nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ISP port blocking practice

From: "Kevin Oberman" <oberman () es net>
Date: Sat, 04 Sep 2010 23:28:42 -0700
From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Fri, 3 Sep 2010 21:07:49 +0000

On Sep 3, 2010, at 8:02 PM, Patrick W. Gilmore wrote:


Could you point to more than one instance?  I've not yet found one.


I've yet to run across this, either, FWIW, except on extremely
restrictive special-purpose endpoint networks.  Doesn't mean that it
doesn't happen, but it doesn't seem to be nearly as prevalent as
TCP/25 blockage on general SP access networks.


Worst case I have seen was the visitors network at EBC at one of the
nation's largest telephone and Internet transit providers. They seemed
to block ALL outgoing ports except 80, 443, and 22. No VPN. No
submission port. No IMAP. (Didn't try POP3.) I tunneled mail over ssh,
but I can imagine that a lot of corporate types who meet there are
rather annoyed that they can't access mail.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman () es net                       Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751
Previous By Date Next
Previous By Thread Next

Current thread: