How to check if my ISP blocks port 25?

Question

How should I check if my ISP blocks port 25?

Answer 1

cmd> telnet <some well known email provider IP> 25

to determine which exactly host (subdomain) is listening port 25:

nslookup -q=MX <top-level domain>

For example:

cmd> nslookup -q=MX gmail.com

gmail.com       MX preference = 50, mail exchanger = gsmtp147.google.com
gmail.com       MX preference = 50, mail exchanger = gsmtp183.google.com
gmail.com       MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
gmail.com       MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com
gmail.com       MX preference = 10, mail exchanger = alt2.gmail-smtp-in.l.google.com

gsmtp147.google.com     internet address = 209.85.147.27
gsmtp183.google.com     internet address = 64.233.183.27
gmail-smtp-in.l.google.com      internet address = 64.233.183.114

cmd> telnet gsmtp147.google.com 25

220 mx.google.com ESMTP l27si12759488waf.25

On Linux, you can 'dig', I guess.

Answer 2

Probing a server that listens on your desired port is of course the best option, as abatishchev has shown.

In the case where you can't find an "echo" service on your desired port or you want to know who is blocking you on the path you can resort to firewalking. Firewalking probes the path by starting with a Time-To-Live (TTL) set to zero and then icrementing it by one each iteration. When you stop getting "ICMP TTL Exceeded" messages that means the next hop in the chain is filtering your packets.

You can use hping3 to do this:

:~$ hping3 -z -T -p 25 server.com

or use Firewalk which was created for exactly this.

Edit: Any NAT devices on the route will silently destroy your results since the TTL is reset to whatever sane value the router sees fit.

Answer 3

You could call them and ask.

Answer 4

telnet host 25

Just select a host that you know is listening on port 25.

Answer 5

http://www.canyouseeme.org/