Firewalls.... Can't send email PERIOD WTF

acemcmac · Aug 3, 2005

There is a time and a place for firewalls. I recently moved from one apartment to another within my complex. Even though each bedroom in the complex has a jack directly to the university lan, most people opt to subscribe to Comcast due to the lackuluster performance and reliability of the University lan. Money's a little tight right now so I didn't sign up for a new account and there are no active accoutns in any of the adjacent apartments I can leach from wifi.

Problem:

I understand that spammers raping SMTP from the residential lan is bad, but how is this a solultion:

1) Forbid all SMTP traffic from leaving the network. okay, I can sortof understand this
2) Forbid students from contacting outside SMTP servers

3) Don't run an official SMTP server, not even one tied to authenticate from the university's active directory aka:gmail :|

I have no ability whatsoever to send out email right now... not even using gmail as my smtp (and its non-25 port) is allowed by the firewall.

acemcmac · Aug 3, 2005

oh what, nobody has anyhting to say now? someone has a legitimate complaint and... :|

I'd at least like to hear some ideas.... guys.....

bapace · Aug 3, 2005

They did something like this at Purdue University and it worked rather well. Purdue had been Blacklisted as a spammer due to open relays. When a university denies the traffic you are talking about, they have fixed an open relay problem.

imported_silentlamb · Aug 3, 2005

Take off rant from your topic title, may get you some more views/replies.

acemcmac · Aug 3, 2005

Originally posted by: bapace
They did something like this at Purdue University and it worked rather well. Purdue had been Blacklisted as a spammer due to open relays. When a university denies the traffic you are talking about, they have fixed an open relay problem.

But then what would be so hard about at least running a university sanctioned SMTP that requires user authentication like Server2003/active directory? You can still block everything else and allow a firehole for that....

bapace · Aug 3, 2005

we had to VPN into the network to use it until we got a different ISP with it's own SMTP server. Once we VPNed into the network, we were able to send and receive mail normally, it was just slower.

bapace · Aug 3, 2005

If you are on the university LAN, you should be able to use your university SMTP server settings to send mail. Usually, incoming was a different provider than our outgoing when we did it.

spidey07 · Aug 3, 2005

Many viruses and worms send mail and spread on port 25 (SMTP)

It is common practice to block that port. It is common practice to not allow webmails. It is common practice to stop worms/viruses in anyway possible.

See if they have a relay or SMPT gateway you shoul be using.

Kenazo · Aug 3, 2005

Worst case: Use hotmail.

acemcmac · Aug 3, 2005

Originally posted by: spidey07
Many viruses and worms send mail and spread on port 25 (SMTP)

It is common practice to block that port. It is common practice to not allow webmails. It is common practice to stop worms/viruses in anyway possible.

See if they have a relay you shoul be using.

they don't. That's the whole problem. they did for a while but dropped it because such a small % of users were using it (I used to be in pretty tight with Administrative Computing)

I think I'm going to try baspace's idea for making a vpn somewhere else to get around this...

dabuddha · Aug 3, 2005

Originally posted by: acemcmac
There is a time and a place for firewalls. I recently moved from one apartment to another within my complex. Even though each bedroom in the complex has a jack directly to the university lan, most people opt to subscribe to Comcast due to the lackuluster performance and reliability of the University lan. Money's a little tight right now so I didn't sign up for a new account and there are no active accoutns in any of the adjacent apartments I can leach from wifi.

Problem:

I understand that spammers raping SMTP from the residential lan is bad, but how is this a solultion:

1) Forbid all SMTP traffic from leaving the network. okay, I can sortof understand this
2) Forbid students from contacting outside SMTP servers
3) Don't run an official SMTP server, not even one tied to authenticate from the university's active directory aka:gmail :|

I have no ability whatsoever to send out email right now... not even using gmail as my smtp (and its non-25 port) is allowed by the firewall.

gmail?
yahoo mail?
hotmail?
etc.

acemcmac · Aug 3, 2005

Originally posted by: dabuddha

Originally posted by: acemcmac
There is a time and a place for firewalls. I recently moved from one apartment to another within my complex. Even though each bedroom in the complex has a jack directly to the university lan, most people opt to subscribe to Comcast due to the lackuluster performance and reliability of the University lan. Money's a little tight right now so I didn't sign up for a new account and there are no active accoutns in any of the adjacent apartments I can leach from wifi.

Problem:

I understand that spammers raping SMTP from the residential lan is bad, but how is this a solultion:

1) Forbid all SMTP traffic from leaving the network. okay, I can sortof understand this
2) Forbid students from contacting outside SMTP servers
3) Don't run an official SMTP server, not even one tied to authenticate from the university's active directory aka:gmail :|

I have no ability whatsoever to send out email right now... not even using gmail as my smtp (and its non-25 port) is allowed by the firewall.

