BT internet blocking some incoming emails

Discussion in 'Broadband' started by NY, Sep 5, 2014.

  1. Strictly that is wrong. Dynamic IP addresses can only send to te ISPS
    nominated relay or to another nominated relay that they (presumably)
    have authentication to use.

    That is, I might expect mail from a BT relay or another relay - say in
    use by a specialist email provider - but never DIRECT from a BT DSL
    dynamic range.

    And spamhaus warns me and I reject that mail.
     
    The Natural Philosopher, Sep 14, 2014
    #21
    1. Advertisements

  2. NY

    NY Guest

    In the early 2000s I ran into a brick wall trying to set up a laptop for a
    customer with one of the big-name ISPs (I forget which). He needed to use
    his laptop both at home and at work. His home account was the one which also
    provided his POP email account.

    The policy of the ISP was that you could only access the POP and SMTP
    servers when connected to that ISP's broadband connection (it blocked access
    to all "foreign" SMTP servers so you couldn't even get a response from any
    other server on any of the standard ports, never mind get as far as being
    able to authenticate). And if you were connected to a "foreign" ISP
    connection it wouldn't respond if you tried to access the ISP's POP and SMTP
    servers.

    So I could set the PC to send and receive when he was connected to his home
    connection, but he could neither send nor receive if he was connected to his
    work connection.

    I tried to get their support staff (who spoken fluent Indian but very poor
    English) to understand the problem. Their only suggestion was to use webmail
    for sending/receiving when he was at work, which is fine but it means that
    emails are held in two different places (in Outlook Express and on webmail)
    depending on where he was when he happened to reply to an email.

    I suggested that he changed ISP to one that was less inflexible - and to
    send a letter to the ISP's MD to explain why he was moving.
     
    NY, Sep 14, 2014
    #22
    1. Advertisements

  3. I mean BT has lists of pool addresses registered as - er lists of pool
    addresses with RIPE.


    Spamhaus only need to use whois to work out which blocks are servers and
    mail servers and which blocks are adsl consumers.
    8><--------------------------------------------------------
    The Policy Block List

    The Spamhaus PBL is a DNSBL database of end-user IP address ranges which
    should not be delivering unauthenticated SMTP email to any Internet mail
    server except those provided for specifically by an ISP for that
    customer's use. The PBL helps networks enforce their Acceptable Use
    Policy for dynamic and non-MTA customer IP ranges.

    PBL IP address ranges are added and maintained by each network
    participating in the PBL project, working in conjunction with the
    Spamhaus PBL team, to help apply their outbound email policies.

    Additional IP address ranges are added and maintained by the Spamhaus
    PBL Team, particularly for networks which are not participating
    themselves (either because the ISP/block owner does not know about, is
    proving difficult to contact, or because of language difficulties), and
    where spam received from those ranges, rDNS and server patterns are
    consistent with end-user IP space which typically contain high
    concentrations of "botnet zombies", a major source of spam. Once aware
    of them, the ISP/block owner can take over such records at any time to
    manage them further.

    The PBL lists both dynamic and static IPs, any IP which by policy
    (whether the block owner's or -interim in its absence- Spamhaus' policy)
    should not be sending email directly to the MX servers of third parties.

    8><-----------------

    In other words the PBL policy at spamhaus is independent of any ISPs
    desires, though they may choose to cooperate.


    In addition to PBL spamhaus maintains XBL and SBL,sites known either to
    be compromised by spambots, or servers dedicated to sending commercial spam.

    see: http://www.spamhaus.org


    The point is this. Spamhaus doesn't need co-operation from ISPs to work,
    nor do you have to use spamhaus as a mail filter advisory.

    Policy blocking is entirely in the hands of the person running a mail
    receiver, and spanmhaus is a free service to those that choose to use
    it. BT MAY actively co-operate with it, or they may not. spmahaus doesnt
    care. It already knows what parts of BT registered IP addresses should
    be sending email, and which should not.
     
    The Natural Philosopher, Sep 14, 2014
    #23
  4. Well that does actually make a certain amount of sense as it stops
    hackers trying to hijack your email account through dictionary attacks
    etc. For most people who only access their email via their normal
    internet connection it would be a useful extra layer of security as it
    blocks anyone who isn't a customer of the ISP from attempting to access
    your email. (The great phone hacking scandal springs to mind here, where
    telecoms providers weren't implementing that sort of restriction for
    accessing voicemail.)
     
