Category Archives: Vodafone

Vodafone(Ireland) blocking encrypted SMTP

I’m testing a 3G router at the moment and when I tried to send an email Thunderbird refused to do so  claiming my email server didn’t support the STARTTLS. As I was quite sure that it did, I took out wireshark and had a closer look. Here’s the dialog between Thunderbird and my mail server when using  my normal broadband line:

SMTP: S: 220 mail.blacknight.com ESMTP
SMTP: C: EHLO [192.168.67.104]
SMTP: S: 250-mail.blacknight.com | 250-STARTTLS | 250-AUTH LOGIN CRAM-MD5 PLAIN | 250-AUTH=LOGIN CRAM-MD5 PLAIN | 250-PIPELINING | 250 8BITMIME
SMTP: C: STARTTLS
SMTP: S: 220 ready for tls
TLSv1: Client Hello

And here’s what it looks like after Vodafone’s treatment:

SMTP: S: 220 *************************
SMTP: C: EHLO [172.19.1.100]
SMTP: S: 250-mail.blacknight.com | 250-XXXXXXXA | 250-AUTH LOGIN CRAM-MD5 PLAIN | 250-AUTH=LOGIN CRAM-MD5 PLAIN | 250-PIPELINING | 250 8BITMIME
SMTP: C: QUIT

Notice how they have removed the STARTTLS option. What the hell are they doing?  The same problem happens with other email providers (google, gmx) too. I contacted Vodafone but no-one there seems to be willing to provide an answer.
I suspect that it’s just another patronizing behavior of Vodafone. Same as blocking all incoming TCP connections and blocking all incoming traffic to UDP port 1025. Do they really expect me to send my emails unencrypted?

Similar problems seem to exist in Germany too.

Update 1:

Using TCP port 587 for SMTP as suggested in the comments by christoph is working fine. Looks like vodafone isn’t monitoring that port.

Update 2:

Came across another issue with Vodafone Ireland and SMTP. Apparently they don’t like it when an SMTP server doesn’t require authentication.  Vodafone forcefully closes such connection. Here’s an example when you use a normal broadband provider:

S: 220 xxxx.com ESMTP; Fri, 02 Jul 2010 10:53:28 +0100
C: EHLO 24alpha
S: 250-xxxx.com Hello 24alpha, pleased to meet you
S: 250-ETRN
S: 250-AUTH=LOGIN
S: 250-AUTH LOGIN CRAM-MD5
S: 250-8BITMIME
S: 250 SIZE
C: MAIL FROM: <xxxx@xxxx.com>
S: 250 <xxxx@xxxx.com>, Sender ok
C: RCPT TO: <xxxx@xxxx.com>
S: 250 <xxxx@xxxx.com>, Recipient ok
S: DATA
S: 354 Enter mail, end with <CRLF>.<CRLF>

And here the same via Vodafone:

S: 220 ***********************************************************************
C: EHLO 24alpha
S: 250-xxxx.com Hello 24alpha, pleased to meet you
S: 250-ETRN
S: 250-AUTH=LOGIN
S: 250-AUTH LOGIN CRAM-MD5
S: 250-8BITMIME
S: 250 SIZE
C: MAIL FROM: <xxxx@xxxx.com>
S: [TCP connection closed]

I understand the reason behind this. Basically Vodafone want to prevent spam from originating from their network. And an SMTP server without authentication is generally a bad idea.