Have you ever gotten a spam message that looks like it came from your own e-mail address? Or, have you ever replied to a spam e-mail, assuming that it will go back to the person that actually sent it, only to have them tell you that they never did send it?

We recently had a web hosting support ticket where someone was convinced that our servers had been hacked, and someone was using their email to send out spam messages.

What happened was, they received a “reply” to a spam message that someone else received, that basically said to THEM, “hey, quit sending me spam!”

Our web hosting client scrolled down and saw that sure enough, it appeared as if this obscene pornographic e-mail solicitation came from them at their domain!

Of course, they were horrified, and sent us a support ticket.

In order for us to clearly show them that a spam message did NOT really come from their domain or their email address, it was necessary for them to view their mail header, which most people don’t know how to do.

An off-line parallel to this would be if someone were to call you on the phone and lie about who they were. You can’t STOP them from calling you, but if someone claims to be from the White House, and their caller ID clearly shows that it’s a different local phone number, then you know they’re lying, and you can hang up.

Unfortunately not enough people know that it’s possible to send e-mail claiming to be “from” a fake email address. I put together a two-minute video explanation, which I hope makes sense.

I’m really looking forward to giving this year’s Pubcon presentations, not only because I’m heading to Las Vegas, November 8-12 for the longest running internet marketing conference, but because in both sessions, I get to speak about things that I have a strong passion for.

This year I’ll be speaking in two sessions, the first one is going to be called Tweaking WordPress and Installations
and it will be on Tuesday, November 9, at 1:30 PM in Salon E.

The Wednesday session is going to be about Web hosting and SEO, and it’s also in the same room at the same time the next day – Wednesday, 1:30pm in Salon E.

WordPress SEO and Installation
For the session on WordPress, most of my slides will cover some very efficient plugins, while one of the other speakers will be making the anti-plugin case for why you should hardcode some of those same functions into the theme.

It should be interesting, and these presentations are going to be a little shorter – We cut to 10 minutes max, so there will be plenty of time for Q&A with a live and local WordPress installation running on the screen, where each of us has already uploaded our preferred plug-ins and themes.

Web Hosting & SEO
In the web hosting slides, I’ll be touching briefly on some really fast troubleshooting tips for performance, buy the rest of my hosting presentation will focus on malware; The identification, the removal, dealing with Google webmaster tools, and finally giving some thoughts on preventing reinfection.

It’s a lot to cram into 14 minutes, but anyone who’s heard me speak knows that I talk pretty fast – Also, this year I’ve learned a lot after dealing with some nasty hacks and viruses, and can really offer some timesaving tips dealing with this stuff.

Thursday LunchTable
The schedule was released for the Pubcon 2011 Lunch Schedules , and I’m going to be hosting the WordPress table on Thursday, so if you have any questions or want to talk WordPress, I hope you’ll come by.

Pubcon Poker Tournament
I’m also happy to announce that SEO Automatic is going to be one of the co-sponsors of the fourth annual Purpose Inc Poker Tournament, and this year it will be at the Mirage, Tuesday November 09, 2010.

It’s only going to be a $100 entry fee this year, and he promises better organization than ever. Ill be there, and if you want to attend, Registration opens tonight at 8PM PST.

My Powerpoint Slides

Friday morning here in Portland, a web hosting customer could not check their email without an error saying that their mail server wasn’t found, and they couldn’t see their own website either.

Initial attempts to help her proved fruitless, and after trying everything, she was sadly told that it appeared to be a Frontier DNS problem.

Subsequently, we had several people over the weekend  with the exact same issue, and we’re not a large host,  so depending on how wide spread this problem is, a lot of people might be affected!

Frontier recently took over Verizons ISP service  here in parts of Portland Oregon, and without getting too technical, here’s what’s wrong…

The Frontier DNS Settings Need Changing in Your Modem

The DNS settings that were put into the modems when they were put  into the customer offices and homes are not functioning correctly, and need updating by Frontier.

