ComCast is not an Internet connection

Comcast should be prosecuted for false advertising. They advertise high speed Internet, but what they sell is high-speed web and some other Internet-based content delivery.

Yesterday, my primary Internet connection went down, apparently due to a physical problem with the line. Even though I pay $85/month for Internet access (for 3Mbit downloads), I only get the same consumer response time to investigate the problem (8 hour window the following day).

Since my main mail server is now hosted here at my residence, I could not afford the 36-hour downtime, so I moved my server over to my backup ComCast service. I put the server behind a router, set it up as the DMZ host, reconfigured my DNS settings and thought I was done.

Turns out that's not the case. Because ComCast blocks CIFS, I had to remote to all of the client computers (everybody who uses for their e-mail) and reconfigure the Outlook clients to use RPC over HTTPS.

Then, e-mail was coming in nicely, and the clients could connect. Still, all was not well.

Turns out outgoing e-mails were being blocked by blocklists, causing the recipient servers to reject delivery outright. All Comcast addresses are on blocklists because they're considered consumer-grade addresses, and mail should not be delivered from these addresses. Note that although this problem is created by the industry, it's fully supported and encouraged by Comcast, whose policies explicitly forbid "servers".

So, I took advantage of a sendmail server I had lying around. I opened up the firewall to port 25, reconfigured the service to bind to all interfaces and not just localhost, and enabled relaying from my mail server. I then reconfigured my mail server to send all outgoing mail through the relay. Because that server is hosted at a datacenter somewhere in Florida, e-mail servers allow mail from it.

Still some things don't work, but at least mail is working again (although it's dependent on the relay server).

By the end of the day, I hope to undo all of this and revert to my previous configuration. What a waste of a day.
Written on June 24, 2009