Hi,
Tried to simulate your situation on one of our Shaw Cable modems. FWIW, it looks to me like your firewall is probably using a DHCP address instead of the static address you may have configured.
Here is what I did and why I think you possibly could be using a DHCP address even though you are paying for static addresses. Hope the following is helpful.
nps2245.foretell.ca# ifconfig em2 em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 lladdr ob:fu:sc:at:ed:00 index 3 priority 0 llprio 3 groups: egress media: Ethernet autoselect (1000baseT full- duplex,rxpause,txpause) status: active inet 184.71.76.158 netmask 0xfffffffc broadcast 184.71.76.159
nps2245.foretell.ca# telnet gmail-smtp-in.l.google.com 25 Trying 173.194.197.26... Connected to gmail-smtp-in.l.google.com. Escape character is '^]'. 220 mx.google.com ESMTP j12si2239041iok.52 - gsmtp quit 221 2.0.0 closing connection j12si2239041iok.52 - gsmtp Connection closed by foreign host.
nps2245.foretell.ca# dhclient em2 em2: 24.78.147.49 lease accepted from 24.78.144.1 (00:01:5c:88:aa:46)
nps2245.foretell.ca# telnet gmail-smtp-in.l.google.com 25 ^C
SMTP does not work as you experienced, once I used a DHCP address.reported
So set the interface back to the static address
nps2245.foretell.ca# sh /etc/netstart
nps2245.foretell.ca# ifconfig em2 em2: flags=808843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,AUTOCONF4> mtu 1500 lladdr ob:fu:sc:at:ed:00 index 3 priority 0 llprio 3 groups: egress media: Ethernet autoselect (1000baseT full- duplex,rxpause,txpause) status: active inet 184.71.76.158 netmask 0xfffffffc broadcast 184.71.76.159
nps2245.foretell.ca# telnet gmail-smtp-in.l.google.com 25 Trying 74.125.142.27... Connected to gmail-smtp-in.l.google.com. Escape character is '^]'. 220 mx.google.com ESMTP g30si2236902pfr.206 - gsmtp quit 221 2.0.0 closing connection g30si2236902pfr.206 - gsmtp Connection closed by foreign host.
SMTP port accessible once the interface goes back to using static addresses.
Quoting roundtable-request@muug.ca:
Send Roundtable mailing list submissions to roundtable@muug.ca
To subscribe or unsubscribe via the World Wide Web, visit https://muug.ca/mailman/listinfo/roundtable or, via email, send a message with subject or body 'help' to roundtable-request@muug.ca
You can reach the person managing the list at roundtable-owner@muug.ca
When replying, please edit your Subject line so it is more specific than "Re: Contents of Roundtable digest..."
Today's Topics:
- Re: Shaw blocking port 25 on business line (Trevor Cordes)
- Re: Shaw blocking port 25 on business line (Gerald Brandt)
- Re: Shaw blocking port 25 on business line (
athompso@athompso.net)
Message: 1 Date: Thu, 23 Jan 2020 03:42:30 -0600 From: Trevor Cordes trevor@tecnopolis.ca To: Gerald Brandt gbr@majentis.com Cc: Continuation of Round Table discussion roundtable@muug.ca Subject: Re: [RndTbl] Shaw blocking port 25 on business line Message-ID: 20200123034230.2af68ad8@pog.tecnopolis.ca Content-Type: text/plain; charset=US-ASCII
On 2020-01-21 Gerald Brandt wrote:
Hi,
I've been fighting with Shaw for days on this. I have what they call a business account with 8 static IPs.
I can telnet mail.shaw.ca 25 and get a connection. So, inside their network, SMTP works.
If I try to telnet to any other server on port 25, i get no connection. e.g. telnet to google email servers fails, telnet to my server in Montreal fails.).
There is no reason your business account should have port 25 blocked, in either direction. If they have done that to you, complain and get them to fix it. If they gave you a static range, make sure you are using it and not grabbing one of their residential DHCP addresses by accident.
Also, the business side has some smart people working there, so there's no reason you shouldn't be able to get it resolved by people who understand your language.
I just checked and my customers on Shaw business have port 25 outgoing unblocked.
Message: 2 Date: Thu, 23 Jan 2020 07:49:28 -0600 From: Gerald Brandt gbr@majentis.com To: Trevor Cordes trevor@tecnopolis.ca Cc: Continuation of Round Table discussion roundtable@muug.ca Subject: Re: [RndTbl] Shaw blocking port 25 on business line Message-ID: 11A03F6F-111F-4DA9-8A91-529665360579@majentis.com Content-Type: text/plain; charset="utf-8"
On January 23, 2020 3:42:30 a.m. CST, Trevor Cordes trevor@tecnopolis.ca wrote:
On 2020-01-21 Gerald Brandt wrote:
Hi,
I've been fighting with Shaw for days on this. I have what they call a business account with 8 static IPs.
I can telnet mail.shaw.ca 25 and get a connection. So, inside their network, SMTP works.
If I try to telnet to any other server on port 25, i get no connection. e.g. telnet to google email servers fails, telnet to my server in Montreal fails.).
There is no reason your business account should have port 25 blocked, in either direction. If they have done that to you, complain and get them to fix it. If they gave you a static range, make sure you are using it and not grabbing one of their residential DHCP addresses by accident.
Also, the business side has some smart people working there, so there's no reason you shouldn't be able to get it resolved by people who understand your language.
I just checked and my customers on Shaw business have port 25 outgoing unblocked.
I agree with everything you said, except the smart people comment. If you tell me to login to my gmail account via web, and send and email to myself (from gmail to gmail) and use the successful delivery of the email as proof of port 25 being open, you have no idea what you're talking about.
Guaranteed not using a DHCP address. Incoming port 25 works, outgoing fails to leave their network.
The first person I talked to thought the 24.x.x x addresses they gave me placed me in India. WTF?
Seven days, and this issue is still not resolved.
Gerald
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
-
Vijay Sankar