Best Practices Port 25: Why Keeping It Open Is Important By Ken Simpson | 5 minute read What is Port 25? When email is delivered, servers talk to each other using the Transmission Control Protocol (TCP) over port 25. Just as the Hypertext Transfer Protocol (HTTP) that powers the web uses port 80, SMTP uses port 25. For more than a decade, many Internet Service Providers (ISPs) have blocked or severely restricted the use of port 25 because home internet connections have historically been used to send huge amounts of spam. More recently, as spamming has moved to web hosting networks, web hosting providers have begun blocking or restricting this essential port. Why would web hosts want to block port 25? Spammers are always looking for new ways to exploit. Web servers are favored by spammers because they are relatively powerful, and because the network connection to most web servers is fast and reliable. By leaving port 25 unmonitored and open, web hosting providers are at risk of enabling spammers within their network to run wild with huge volumes of spam traffic. Some web hosting providers block port 25 as a way of stopping the outflow of spam; selectively unblocking the port for customers who make a special request for access and who can prove they are not a spammer. What problems are caused by blocking port 25? There are many web hosting applications that quite legitimately need to send email on port 25. For instance, web applications such as WordPress need to send email notifications to enable password resets. By blocking port 25, the provider immediately inconveniences customers who quite legitimately need to send email from their web applications. These customers must then be given an alternative way to send email, which means designing a policy for selectively unblocking the port, or setting up a relay service that can deliver email from their applications. What’s wrong with selective unblocking? Spammers who are not resourceful and adaptive generally don’t survive for long in the business. Therefore, by a process of elimination, spammers are resourceful and highly adaptive. Web hosting providers who block port 25 and then create an unblocking policy to help legitimate customers easily fall victim to lies and misinformation provided by spammers seeking to gain access to the port. Once a legitimate customer has been granted port 25 access, there is nothing to stop that customer’s web hosting account from being taken over by a spammer. Where there is a policy, spammers will game it. What is the best alternative to blocking port 25 in a web hosting network? A comprehensive outbound email filtering system that examines outgoing email to identify web hosting accounts which are spamming is the best way to fight spam in a web hosting network. A good filtering system should be robust against spammer adaptation, and sufficiently accurate that legitimate email is not incorrectly classified and blocked. It must also be reliable to ensure legitimate email is delivered quickly. Spammers can game the human systems involved in setting up an unblocking list, but they are mostly powerless to defeat modern email filters. How can I filter email from dedicated and VPS machines? Dedicated and VPS (i.e. cloud) servers provide the customer with total control over what happens within the server environment – including email sending. Unlike a shared web hosting account, in which the provider typically controls how email is handled, dedicated and VPS servers allow the customer to run anything, without restriction. Spammers love dedicated and VPS servers because they offer so much flexibility. Filtering email from dedicated and VPS servers requires the insertion of a transparent SMTP filter in the network. This software can pull SMTP traffic off the wire and examine message contents while remaining invisible to the customer. MailChannels Dedicated offers a powerful transparent SMTP filtering capability that is designed for the requirements of most dedicated and VPS networks. How can I filter email from shared hosting accounts? Shared hosting servers are controlled by the provider. However, shared hosting servers also generally manage a large number of individual web hosting accounts per server. The email coming out of a shared hosting server can therefore include traffic generated by a wide variety of users – some of which may be compromised at any point in time. To filter email from a shared hosting server, a pre-filtering step is required in order to identify the originating user. This identification step allows the filtering system to place blame on the right sender so that spammers can be blocked. Focusing on messages while ignoring the sender identity provides inadequate results as spam content filters are not accurate enough to block every spam message. There are many more things to consider when filtering email from a shared hosting server, such as sender categorization and IP address pooling, which we will leave for a future blog post. MailChannels Cloud offers a robustly scalable cloud service that can reliably deliver email from your shared web hosting servers. Not only blocking spammers but saving you the effort of building your own email filtering service.