Re: [swinog] does Econophone block port25
On Wednesday 04 April 2007, Michele Capobianco wrote: Hey all Hi Michele One of our costumers called us and said that he cant send mails anymore. After a few Hours checking with ports and stuff it appears that he cant open a port25 connection to anywhere. All Firewalls are out now, so its the Econophone ADSL allone. Does anyone know something about that ? Yup, seems to be the same like tele2. See http://support.hostpoint.ch/index.php?page=DefconDetailPagedefcon=50 or http://www.tele2mail.com/ (a lot of text which doesn't really help neither explain in short and clear words what happened...) Greets, Michi ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] does Econophone block port25
I will tell all our costumers to not use econophone/tele2 anymore. That is no behavior! And on the econophone FAQ is nothing about that. But to be honest i did not think about tele2 FAQ at the first time. Greets Michele ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] does Econophone block port25
Hi first this is no local decision. We never liked it. I know it is unpopular and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections. But all customer were informed several times. We use Port 587 with SMTP Auth on our servers and many other provider support this, google as exemple and also the bigger ISP's in Switzerland. Sorry for the inconveniences. Best Regards Candid Michele Capobianco Michele.Capobian To [EMAIL PROTECTED] swinog@swinog.ch cc Sent by: [EMAIL PROTECTED] Subject sts.swinog.ch [swinog] does Econophone block port25 04.04.2007 09:09 Please respond to swinog@swinog.ch I will tell all our costumers to not use econophone/tele2 anymore. That is no behavior! And on the econophone FAQ is nothing about that. But to be honest i did not think about tele2 FAQ at the first time. Greets Michele___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] does Econophone block port25
Candid Aeby wrote: Hi first this is no local decision. We never liked it. I know it is unpopular and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections. Is that outbound from $customer - $internet, or is that also for inbound $internet - $customer? Having a block on port 25/tcp, 137-139/udp and some other magic virusports is acceptable on end-user IP's. BUT as long as the user of that line has the option to easily turn this off. Eg using a webinterface where they can login using their user/pass and then enable it again, that is disable the block. If that is not possible, then when a user moans about not getting Internet connectivity they are quite right. Users who are not the typical techy, can always use 587 as you indicated and should, in general, keep the block on. To avoid problems there, make a simple policy: if found spreading a virus/spamming and having disabled the blockage: no Internet for a week. Or a similar measure that can of course be lifted after paying a fine. Greets, Jeroen signature.asc Description: OpenPGP digital signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] does Econophone block port25
Candid, The guy said: Having a block on port 25/tcp, 137-139/udp and some other magic virusports is acceptable on end-user IP's WE DO and many ISPs block Netbios ports to protect customers. But this is totally ok. We block in LNS: access-list 130 deny tcp any any eq smtp access-list 130 permit ip any any access-list 131 deny tcp any any range 135 139 access-list 131 deny udp any any range 135 netbios-ss access-list 131 deny tcp any any eq 445 access-list 131 deny tcp any any eq 593 access-list 131 deny tcp any any eq 12345 access-list 131 permit ip any any Candid Aeby [EMAIL PROTECTED] 2.com To swinog@swinog.ch Sent by: cc [EMAIL PROTECTED] sts.swinog.ch Subject Re: [swinog] does Econophone block port25 04.04.2007 13:45 Please respond to swinog@swinog.ch Hi we are blocking Port 25 from customer to Internet. That's it. No blocking of other relevant Ports ( 587, 465, ...). We will not change the policy, at least not now or soon. Even there are some good solutions. As i mentioned before, not my and not a local decision. By the way we are no business provider, we are in the residential (mass) market. So no special solution for 1 customer. Best Regards Candid Jeroen Massar [EMAIL PROTECTED] To swinog@swinog.ch Sent by: cc [EMAIL PROTECTED] sts.swinog.ch Subject Re: [swinog] does Econophone block port25 04.04.2007 09:42 Please respond to swinog@swinog.ch Candid Aeby wrote: Hi first this is no local decision. We never liked it. I know it is unpopular and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections. Is that outbound from $customer - $internet, or is that also for inbound $internet - $customer? Having a block on port 25/tcp, 137-139/udp and some other magic virusports is acceptable on end-user IP's. BUT as long as the user of that line has the option to easily turn this off. Eg using a webinterface where they can login using their user/pass and then enable it again, that is disable the block. If that is not possible, then when a user moans about not getting Internet connectivity they are quite right. Users who are not the typical techy, can always use 587 as you indicated and should, in general, keep the block on. To avoid problems there, make a simple policy: if found spreading a virus/spamming and having disabled the blockage: no Internet for a week. Or a similar measure that can of course be lifted after paying a fine. Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Attachment removed : signature.asc ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Attachment removed : ATTSEJXT ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] does Econophone block port25
-From: Jeroen Massar [EMAIL PROTECTED]- : To avoid problems there, make a simple policy: if found : spreading a virus/spamming and having disabled the blockage: : no Internet for a week. Or a similar measure that can of : course be lifted after paying a fine. Wouldn't that make customers go to another comany for service? scott --- [EMAIL PROTECTED] wrote: From: Jeroen Massar [EMAIL PROTECTED] To: swinog@swinog.ch Subject: Re: [swinog] does Econophone block port25 Date: Wed, 04 Apr 2007 08:42:20 +0100 Candid Aeby wrote: Hi first this is no local decision. We never liked it. I know it is unpopular and i would prefer a better solution. Since Monday Port 25 is blocked for Dial-Up and ADSL connections. Is that outbound from $customer - $internet, or is that also for inbound $internet - $customer? Having a block on port 25/tcp, 137-139/udp and some other magic virusports is acceptable on end-user IP's. BUT as long as the user of that line has the option to easily turn this off. Eg using a webinterface where they can login using their user/pass and then enable it again, that is disable the block. If that is not possible, then when a user moans about not getting Internet connectivity they are quite right. Users who are not the typical techy, can always use 587 as you indicated and should, in general, keep the block on. To avoid problems there, make a simple policy: if found spreading a virus/spamming and having disabled the blockage: no Internet for a week. Or a similar measure that can of course be lifted after paying a fine. Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
