Comcast customers: Sent e-mails blocked?

I have Comcast cable modem service here at home. It's been very reliable. Service interruptions have been rare and brief. The cable modem I was given years ago is still working fine. Network performance has been reasonably good.

So all in all, I'm happy with the service.

(Credit: Comcast)

But I just found out about something that really bugs me--and may explain why I've received occasional reports over the years that an e-mail I sent didn't get through at all--or was marked as spam when it did arrive.

This came up about a week ago, when I noticed that some (but not all) outbound e-mails sent through Apple's .Mac service (now known as MobileMe) were not going out. After waiting about an hour for the messages to go through, I reported the problem to the service's support desk.

It turned out that the messages were being delayed within the .Mac servers by a couple of hours, and I never did get an explanation of why that happened, but the .Mac support specialist who replied to my initial report told me something that surprised me a lot.

It turns out that the IP address of my Comcast cable modem--which had been the same for several months--is in a range of addresses that is listed on several major e-mail blacklists. That is, some e-mail services regard e-mail from many (or most?) Comcast customers as more likely to be spam. This may be old news to many of you, but as I said, I found it very surprising, and I bet a lot of other Comcast customers aren't aware of it.

(This problem turns out to be unrelated to the message delays I was seeing, but it's a pretty serious problem on its own.)

As it happens, I had a brief service interruption yesterday, and in case the problem was a glitch at my end, I reset my cable modem and router. When it came back up (several minutes later, actually) I discovered I had a different IP address, one that is substantially different than the previous one.

I checked the new address against the same e-mail blacklists and found that it's on all the same lists.

You can check for yourself. The service I used to check multiple blacklists is hosted by MXToolBox; just enter any IP address--such as the address of your home Internet connection, or the address of your e-mail server--and in a few seconds, you'll get a report summarizing the responses from 123 different blacklists. (If you don't know your own IP address, try a service such as WhatIsMyIP.com.)

While the cable modem service was down, I connected via the Option 3G wireless card I use when I'm traveling. I also checked that IP address--no blacklist entries at all.

So at least I have a way to avoid this problem when I'm sending a really critical e-mail to people who aren't expecting my message and thus haven't whitelisted my e-mail address or personal domain within their antispam software.

But I don't want to have to use the Option card all the time, either.

I discussed the situation with a friend of mine who works in the network security industry, and he says the problem may be related to the proliferation of botnets on home PCs. Users click on malicious Web sites, their PCs get infected, and they start sending spam at the direction of the botnet organizers.

My friend says these infected PCs can be difficult for ISPs such as Comcast to detect. His company makes a server appliance that is designed to detect such things, so I believe it.

The bottom line here is that I have a problem I don't know how to solve. I'm sure Comcast can't solve it; it isn't in control of these blacklists, and if it could control the botnets, it would already be doing that.

I could get a different Internet service, but there aren't many choices around here, and it's quite possible that any service that has a large number of home users is going to be blacklisted for the same reasons as Comcast.

Any suggestions?

[ewilts]

The obvious suggestion is to not send the email directly from your home equipment but to use Comcast's mail gateways. That's what they're there for.

[t26l]

Even when you use your ISP's mail server, your IP address is still in the headers. Some blocking programs use *_ALL_* the IP addresses.

[Public_Call]

IP addresses assigned to cable modems, dsl modems and regular dial-up are almost always on blacklists. This happens because 1. bots and viruses wind up getting the IPs listed and 2. ISPs that are good neighbors tell blacklist providers where their user's IP space is. This helps to cut down spam across the internet and is considered a "best practice."
Having your home modem on a blacklist should not, in any way, impact your ability to send mail through .mac or any other mail servers.

[jdaneke]

It is my understanding that Comcast puts those addresses on those lists as they see no reason for residential customers to have email servers. If a person purchases the business package, the IP addresses there are not blocked.

So, either use Comcast's servers, or use a service such as found at dyndns.org

[ecovelli]

Does using SSL have any effect? I would think if you are using Apple's SMTP servers with SSL that they wouldn't care what IP address you were sending from. Use port 587.

[umbrae]

I run my own mail server, and I personally block most of Comcast. I allow mail from Comcasts mail server, but Comcast does nothing to help their broadband customers keep their machine clean or lock down personally run mail servers. As such, mail delivered from Comcast's customers IPs is 90% SPAM. If you use GMail, Hotmail, or run a mail server from a "home" class account, you should expect to be flagged as SPAM in many cases.

