avoid these AOL issues?
Anjam Sohail
June 17th, 2007 at 4:06 pm
Just taking my mother off AOHell. Their ‘tech’ support is amazingly awful - the guy was actually rude to me! If i was a share holder in AOL I would be very nervous.