Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How Pervasive is ISP Outbound Email Filtering?

Zonk posted more than 6 years ago | from the making-me-nervous dept.

Communications 281

Erris writes "A member of the Baton Rouge LUG noticed that Cox checks the text of outgoing email and rejects mail containing key phrases. I was aware of forced inbox filtering that has caused problems and been abused by other ISPs in China and in the US. I've also read about forced use of ISP SMTP and outbound throttling, but did not know they outbound filtered as well. How prevalent and justified is this practice? Wouldn't it be better to cut off people with infected computers than to censor the internet?"

cancel ×

281 comments

Sorry! There are no comments related to the filter you selected.

Not Comcast (1)

RareButSeriousSideEf (968810) | more than 6 years ago | (#22253774)

I use Comcast, and so far this is one thing they have not interfered with, at least in my area.

Re:Not Comcast (2, Informative)

FauxPasIII (75900) | more than 6 years ago | (#22253868)

I use Comcast, and my outbound tcp/25 is blocked entirely. I can _only_ go to their SMTP relay.

Re:Not Comcast (2, Informative)

simcop2387 (703011) | more than 6 years ago | (#22253970)

hmm thats strange, i'm using comcast in the atlanta area and can easily do smtp to other hosts on the internet.

Re:Not Comcast (5, Insightful)

Bender Unit 22 (216955) | more than 6 years ago | (#22254206)

I'd say that every ISP should do that, that is, if you could get it unblocked if you requested it or via some online account management.
99% of all people wouldn't need it anyway(except the bots on their machines) and the ones who do, would know how to open it. Of course it is a not the ideal way to solve the problem, but it's all we got for now.

Re:Not Comcast (3, Insightful)

cheater512 (783349) | more than 6 years ago | (#22255072)

Blocking every port under 1024 and having a touch tone phone interface to unblock them would be ideal.
That way there is no way for a bot to automate it (ok maybe if they still have a analog modem but unlikely) and its pretty easy to unblock yourself while keeping the ISP's workload low.

That would cut out a lot of the net's problems overnight and make it extremely difficult to bypass.

Re:Not Comcast (3, Informative)

DCTooTall (870500) | more than 6 years ago | (#22254340)

that's actually been a pretty common net-wide standard for awhile to block port 25. Logic being that many old spam virus's used to set up an smtp server on the infected machine and start spamming directly from the infected computer bypassing the isp's SMTP server. By blocking port 25 on the outskirts of the ISP network and forcing customer to use their SMTP it allowed better access controls to prevent spam. and more importantly, kept entire ranges of Dynamic IP's from getting blacklisted due to spam.


In the past few years with the increase in teleworking, remote access of email, and personal domain names, as well as the evolution of the spam-virus, that ISP's have moved to allow access to port 25 outside their network, instead doing IP access controls on their outgoing SMTP server, and using SMTP Auth to allow people to connect from outside their network.

Re:Not Comcast (1)

rmerry72 (934528) | more than 6 years ago | (#22254892)

That's actually been a pretty common net-wide standard for awhile to block port 25.

For a certain segment of the ISP market, ie your "home users who have no choice anyway". Maybe its more widespread in your country. I've never had an ISP that blocks any port. I have no need for a filtered part of the Internet. I'm a grown up and I can take and demand access to the whole thing.

Down here, the big ISPs block lots of things (email, servers, ftp, etc): Telstra, Optus, Dodo, etc. But they are aiming at a market that doesn't actually use the internet for more than reading a web page every now and then and doesn't know or care about anything else. They believe marketing bylines (sic: wow can I really get 1.5MB/s for only $30 a month), and are prepared to throw money down the toilet for something they don't use but "know" they need. So its a business model that works for them.

But there are quite a few other choices. Nobody with a brain uses those ISPs - which is why they are the largest by far :-)

Welcome to 2008. Same as 1998 just more ads, more noise, more expensive and less choice. That's progress. Can us geeks take the Net back now? We let it out and the MBAs fucked it up. Let them build their own.

Re:Not Comcast (5, Interesting)

squallbsr (826163) | more than 6 years ago | (#22254396)

I also have Comcast, I was able to send email over SMTP (port 25) any time I pleased. That was until my brother decided to bring over his virus ridden, spam spewing, zombified windows machine over and hook it up to my network (while he was house sitting). They promptly blocked port 25, I got home and couldn't send email.

I had to call their very rude Security Something Department, they said my options were
1. 'Use a different port because other ports can be secured while port 25 cannot be secured.'
2. Use the Comcast alternate port SMTP-AUTH Server (of which I don't know my login/password for)

I told them I wanted option 3:
3. Re-open port 25.

They decided to tell me that they could as a ONE TIME courtesy re-open the port, but 'it will probably be blocked again because the problem that caused it to be blocked probably wasn't fixed' (even after I told them that I had found the problem and fixed it, in addition to monitored all transmissions over port 25 for an hour)... So I fixed my OpenBSD firewall pf rules to only allow 'trusted' computers to only be able to contact MY email server, and access the whole internet unfettered, the 'guest' machines have access to web and a handful of other ports (none of which is 25)...

Moral of the story: Stop using windows... /flamebait

Re:Not Comcast (4, Informative)

SCHecklerX (229973) | more than 6 years ago | (#22254830)

You may have at one point been flagged as being 'infected with a virus'. This is when my comcrap connections always got nuked (I host a mailing list). But instead of filtering just outbound, they would kill everything.

I got tired of fighting with them (and after the headaches they caused with my overpriced business class connection when they took over for the ISP they bought out I was not going to pay for that service again), and discovered DynDNS's mailhop outbound and mailhop relay services. Problem solved. You can have stuff forwarded in on a nonstandard port and sent out that way too.

http://www.dyndns.com/services/mailhop/outbound.html [dyndns.com]
http://www.dyndns.com/services/mailhop/relay.html [dyndns.com]

Re:Not Comcast (3, Interesting)

Anonymous Coward | more than 6 years ago | (#22254976)

25 blocked ubiquitously here too. Instead of using cox's smtp service, I use the SMTP relay service at http://www.smtpport.com/ [smtpport.com] to tunnel regular smtp to my own company server through a nonstandard port. A decent workaround for when you don't have shell access or secure smtp. So far cox hasn't filtered or blocked it.

Re:Not Comcast (1)

cayenne8 (626475) | more than 6 years ago | (#22255080)

"I use Comcast, and my outbound tcp/25 is blocked entirely. I can _only_ go to their SMTP relay."

I subscribe to Cox business accounts...I get a static IP address, a low level SLA, and no bandwidth caps, or ports blocked...and pretty good speeds. I've been VERY happy with it.

I switched to them years back when I was with Bellsouth trying to upgrade my DSL to get a static IP etc. They said they didn't have any to give out (after over a month waiting on the answer)...I found that Cox cable would do what I wanted immediately, and was maybe $10/mo more...if that.

I couldn't be happier...I run my own email server, web servers...etc.

I did check at my parent's house...and they have comcast, but, their business connection isn't really the same as what mine is...and costs more. I guess it varies by area and cable co.

But, do look around to see if you can get a 'business' connection if you want to run your own servers...it is a little extra in most places, but, not unreasonable. And, if you actually HAVE a business....you can write it off on taxes.

:-)

Not Comcast - Yeah, right. (0)

Anonymous Coward | more than 6 years ago | (#22254566)

Comcast around my area actively scans and filters outbound mail.

Re:Not Comcast (1)

IheatMyAptWithCPUs (978410) | more than 6 years ago | (#22254784)

I have AT&T DSL, (which sucks for more reasons than there are tiles on the floor of a wal mart) and they definitely filter outbound port 25. What was really interesting is that they had a form on their web site that allowed you to opt out, should you so choose. It took me a while to find, but from the moment I realized that I was being filtered to the moment I was sending viagra ads was only a timespan of about 2 hours. And it took me 1:56 to find that stupid page.....

I don't know but... (0)

Anonymous Coward | more than 6 years ago | (#22253792)

If my ISP ever did this and it caused me any problems, I would give them three hours to fix it before I switched ISPs.

General rule: ISPs can filter whatever they want by defualt but must be prepared to stop the filter for any customer ASAP (preferrably automatically).

Heck, put it on the router they provide and make it configurable through its web console.

Amen (4, Insightful)

davidwr (791652) | more than 6 years ago | (#22254014)

ISPs should ask you what services you really need when you sign up for a new account:
"I'm a normal user, let me have what normal users get"
"I'm a power user, please turn on ___, ____, and ___"
"I'm a power user and I really really really know what I'm asking for, please turn on everything."

Then let them change it at any time, either permanently or, if they only need it for awhile, for an hour, a day, or a week.

Once you do that you can hold customers responsible for things like letting bots run loose spamming the planet over an available outgoing port 25.

Phrases (1)

arizwebfoot (1228544) | more than 6 years ago | (#22253810)

Anybody got any ideas of what phrases are being poof'd by cox?

Re:Phrases (2, Interesting)

Psychotria (953670) | more than 6 years ago | (#22253936)

No, but it is worrying. For example, I often have to resort to emailing people using PDF's which contain the bulk of my message because their stupid ISP marks me as spam. I think it is because a lot of my emails involve giving people advice on plant species names--which always makes me go "wtf" when my email bounces because it is "spam-like". Since when is giving a person advice on species "spam-like"? Maybe it's the latin I don't know. I don't use my ISP for outgoing email (I run my own email servers) but for those people who do... their emails better not be innocent because they'd probably be filtered as spam. Much better to write a long message about penis enlargement than something serious--it's more likely to pass through the filters.

Re:Phrases (4, Funny)

grcumb (781340) | more than 6 years ago | (#22254244)

Since when is giving a person advice on species "spam-like"? Maybe it's the latin I don't know.

Cialis vincit disfunctio penilis!

Re:Phrases (2, Funny)

DingerX (847589) | more than 6 years ago | (#22254772)

disfunctionem erectilem, I believe, is the correct ending to your spam.

Re:Phrases (0)

Anonymous Coward | more than 6 years ago | (#22254738)

cox won't let you send cocks?

Quick fix: PGP (1)

KublaiKhan (522918) | more than 6 years ago | (#22253848)

'cuz if they can't read it, they can't filter it.

O'course, this means that your recipient must have PGP in order to read your message, which can get inconvenient when talking to grandma.

Re:Quick fix: PGP (1)

urcreepyneighbor (1171755) | more than 6 years ago | (#22254002)

You remember, back when PGP was making the news, how the government freaked out over it... until they realized most people didn't - still don't - care enough to actually use it? The situation hasn't changed.

O'course, this means that your recipient must have PGP in order to read your message, which can get inconvenient when talking to grandma.
Why should gradma use PGP? She has nothing to hide... and she doesn't care enough to learn how to.

Same problem, new decade. Sigh.

Re:Quick fix: PGP (1)

KublaiKhan (522918) | more than 6 years ago | (#22254106)

Yep, more or less. O'course, if you spread it around in one of those urban-legend emails that the ISP was going to randomly drop your emails, then maybe you could recruit a few extras...but yeah, really, most folks don't care enough.

Perhaps there's a business niche for a server that'll accept an encrypted email, decrypt it, and send it off to its destination...but I shouldn't think it'd be a very big niche.

Re:Quick fix: PGP (1)

civilizedINTENSITY (45686) | more than 6 years ago | (#22254176)

Grandma sure does have something to hide! If she tried to walk down to the library butt naked, she'd be told "no! Cover it up!". Same thing should apply to her email...

Re:Quick fix: PGP (1)

neoform (551705) | more than 6 years ago | (#22254516)

Or better yet, instead of using your ISP's SMTP server, use your own.

My ISP blocks all non-SSL ports but doesn't block the SSL ports.. which is perfect, since I much rather use SSL when sending/receiving emails..

Re:Quick fix: PGP (1)

KublaiKhan (522918) | more than 6 years ago | (#22254640)

Great, I have to find the time to set up an SMTP server now? I'm already down to 5.5 hrs of sleep/night...

Re:Quick fix: PGP (1)

coaxial (28297) | more than 6 years ago | (#22254560)

'cuz if they can't read it, they can't filter it.
if (!plaintext) then reject

Profit comes first (4, Insightful)

techno-vampire (666512) | more than 6 years ago | (#22253852)

"Wouldn't it be better to cut off people with infected computers than to censor the internet?"


If they did that, it would lower their income and cut into their profits. Filtering outbound email costs less, at least in the short run and that's all the typical MBA is interested in. Their idea is to move to a new company before the long-term damage they've caused becomes evident. (I'm not just wanking, here; I asked an MBA about it once and that's what he told me.)

Re:Profit comes first (2, Interesting)

Chyeld (713439) | more than 6 years ago | (#22253890)

However, filtering also raises the "you are now liable for what they say to an extent" issue that the whole Safe Harbor thing was suppose to fix for ISPs and could definately cost a huge pile more than just cutting access and losing customers.

Re:Profit comes first (1)

techno-vampire (666512) | more than 6 years ago | (#22255020)

Well, yes, but as I said, that's long-term damage. Very few MBAs give a damn about what happens in the long term because they don't expect to stick around long enough for it to matter.

Giant Forded Upgrade Makes Lots of Money. (1)

gnutoo (1154137) | more than 6 years ago | (#22254418)

If they did that, it would lower their income and cut into their profits.

How? There's no competition in cable. Think of all the bandwith they would save and all the work it would create for local computer stores. There's plenty of profit waiting for everyone in a move like that.

Re:Profit comes first (3, Insightful)

SeaFox (739806) | more than 6 years ago | (#22255110)

If they did that, it would lower their income and cut into their profits.

That's assuming they actually close the customer's account or credit for the time out. Some ISPs do not, since the issue is generally a virus or other malware on the customer's PC (in other words, not the ISP's fault).

But you response overall is still correct. If they keep mucking around with the email, they still save money because eventually the customer gets sick of it and gets a Yahoo account instead. Now Comcast is still getting the same $40/month, but without having to provide mail services.

pretty pervasive. (1)

spazdor (902907) | more than 6 years ago | (#22253862)

An ISP has to be pretty vigilant in policing its own users, or it's liable to get its SMTP servers blacklisted, or even blackholed.

As far as I know, most major email providers will at least pull some Bayesian filtering on their outbounds.

What? (1)

infochuck (468115) | more than 6 years ago | (#22253882)

The poster to that LUG list never claimed it was the content of the message that they were filtering. This is just stupid.

Re:What? (1)

Major Blud (789630) | more than 6 years ago | (#22254308)

Since I know a few members of this LUG, I agree with you completely. The author of the post says he "suspects" filtering but he hasn't shown us any definite proof. The error message he displays says "disk full"...maybe the other text in the error is somehow lost in translation. There are probably a dozen other explanations for this, and I seriously doubt that filtering of outgoing mail is one of them.

Re:What? (1)

Intron (870560) | more than 6 years ago | (#22254326)

You're right. It looks more like they are blocking delivery because he is running a mail server. Lots of ISPs want you to send and receive only through their servers. The summary here looks bogus.

Re:What? (1)

bhmit1 (2270) | more than 6 years ago | (#22254338)

The poster to that LUG list never claimed it was the content of the message that they were filtering. This is just stupid.

Further down the thread [brlug.net] you find the important detail:

I tried to send an email. The email only contained text. The text Cox
objected to was "http://my_homebox_IP_number/"

On Tuesday 29 January 2008 12:45 pm, Brad Bendily wrote:
> Are you sending an email
> from your cox connection through a linux box to an email address on
> the internet? Or the other way around?

and a few more messages in [brlug.net] was the comment:

Like I said, I know what tripped the filter because I changed that one detail
to get the message through.

On Tuesday 29 January 2008 1:32 pm, Scott Harney wrote:
> Maybe you will get some more details about what actually tripped the
> filter and blocked the message by sending your message to
> "thisisnotspam at cox.net".

Re:What? (1)

tulmad (25666) | more than 6 years ago | (#22254346)

Did you read the follow-on messages? He's basically saying that if he says http:/// [http] in an email message, the message gets filtered by the SMTP server and won't ever be delivered. If he replaces that with an actual hostname, real or not, the message gets delivered just fine.

Re:What? (1)

tulmad (25666) | more than 6 years ago | (#22254404)

Stupid slashot and stupid me for not pressing the preview button. That url should be

http://someiphere

Re:What? (2, Funny)

ZeldorBlat (107799) | more than 6 years ago | (#22254620)

I tried clicking on your link but I think my ISP is somehow blocking it.

If you don't filter, you get blocked. (2, Interesting)

Russ Nelson (33911) | more than 6 years ago | (#22253896)

If an ISP doesn't filter their outgoing email to make sure that it's own users aren't spamming, they WILL get blocked. I'm on a super-secret anti-spam mailing list which I can't tell you about, and everybody there cheerfully admits to blocking their own users' outgoing spam. It's necessary.

Re:If you don't filter, you get blocked. (2, Funny)

ajayrockrock (110281) | more than 6 years ago | (#22255090)

If an ISP doesn't filter their outgoing email to make sure that it's own users aren't spamming, they WILL get blocked. I'm on a super-secret anti-spam mailing list which I can't tell you about, and everybody there cheerfully admits to blocking their own users' outgoing spam. It's necessary.


dude, spamassassin-users [apache.org] isn't that secret. :)

Looking further... (4, Informative)

Spazmania (174582) | more than 6 years ago | (#22253912)

Digging further into the Cox situation, the Cox subscriber said:

I tried to send an email. The email only contained text. The text Cox
objected to was "http://my_homebox_IP_number/"


I haven't checked the Cox TOS lately, but don't they prohibit running a home web server like all the other residential internet providers? Hasn't this been the case since for essentially the same length of time that the Internet has been a commercial venture?

