I will tell all our costumers to not use econophone/tele2 anymore.
That is no behavior!
And on the econophone FAQ is nothing about that.
But to be honest i did not think about tele2 FAQ at the first time.
Greets
Michele
Hi
first this is no local decision. We never liked it. I know it is unpopular and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections. But all customer were informed several times. We use Port 587 with SMTP Auth on our servers and many other provider support this, google as exemple and also the bigger ISP's in Switzerland. Sorry for the inconveniences.
Best Regards
Candid
"Michele Capobianco" <Michele.Capobian To co@online.ch> swinog@swinog.ch cc Sent by: swinog-bounces@li Subject sts.swinog.ch [swinog] does Econophone block port25
04.04.2007 09:09
Please respond to swinog@swinog.ch
I will tell all our costumers to not use econophone/tele2 anymore. That is no behavior!
And on the econophone FAQ is nothing about that. But to be honest i did not think about tele2 FAQ at the first time.
Greets Michele_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Candid Aeby wrote:
Hi
first this is no local decision. We never liked it. I know it is unpopular and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections.
Is that outbound from $customer -> $internet, or is that also for inbound $internet -> $customer?
Having a block on port 25/tcp, 137-139/udp and some other magic virusports is acceptable on end-user IP's. BUT as long as the user of that line has the option to easily turn this off. Eg using a webinterface where they can login using their user/pass and then enable it again, that is disable the block. If that is not possible, then when a user moans about not getting "Internet connectivity" they are quite right.
Users who are not the typical techy, can always use 587 as you indicated and should, in general, keep the block on.
To avoid problems there, make a simple policy: if found spreading a virus/spamming and having disabled the blockage: no Internet for a week. Or a similar measure that can of course be lifted after paying a fine.
Greets, Jeroen
Hi
we are blocking Port 25 from customer to Internet. That's it. No blocking of other relevant Ports ( 587, 465, ...).
We will not change the policy, at least not now or soon. Even there are some good solutions. As i mentioned before, not my and not a local decision.
By the way we are no business provider, we are in the residential (mass) market. So no special solution for 1 customer.
Best Regards
Candid
Jeroen Massar <jeroen@unfix.org > To swinog@swinog.ch Sent by: cc swinog-bounces@li sts.swinog.ch Subject Re: [swinog] does Econophone block port25 04.04.2007 09:42
Please respond to swinog@swinog.ch
Candid Aeby wrote:
Hi
first this is no local decision. We never liked it. I know it is
unpopular
and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections.
Is that outbound from $customer -> $internet, or is that also for inbound $internet -> $customer?
Having a block on port 25/tcp, 137-139/udp and some other magic virusports is acceptable on end-user IP's. BUT as long as the user of that line has the option to easily turn this off. Eg using a webinterface where they can login using their user/pass and then enable it again, that is disable the block. If that is not possible, then when a user moans about not getting "Internet connectivity" they are quite right.
Users who are not the typical techy, can always use 587 as you indicated and should, in general, keep the block on.
To avoid problems there, make a simple policy: if found spreading a virus/spamming and having disabled the blockage: no Internet for a week. Or a similar measure that can of course be lifted after paying a fine.
Greets, Jeroen
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
<< Attachment removed : signature.asc >>
Candid, The guy said: Having a block on port 25/tcp, 137-139/udp and some other magic virusports is acceptable on end-user IP's
WE DO and many ISPs block Netbios ports to protect customers. But this is totally ok. We block in LNS:
access-list 130 deny tcp any any eq smtp access-list 130 permit ip any any access-list 131 deny tcp any any range 135 139 access-list 131 deny udp any any range 135 netbios-ss access-list 131 deny tcp any any eq 445 access-list 131 deny tcp any any eq 593 access-list 131 deny tcp any any eq 12345 access-list 131 permit ip any any
Candid Aeby <candid.aeby@tele 2.com> To swinog@swinog.ch Sent by: cc swinog-bounces@li sts.swinog.ch Subject Re: [swinog] does Econophone block port25 04.04.2007 13:45
Please respond to swinog@swinog.ch
Hi
we are blocking Port 25 from customer to Internet. That's it. No blocking of other relevant Ports ( 587, 465, ...).
We will not change the policy, at least not now or soon. Even there are some good solutions. As i mentioned before, not my and not a local decision.
By the way we are no business provider, we are in the residential (mass) market. So no special solution for 1 customer.
Best Regards
Candid
Jeroen Massar <jeroen@unfix.org > To swinog@swinog.ch Sent by: cc swinog-bounces@li sts.swinog.ch Subject Re: [swinog] does Econophone block port25 04.04.2007 09:42
Please respond to swinog@swinog.ch
Candid Aeby wrote:
Hi
first this is no local decision. We never liked it. I know it is
unpopular
and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections.
Is that outbound from $customer -> $internet, or is that also for inbound $internet -> $customer?
Having a block on port 25/tcp, 137-139/udp and some other magic virusports is acceptable on end-user IP's. BUT as long as the user of that line has the option to easily turn this off. Eg using a webinterface where they can login using their user/pass and then enable it again, that is disable the block. If that is not possible, then when a user moans about not getting "Internet connectivity" they are quite right.
Users who are not the typical techy, can always use 587 as you indicated and should, in general, keep the block on.
To avoid problems there, make a simple policy: if found spreading a virus/spamming and having disabled the blockage: no Internet for a week. Or a similar measure that can of course be lifted after paying a fine.
Greets, Jeroen
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
<< Attachment removed : signature.asc >> _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
<< Attachment removed : ATTSEJXT >>
Hi
and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections.
Is this a reaction to the new FMG anti spam requirements ?
We use Port 587 with SMTP Auth on our servers and many other provider support this, google as exemple and also the bigger ISP's in Switzerland.
We support smtps (port 465) and submission (port 587) as well.
Regards Erich
Hi
Is this a reaction to the new FMG anti spam requirements ?
No, it's due to massive Spam and Virus Problems and blacklisting. I they hoping this will help.
Some people here know me personal and know i'm strictly against blocking of any kind, except for an emergency.
Best Regards
Candid
-
Anthony Drozdek -
Candid Aeby -
Erich Hohermuth -
Jeroen Massar -
Michele Capobianco