Yesterday afternoon PDXTC had a report that a website we were hosting was down, but the server administrators said that it was up.

An hour later, we had a second report of another website down, and the admins claimed it was up as well, and that’s where I got involved.

I was working from home, and checking both websites came up blank – page not found – through my Comcast internet connection.

I looked up the users  FTP information, and I was unable to login top either account using FTP either, simply getting an “unable to connect” message.

One common connection between the two domains was that they happened to be on the same server, but other than that there was no reason why I shouldn’t be able to see these domains.

I went to a free proxy service and from there I was able to see both domains and verify that they were indeed up and running, so clearly this was a Comcast issue.

Was Comcast actually blocking my access to the web server? Had someone on this shared hosting server done something nefarious, and now Comcast was preventing me from accessing it through their servers?

I phoned Comcast, and of course had to sift through their ridiculous voicemail system, finally arriving at the tier 1 tech support where I had to fight my way past his insistence upon rebooting my router and checking my computer settings.

Finally after getting the guy to understand that the problem belonged to Comcast,  he transferred me to the “abuse” section, where he claimed they must be “blocking those websites”.

Blocking those websites?!? – I’d never heard of that before!

I waited my turn in the queue with Abuse department, and when the guy answered, he listened patiently, verified what I said was true,  and then had me run a trace route and email him the results.

As you can see, I didn’t get very far -

By that point it was after seven o’clock at night, and he told me he would have to escalate it to his next support level but that I shouldn’t expect it to be “fixed”until some time the next day.

At this point I asked if Comcast could be intentionally blocking my server IP address, and he assured me that no,   Comcast does not block access to web servers in the same way that they block mail servers and ports.

Under certain circumstances he says, where a website is known to be distributing Malware or viruses, they may issue a warning before the users arrival that “the site may be harmful…” , but they do not, as far as he knows, intentionally block access to a Web server.  As far as he knows… Huh.

Well, this morning, the sites are back up and I may never know what went wrong, so I guess I’ll just move on.

*** Update ***

I got a phone call back from comcast to tell me that all was resolved, and as it turns out,  Comcast HAD intentionally blocked all activity from that web server IP address!

Interestingly, sites hosted on that same web server that had been assigned a static IP address continud to work fine, but the shared hosting domains were all blocked, with no warning message to the user, and FTP, Trace Route, and even pings to the IP were blocked entirely.

The Comcast rep read me the notes he had gotten from engineering, and they sais that the IP was blocked because “Malicious data flows were detected over TCP port 80″.

That’s it – no indication of what domain caused it, nor, was there any reason given WHY they would UNblock it at my request, since presumably the malicious activity is still going on from whatever domain was causing the problem. Bizarre.

This was news to me, and news to the guy in security, who said he’s never heard of them blocking IP addresses like this before.

So, is the moral of the story that a shared hosting account may be risky to your visibility? It looks that way, doesn’t it?

I’ve had my share of issues with Comcast in the past, and this one is just as frustrating.

Just like many of my issues with them so far, it’s completely inconsistent from market to market, so their support department seems to know nothing about it.

Anyone hosting their own domain somewhere, yet having Comcast as an ISP is continually being forced to jump through new hoops in order to send mail from their own domain.

Until now these hoops have been to verify your outgoing mail settings and change your SMTP port to 587 (or another port for your local market).

Now there’s another inconsistent change that’s not affecting everyone.

As a Portland web host we have three mail servers that our clients use,  and for the past three days, all users that are on our #1 server are unable to send mail to other Comcast addresses.

To make matters worse, Comcast is then misreporting the problem, sending the end user a link, where their page says that their mail server is “blocked as spam”. (For the record, this mail server is not on any spam blacklists at this time).

So, now we are forced to explain to each complaining customer that this is some sort of problem or mistake on Comcasts end, AND we then have to explain that Comcast is also showing them incorrect information.

I have verified that even when you change to port 587 for your outgoing mail server, if the address you are sending to is another Comcast address, then the mail bounces back with this message -

<actualnameremoved@comcast.net>:
Connected to 76.96.62.116 but greeting failed.
Remote host said: 554 IMTA02.westchester.pa.mail.comcast.net comcast 208.70.160.19 Comcast block for spam. Please see http://help.comcast.net/content/faq/BL000000

This message says that our mail server (208.70.160.19) has contacted the Comcast mail server, who is blocking the message as spam. WRONG.

Visiting the help.comcast link is of no use to the end user, but as the server administrator I was able to follow the directions and submit our removal request at www.comcastsupport.com/rbl as directed.

Imagine my surprise when I got this e-mail back -

Thank you for contacting Comcast Customer Security Assurance. We have received and reviewed your RBL removal request.

Below each IP address you submitted in your request, we have included the result of our research. Please do not reply to this message.
208.70.160.19

Your request for IP block removal has been denied for the following reason:

- You have been blocked from emailing the Comcast network because we have determined that you are sending email from a dynamic/residential IP within the Comcast domain.

Comcast does not allow subscribers to send email from a mail server other than smtp.comcast.net. All mail should be sent through Comcast’s mail server.

For information on configuring your machine to use smtp.comcast.net, please follow the link below.

http://help.comcast.net/content/faq/BL002

If you need to run your own mail server, please contact our Commercial Services organization at support_biz@cable.comcast.com

Sincerely,
Comcast Customer Security Assurance

Did you note the bolded statement that “Comcast does not allow subscribers to send email from a mail server other than smtp.comcast.net” ?