Prohibited (2, Informative)

dereference (875531) | more than 6 years ago | (#22254148)

I haven't checked the Cox TOS lately, but don't they prohibit running a home web server like all the other residential internet providers?
Yes [cox.com] . They may not actively police it, of course, but there it is.

Re:Looking further... (2, Insightful)

rob1980 (941751) | more than 6 years ago | (#22254220)

Yes, I'm guessing they set the filter up so you can't email somebody a link to http://my_homebox_ip_number:8081/ [myhomeboxipnumber] and have it be a spoofed Paypal signin page or something like that.

Re:Looking further... (1)

mabinogi (74033) | more than 6 years ago | (#22254394)

hmmm, I hadn't thought of that aspect of it.
I wonder if they just filter emails with addresses in their netblock? That would actually make sense.
If they just filtered mails with any numeric URL in them it'd be bad though.

Re:Looking further... (1)

droopycom (470921) | more than 6 years ago | (#22254744)

I'm sure they dont check if the IP is in their own block, that's not what its about.

About 99% of emails containing an url with a numerical IP are spams. I certainly would not fault cox for blocking those outgoing spams.

Cox certainly has a certain number of customers whose PCs are routinely infected with spam sending trojans. The filter was probably enabled by a scruffy looking unix admin, muttering about how clueless those Windows users are, rather than a pointy-haired boss trying to limit the use of home servers.

So just get a freaking free DNS domain to resolve your numerical IP and you'll be happy....

Re:Looking further... (1)

Sleepy (4551) | more than 6 years ago | (#22254584)

By that logic, you could get around the block by putting a domain name on your IP... which is exactly what a smart phisher would do anyways.

No, I strongly expect that they are:
1) filtering URLs with their IP range in it.
2) Resolving URLs to the IP address (then following 1)

Item # 2 is trivial to do... SpamAssassin has plenty of body text checkers looking for URLs (see URIBL_* plugins). It would be trivial to fork one of these applets to look for their cable user IP space.

It's also trivial to get around either block, by using a "web relay" or "shorter link" service to obfuscate. Cox is only going to resolve the IP or hostname 1 layer deep... they're not going to bother parsing outside HTTP Relays for the Location: header or anything...

Re:Looking further... (2, Insightful)

mabinogi (74033) | more than 6 years ago | (#22254240)

That's got nothing to do with it though.

Whether or not you're running a home server, sending an email containing a URL certainly shouldn't breach the ToS. They're not going to filter emails referring to a breaching server, they'd contact you about the server or terminate your service.

Re:Looking further... (0)

Anonymous Coward | more than 6 years ago | (#22255032)

I have Cox service at my home and run a web server. I have the business service, but I get it at my home and get a static IP with more bandwidth then residential service and no blocked ports. Just because he's at home doesn't mean he has residential service.

inline virus filtering (2, Insightful)

sgt scrub (869860) | more than 6 years ago | (#22253930)

They could do inline virus filtering easier, cheaper, and still not be intrusive. IMHO they are being rude when they could be helpful.

Text of posting (TFA) (2, Informative)

Stanistani (808333) | more than 6 years ago | (#22253942)

I will no longer be able to point to my home server on these lists because Cox
rejects such messages as spam. The message given when I try is:

Sending failed:
Could not write file The message content was not accepted.
The server responded: "ID_INTENTIONALLY_REMOVED This message was
undeliverable. This message has been found to be a potential spam message,
and has therefore been blocked. Please visit http://coxagainstspam.cox.net/ [cox.net]
for more information.".
Disk full.
The message will stay in the 'outbox' folder until you either fix the problem
(e.g. a broken address) or remove the message from the 'outbox' folder.
The following transport protocol was used:
smtp.east.cox.net

. . .

I could care less that their disk is stuffed and suspect it is misdirection.

This censorship is only a minor inconvenience but the message it sends is
ugly. It says, in so many words, that the internet is for your consumption
not participation. Changing messages to point to my physics page gets around
the immediate problem, but most people do not have such a thing nor should
they be forced to host things on someone else's computers. I'm paying for my
bandwith, why can't I use it for what I want? Finally, subscribers now know
that every word of every message sent is filtered. Will they filter my IM
conversations next?

Re:Text of posting (TFA) (1, Interesting)

Anonymous Coward | more than 6 years ago | (#22254034)

You couldn't care less. Is this a US-centric thing? "I could care less" makes no sense and only Americans seems to use the absurd phrase.

Re:Text of posting (TFA) (0)

Anonymous Coward | more than 6 years ago | (#22254200)

Are you stupid? Or can you just not read english?

"I couldn't care less" -> "I could not care less" -> "It isn't possible for me to care less then I do now" -> "I don't care about this at all."

Get it yet? Or should someone enroll you in an english as a second language class?

Re:Text of posting (TFA) (1)

Solra Bizna (716281) | more than 6 years ago | (#22254426)

Congratulations. You read his post backwards.

-:sigma.SB

Re:Text of posting (TFA) (2, Insightful)

Spazmania (174582) | more than 6 years ago | (#22254504)

It's a mixed metaphor:

I couldn't care less = I don't care

merged with

I could give a damn = I could care but I don't

and became

I could care less.

Re:Text of posting (TFA) (1)

jefu (53450) | more than 6 years ago | (#22254666)

The word for today is idiom [wikipedia.org] .

so.... (1)

slydmin (1209456) | more than 6 years ago | (#22253988)

what sick emails are you sending, you pervert? (to the author)

Where, exactly, is the story? (4, Informative)

pongo000 (97357) | more than 6 years ago | (#22254060)

It's not clear to me that Cox actually scanned the message body in its determination that the e-mail in question was spam. There could have been any number of indicators that caused Cox to reject the outbound message.

I also note that Cox's TOS specifically prohibits the hosting of servers:

Servers. You may not operate, or allow others to operate, servers of any type or any other device, equipment, and/or software providing server-like functionality in connection with the Service, unless expressly authorized by Cox.


A more accurate title for this story would be: "User in violation of Cox TOS upset over Cox efforts to enforce TOS."

