Verizon blocking port 465 to godaddy?

Mike Davis

@tiagom said in Verizon blocking port 465 to godaddy?:

Are you able to send an email without SSL?

587 with TLS doesn't work either.

tiagom

@Mike-Davis I wasn't clear. What about with encryption set to none and outgoing port using 25, 80 or 3535.

Mike Davis

@tiagom said in Verizon blocking port 465 to godaddy?:

@Mike-Davis I wasn't clear. What about with encryption set to none and outgoing port using 25, 80 or 3535.

I'm pretty sure I tried all but port 25 while I was on site with Outlook with no success. I tried telnetting to port 80 and 3535 and didn't get a response.

tiagom

@Mike-Davis Sounds like there is a bigger problem then just on port 465.

Do you get any response when you telnet to a port that doesn't require encryption(25, 80 or 3535)?

ie..

220 p3plsmtpa09-03.prod.phx3.secureserver.net :SMTPAUTH: ESMTP

tiagom

A recommendation for debugging if you get past the 220 banner.

Capture the communication using wireshark when you attempt to send an email using outlook. Usually its pretty clear what it is unhappy about.

Make sure to set outlook's SMTP encryption settings to "NONE" and use the appropriate ports(25, 80 or 3535 according to the link below) so the traffic is in plain text.

https://www.godaddy.com/help/what-do-i-do-if-i-have-trouble-connecting-to-my-email-account-319

momurda

Looks like someone's mail server doesnt support the version of ssl/tls you are trying to connect with.

http://www.checktls.com/index.html - i suspect godaddy doesnt support the ssl/tls youre using(if at all), and verizon does. Perhaps they require tls/ssl connections now and if godaddy doesnt support ssl/tls, no mail can be sent between the two.
Had a similar problem at last job; we required tls/ssl for SEC reasons, couldnt send email to hotmail and a few other email providers(wasnt supported by them at the time)

BRRABill

@momurda said in Verizon blocking port 465 to godaddy?:

Looks like someone's mail server doesnt support the version of ssl/tls you are trying to connect with.

http://www.checktls.com/index.html - i suspect godaddy doesnt support the ssl/tls youre using(if at all), and verizon does. Perhaps they require tls/ssl connections now and if godaddy doesnt support ssl/tls, no mail can be sent between the two.
Had a similar problem at last job; we required tls/ssl for SEC reasons, couldnt send email to hotmail and a few other email providers(wasnt supported by them at the time)

But why would it work outside his office?

Mike Davis

I think I finally got to the bottom of this. Telnet to smtpout.secureserver.net on port 80 and I get:

554 p3plsmtpa12-03.prod.phx3.secureserver.net :SMTPAUTH: ESMTP No Relay Access Allowed From <the static IP of the Verizon connection here>

So there we have it, it connects to godaddy and godaddy tells it that they have blacklisted the IP and closes the connection. If you do that same test from a different IP it allows you to type commands.

travisdh1

@Mike-Davis said in Verizon blocking port 465 to godaddy?:

I think I finally got to the bottom of this. Telnet to smtpout.secureserver.net on port 80 and I get:

554 p3plsmtpa12-03.prod.phx3.secureserver.net :SMTPAUTH: ESMTP No Relay Access Allowed From <the static IP of the Verizon connection here>

So there we have it, it connects to godaddy and godaddy tells it that they have blacklisted the IP and closes the connection. If you do that same test from a different IP it allows you to type commands.

Well, that was a pain to figure out.

Mike Davis

Insult to injury, the client called GoDaddy, and this was their response:

Godaddy says they have no way to whitelist or unblock IP addresses and that we must have some encryption attached to our outgoing mail that no one else has that their server wont allow.

My client asked to talk to the level 2 guy and the level 1 guy on the phone said he couldn't because it was all done by chat. So he asked him to paste that error message to him and explain it. His response? "You should use webmail - it works every time."

I feel like that should be cross posted to the "I can't even" thread.

scottalanmiller

@Mike-Davis said in Verizon blocking port 465 to godaddy?:

I think I finally got to the bottom of this. Telnet to smtpout.secureserver.net on port 80 and I get:

554 p3plsmtpa12-03.prod.phx3.secureserver.net :SMTPAUTH: ESMTP No Relay Access Allowed From <the static IP of the Verizon connection here>

So there we have it, it connects to godaddy and godaddy tells it that they have blacklisted the IP and closes the connection. If you do that same test from a different IP it allows you to type commands.

I'm surprised that this was not in the MTA logs.

Mike Davis

@scottalanmiller said in Verizon blocking port 465 to godaddy?:

I'm surprised that this was not in the MTA logs.

I'm sure it's in their logs. The logs that no level 1 or level 2 is ever going to see.

scottalanmiller

@Mike-Davis said in Verizon blocking port 465 to godaddy?:

Insult to injury, the client called GoDaddy, and this was their response:

Godaddy says they have no way to whitelist or unblock IP addresses and that we must have some encryption attached to our outgoing mail that no one else has that their server wont allow.

My client asked to talk to the level 2 guy and the level 1 guy on the phone said he couldn't because it was all done by chat. So he asked him to paste that error message to him and explain it. His response? "You should use webmail - it works every time."

I feel like that should be cross posted to the "I can't even" thread.

Yes but the "I can't even" bit is the "client used GoDaddy." That's not a business service. That's the core problem. That a consumer joke of a service doesn't have good customer service is... exactly as expected.

scottalanmiller

@Mike-Davis said in Verizon blocking port 465 to godaddy?:

@scottalanmiller said in Verizon blocking port 465 to godaddy?:

I'm surprised that this was not in the MTA logs.

I'm sure it's in their logs. The logs that no level 1 or level 2 is ever going to see.

The sending MTA. The one getting the error.

Mike Davis

I got that from a straight up telnet session, not an email client.

scottalanmiller

@Mike-Davis said in Verizon blocking port 465 to godaddy?:

I got that from a straight up telnet session, not an email client.

I know, but the MTA should have recorded it in the logs when it was trying to send. Maybe they are using some ridiculous MTA that has no logging?

Dashrender

@scottalanmiller said in Verizon blocking port 465 to godaddy?:

@Mike-Davis said in Verizon blocking port 465 to godaddy?:

I got that from a straight up telnet session, not an email client.

I know, but the MTA should have recorded it in the logs when it was trying to send. Maybe they are using some ridiculous MTA that has no logging?

Who are you talking about Scott?
GoDaddy is not checking their logs and like is using outlook to connect to GoDaddy server.

scottalanmiller

@Dashrender said in Verizon blocking port 465 to godaddy?:

@scottalanmiller said in Verizon blocking port 465 to godaddy?:

@Mike-Davis said in Verizon blocking port 465 to godaddy?:

I got that from a straight up telnet session, not an email client.

I know, but the MTA should have recorded it in the logs when it was trying to send. Maybe they are using some ridiculous MTA that has no logging?

Who are you talking about Scott?
GoDaddy is not checking their logs and like is using outlook to connect to GoDaddy server.

I've been clear that I'm not taking about Godaddy. Are you saying Outlook doesn't log and just ignores the errors?

scottalanmiller

Where do you find your Outlook MTA SMTP logs?

Dashrender

Interesting, had no idea.