Click to expand...

gmail?
yahoo mail?
hotmail?
etc.

and how do you send email for work using hotmail :rolleyes;

aka: if you work at IBM, how do you send replies to the email you download thats adressed to you at jdoe@ibm.com, the very essence of email....?

dabuddha · Aug 3, 2005

Originally posted by: acemcmac

Originally posted by: dabuddha

Originally posted by: acemcmac
There is a time and a place for firewalls. I recently moved from one apartment to another within my complex. Even though each bedroom in the complex has a jack directly to the university lan, most people opt to subscribe to Comcast due to the lackuluster performance and reliability of the University lan. Money's a little tight right now so I didn't sign up for a new account and there are no active accoutns in any of the adjacent apartments I can leach from wifi.

Problem:

I understand that spammers raping SMTP from the residential lan is bad, but how is this a solultion:

1) Forbid all SMTP traffic from leaving the network. okay, I can sortof understand this
2) Forbid students from contacting outside SMTP servers
3) Don't run an official SMTP server, not even one tied to authenticate from the university's active directory aka:gmail :|

I have no ability whatsoever to send out email right now... not even using gmail as my smtp (and its non-25 port) is allowed by the firewall.

Click to expand...

gmail?
yahoo mail?
hotmail?
etc.

Click to expand...

and how do you send email for work using hotmail :rolleyes;

aka: if you work at IBM, how do you send replies to the email you download thats adressed to you at jdoe@ibm.com, the very essence of email....?

Copy paste them. And setup a forward on your ibm account to your hotmail account or whatnot.
Do we have to explain every single detail for you?

BTW your first statement is false. You do have the ability to send out email right now. You just don't like the options available for you since you're too cheap to pay for service

loup garou · Aug 3, 2005

Originally posted by: acemcmac
and how do you send email for work using hotmail :rolleyes;

aka: if you work at IBM, how do you send replies to the email you download thats adressed to you at jdoe@ibm.com, the very essence of email....?

Your job doesn't have some form of webmail?

alkemyst · Aug 3, 2005

this would probably be easily fixed by going to the university's web page for email support, or picking up the phone and calling their help desk.

RedCOMET · Aug 3, 2005

My university doesn't allow you to send mail through its Imap email server unless you are on the universtiy subnet.

It sounds like the IT department needs to find a better solution than just " lets block everything." Give the Help desk a call and find out what the solution is,

dabuddha · Aug 3, 2005

Originally posted by: werk

Originally posted by: acemcmac
and how do you send email for work using hotmail :rolleyes;

aka: if you work at IBM, how do you send replies to the email you download thats adressed to you at jdoe@ibm.com, the very essence of email....?

Click to expand...

Your job doesn't have some form of webmail?

IBM does.

alkemyst · Aug 3, 2005

Originally posted by: acemcmac

Originally posted by: dabuddha

Originally posted by: acemcmac
There is a time and a place for firewalls. I recently moved from one apartment to another within my complex. Even though each bedroom in the complex has a jack directly to the university lan, most people opt to subscribe to Comcast due to the lackuluster performance and reliability of the University lan. Money's a little tight right now so I didn't sign up for a new account and there are no active accoutns in any of the adjacent apartments I can leach from wifi.

Problem:

I understand that spammers raping SMTP from the residential lan is bad, but how is this a solultion:

1) Forbid all SMTP traffic from leaving the network. okay, I can sortof understand this
2) Forbid students from contacting outside SMTP servers
3) Don't run an official SMTP server, not even one tied to authenticate from the university's active directory aka:gmail :|

I have no ability whatsoever to send out email right now... not even using gmail as my smtp (and its non-25 port) is allowed by the firewall.

Click to expand...

gmail?
yahoo mail?
hotmail?
etc.

Click to expand...

and how do you send email for work using hotmail :rolleyes;

aka: if you work at IBM, how do you send replies to the email you download thats adressed to you at jdoe@ibm.com, the very essence of email....?

I really can believe you mention SETI in a sig and posted the above.

bsobel · Aug 3, 2005

Solution sent via PM

acemcmac · Aug 3, 2005

I emailed the guy who's in charge of everything as I know him professionally. He sent out a message this morning regarding new adresses for the university's IMAP servers.... of course, he sent the email AFTER changing the adresses :rolleyes;

-----Original Message-----
From: My govt email adress
Sent: Wednesday, August 03, 2005 12:21 PM
To: XXX Information Security
Subject: SMTP, residential

Thank you for the update on the mail situation, but this policy change
still doesn't help non-webmail users on the residential network. SMTP
traffic is completely banned from the residential network. There is no
provided server (with or without active directory authentication), we
aren't allowed to run our own servers and we aren't allowed to contact
external relay servers such as Gmail. Do you have a solution for that?

Me
[my govt office sig]

His reply:

Nope. Not at this time.

------------------------------------------------------------------
XXXXXXXXXXXX
Information Security Manager
Office of Information Security
XXXXXXXXXXXX University of PA
XXXXXXXXXXXX

I smile because I don't know what the heck is going on.

I kid you not, that's his real signature

Firewalls.... Can't send email PERIOD WTF

Lifer

Lifer

Senior member

Member

Lifer

Senior member

Senior member

No Lifer

Lifer

Lifer

Lifer

Lifer

Lifer

Lifer

No Lifer

Platinum Member

Lifer

No Lifer

Moderator Emeritus<br>Elite Member

Lifer