My advice to said user? Buck up and get business-level service, or find yourself a real hosting service for your mail server.

Re:Where, exactly, is the story? (0)

Anonymous Coward | more than 6 years ago | (#22254372)

Cox *does* filter based on message content. I raised it with their technical support: a simple message with a body saying just "accept" is rejected every time for me (or was, until I switched away from Cox).

Their tech support staff kept trying to diagnose issues with my mail client, and couldn't understand that their *servers* are misconfigured to cause this. I gave up.

Re:Where, exactly, is the story? (1)

rmerry72 (934528) | more than 6 years ago | (#22254614)

A more accurate title for this story would be: "User in violation of Cox TOS upset over Cox efforts to enforce TOS."

They are not enforcing their TOS; they are blocking legitimate traffic. Does their TOS say "You will not send an email with a URL to your own IP address"? Put another way, should the police be able to block you bragging in an email that you did 100 MPH on the freeway?

Sounds like one of those useless ISPs that block/fake BitTorrenting and force you to use their email servers. ISPs that are only in business because customers have no care, no knowledge or no choice. What do they think they are, a bank?

Re:Where, exactly, is the story? (1)

pongo000 (97357) | more than 6 years ago | (#22254728)

Look, I'm certainly not an apologist for Cox. But I've fought this same battle for many years with several different ISPs, and it's a losing battle. And I found this little gem amusing as well:

I'm paying for my bandwith, why can't I use it for what I want?


I think that comment pretty much sums this up as a non-story about a petulant user who is pissed that he can't get around Cox's roadblocks. I won't say it's been a waste of my time, though, as I'm sitting here posting a response. I find it amusing that there are still people out there trying to fight this silly battle. They came for port 25, and...well, you know the rest of the tale.

Re:Where, exactly, is the story? (2, Insightful)

Niten (201835) | more than 6 years ago | (#22254732)

A more accurate title for this story would be: "User in violation of Cox TOS upset over Cox efforts to enforce TOS."

The problem is that the TOS are bogus, and there's absolutely nothing the customer can do about it. It's not as though we have a half dozen other cable subscribers to choose from and to keep each other honest; aside from the phone company, Cox is the only game in town for many folks. The theoretical benefits and corrective effects of free-market competition do not operate in such an environment.

Seriously, "servers of any type [...] server like functionality"? Congratulations, you've just described anything that accepts an incoming TCP or UDP connection. If I cannot at least SSH and VPN into my home network from abroad, my so-called Internet connection loses 50% of its utility.

I'd love to see somebody with the resources to do so stand up to these guys and sue them for false advertising. If you perform unwanted filtering on the incoming and outgoing access of your users, you're no longer selling a full Internet connection. The most troubling part is that Cox isn't even the worst offender in this regard, not by a long shot.

Yep (4, Interesting)

Sycraft-fu (314770) | more than 6 years ago | (#22254734)

Cox does have business level cable and I've been quite happy with it. Used to use Speakeasy DSL but got spooked when Best Buy purchased them and switched to Cox. Thus far (little over a year) it has been great. I run 3 servers which do a moderate amount of traffic (maybe 50-100GB up a month) and have heard not a peep out of them. No ports are blocked that I can see, the servers run HTTP, HTTPS, SSH, IMAPS and SMTP between the group of them and it all works fine. They even have an SLA such that in extended downtimes you get monetary credit.

The difference, of course, is that I pay a good bit more. I'm not sure what a consumer level cable connection costs for 10mb/1mb but my understanding is it is somewhere in the range of $50/month. I pay more like $150/month for the business grade with 8 static IPs (the IPs do add a good portion of that).

However I'm ok with that. My usage is much in excess of what you'd get from a normal consumer, I'm ok with the fact that I have to pay for that. It's still not a bad price all things considered.

If you want the cheap consumer connections, then you need to deal with the consumer restrictions which usually include "no servers". It isn't as though they are being assholes and saying "No you can't ever do this," they are just saying "If you want to do this, you need a more pricey service."

Servers? (2, Insightful)

gillbates (106458) | more than 6 years ago | (#22254886)

Or server-like functionality?

So, what exactly, defines a server? When you think about it, there's just traffic between two points. From a semantic perspective, posting to /. could be seen as "serving" text to a remote computer...

But, I think this kind of highlights the apparent Cox conceptual model of the internet:

  • Businesses create the news, opinions, and "interactive" content. The subscriber consumes the content business creates. Subscribers do not participate in opinion, create content, or otherwise create outbound traffic, with the exception of:
  • Email.
  • Games, filesharing, IM, and the like are all under the radar - they are "server-like" applications when it comes to dealing with the subscriber, so they can arbitrarily be denied service without breaking the TOS.
  • Web servers, SSH, terminal services, VPNs, etc... are business class services, for which a commercial account is required.

The optimist in me hopes I'm wrong on some of the above points, but the pessimist knows to suspect the worst.

Re:Where, exactly, is the story? (1)

Ucklak (755284) | more than 6 years ago | (#22255026)

I get a 'Potential Spam' popup from Thunderbird with a similar 'COX thinks this is spam' if I send in text only. I send in text and HTML and it goes through.

I would have to say (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#22254064)

Leonard Nimoy, nude and in character.

Filtering outbound email.... (1)

SlashDev (627697) | more than 6 years ago | (#22254068)

... is used by ISPs in order to protect their SMTP servers from getting blacklisted on Spamcop, Spamhaus, etc.. If these servers get blacklisted, their customers will not be able to effectively send out email. The message will get sent, but the receipient will rejected because the server is blacklisted.

Well..... (0)

Anonymous Coward | more than 6 years ago | (#22254072)

I know I work for a rather large ISP. You are limited to 1k emails a day anything over that and they cut you off. Then when you call in we tell you to clean your comp. When its clean we turn you back on. After doing this 3 times your gone. Now this is on a personal account so it seems reasonable to be. The biggest issue is that the people getting infected are just the sort of people to have their kid look at their computer and then call back and go "its all take care of". Then they are turned off a few hours later for the same issue.

Who is the real mail culpret? (1)

FXBEAST (1230854) | more than 6 years ago | (#22254140)

For all my years in this industry I have never seen so much prostitution of any technology than I see today from spammers.
In all honesty ISP's should be held accountable for their users!
If we were to place a $ amount on the usage of bandwidth that is being consumed by spammers it will more than likely outweigh the profit they are making a million to one. So why must the honest guy on the street be subjected to the same rules/punishment as the spammer....

I think ISP's should start to pay/mail concept like in the old days where you had to pay for postage stamps to send your mail.

If the spammers want to spam, let them pay!!! Every countries communication authority should also start playing an active part in patrolling what is going on!!!

Holy WTF?!? (3, Interesting)

Just Some Guy (3352) | more than 6 years ago | (#22254168)

I can understand and am sympathetic to ISPs who force outbound traffic to go through their servers. I'm not saying I agree with it, but I really do get what they're trying to accomplish. I also understand ISPs having spam filters on their outbounds, and think that's actually a pretty good idea. If you really need to send a virus so someone, then you should be technically competent to encrypt it or otherwise shield it from a scanner.

But never in a million years can I even remotely condone actually scanning the text of emails and rejecting ones an ISP doesn't like. That's just Evil.

We've had our eye on you for sometime now.... (1)

HangingChad (677530) | more than 6 years ago | (#22254222)

Wouldn't it be better to cut off people with infected computers than to censor the internet?

Yeah, that's great until MSFT convinces one of them that Linux is a virus.

But we're prepared to wipe the slate clean, give you a fresh start. And all you have to do is install Windows.

Not just ISPs-- antivirus software too (2, Interesting)

cmburns69 (169686) | more than 6 years ago | (#22254292)

Some antivirus packages also block some outbound email as well. At a previous company I worked for, we had to send out numerous survey invitations. Norton would quietly queue and scan all the outbound data (going to port 25)-- which worked in many cases. Except that it was slow. And there was now way of knowing how much data (if any) was still queued. And if the computer was restarted before Norton finished processing the queue, the data was silently lost (even though a "Accepted for delivery" message was returned to the sending program).

These limitations wouldn't be hit by your normal 1-or-2 emails at a time users. But for the rare legitimate high volume senders, like us, it was a problem. IT wouldn't let us turn off Norton alltogether (and rightly so, as we'd seen virii on our network in the past), and there was no way to selectively disable that "feature". Eventually we forced to make our outbound mail server listen on a different port, so that Norton wouldn't scan/lose the data.

At least with COX you get a notification saying that the message couldn't be sent, with Norton, the messages might just quietly disappear.

Kudos to Cox Communications (5, Informative)

merc (115854) | more than 6 years ago | (#22254304)

I would like to first state that I am a Cox cable internet subscriber in the Phoenix area. I also happen to wear the abuse desk hat for Arizona's oldest ISPs.

I can say without question that the amount of spam we get from cox is almost NIL. I constantly see spam coming out of Comscat's network, also Verizon and from time to time Time Warner but RARELY Cox. In fact I can't remember the last spam I received that originated from their network.

I don't mind that my egress SMTP port is blocked forcing me to use a MSA (mine is configured to use SMTP AUTH with TLS, which works nicely). The fact is that Cox has their act together in my opinion. The fact that they are a white hat in the abuse category makes me want to continue doing business with them. I don't think what you're seeing here is intentional censorship. It would actually be irresponsible for Cox not to filter outbound mail traffic, since they are bound to have customers that run malware infected / zombied host computers.

Anyway, I say "good job Cox" :)

P.S. I work for an ISP that is NOT Cox--which one might think after reading my glowing statements (in fact we compete against Cox)

This is still not right (0)

Skapare (16644) | more than 6 years ago | (#22254706)

I am glad to see that Cox is motivated to make a big effort to avoid being a medium for spam. But I do think they are doing this wrong. The article suggests a right to use their bandwidth any way they see fit. That is not true. They do not have the right to abuse others or other criminal actions. While I applaud an effort to stop those abuses, I think Cox is doing this wrong when it impacts non-abusive non-criminal uses of the internet. This also shows rather clearly that content-based filter is not the right way. I believe it never has been, and never will be. Blocking of the egress SMTP port is, IMHO, a good default. But it should be openable by anyone who calls in and can say the right buzzwords (like "SMTP" and "port 25"). Virtually all zombie spam is from people that don't know those words and do run "the default OS". Cox needs to fix this. What next? Filtering music downloads, a great many of which are perfectly legal?

Re:This is still not right (1)

squallbsr (826163) | more than 6 years ago | (#22254776)

Yes, my operating system is Microsoft Office 2007...

Re:Kudos to Cox Communications (3, Interesting)

rmerry72 (934528) | more than 6 years ago | (#22254764)

It would actually be irresponsible for Cox not to filter outbound mail traffic, since they are bound to have customers that run malware infected / zombied host computers.

You know, I'm getting sick of the prevailing attitude that ISPs and other "institutions" should limit legitimate activities with a technology and filter everybody's behaviour because some customers are bad apples (either intentially or through ignorance).

Don't penalise me and limit my activities - limit those who are adversly behaving. ie, block those that do have malware infected machines not mine! I do the right thing and protect my systems. Why should I should I be penalised by the highest common ignorance factor?

You are promoting this attitude by saying "We will do business with them because they bottled up their customers nicely and it saves us work" instead of "They have lower quality customers and have to bottle them. Not going to touch that crowd".

What am I saying? We live in a moddle-coddled world where nobody takes responsibility for they're own actions but instead focuses on fretting and controlling everybody else's actions. Arse above tit. With liberty comes responsibility.

Re:Kudos to Cox Communications (1)

Nimey (114278) | more than 6 years ago | (#22254928)

So it would be better for Cox to allow any old botnetted-computer to spew spam?

If your mail situation is that important, buy a business-class account.

