I'm glad, that I'm using "a large competitor of Telus"
And I agree with a couple of other posters, there are 2 entirely separate issues:_ inbound_ traffic vs. blocking _outbound_ traffic;
Blocking _inbound_ traffic can be argued to uphold the service level agreement (SLA); To be honest, I think the SLAs blocking servers are antiquated and unrealistic. All kinds of P2P technologies including BitTorrent, NetMeeting and a number of multi-player games, pretty much everyone has a server. My email server and web server produces less "server" traffic, than many of those other servers. So if there's a bandwidth issue, let's have SLAs, which talk about bandwidth, not about servers.
Blocking _outbound_ traffic has nothing to do with preventing servers. Telus blocking outbound port 25 impacts everyone using an email server outside of the Telus network, which includes people using their work email servers from home, or using other email service providers. So this is clearly impacting people, who are NOT running servers. The reason for this is clearly spam fighting. Scott, who works for "a large competitor of Telus" has hit the nail on the head. Any self respecting network traffic manager, and any intelligent ISP, should be able to figure out the difference between a spam flood spewing out of port 25 of a customer machine and the odd port 25 legitimate email message. So, selective temporary blocking is not nuclear physics, rocket science or brain surgery. Another approach might be port 25 throttling, essentially slowing port 25 traffic from customer machines down, so spam floods become spam trickles, but regular emails stay the trickles that they are.
So, I find the Telus behavior quite indefensible.</rant>
Anyone wanting to use ADSL rather cable based ISP connections, should check out other ADSL service provider(s) in Calgary. They typically use the Telus last mile for cabling, but I'm not sure, if they use the Telus IP network, or if they have the same or other port blocking issues. According to their web site, nucleus.com seems to have a "no web or ftp server" policy, but I don't know, if they enforce it. I believe some of the CLUG executive work for nucleus, and they are probably biting their email tongue, so as not to appear, that they are using CLUG to promote their employer.
I'm NOT working for nucleus, and I'm not using them at the moment, but if I was hunting for ADSL service, I would give them a good look. I do NOT know, if their policies are any better than the one's from Telus, but if they are, they deserve to be considered as another option for broadband services.
I sure would be interested if anyone knows more about the Nucleus approach to this.
...Niels
Scott wrote:
First of all, full disclosure: I work for a large competitor of Telus. :)
None the less it should be known in order to be fair to Telus that blocking 25/TCP outbound is something that pretty much every ISP has to do to some degree at one time or another, in order to deal with outbreaks of worms that propagate themselves via email from the machines they infect. Of course, various other ISPs have often been more accurate with their filtering rules to only block infected hosts and only so long as to weather the storm. The down side to this is it is always a reactionary measure and you don't get to control the initial spread of the worm. How bad can it be? Recent outbreaks in the last 2 years have seen upwards of 25% of entire customer bases infected. I would venture to guess that this decision by Telus is to try to get the jump on the next worm outbreak. It's not necessarily the best approach but it's important to recognize when judging the actions of an ISP in this regard that (a) 95% of the high speed customer base is too uninformed to protect itself and (b) there is no good solution that scales to a large ISP yet found.
That having been said, in my subjective opinion permanently blocking 25 outbound is overkill and too intrusive (particularly on an ISP famous for their poor mail servers). Furthermore, there's really no good explanation for the inbound blocks, and I don't know why anyone would tolerate that sort of thing. But it's a free market and you have a choice, so in the end if you're not happy with your ISP, the ball is in your court.
- Scott
At 12:09 AM 04-08-27, Darcy Brodie, CJL wrote:
I have been told that if Telus holds the MX record for your email server, that they will not block the port
Darcy
Tomas Florian wrote:
Over the last month I have been noticing slow but sure degradation of my internet service. I have two Linux boxe hosted outside of my home. They are SMTP servers so they use port 25 and strangely enough one day I noticed that I could not get into it from home. The connection always timed out. I thought it was down, I thought my firewall on the other side was messed, but whenever I tried to connect to it from non Telus ISP it worked. I thought coincidence, something must be wrong with my firewall and I kept digging (and putting the problem off until I had more ideas). Today I was trying to setup some temporary web server and mail server at home. Punching NAT forwarding in my Monowall router did not work, I tried it left and right, up and down … no luck. I tcpdumped the thing until it could not dump no more. I upgraded everything I could.. I reset everything I could. And then it finally clicked in: “It’s as if there is a firewall on the Telus network” and then I though to my self … “Firewall on an ISP? No? It could not be … That is just …. well …. retarded!!” I actually gave up on this idea of a firewall were it not for some angel who somehow googled me into this thread: http://www.broadbandreports.com/forum/remark,10921793~mode=flat <http://www.broadbandreports.com/forum/remark,10921793%7Emode=flat>
Finally proof of the impossible.
You guys probably already know all this “news”. But as you can imagine I’m in shock :`-( …
I feel as if Telus cut of my right testicle.
My lucky ports are gone:
25
80
110
And those are the only ones that I do know about, I can’t even begin to imagine what else they are blocking that I don’t even know.
So what do I do now? What did you guys do?
I was thinking of VPNing my whole infrastructure and keep it out of Telus’s dirty hands but I’m so so afraid that they will block the VPN too … they got me … :`-(
… ooh shit … I just had a bad though … my SSH? Will that be gone too?
I feel like I’m at my high school computer lab … everything blocked off … it’s making me claustrophobic.
Ok I’m going crazy here … better stop :-P LOL
Happy thoughts of bits zooming unhindered through the wires … smiling collision free … switched … routed arriving happily in their cozy listeners
Happy thoughts of bits zooming unhindered through the wires … smiling collision free … switched … routed arriving happily in their cozy listeners
Happy thoughts of bits zooming unhindered through the wires … smiling collision free … switched … routed arriving happily in their cozy listeners
Happy thoughts of bits zooming unhindered through the wires … smiling collision free … switched … routed arriving happily in their cozy listeners
Happy thoughts of bits zooming unhindered through the wires … smiling collision free … switched … routed arriving happily in their cozy listeners
Happy thoughts of bits zooming unhindered through the wires … smiling collision free … switched … routed arriving happily in their cozy listeners
Happy thoughts of bits zooming unhindered through the wires … smiling collision free … switched … routed arriving happily in their cozy listeners
Happy thoughts of bits zooming unhindered through the wires … smiling collision free … switched … routed arriving happily in their cozy listeners
You don’t realize how much you love something until it’s taken away from you … slowly .. you adapt … you think that it is all in your head … you adapt some more and next you realize that it is all gone. It’s like some drama/horror movie.
Ahh … very therapeutic LOL … :-P… tommorow’s therapy will involve a telephone call to Telus on this topic
Sorry for all this venting … and thanks for not blocking my email (or we don’t know yet, until I hit the send button)
Tomas
------------------------------------------------------------------------
_______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
_______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
_______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
_______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