I wish I could be more specific, but with so many models of modem installed by Verizon over the past 10 years since DSL came along, there’s simply no way to tell you exactly where to go to fix this.

Here’s how to fix the Frontier “I can’t see my website” problem.

1. Log into your modem IP address – (if you don’t do that then you’re going to have to call Frontier support)
2. Figure out how to change your DNS settings, from the hardcoded BAD ones, of which there appeared to be several, and check the box that says something like “obtaind DNS automatically”

Our own hosting customers have likely solved the problem by now,  so I’m putting these instructions out here for anyone else who happens to need them.

If you own your own domain, and suddenly cannot get your own e-mail or website, then you might try this on your modem and see if it works.

Can someone at Frontier please fix those bad Verizon DNS settings?

Update 10/26
In the wake of this blog post, we discovered that nearly 35,000 domains we knew of were xperiencing this issue not only from our servers, but from the servers of others in our datacenter, and even a couple of other small web hosts and reseller acquaintances who are unrelated to our business at all.

This morning I received a very courteous phone call from Frontier, who told me how WE could fix the problem.

In layman’s terms, the internet is running out of IP addesses, and Arin is releasing IP blocks in a range that the default NS config files had blocked, as being in a “black hole”.

The default BIND source code has some hard coded default exclusions that all webhosts are going to have to change theirs.

The reason WHY the default BIND source has exclusions is still a mystery, and I suppose there’s a case to be made that all registrars for all domains should be notifying all registrants in the same way that they insist upon annual ownership verification, but that’s neither here nor there, I guess.

Thank you to Frontier for responding so quickly, and if you’re a web host, here are the instructions to “fix” your config files so this doesnt happen with other ISP’s besides Frontier as the years roll by.

Here are the relevant details that I was emailed after the phone call…

Frontier customers trying to resolve your customers sites are not able to resolve them due to what appears as our cache DNS farms (184.16.4.22, 184.16.4.23, 184.16.33.54, 184.16.33.56) are unable to contact your authoritative DNS.

We have had this issue with several providers recently. The root causes have been outdated “bogon” lists or not allowing our subnet (184.16.0.0/14) via ACL or firewall.

Thanks Frontier, for the great service!

If you leave your mail on the server, then it will eventually fill up, and when people try to e-mail or reply, they’ll get “the mailbox is over quota” or  something similar as a bounce-back message.

When that happens, you are going to have to either empty some of the mail, or increase the size of the mailbox, which would only be a temporary fix, until it fills up again. No matter what the device, cell phone or desktop, you have to change your email program behavior.

The default behavior of all e-mail programs is to remove mail from the server once it’s been downloaded. However, as more and more people want to receive mail in multiple places, they have changed their mail settings, and have even been told to do so by the telephone company’s tech support, and now they are having problems.

Here’s how to correct the root cause, but remember – you still have to go empty your mailbox at your host.

The screen shots and steps are for Outlook, but if you use any of a dozen other programs, on your computer or your phone, the concepts are always almost identical…

Go to Tools – account settings -

Then highlight the mailbox and hit the “change” button -

Hit the “more settings” button in the lower right”

Go to the Advanced tab and UNcheck the box that says “leave mail on server”  (or at least set it to empty when your deleted items folder)

Don’t forget that if people are getting bounce messages now, you’re also going to have to login to your web hosting control panel, an empty out some of the mail that sitting there. Remember it’s not the number of e-mails that’s the problem, it’s generally the large file attachments that are filling you up past the quota that you have set for each mailbox.

I put this here as a quick reference for hosting clients  but I hope it helps others…

There’s a set of “requirements” called Payment Card Industry Data Security Standards (PCI DSS) that was developed by the PCISSC  Payment Card Industry Security Standards Council.

I first heard of these “requirements” in the bar on the last day at Pubcon Vegas 2008, where someone said “Trust me, you’d BETTER learn about it, because they’ll make your life miserable if you don’t…”, and they were sure right.

