Why is Port 25 for Email Submission Not Supported?
For major communications, email is being used and Comcast wants to guarantee that these communications are as safe and private as possible. As such, Comcast does not support port 25 for our residential Internet customers ‘ e-mail transmission. Much of the present use of Port 25 is made by malware-infected pcs that send spam without the understanding of those computers ‘ users.
Why is Comcast Port 587 supported?
The 25 and 110 original / legacy email ports are used since email launch and have restricted or no safety characteristics. As a consequence, Port 25 has been used for almost a century to transmit spam and malware from infected pcs. Port 110 is merely not a safe way for email retrieval. Port 995 offers email download SSL encryption.
M3AAWG, an international community of anti-abuse experts and the Internet Engineering Task Force (IETF), have long recommended that port 25 be blocked. In order to ensure our clients maximum security by e-mail, Comcast advises using the industry-recommended port 587 enabled with TLS / SSL. Here you can read the M3AAWG suggestions and view IETF RFC 5068 and RFC 4409 (chapter 3.1, see below).
RFC 4409: 3.1.
3.1. Submission ID
Port 587 is reserved for submission of email messages as indicated in the present document. Messages obtained at this port shall be described as submissions. The protocol used is ESMTP, with additional limits or allowances specified here (SMTP-MTA, ESMTP). While most E-Mail customers and servers can be configured to use port 587 instead of 25, this is not feasible or convenient. A site may use port 25 to submit a signal by naming some hosts as MSAs and others as MTAs.
What makes this configuration safer?
Port 587 enhances further safety by using necessary authentication and suggested TLS / SSL encryption.
You need to use your Xfinity username and password when sending and receiving emails. This enables avoid the free transmission of spam and malware on infected pcs and other devices linked to Xfinity services.
Encryption of SSL
Secure Sockets Layer (SSL) is a safe protocol for safely and encrypted transmission of information over the Internet. SSL encryption secures your user ID, password and name from hackers and identity thefts when you send or receive emails.
Other bodies that are opposed to Port 25 use
Comcast operates with a number of other organisations to regulate the issue of spam on the Internet. Spamhaus, an organisation with a number of lists of IP addresses known to send spam and a list of IP addresses that should never send out an email, is one of the most remarkable of these. Almost all ISPs and mail recipients on the planet use these lists as well as other comparable organisations. Spamhaus lists the entire Comcast dynamic IP address space as not to be used to send an e-mail. As such, any email sent directly to other ISPs by Comcast subscribers is very probable to be blocked by the receiving ISP (not by the Comcast mail servers).
The Federal Trade Commission is also recommending that Port 25 should be blocked by ISPs and an organisation which has taken legal action against many spammers. The FTC’s suggestion is this: “Bloc port 25 with the exception of the outgoing demands of authenticated customers of client-driven mail servers. Examine how to implement the Authenticated SMTP on port 587 for customers that have outgoing mail servers to function.” You can see this here. Although this paper focuses on the remediation of booted pcs, the blocking of port 25 is viewed as an significant step in mitigating the spam from booted machines.
Port 25 management ISPs
Many ISPs block port 25, both in the US and around the world. Including: