FEEL-BAD.jpgUPDATED VERSION. TM Net said a large number of IP addresses from its network have been blacklisted (sic! Blocklisted?) by many anti-spam organizations recently, causing its customers to be unable to send emails from their mail server to companies who might be using databases from these anti-spam organizations.

UPDATES: There is an on-going discussion in this Web Forum

To mitigate the problem, effective yesterday (December 3, 2007), TM decided to block OUTBOUND Simple Mail Transfer Protocol (SMTP) traffic — or port 25 — for all out going e-mails from dynamic IP addresses. From now on, all outbound SMTP traffic (outgoing emails) must pass through smtp.streamyx.com and smtp.tm.net.my. No second choice.

TMNet_MailProxy20071203.gif

The action will cause Streamyx users one major impact.

From now on, Streamyx customers who use their own mail server running on TM’s dynamic IP addresses will NOT be able to send e-mails out.

As an alternative, TM (the mother company behind TM Net) is giving this type of customers a solution.– an open relay proxy server.

But Streamyx customers are crying foul.

Open relay proxy server open to fraud?

One webhosting provider emailed Screenshots to complain that TM’s action has caused the company ‘a troubling amount of support manhours’ as it has to assign st6aff to tell the clients why their mail servers are no longer accessible.

The company also had to spend additional resources to help the client migrate to TM Net’s “reliable” SMTP servers.

“There had been no forewarning for us who use the internet for business,” the system administrator said. “TM caught us unprepared!. A statement on the same date of their implementation is stupid!”

On the other hand, other TM net customers are saying if TM Net is genuine about blocking spammers, they can easily block port 25 specifically to bar those spammers.

By blocking port 25 for ALL users, the customers say, TM is forcing them to use a proxy server — and an open relay at that – to send their e-mails out. Such act will not only make it extremely easy for EVERYONE using the TMNet proxy to get blacklisted as soon as a spammer hits it, it means all our e-mails will stay in the proxy server for some time and can be stored, read, filtered by someone.

Meaning, they are asking if TM is sure about privacy and security issues of their proxy server which came one live yesterday.

On this matter, I have checked all resources on the TM Net website but no guarantees on these issues were given.

Hence, another pertinent question begets. What’s the global benchmark action for situations like this?

What Comcast did in the US

A Screenshots reader in the know emailed to say that, on first glance, it appears reasonable for TM and TM Net to block outbound traffic on port 25 in order to prevent spammers from abusing it.

“They may even point you to a “similar” move by Comcast in the US when they, too, had blocked port 25 to prevent spamming,” the reader said.

However, the Comcast case is NOT the same thing that TM and TM Net are doing right now.

“What TM Net does is far beyond what Comcast was doing,” he said in an email. “Not only is it ineffective against spamming, it could in fact be used to censor, filter and track e-mails sent by anyone using the TM Net network.”

“What TM Net want is for all their users with external e-mail servers to send their e-mails to a open-relay proxy server before they are sent out to their destinations,” he added.

“This is the troubling aspect of the whole issue. Why the need to send our e-mails through a proxy server when TM Net can do what Comcast did and just block port 25 for offending spammers? It just doesn’t make sense!”

UPDATES: Relating to the issue, a Comcast tech support who ‘happens’ to read Screenshots gave the feedback that Comcast hasn’t blocked port 25 completely, and some customers are still using it.

“Non-spammers who do get issues with port 25 are advised to switch to port 587,” the Comcast person said. “Maybe that can be applied to TM Net as well?”

Complaints lodged with MCMC

Screenshots was made to understand that a KL-based technology publisher has written a letter of complaint to the MCMC, pointing out the futility of TM’s action.

These are the reasons the company cited, arguing that TM’s methodology will NOT prevent spamming, but will pose a real and genuine threat to the privacy of Streamyx users.