In 2009 one of my long time consulting clients actually began GETTING FINED by their processor for not being PCI compliant.

At first the fine was about $40 monthly, but that quickly mushroomed, and all of a sudden, they were told that it was several hundred dollars a month.

We changed shopping carts, then worked with the web host, and all was finally resolved, but it took four months and several thousand dollars. Can you afford that unexpectedly?

Before you ask “who has the authority to fine them?” you should know that in their case it was called a “fee” and not a “fine” and it was imposed by their middleman transaction processor, not Authorize.net or their bank.

The official “power” to impose that fee is actually non-existent and totally arbitrary, sort of like blockbuster charging a late fee – because they can.

Get On Top of PCI Compliance NOW
It likely won’t be long before EVERYONE that will process the credit card you take on your website will have to decline your business transactions, and this will put you out of business.

This simply designed to provide a standardized set of consistent security measures for merchants to follow that are handling credit card transactions. – i.e. it’s for our own good.

Yes it’s going to be a pain in the ass to get compliant, but it’s not nearly as bad as trying to recover fraudulent funds that get their transactions reversed after you have shipped or delivered your product, is it?

Worse, will it be as bad as finding out that not only are you being charged a “fee” but in fact, your bank will no longer accept your transactions?

All you have to do is check your site with a vulnerability scanner for PCI Compliance. There are a number of them out there, and your bank should offer one to you soon, if they haven’t already.

In some situations, you may find the need to move to web hosting platform that is claiming compliance that is willing to offer a statement about their compliance, and here’s our statement…

We are not yet PCI compliant.

There – you like that?

I just completed an evaluation, and while I won’t go into the specifics, even though they may be fixable, they are going to be consuming, and we probably won’t be  compliant  in 2010.

The most frustrating thing is that the last time we scanned for this, nearly 8 months ago, we DID pass the test, although the test was from a a different source.

Also, note that I’ve yet to run an audit anywhere recently (6 hosts in the past month) and find a perfect report, so I think the entire industry has some work to do.

If any web hosts want to leave links to their PCI compliance statements as comments, please do!

What EXACTLY is the Standard?
The standard includes these 12 requirements for maintaining a secure operation:

Build and Maintain a Secure Network

• Requirement 1: Install and maintain a firewall configuration to protect cardholder data
• Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

• Requirement 3: Protect stored cardholder data
• Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

• Requirement 5: Use and regularly update anti-virus software
• Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

• Requirement 7: Restrict access to cardholder data by business need-to-know
• Requirement 8: Assign a unique ID to each person with computer access
• Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

• Requirement 10: Track and monitor all access to network resources and cardholder data
• Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

• Requirement 12: Maintain a policy that addresses information security

So there it is – right from the horses mouth – You’re gonna get screwed, and may have to move your hosting.

What can you do now?
Try this free PCI Compliance scan from Comodo. The last one we ran, got us back a 39 page report.

The report is self explanatory if you’re a tech person. If not, then you’ll need to run it by your computer service folks or admins so they can explain what’s a server issue for your web host, and what might actually be related to your shopping cart.

After that, start looking for a host that is willing to say they’re PCI Compliant. Then, run a test on a URL they host, and dont just take their word for it. Remember, if they turn out not to be, you’re the one that gets screwed.

And again, if you have any recommendations,  please be sure to leave a link to their actual compliance statement. I’ll update this post in the future…

I need to officially announce some recent changes to the e-mail configuration of our servers that may have caused some distress for our hosting clients, and I’d like to clear that up right now.

As of mid April 2010, any email address (whether we are hosting them or not) that sends more than 25 e-mails to our server within a 60 second period will be unable to send any more mail messages through our server, or send any mail at all to anyone we host.

This applies to the To field, to CC, and to BCC addresses, so in other words, you cannot send an email to more than 25 people. If you try, then will be unable to send mail again until we manually remove your address from this “blacklist”. .

This change has been put in place to put a permanent stop to the random inconvenience that many of our hosting customers have experienced over the past couple of years, with a sudden inability to send mail primarily to Yahoo and Microsoft addresses, for up to 48 hours at a time.

The change was unfortunate, but we simply cannot put a burden like that on 99.9% of hosting clients to meet the needs of so few, I’m sorry.

Unfortunately, this may cause us to lose a few hosting clients but the other 99.9% will be happy.

Those that have offended before have been warned privately, but in the end, they “accidentally” mess up the sending ability of all domains on that particular mail servers IP Address. There are several mail servers, but hundreds of domains and thousands of people are affected. Innocents suffer!

While the vast majority of hosting clients may not even notice this change, a couple have already, and for those that need lists larger than 25, I’ve recommended the iContact email service that starts at just $10 per month, and has a free 30 day trial.

There are dozens of third party mail services to choose from, but I do like iContact for our own needs, and since it starts at $10 monthly for the first 250 addresses, it’s ideal, and it’s $5 cheaper than Constant Contact, which we still recommend also.

You can import lists from Outlook or text files, or you can add contacts there one by one.

I highly recommend looking into iContact, and we have been an affiliate of theirs for several years now. Here’s a nifty banner for a free month to try it out…

One of our mail servers has again been added to a spam blacklist, meaning that we are banned from sending e-mail, undoubtedly due to one of our hosting customers who has been sending bulk e-mail.

Technically, we can still send, but the users at Yahoo, MSN, and dozens of other providers will temporarily not accept mail from that mail servers IP address.

With several mail servers, only a portion of our users are affected, but it still stinks, and to that, all I can say is that I’m sorry – again.  We’ve “fixed” it by proving to the blacklists that we are a web host,  and by taking appropriate steps against the offender for our removal from the list. We now just have to wait, and for some domains, it may take up to 48 hours to clear up. Ugh.

As the battle against spammers wages on, you have to understand that bulk email can be defined by nearly ANYONE, and in some cases, no matter how unjustified, spam fascists are taking over the entire internet in an effort to “protect” us.

I hate spam as much as the next guy, but I HAVE to be able to send out emails. Unfortunately, people complaining to their ISPs and web hosts ABOUT spam they receive, are exactly what’s driving things to get more and more difficult for the business that needs to be able to SEND mail and have the reply come back to our own domain!

Remember, if you are a business that sends bulk email to friends, subscribers, or clients, then you should be using a third party service or you run the risk of losing your hosting account not only with us, but with anyone.

Just like the first time this happened, once we get things squared away, the offending user had their hosting account permanently suspended and removed from our system.

But that’s VERY small consolation to the dozens or perhaps hundreds of people that are affected today, and likely part of tomorrow, and are unable to send e-mails to many domains.

Business NEEDS reliable email, and anything less is simply unacceptable, but what can you do?

Change Hosts
If you’re on a shared webhosting plan, then you not only share your Web server with other domains, but you share your mail server as well.

This means that when the mail server gets banned, everybody on the server is unable to send e-mail to certain domains until the web host gets the IP address cleared.

Worse, even when the web host reacts quickly, fully resolving all the issues immediately, the larger providers like MSN and Yahoo can take up to 48 hours to allow your mail to come through again.

Although it happens infrequently, not being able to send e-mail is an intolerable situation, but you need a solution. Changing web hosts is one answer, but it’s only a temporary fix.

Get a Dedicated Server
If you change hosts into another shared environment, I practically guarantee that you ARE going to face the same situation, and there’s just no way around it. By upgrading to a dedicated server, YOU become the only one using it, and if your IP gets banned, you can look internally at the cause. However, for most websites this is overkill, and for the small business, the $100 per month or more can be excessive.

Get Your Own Server
Far more common is to bring your email in-house and own your own mail server. While your web visitors need instant access and high bandwidth, mail servers don’t, and it’s a simple matter of buying some hardware and making some DNS changes to your domain.