Otherwise, use your ISP's mail server or use an account from a service that is not commonly frauded just to send SPAM.

[kannuc]

A friend in Canada and I swap jokes once in a while, he's with Shaw, the largest provider up there and I'm with Comcast but when photos are being exchanged, we don't use Camcast but instead go through Yahoo. Shaw blocks photos from Comcast for some reason.

Also, must admit I don't like Comcast, they have an attitude and too much down time. And forget going online between between five and seven in the evening, it's too slow. Ran a speed test a couple of days ago and the website gave up on it because the signal wouldn't bounce back.

[chrineg]

"Comcast can't solve it; they aren't in control of these blacklists, and if they could control the botnets, they'd already be doing that."

This is where your problem is. You assume that Comcast is going to do something for their customers. Comcast is a company that has shown time and again that it is only concerned with the bottom line and will do anything to increase ti. It does not care for your experience online or how their lack of attention affects customer. Take for instance the recent headlines they made with tho whole Net Neutrality issue. Comcast is after your money and nothing more. They do not care for their customers.

[jamalystic]

I agree with Chrineg's comment on this one! These guys care less about how to enrich the user's experience online. Users are locked in between the deep blue sea and a hard rock, we are powerless and just have to accepts what these telcos desire to give us. This is the truth:Facing Facts About Internet Filtering(http://www.internetevolution.com/author.asp?section_id=562&doc_id=158566&F_src=flftwo)

[t26l]

Get a GMail account and set your mail client to send using GMail's SMTP server.

[capaho]

Botnets on Comcast (and many other large ISPs) relay a lot of spam and are a major headache for system administrators. If you're sending mail directly from your computer through your access point rather than using a bona fide mail server, a lot of your messages are likely to get snared in the destination server spam filters.

[TV James]

The ISPs in general have said time and time again that unprotected home computers are not their problem. Which is as silly as a local government saying "cars dragging mufflers down the street shooting sparks and lighting dry grass in the median on fire are not our problem."

Even if it means their own bandwidth is wasted. (Which I don't get.)

ISPs need to own up and watch for suspicious traffic on their network, then drop those connections, wait for the customer to call in, and then sell the clueless user a copy of McAfee. (Most ISPs already offer McAfee free to their subscribers.)

[DaveDugdale]

I created a blog post about this when I had this problem. My solution was changing the port.
http://www.davecolorado.com/index.php/recreate-djtv-digital-juice-set-electronically/

[Peter N. Glaskowsky]

The link you were looking for, I believe, is:

http://www.davecolorado.com/index.php/comcast-blocks-my-email-on-port-25-because-of-spam/

You were having a different problem, but if anyone has the same problem you experienced, your post could help-- so thanks!

. png

[Peter N. Glaskowsky]

I appreciate all the comments, but using Comcast's outgoing email servers isn't a solution. I have my own domain name, so I use the hosting service's email servers, and I also have the MobileMe account, which uses Apple's servers.

I hate the idea of using any Comcast-provided email address, anyway, since it wouldn't be portable across ISPs. (Email-address portability is a whole 'nother topic, similar to the issue of cellphone-number portability which was eventually solved.)

I do use secure SMTP for my outgoing mail, but my home IP address still appears in the headers of the emails, and that's what may be getting my messages flagged as spam.

. png

[DigitalFrog]

As mentioned above, home accounts are not expected to be running smtp servers. Get a business account with a static IP that isn't in their consumer range.

[Peter N. Glaskowsky]

Once again, I'm not using my own server-- I use a hosting service for my personal ideaphile.com domain, so I use their servers for email associated with that domain, and I use the MobileMe servers for email associated with mac.com (and now me.com).

[drdrem]

As a Comcast customer this is disturbing. Like so many in my area there are few choices when it comes to Internet at broadband quality. The idea of switching to ATT for DSL is not all that exciting, but then neither is the prospect of having important emails potentially blocked and never sent. No suggestions, here.

[rickhellewell]

I don't think that Peter's problem is with Comcast (although they probably have lots of customer IP addresses on black lists). I think that the problem is with mac.com, which is his mail provider.

The explanation is too long to discuss here, so I have put it on my "Security Dawg" blog here http://www.securitydawg.com/2008/07/spam-blacklists-and-peter-g.html .