    Gordon Freeman, Sep 14, 2014
    #24
  5. I do that with my pwn server.

    But it is a pain if you are on a hotel wifi and cant get at your mail.
    So most ISPS have a webmail interface as well, which IS easy to hack
     
    The Natural Philosopher, Sep 14, 2014
    #25
  6. It might have made sense in the days when everybody kept their
    computers at home and never needed to use one anywhere else, but
    things have changed a bit since then.

    Rod.
     
    Roderick Stewart, Sep 15, 2014
    #26
  7. which is why IMAP and SMTP now support enrcypted and authenticated
    connections to hopefully allow you to connect to them from anywhere.
     
    The Natural Philosopher, Sep 15, 2014
    #27
  8. NY

    NY Guest

    Assuming that the server will allow your PC even to talk to it to *begin*
    the authentication process. In the case of my customer's ISP, that was the
    stumbling block. If the server blocks all traffic to/from its POP and SMTP
    servers when that traffic originates on a "foreign" connection, then you are
    stuffed.

    When I asked the ISP whether they used a non-standard TCP port for
    connections to its servers when SSL and/or authentication were used, I was
    told: no, we use 25 and 110. I escalated it (that took some doing!) and the
    reply came back that the *only* way to access their servers was from their
    own connection; for anyone else, the only option was to use webmail.

    The real problem was that it was not even possible to create a mailbox with
    a third-party web and email hosting company, because the ISP would not allow
    you to access any POP or SMTP server except their own.
     
    NY, Sep 15, 2014
    #28
  9. That is truly extraordinary and probably in breach of regulations.

    Name and shame! we actually need to know which ISP is that borked.
     
    The Natural Philosopher, Sep 15, 2014
    #29
  10. NY

    AnthonyL Guest

    That's very unusual. I've been with lots of ISP's temporary/dial-up
    and ADSL and have never been blocked from my POP email accounts
    Until recently I ran a small utility, Mailroam, which enabled me to
    quickly switch SMTP server to suit the ISP I was connected to. It was
    normal for the connected ISP to allow use of their SMTP servers. My
    email client then simply sent to localhost and the mail was routed via
    Mailroam.
    Best just to use them to find out what the weather is like in Bombay.
    Which just goes to support the maxim - don't tie your email with your
    ISP.
     
    AnthonyL, Sep 15, 2014
    #30
  11. I assume you're referring to Spamhaus' Policy Block List?
    http://www.spamhaus.org/pbl/

    If so, then it's completely normal, if not expected, for consumer ISP's
    IP allocations to be listed.

    Granted, this can cause problems if you're running a local SMTP server
    at the end of your broadband connection and the recipient is
    filtering/rejecting mail based on the PBL listing.

    The solution is to relay messages via the ISP's SMTP servers.
     
    Plusnet Support Team, Sep 15, 2014
    #31
  12. NY

    NY Guest

    It *may* have been Orange or an ISP that they took over. I've just checked
    back the brief notes that I made about each job, but I didn't make a note of
    the ISP. Hopefully in the intervening time (it was back in 2006 when I
    experienced the restrictions) things have improved and you can now access
    non-ISP servers from the ISP connection and/or access the ISP's servers from
    a non-ISP connection.
     
    NY, Sep 15, 2014
    #32
  13. NY

    Graham J Guest

    I think Demon did something like this, one needed a different password
    depending on whether one was connected via a Demon broadband service or
    some other broadband service.
     
    Graham J, Sep 15, 2014
    #33
  14. I've always accessed my Freeserve mailboxes from elsewhere. They are now
    part of Orange.

    Andy
     
    Vir Campestris, Sep 15, 2014
    #34
  15. NY

    Phil W Lee Guest

    Iirc, it was that by default, you used the same password for
    connecting on dial up (and later, broadband) and your Demon email
    account, and it was only if you changed them to be different that you
    could access mail from elsewhere.
     
    Phil W Lee, Sep 17, 2014
    #35
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.