The computers can easily be run in your office environment, delivering it to users desktops and cell phones through Microsoft Exchange Server, or many other options.

Besides email, having your own server can lead to shared files, calendars, storage, backups, and a whole world of computing you may never have thought you needed, but it’s probably worth a conversation with your own computer support people for plenty of alternatives.

Use The Big Boys
Another option is to *not* send from your own domain, but instead send mail only from your ISP. That’s really what they prefer anyway, and why your home outgoing emails are getting blocked by Comcast and Qwest when people try to send mail from their own domains. They want to stop spam, so their users will stop complaining to them.

But those addresses look unprofessional. Most consumers simply won’t trust email that comes from mycompany@myisp.com or Hotmail, Gmail or Yahoo, but hey, at least your mail will probably get there.

Don’t forget though, that as people reply, then YOU may be on the receiving end of this “spam protection” but it’s for your own good, really!

Use the Google Cloud
For the small business owner that cannot afford their own dedicated server, we are now strongly recommending that they move e-mail entirely off of our hosting platform, and into the Google mail environment.

It’s a big step, but we understand that email is the lifeblood of many operations, and there’s simply nothing that can be done to prevent idiots ruining it for the rest of us.

for families, groups, non-profits, schools etc. Google offers a free service, and for businesses, they charge $50 per year per user. Since it’s probably the best and most affordable alternative for nearly anyone, I decided to change a domain over and see how it went. I used Google Apps Standard, and I could upgrade to the Premium business plan at any time.

By going here for Standard edition, or here for Premium, you can begin their trial, and test it out.

There are a TON of reasons that Google docs can be beneficial, and I use them all the time, but I was still a little nervous about making the switch. This was the first time I had to “put all of my eggs in Google’s basket” unless you count my day to day existence which seems to revolve around their search rankings

Here’s an 8 minute video outlining the process, including changing the settings inside your Hsphere hosting account for our Portland hosting…

We’ve had another web hosting customer screw things up for everyone else on their shared mail server by sending unsolicited e-mail, which is against our terms of service.

I’ve written about this before, more than once, and this user has received no warnings, gets no second chances, and their web hosting account, including all e-mail service has been permanently removed from our system.

What Happened?
A user on a shared hosting account innocently sent out an email message to their customer list. At least one of their customers at a Comcast account, and one at a Hotmail account, reported the message as spam.

The big email providers act quickly, so now one of our mail server IP addresses has been “spam flagged” by both Microsoft and Comcast. They are not letting mail from that particular server through to their users.

A typical bounce message is something like this:

What has been done?
On our end, the problem has been resolved, and we’ve proven to them that we have taken the necessary corrective measures, and now it’s just a matter of time, up to 48 hours, before our mail is again allowed to come through to their services. This time delay is unavoidable, and we are sorry for the inconvenience.

How can you send to your mailing list?
As a reminder, you should never send bulk e-mail to your own mailing list through your own web hosting account.

It doesn’t matter if your users have agreed to accept your messages or not, because all it takes is one person to complain to their ISP that you send them spam, and our mail server gets blocked.

This causes a huge inconvenience to any other users that may be on that particular mail server, so therefore it is our policy here at PDXTC (and at most web hosts) to not allow any bulk e-mail messages to be sent from your account.

Instead, you should use a third-party service, like Icontact which begins at just $10 per month.

They have industry-leading deliverability, and a third-party company, called Pivotal Veracity, scores their email deliverability rates between 98%-99%.

You can track the performance of all emails sent at a glance with charts and graphs that are populated in real time.

They offer 250 professionally designed email newsletter templates or you can use one of your own for your email marketing campaign, and it’s easy to set up, organize, and upload or import your contacts. They offer advanced features, like surveys, autoresponders, and RSS feeds in their easy-to-use all-inclusive product.

