I woke up this morning to find that Comcast had blocked outgoing connections on port 25 (SMTP). Their online information suggests changing to port 587, but this assumes one is using Comcast's SMTP server, which I am not (I run my own mailserver on hardware I own at a colocation facility).
So I enter an online chat with Comcast technical support, and I am told that once I have been blocked, it is impossible to be unblocked. I am told the same thing by the second-tier support person. They refuse to escalate my request any further. They tell me to switch to port 587.
So I contact the California Public Utilities Commission, only to find out that cable service is not under their jurisdiction. They suggest I look on my Comcast statement for a number to call. Sure enough, buried in the middle of the bill, is a cryptic line with contact information in my city.
I call the number, and a very nice lady from the city supervisor's office answers. She tells me that they only regulate Comcast cable TV, and not broadband, but she puts in a call to her Comcast government representative (Cynthia Gomez), who calls me back a little while later.
Ms. Gomez gives me the number to Comcast's "Customer Security Assurance," 856 317-7272. There, Edgar tells me he can remove the port 25 block, but that I should switch to port 587, and that if I am blocked again, it will not be removed. He also suggests that I check SenderScore where I can see that my IP address has been placed on a couple of blacklists, including SORBS and 510 Software Group.
It is interesting to note that they're treating my IP address as if it were statically assigned.
I don't use Windows, but I'm wondering if my wireless network has been compromised.
The problem with changing port numbers is that it is, at best, a temporary solution. Especially for an ISP like Comcast, with millions of subscribers, it won't be long before the spammers determine what the new port number is (it is readily available on Comcast's website).
The Comcast CSA tech referred me to SenderScore. SenderScore claims they have not seen enough email from my IP address to make a determination, but shows that my address is on two blacklists. According to 510 Software Group,
IP address 24.4.xxx.yyy is listed here as 220.127.116.11.comcast.net misc.spam.
If you are not running a mail server on 24.4.xxx.yyy, this listing should not affect you in any way, and you should ignore whatever source told you that this might be a problem.
The misc.spam group is mostly (but not entirely) composed of entire addresses blocks that have a) sent spam here, b) have consecutive or missing reverse dns, and c) have no customer sub-delegation via either the controlling RIR (ARIN, RIPE, LACNIC, APNIC, etc) or an rwhois server referenced in the main RIR records.
In particular, 24.4.xxx.yyy has reverse dns of c-24-4-xxx-yyy.hsd1.ca.comcast.net. Since your domain name does not appear as the last components in any of those reverse dns names, that needs to be fixed first. Any email sent to the address at the top of this page will be ignored until that is fixed.
In my opinion, the following comment also applies to static ip addresses, where the provider does not actually identify the user of that ip address by domain name.
So, it appears that Comcast is using external blacklists to determine if I should be blocked, but I'm on the blacklist because of Comcast's own misconfiguration.
More news as events warrant.