If that’s really a policy, then why is only ONE of our mail servers affected, and then, only for mail which is sent to other Comcast email addresses?

Do you suppose this is just a mistake by a server administrator who misunderstood the direction he was given?

Or, do you think they were really told to block all outgoing mail from any servers other than their own, and that the change outbound port 25 to 597 fix will no longer work soon?

If you are suddenly having this problem here is a workaround to fix it:

Open your e-mail program and change your outgoing mail server from mail.yourdomain.com. (Screenshots are from Outlook 2007, another nightmare)

Change Outgoing SMTP – smtp.comcast.net and go to “Advanced”

Be sure to CHECK THE BOX (or leave checked) – My outgoing Server requires Authentication”

Then change to “Verify using” and type in your comcast username and pw

BUT WAIT – THERES MORE
In order to get this working, you MUST ALSO change your outgoing computer port to 587 – So I THINK they’ll be screwing this up too.

WTF is going on, Comcast?

Ever since around the new year, when Comcast “doubled my speed for free”, I’ve had nothing but problems.

Even when its operating at what seems to be optimal capacity, it’s definitely slower than it was back in late 2008.

Frequently I will lose my connection for one to two minutes at a time, then it mysteriously comes back.

My 9 and 12-year-old boys are pretty adept now at powering down and rebooting the Comcast modem and my router, to get back online pretty quickly, but it’s become quite tedious.

Under the “new faster service” my wireless router is also not operating well. Apparently, it’s too old for their “recommended firmware upgrade”, so instead of getting 12mbs like I used to, would the new Comcast change I never get more than 5mbs, even when it’s working.

After all of the problems I’ve had over the years with Comcast, and having to deal with the games Comcast plays with people’s email, I’m finally now trying an alternative that’s recently become available here in Portland called Wimax from Clear.

I’m picking up my modem this week, and I’ll be reporting back as to how it works. I may keep the both, because Comcast works fine 90% of the time and it’s pretty fast.

Well, in my case, the service wasn’t available. in my neighborhood. When I went to get qualified, it was only offering me “mobile” . Too bad for me…

However, if Clear can keep a consistent connection, then I might just be fine with the 6 mbs downloads.

If you’re interested in seeing if WiMAX is available at your home or business, let me know, I’ve got a partner that can help you out.

They can process an order for you and get you up and running in days. Just fill out the form below, to check availability and service offerings.

You’re not alone…
Users all over the country are finding out daily that suddenly, for no apparent reason at all, they are unable to send mail if they want people to reply to their business or personal e-mail addressed other than one that is @comcast.net. This is because Comcast is blocking port 25 , which is your default port for sending email through your mail software.

The error message says (fill in your own X):
The connection to the server has failed. Account: ‘XXXX’, Server: ‘xxx.xxx.xxx.xx’, Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: 10060, Error Number: 0x800CCC0E

Gee that’s helpful, isn’t it?
If you are using mail.yourdomain.com for your SMTP outgoing mail server, then you get an error saying “unable to connect to the mail server” even though it just successfully connected to the mail server to retrieve your incoming mail. After wasting time calling your web host, and going through various troubleshooting techniques, they tell you to call Comcast.

To make matters worse, users are finding out one at a time, because Comcast is slowly rolling out these changes user by user in individual markets around the country. This month, it’s apparently Portland Oregon’s turn, where I live.

To cut to the chase, here’s the solution:
Change the port your computer is using for SMTP outgoing mail, from Port 25 to one that your hosting provider will allow. In most cases, this seems to be port 587 for Portland providers.

To do this in Outlook -

• Go to tools – e-mail accounts – view or change existing account
• Sselect the appropriate mail account and hit the change button
• Go to the more settings button, and into the Advanced tab
• Change your default port 25, to port 587, and you should be back in business in most cases.

Still broken?

• Added note from comments below – Some people in the midwest for whom 487 didn’t work succesfully chaged to 465 and picked SSL under the “use the following type of encrypted connection” drop down. They did not check the “this server requires an encrypted connection” box.

In Outlook express -

• Go to tools – accounts – Mail tab
• Choose Properties box – Advanced Tab – and from there you can do the same

The reason Comcast claims to be doing this is in an effort to prevent spam being sent by zombie/spyware/virus laden computers using their bandwidth and their Internet connection.

I suspect they are really doing it to limit liability for any future potential lawsuits, and not really to save bandwidth, but I have no problem with that.

The problem with Comcast doing this is that they do not seem to be telling all of their support people, and do not be notifying their customers. This has been going on around the country for MONTHS.

Instead, it takes the end user hours of frustrating time on the phone spent with lower-level tech-support who have no idea that this change has even taken place.

One can only guess how many individual users are still frustrated at this very moment because they are being forced to do their business e-mail from home using their @comcast.net accounts, after uninformed Comcast agents are able to help them?

As a web host, we were forced to spend hours dealing with Comcast before we got an actual answer, and we still lost a couple of hosting customers over it, who were convinced that it must be our fault, since Comcast told them it was.

Great customer service. If there was any competing product in my market I would switch in a heartbeat. I tried once before in 2005 after nearly an entire summer of poor Comcast connectivity.

Thanks Comcast, for valuing our time so very little, in your quest to make mega millions.