They offer a 30 day free trial so you have nothing to lose:

PDXTC Hosting will be performing emergency maintenance on the LINUX6 Web Server (linux6.pdxtc.com) starting immediately.

During the past seven days users that host websites and web applications on this server may have noticed frequent outages due to a hardware configuration issue on this server.

We will be replacing this server during the afternoon and evening hours of today and tomorrow for testing. Users that host websites on this server may notice an outage on this server that may last up to 60 minutes beginning at approximately 5:30PM (Pacific Time) this evening.

We realize how important it is to provide a reliable connection to our servers and always strive to achieve this goal while simultaneously providing superior service to all of our users.

We sincerely apologize for the recent outages that have affected users who host websites on this server and are confident that this should resolve any issues that have arise in the past with this server.

Effective immediately we ask that all users that use the LINUX6 web server not make any updates to any files on the web server until the server migration is complete (At 7am Wednesday morning) Changes to databases will not cause any problems as all MSSQL and MySQL databases are hosted on their separate respective servers.

Again, I sincerely apologize for any inconvenience this upcoming outage may cause but we are looking forward to a more stable server environment for all users on the LINUX6 server.

I’ll bet you $1000 that if we took an existing and well established default site installation today, and first upgraded it to WP 2.82, then we set WP up correctly with our chosen SEO plug-ins, correct permalinks, etc. that we would LOSE rankings in the search engines within 90 days.

Why?
Because all of the default URLs will 302 to the new pages, instead of 301 redirect, and all of the inbound link equity and indexed pages would disappear. This means rankings would drop.

Why?
Because someone at WordPress actually made the conscious decision to change the CORRECT server response, a 301, into the WRONG one, a 302 with the latest release, 2.82. This doesn’t “accidentally” happen, someone forced a change!

Why?
That’s the million dollar question, isn’t it?

There are probably hundreds of websites that I’m sure are already being affected by this, . All it takes is for them to have changed permalinks or once they were into a 2.82 environment, and it’s “game over” after Google gets done with them, isn’t it?

There are also probably dozens or even hundreds of well-meaning development firms that are “fixing” client blogs TODAY, and in reality they may actually be doing them harm.

If you didn’t see my first post, with a short video, you might want to check it out, but the bottom line is that there’s a right way to do a redirect, that retains rankings, inbound link value, page rank etc. and there’s a wrong way, and this is wrong.

When WordPress 2.82 came out, we did more than our share of quick upgrades because it came out so quickly after 2.81.

It was after we’d done a few of them that @johnandrews first mentioned that he’d seen a problem, and after investigating a little further I posted about it, and resigned myself to wait for the fix.

Now however, it’s been two weeks, and we’re doing new installations with 2.81, and that’s just dumb.

Then I got a phone call yesterday, where someone had a WordPress site that had been around for 18 months and was older, 2.5, but was just a default installation.

Then a couple of weeks ago, they upgraded to 2.82 and he’s already seeing a loss in traffic.

I saw that his pages in the index were still the default WP url structure, even though his permalinks.

I also saw that the old urls were now 302 redirecting to the new. Not good, huh?

His WP site had been around for 18 months, he has links, traffic, PageRank and rankings. if someone doesn’t fix this, (Maybe redo the thing in 2.81?) who knows what might happen!

What I really can’t understand is why WordPress hasn’t fixed it, and why nobody in the larger community of WordPress & SEO seems to be talking about it yet.

I find it hard to believe nobody’s noticed, but maybe not?

Anyone want to take the bet?

I’ve had my share of issues with Comcast in the past, and this one is just as frustrating.

Just like many of my issues with them so far, it’s completely inconsistent from market to market, so their support department seems to know nothing about it.

Anyone hosting their own domain somewhere, yet having Comcast as an ISP is continually being forced to jump through new hoops in order to send mail from their own domain.

Until now these hoops have been to verify your outgoing mail settings and change your SMTP port to 587 (or another port for your local market).

Now there’s another inconsistent change that’s not affecting everyone.