Re:Kudos to Cox Communications (4, Insightful)

rmerry72 (934528) | more than 6 years ago | (#22255144)

So it would be better for Cox to allow any old botnetted-computer to spew spam?

No. Kill the connection of those computers. Don't block and filter my computer because Joe Idiot has malware. Cut him off and make it his responsiblity to clean his property. If I had a spiking phone that was causing disruption to the telephone network they'd disconnect my phone not start filtering your phone conversations. If my car was a defect I wouldn't be allowed to drive.

If your mail situation is that important, buy a business-class account.

Come on, are you telling me sending an email is an add on to the basic funtionality of the internet, and optional extra? "Oh, you want "clean" water? Well I suggest you upgrade to our business service. Our residential water pipes only deliver untreated effluent."

Re:Kudos to Cox Communications (1)

merc (115854) | more than 6 years ago | (#22254954)

You know, I'm getting sick of the prevailing attitude that ISPs and other "institutions" should limit legitimate activities with a technology and filter everybody's behaviour because some customers are bad apples (either intentially or through ignorance).

In principle I agree, except they're not trying to limit legitimate activity but the illegitimate. In this case malware infected computers sending out massive amounts of garbage isn't filtering behavior of a person, but automated abuse. Perhaps as an technological perspectiven this isn't the best way to go about doing it, but from a social perspective I have no issue with it. This isn't about the good customers v. the bad ones, but technical limitations on traffic that exist out of sheer pragmatism. Sorry, I don't see anything wrong with that.

What am I saying? We live in a moddle-coddled world where nobody takes responsibility for they're own actions but instead focuses on fretting and controlling everybody else's actions.

Actually, you are enforcing my point, not conflicting it. That's exactly what Cox is doing, taking responsibility over their servers and their traffic. Their system is imperfect but better than an open sewer pipe going directly to the public lake (if you'll excuse the metaphor). If you want a system that is unchecked I guess you'll have to setup your server in Russia or China.

Re:Kudos to Cox Communications (0)

Anonymous Coward | more than 6 years ago | (#22255038)

Spam filtering: good. But..

Anyway, I say "good job Cox" :)

..how can you say they did a good job of it, when the email in question was not spam? Would you also say they did a good job, if they simply blocked all email? I might go as far as saying they're trying to do a good job, but failing. Some people define a "good job" as not throwing the baby out with the bath water.

mod XdOwn (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22254330)

ISP != Evil (not necessarily, anyway) (4, Informative)

cbone00 (323341) | more than 6 years ago | (#22254356)

I own part of a small ISP and CLEC in the South.
We do not use spy on our customers phone calls or throttle their P2P traffic. We are not considering monitoring their Internet traffic for copyrighted (or any other) data.
Maybe some of the big boys are out there using these draconian tactics, but your average, everyday, garden variety, small ISP is just trying to make a living providing a quality alternative to the behemoths out there.
Please don't lump us in with those guys.

All that said... We *do* filter inbound email traffic for viruses and SPAM. We do block inbound port 25 to our dynamic IPs.
We view these actions as our duty to our customers and to the rest of the Internet to do our small part to help at least slow down the rampant propagation of SPAM on the Internet.
We currently block about 95% of the email that hits our domains - and that number is slowly climbing. Do we occasionally throw out the baby with the bath water? Probably so, but it is rare. I can't even remember the last complaint we have gotten about this, so this tells me that our filters are highly effective.
As for blocking port 25, we do this to guard our address space against our own customers being irresponsible with their PC's and not keeping virus software up to date. Getting our address space blacklisted would effect ALL of our customers.

It is not about getting rich. Hardly so. Email is the probably the biggest drain on resources that any ISP faces. If we didn't take these steps, we probably would not be in business.

Everyone wishes we had the less evil Internet of yesteryear back, but it isn't going to happen. The Internet is a cesspool. We have to defend ourselves in the best way we know how.

ILOVEYOU (3, Funny)

AEton (654737) | more than 6 years ago | (#22254360)

About ten years ago, it became impossible for me to send e-mails to my girlfriend with the subject line "ILOVEYOU."

The error message from Comcast -- something about rejection -- was pretty classic.

Re:ILOVEYOU (1)

Psychotria (953670) | more than 6 years ago | (#22254416)

Girlfriend? What is that? Some new kind of alchemy? I've never heard of such a thing as "girlfriend". Although I think I might want one, it sounds interesting

MOD PARENT FUNNY (1)

Mr. Roadkill (731328) | more than 6 years ago | (#22254778)

I mean, c'mon, about ten years ago, subject line of "ILOVEYOU"...

What? You don't remember? Okay then, GIT OF MA LAWN!

Godaddy anecdotal... (1)

Misch (158807) | more than 6 years ago | (#22254460)

With Godaddy, where I have a domain hosted, if I try to send something that looks like a Paypal/ebay spoof, it gets rejected while sending. (Even if I am sending it to the paypal/ebay spoof reporting addresses.)

This might or might not be a good thing... dunno.

Links (1)

dcollins (135727) | more than 6 years ago | (#22254492)

I've noticed that a number of people I'm in contact with (I run an email list for my band) have email systems that bounce back anything with a link in it, saying it's spam. (For example, the URL for the band's website, stuff like that.) When I pursued it with my girlfriend, she had no idea it was happening, and investigated her system settings and definitely had all spam filter options turned to "off".

Unfortunately, I've started to get accustomed to dealing with this (strip out links & resend individual emails).

Comcast sucks too. (2, Insightful)

mlwmohawk (801821) | more than 6 years ago | (#22254548)

In the Boston area, comcast fuckers are blocking port 25. So, even though people have legitimate uses for the internet connection they pay for, these companies are taking it on themselves to block standard connection protocols.

First its port 25, because of spam. Then it will be P2P because of copyright. Then it will be ssh because of terrorism. Then it will be, inspired from the new york story yesterday, filtering web content to prevent false alarms.

Fuckers. Bury your head america.

When people talk about fascist Germany, they focus on the extermination of jews and the holocaust, and while those were horrific acts, they are not what the Nazi party was about. They were the result of the acts of fanatical and arguably insane men who had gained power in the Nazi party, not the Nazi party, per se'

The Nazi party was about power and the exercise of it. It was about bringing pressure on the citizens from all aspects of society to conform to it. It used social structures and industries and laws to bring people under control. It is EXACTLY what is happening in america today. Its all the little things slowly picking away at the big things, until the big things crumble. Freedom of speech? Nope, now we have "free speech zones," where no one will hear you. I could go on, but the /. crowd already knows.

Just like the Reichstag fire in 1933, the world trade center in 2001 gave the neocons the ability to enact limits on freedom. After that, industries which were once regulated in order to protect the citizens are now deregulated and destroying citizens who do not conform, RIAA, MPIAA, walmart, etc.

ISP censorship is just one more piece of it. The internet is becoming the primary conduit of communication and fascist america must have its citizens controlled, just lake Nazi Germany needed its citizens controlled.

All this isn't a conspiracy theory either. No conspiracy theory need exist. Our government (of the people, by the people, bla bla) is supposed to protect us. If it stops protecting us from big companies, those companies will naturally do the work for their own gain.

Now everyone in the USA is afraid. Some of terrorists, some of losing heath care, some of losing their job, their house, what ever. Fear, as the nazi's will tell you is a powerful tool to harness.

Welcome to neocon amaerica where companies sue their customers because they can. Companies dictate what you can do with your property, because they can, and if you do anything about it or protest, you can lose your job which means your house and health care.

Sorry for the rant, but I can't be the only one who sees this whole thing in this way

Re:Comcast sucks too. (1)

arizwebfoot (1228544) | more than 6 years ago | (#22254622)

And what about that new thing where the government is trying to create a new country by merging with Canada and Mexico? Open the borders, give away the Constitution, limit speech because it might hurts someone's feelings.

Re:Comcast sucks too. (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#22254950)

has anyone ever told you that you are a fucking moron, because you are indeed a fucking moron.

Re:Comcast sucks too. (0)

Anonymous Coward | more than 6 years ago | (#22255060)

Just like the Reichstag fire in 1933, the world trade center in 2001 gave the neocons the ability to enact limits on freedom. After that, industries which were once regulated in order to protect the citizens are now deregulated and destroying citizens who do not conform, RIAA, MPIAA, walmart, etc.

Riiight. In case you forgot, most of that began under Clinton and a Democratic Congress. The DMCA, the so-called Communications Decency act, ridiculous copyright extensions...

I send you this file to have your advice (1)

SeattleZ (1200621) | more than 6 years ago | (#22254634)

I send you this file to have your advice?

Mid-sized ISP (1)

LilGuy (150110) | more than 6 years ago | (#22254696)

I worked for a mid-sized business ISP HQ'd in Des Moines and headed up the abuse dept for a short while. We had clients all across the country for whom we sold spam/virus filtering and firewall services to. We never filtered any outbound e-mail whatsoever unless the client specifically requested it and then paid for the extra service of running their outbound e-mail through postini. All incoming e-mail was run through postini whether or not a client requested it. We offered outbound mail services free of charge to all clients (though we didn't make that a known fact) via a basically open smtp servers (access restricted to our ip ranges).

I can't tell you the nightmare it is being in the abuse department for an ISP that doesn't have SOME sort of e-mail filtering mechanism in place, or a policy in place to punish clients who let viruses run rampant on their own networks. Every day I would have to sift through 10 - 100 abuse complaints and even if I could verify that the spam did indeed originate from the client's network there was nothing I could do aside from e-mail their network admin a head's up.

Eventually it got to the point where I was receiving so many complaints about certain clients that I started threatening temporary disconnections (I had no authorization to do so). That worked up until someone who'd been a client for a lot longer than I'd worked there CC'd my boss on his reply. I was told to let the spam fly no matter what, and if I ran into any similar problems in the future to let him know instead. So I did, I sent him e-mails of the same violators and copies of the abuse complaints nearly every day, but nothing ever happened. I have a feeling he just set up an outlook rule to dump them in the trash.

It would be an extraordinary stress-reducer on the ISP side if there was some kind of automated outbound filtering in place for clients. It sucks to censor free-speech but when you can't speak because some moron is spamming the shit out of the entire internet then which is worse?

AT LEAST THEY TELL YOU!!! (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22254702)

At least they tell you, unlike DIRECTNIC, who kills your site over a complaint sent about an eMail you never know they killed your site - they may not even kill it, just add kiddie porn, messages claiming you are a spammer, or spam messages to it... or they give the user name and password to an alleged spam victim.

Usually, they do this to screw a Christian like myself, because they have lots of Muslims working there.

All this, and never once were they willing to provide me an alleged spam eMail - they just said they had received a "very convincing" email.

Andy

This might explain .... (1)

PPH (736903) | more than 6 years ago | (#22254756)

... my inability to order lunch meat, specifically Spam(tm) using e-mail.

Earthlink Does It Too (1)

mpapet (761907) | more than 6 years ago | (#22254948)

I'm on one of their "faster" dynamic IP residential plans and I can only send mail from my mail server by smtp authenticating against a valid earthlink account. Otherwise, I get an smtp time out message in postfix no matter what.

Earthlink cannot provide me with a static IP which is easy enough to blame on the telco.

Time Warner Cable did this too. (1)

antdude (79039) | more than 6 years ago | (#22255088)

I found out my e-mails were sent to /dev/null and never returned or anything. It was because of http://antfarm.ma.cx/ [antfarm.ma.cx] ... This happened a few months ago, last year.

AOL does it (1)

Migraineman (632203) | more than 6 years ago | (#22255132)

About two months ago, I was attempting to send a song sample to someone from an AOL account - the full song is to be used by a professional DJ, and the clip was being used to properly identify the song, as there are dozens of artists and versions. I didn't send the whole song, just the first 20 seconds or so. AOL refused to deliver the email with the MP3 attachment. I just repeated the experiment, and it went through. I guess they decided that blocking all MP3 attachments isn't a great thing to do.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>