Feeds

T-Mobile 'fesses up to secure email ban gaffe

Wild spam-hunting robots killed off SMTP connections

The essential guide to IT transformation

T-Mobile was caught blocking the secure transmission of emails earlier this month, and VPNs too, but the operator claims the former was a mistake while the latter is a legacy from a bygone era.

The problem turned up around the end of December when some punters found T-Mobile was responding to all encrypted SMTP connections, other than to its own servers, with a reset (RST) packet. That was then compounded into conspiracy when Mike Cardwell realised his Virtual Private Network connections weren't being let though either, which turns out to be an unrelated and unfixed issue.

T-Mobile employs a variety of techniques to make sending spam over its network difficult, including blocking connections made to arbitrary SMTP mail servers. Secure connections, which are then generally authenticated with a name and password, are permitted as they're useless to spammers, but for a week or two T-Mobile's network was rejecting secure connections as well as the insecure ones.

Before the age of spam one could connect to any mail server, anywhere, and ask it to relay messages, but these days servers won't accept mail unless it's addressed to someone it's responsible for, or comes from a trusted connection (so you can send mail through your own ISP's server addressed to the rest of the world). But a spammer can still connect to the mail server at, say, AOL, and send thousands of messages to AOL accounts, and if they did that from a pre-paid mobile number then they're effectively untraceable.

AOL's server may decide not to forward those messages, and may reject the connection as suspicious, but that's beside the point.

These days most mail servers allow account holders to connect remotely and send mail, therefore relieving them of the need to run a local server, but that means sending the account name and password which should only be done over a secure connection, and it's those connections that T-Mobile was erroneously blocking.

When it comes to VPNs things are slightly more complicated. T-Mobile used to sell connections which did not permit the use of a VPN, and customers on those contracts will still find their VPN use blocked. These days the operator tells us that all its mobile broadband offerings permit VPN connections, though that right may be withdrawn from a customer who abuses the fair-use policy.

So, on T-Mobile's network, secure SMTP should work, and for most people VPNs should work too, but a failing VPN is probably down to an old contract. So give T-Mobile a bell and ask before you start breaking down the packets or accusing anyone of turning Blighty into communist China. ®

The essential guide to IT transformation

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
So, Apple won't sell cheap kit? Prepare the iOS garden wall WRECKING BALL
It can throw the low cost race if it looks to the cloud
Time Warner Cable customers SQUEAL as US network goes offline
A rude awakening: North Americans greeted with outage drama
Shoot-em-up: Sony Online Entertainment hit by 'large scale DDoS attack'
Games disrupted as firm struggles to control network
BT customers face broadband and landline price hikes
Poor punters won't be affected, telecoms giant claims
Netflix swallows yet another bitter pill, inks peering deal with TWC
Net neutrality crusader once again pays up for priority access
EE plonks 4G in UK Prime Minister's backyard
OK, his constituency. Brace yourself for EXTRA #selfies
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.