As a Portland web host we have three mail servers that our clients use,  and for the past three days, all users that are on our #1 server are unable to send mail to other Comcast addresses.

To make matters worse, Comcast is then misreporting the problem, sending the end user a link, where their page says that their mail server is “blocked as spam”. (For the record, this mail server is not on any spam blacklists at this time).

So, now we are forced to explain to each complaining customer that this is some sort of problem or mistake on Comcasts end, AND we then have to explain that Comcast is also showing them incorrect information.

I have verified that even when you change to port 587 for your outgoing mail server, if the address you are sending to is another Comcast address, then the mail bounces back with this message -

<actualnameremoved@comcast.net>:
Connected to 76.96.62.116 but greeting failed.
Remote host said: 554 IMTA02.westchester.pa.mail.comcast.net comcast 208.70.160.19 Comcast block for spam. Please see http://help.comcast.net/content/faq/BL000000

This message says that our mail server (208.70.160.19) has contacted the Comcast mail server, who is blocking the message as spam. WRONG.

Visiting the help.comcast link is of no use to the end user, but as the server administrator I was able to follow the directions and submit our removal request at www.comcastsupport.com/rbl as directed.

Imagine my surprise when I got this e-mail back -

Thank you for contacting Comcast Customer Security Assurance. We have received and reviewed your RBL removal request.

Below each IP address you submitted in your request, we have included the result of our research. Please do not reply to this message.
208.70.160.19

Your request for IP block removal has been denied for the following reason:

- You have been blocked from emailing the Comcast network because we have determined that you are sending email from a dynamic/residential IP within the Comcast domain.

Comcast does not allow subscribers to send email from a mail server other than smtp.comcast.net. All mail should be sent through Comcast’s mail server.

For information on configuring your machine to use smtp.comcast.net, please follow the link below.

http://help.comcast.net/content/faq/BL002

If you need to run your own mail server, please contact our Commercial Services organization at support_biz@cable.comcast.com

Sincerely,
Comcast Customer Security Assurance

Did you note the bolded statement that “Comcast does not allow subscribers to send email from a mail server other than smtp.comcast.net” ?

If that’s really a policy, then why is only ONE of our mail servers affected, and then, only for mail which is sent to other Comcast email addresses?

Do you suppose this is just a mistake by a server administrator who misunderstood the direction he was given?

Or, do you think they were really told to block all outgoing mail from any servers other than their own, and that the change outbound port 25 to 597 fix will no longer work soon?

If you are suddenly having this problem here is a workaround to fix it:

Open your e-mail program and change your outgoing mail server from mail.yourdomain.com. (Screenshots are from Outlook 2007, another nightmare)

Change Outgoing SMTP – smtp.comcast.net and go to “Advanced”

Be sure to CHECK THE BOX (or leave checked) – My outgoing Server requires Authentication”

Then change to “Verify using” and type in your comcast username and pw

BUT WAIT – THERES MORE
In order to get this working, you MUST ALSO change your outgoing computer port to 587 – So I THINK they’ll be screwing this up too.

WTF is going on, Comcast?

We got hit today with another 48 hours of Microsoft spam blacklisting, this time because a brand new hosting client sent out 30,000 e-mails in one day.

When I looked at the website of this new client, I did have just the slightest hesitation when I saw that he was an Internet marketer, however it never occurred to me that he could be a complete idiot.

To all those who are now inconvenienced for the next two days, with all hotmail, microsoft and MSN mail bouncing back undeliverable, I apologize, and rest assured that he is gone.

The user has been summarily dismissed from the system, his account has been suspended, there is no FTP access, no database access, no opportunity to come get any of his files, and no second chance of any sort. They are gone.

I’ve written before about the fact that you absolutely positively must use a third-party mail service to ensure not only delivery of your e-mail, but to ensure compliance with the rules and regulations governing spam.

Personally, I use iContact, and they have a free 30 day free trial: