Announcement

Collapse
No announcement yet.

Checking to see if your ISP blocks SMTP port 25 (or any other port for that matter)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Checking to see if your ISP blocks SMTP port 25 (or any other port for that matter)

    Hello all,

    I'm currently checking to see if one of the ISPs that I deal with is blocking SMTP. My question is: Do ISPs tend to 1) simply drop all unsolicited incoming traffic on a port that they deem unwanted (E.g. port 25), or do they 2) employ some form of deep packet inspection that checks traffic on that port to see if the traffic on that port is of a specific type. Let me explain that a bit further.

    To test this out, I opened up port 25 on my firewall, but forwarded it to port 23 (telnet) for a managed switch. I also forwarded ports 80 and 5000 to the switch (5000 was just a random number I chose for testing). On a remote machine I am able to point my telnet client to [my external IP]:25 and 80. Oddly enough, port 5000 will not establish a connection. I used portQuery on TCP ports 23, 25, 80, 81, 4999, and 5000 and received these results:

    Code:
    querying...
    
    TCP port 23 (telnet service): FILTERED /* chosen just to make sure it was externally closed */
    TCP port 25 (smtp service): LISTENING /* open and forwarding to port 23 on an internal switch */
    TCP port 80 (http service): LISTENING/* open and forwarding to port 23 on an internal switch */
    TCP port 81 (hosts2-ns service): FILTERED /* chosen just to make sure it was externally closed */
    TCP port 4999 (unknown service): FILTERED /* chosen just to make sure it was externally closed */
    TCP port 5000 (unknown service): NOT LISTENING
    portqry.exe -n 205.201.215.74 -e 23,25,80,81,4999,5000, -p TCP exits with return code 0x00000001. /* open and forwarding to port 23 on an internal switch */
    So, the port 5000 oddity aside, if an ISP was blocking a port would they simply stonewall it or would they be crafty enough to DPI the traffic and snag packets based on information in a higher layer of the OSI model? Based on my testing, would it be safe to assume that this ISP does not block SMTP traffic and I could therefore use an email server onsite or is my testing model flawed in some way?

    Thanks for your input!

    EDIT: Maybe this belongs in the networking folder?
    Last edited by Nonapeptide; 6th November 2008, 03:06.
    Wesley David
    LinkedIn | Careers 2.0
    -------------------------------
    Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
    Vendor Neutral Certifications: CWNA
    Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
    Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

  • #2
    Re: Checking to see if your ISP blocks SMTP port 25 (or any other port for that matte

    Just my 2p... while some ISPs will block traffic that others won't, this largely depends on the service plan you have with them. Naturally the first place to look would be your terms and conditions.

    Whether or not they block a port or filter traffic to a port really depends on how competant they are. The ISP that we're switching away from at one office I work with is the exact opposite - the word "retards" springs to mind
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

    Comment

    Working...
    X