ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Verizon blocking port 465 to godaddy?

    Scheduled Pinned Locked Moved IT Discussion
    104 Posts 11 Posters 18.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @Dashrender
      last edited by

      @Dashrender said in Verizon blocking port 465 to godaddy?:

      @scottalanmiller said in Verizon blocking port 465 to godaddy?:

      And a ticket to GoDaddy, as well. Lots of relays block port ranges because they are common SPAM host locations.

      What relays though? @Mike-Davis is trying to connect directly to his email service provider. He's not using a relay anymore.

      Host, relay... same thing. The MTA.

      DashrenderD 1 Reply Last reply Reply Quote 0
      • BRRABillB
        BRRABill
        last edited by

        One other question I have is ... do ALL of the clients on the bad network have this issue? Or do some of them work?

        From what I have seen from your testing and the testing @Dashrender and I have done, the connection is going through. But the SSL handshake is failing with:
        15712:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:./ssl/s23_lib.c:188:

        1 Reply Last reply Reply Quote 0
        • Mike DavisM
          Mike Davis
          last edited by

          @BRRABill said in Verizon blocking port 465 to godaddy?:

          One other question I have is ... do ALL of the clients on the bad network have this issue? Or do some of them work?

          yes, all their outlook clients and iphones are having this issue.

          BRRABillB 1 Reply Last reply Reply Quote 0
          • BRRABillB
            BRRABill @Mike Davis
            last edited by

            @Mike-Davis said in Verizon blocking port 465 to godaddy?:

            @BRRABill said in Verizon blocking port 465 to godaddy?:

            One other question I have is ... do ALL of the clients on the bad network have this issue? Or do some of them work?

            yes, all their outlook clients and iphones are having this issue.

            OK.

            The reason I asked was that some of the Google responses seemed to get that handshake error when the remote server was blocking due to too many connections. There were also a lot of AV issues, but since it's happening with the phone, that's not the issue.

            1 Reply Last reply Reply Quote 0
            • DashrenderD
              Dashrender @scottalanmiller
              last edited by

              @scottalanmiller said in Verizon blocking port 465 to godaddy?:

              @Dashrender said in Verizon blocking port 465 to godaddy?:

              @scottalanmiller said in Verizon blocking port 465 to godaddy?:

              And a ticket to GoDaddy, as well. Lots of relays block port ranges because they are common SPAM host locations.

              What relays though? @Mike-Davis is trying to connect directly to his email service provider. He's not using a relay anymore.

              Host, relay... same thing. The MTA.

              OK sure - but in this case, @Mike-Davis is trying to connect to the service he paid for - that's all, something the service he paid for is telling him to do.

              So unless Verizon is messing with the connection, or GoDaddy (the service provider in his case for email) is blocking @Mike-Davis for some reason, this should just work.

              scottalanmillerS 2 Replies Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @Dashrender
                last edited by

                @Dashrender said in Verizon blocking port 465 to godaddy?:

                @scottalanmiller said in Verizon blocking port 465 to godaddy?:

                @Dashrender said in Verizon blocking port 465 to godaddy?:

                @scottalanmiller said in Verizon blocking port 465 to godaddy?:

                And a ticket to GoDaddy, as well. Lots of relays block port ranges because they are common SPAM host locations.

                What relays though? @Mike-Davis is trying to connect directly to his email service provider. He's not using a relay anymore.

                Host, relay... same thing. The MTA.

                OK sure - but in this case, @Mike-Davis is trying to connect to the service he paid for - that's all, something the service he paid for is telling him to do.

                Right, which doesn't change what I said. And there is no easy to know if it is actually a relay or not. In a standard email situation, the system that you connect to is always a relay no matter what because a relay MTA normally sits on the network edge and another MTA is protected behind it. That's why we use the term relay loosely with any MTA that you are hitting, because it will return a relay error either way.

                DashrenderD 1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @Dashrender
                  last edited by

                  @Dashrender said in Verizon blocking port 465 to godaddy?:

                  And a ticket to GoDaddy, as well. Lots of relays block port ranges because they are common SPAM host locations.

                  So unless Verizon is messing with the connection, or GoDaddy (the service provider in his case for email) is blocking @Mike-Davis for some reason, this should just work.

                  Right, so you see why my statement above about GoDaddy's relay probably blocking his IP address makes sense then? You just repeated what I said as if I hadn't said it.

                  1 Reply Last reply Reply Quote 0
                  • DashrenderD
                    Dashrender @scottalanmiller
                    last edited by

                    @scottalanmiller said in Verizon blocking port 465 to godaddy?:

                    @Dashrender said in Verizon blocking port 465 to godaddy?:

                    @scottalanmiller said in Verizon blocking port 465 to godaddy?:

                    @Dashrender said in Verizon blocking port 465 to godaddy?:

                    @scottalanmiller said in Verizon blocking port 465 to godaddy?:

                    And a ticket to GoDaddy, as well. Lots of relays block port ranges because they are common SPAM host locations.

                    What relays though? @Mike-Davis is trying to connect directly to his email service provider. He's not using a relay anymore.

                    Host, relay... same thing. The MTA.

                    OK sure - but in this case, @Mike-Davis is trying to connect to the service he paid for - that's all, something the service he paid for is telling him to do.

                    Right, which doesn't change what I said. And there is no easy to know if it is actually a relay or not. In a standard email situation, the system that you connect to is always a relay no matter what because a relay MTA normally sits on the network edge and another MTA is protected behind it. That's why we use the term relay loosely with any MTA that you are hitting, because it will return a relay error either way.

                    OK I agree there -

                    Question - if it is a relay, would his SSL connection be happening with the relay box or with the internal box that the relay is protecting? If it's with the relay box, then who cares if it's a relay or not, that's not relevant to the problem at hand.

                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @Dashrender
                      last edited by

                      @Dashrender said in Verizon blocking port 465 to godaddy?:

                      Question - if it is a relay, would his SSL connection be happening with the relay box or with the internal box that the relay is protecting? If it's with the relay box, then who cares if it's a relay or not, that's not relevant to the problem at hand.

                      Hence why in email world we call ANYTHING you connect to somewhere else a relay, whether it is the only system or not. And yes, no matter what, only the relay (external facing MTA) matters for connection, nothing past it matters to you.

                      1 Reply Last reply Reply Quote 1
                      • T
                        tiagom
                        last edited by tiagom

                        Are you able to send an email without SSL?

                        Mike DavisM 1 Reply Last reply Reply Quote 0
                        • Mike DavisM
                          Mike Davis @tiagom
                          last edited by

                          @tiagom said in Verizon blocking port 465 to godaddy?:

                          Are you able to send an email without SSL?

                          587 with TLS doesn't work either.

                          T 1 Reply Last reply Reply Quote 0
                          • T
                            tiagom @Mike Davis
                            last edited by

                            @Mike-Davis I wasn't clear. What about with encryption set to none and outgoing port using 25, 80 or 3535.

                            Mike DavisM 1 Reply Last reply Reply Quote 0
                            • Mike DavisM
                              Mike Davis @tiagom
                              last edited by Mike Davis

                              @tiagom said in Verizon blocking port 465 to godaddy?:

                              @Mike-Davis I wasn't clear. What about with encryption set to none and outgoing port using 25, 80 or 3535.

                              I'm pretty sure I tried all but port 25 while I was on site with Outlook with no success. I tried telnetting to port 80 and 3535 and didn't get a response.

                              T 1 Reply Last reply Reply Quote 0
                              • T
                                tiagom @Mike Davis
                                last edited by

                                @Mike-Davis Sounds like there is a bigger problem then just on port 465.

                                Do you get any response when you telnet to a port that doesn't require encryption(25, 80 or 3535)?

                                ie..

                                220 p3plsmtpa09-03.prod.phx3.secureserver.net :SMTPAUTH: ESMTP

                                1 Reply Last reply Reply Quote 1
                                • T
                                  tiagom
                                  last edited by

                                  A recommendation for debugging if you get past the 220 banner.

                                  Capture the communication using wireshark when you attempt to send an email using outlook. Usually its pretty clear what it is unhappy about.

                                  Make sure to set outlook's SMTP encryption settings to "NONE" and use the appropriate ports(25, 80 or 3535 according to the link below) so the traffic is in plain text.

                                  https://www.godaddy.com/help/what-do-i-do-if-i-have-trouble-connecting-to-my-email-account-319

                                  1 Reply Last reply Reply Quote 0
                                  • momurdaM
                                    momurda
                                    last edited by

                                    Looks like someone's mail server doesnt support the version of ssl/tls you are trying to connect with.

                                    http://www.checktls.com/index.html - i suspect godaddy doesnt support the ssl/tls youre using(if at all), and verizon does. Perhaps they require tls/ssl connections now and if godaddy doesnt support ssl/tls, no mail can be sent between the two.
                                    Had a similar problem at last job; we required tls/ssl for SEC reasons, couldnt send email to hotmail and a few other email providers(wasnt supported by them at the time)

                                    BRRABillB 1 Reply Last reply Reply Quote 0
                                    • BRRABillB
                                      BRRABill @momurda
                                      last edited by

                                      @momurda said in Verizon blocking port 465 to godaddy?:

                                      Looks like someone's mail server doesnt support the version of ssl/tls you are trying to connect with.

                                      http://www.checktls.com/index.html - i suspect godaddy doesnt support the ssl/tls youre using(if at all), and verizon does. Perhaps they require tls/ssl connections now and if godaddy doesnt support ssl/tls, no mail can be sent between the two.
                                      Had a similar problem at last job; we required tls/ssl for SEC reasons, couldnt send email to hotmail and a few other email providers(wasnt supported by them at the time)

                                      But why would it work outside his office?

                                      1 Reply Last reply Reply Quote 2
                                      • Mike DavisM
                                        Mike Davis
                                        last edited by

                                        I think I finally got to the bottom of this. Telnet to smtpout.secureserver.net on port 80 and I get:

                                        554 p3plsmtpa12-03.prod.phx3.secureserver.net :SMTPAUTH: ESMTP No Relay Access Allowed From <the static IP of the Verizon connection here>
                                        

                                        So there we have it, it connects to godaddy and godaddy tells it that they have blacklisted the IP and closes the connection. If you do that same test from a different IP it allows you to type commands.

                                        travisdh1T scottalanmillerS 2 Replies Last reply Reply Quote 2
                                        • travisdh1T
                                          travisdh1 @Mike Davis
                                          last edited by

                                          @Mike-Davis said in Verizon blocking port 465 to godaddy?:

                                          I think I finally got to the bottom of this. Telnet to smtpout.secureserver.net on port 80 and I get:

                                          554 p3plsmtpa12-03.prod.phx3.secureserver.net :SMTPAUTH: ESMTP No Relay Access Allowed From <the static IP of the Verizon connection here>
                                          

                                          So there we have it, it connects to godaddy and godaddy tells it that they have blacklisted the IP and closes the connection. If you do that same test from a different IP it allows you to type commands.

                                          Well, that was a pain to figure out.

                                          1 Reply Last reply Reply Quote 0
                                          • Mike DavisM
                                            Mike Davis
                                            last edited by

                                            Insult to injury, the client called GoDaddy, and this was their response:

                                            Godaddy says they have no way to whitelist or unblock IP addresses and that we must have some encryption attached to our outgoing mail that no one else has that their server wont allow.

                                            My client asked to talk to the level 2 guy and the level 1 guy on the phone said he couldn't because it was all done by chat. So he asked him to paste that error message to him and explain it. His response? "You should use webmail - it works every time."

                                            I feel like that should be cross posted to the "I can't even" thread.

                                            scottalanmillerS 1 Reply Last reply Reply Quote 3
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 5 / 6
                                            • First post
                                              Last post