just received this from orange support:

Regarding port 587, we are currently aware of an issue where some
customers are experiencing problems connecting to SMTP outgoing mail
servers. Our technicians are currently looking into this as a matter of
urgency, however, we?re currently unable to advise when this will be
resolved.

left hand - right hand.....

We've just sorted out a mail sending issue for a friend on am Orange 8 meg package, seems that during the last few days a change has happened on those accounts at least, as prior to last weekend it was sending fine on the Hostgator server but now it seems we have taken a step backwards - from her mail being sent via a server REQUIRING authentication, she is now restricted to SMTP.Orangehome.co.uk which requires NO authentication as per THIS ITEM *facepalm"



We have her on our hosing so that amongst other things,we can easily assist her with mail issues - no foreign script shops being involved. It really is a joke to be forced to use an insecure server this way. I really don't see how forcing people to send mail through a server that is insecure through lack of authentication is a step forward. I think we will be moving her to a proper ISP when her contract is up. this bunch of jokers are not worth bothering with. I would have thought that the Spam problem is in part fueled by servers that DONT require authentication!

ISPs traditionally don't use authentication on their own servers as they're only accessible from within and they know your IP address.

SSL might be worthwhile, but most authenticated mail servers seem to do so with plain text authentication which is somewhat insecure anyway.

For example one ISPs instructions say " Please make sure that "Log on using Secure Password Authentication" is not checked."

Do you actually mean "Insecure Orange SMTP server now required on 8 meg non-LLU lines"?

There will remain legacy 8 Meg LLU customers around, to which your findings do not apply.

Im sure most people here less will understand my meaning.

For those of us left out of all this investment it fades into insignificance

It seems they all beat their gums about security but in reality they are not that committed to the cause. I know both Enta and (at least in the past) Pipex used simple password authentication. Given the number of people communicating "mobile", you would think that by now they would be using a properly secure method of logging in and avoid this childish walled garden port blocking stuff.

In reply to a post by warweezil:

it fades into insignificance

and away from factually.

My sources suggest that the restriction which blocked SMTP on any port, as opposed to just blocking port 25, was not deliberately introduced and the cause has now been identified and resolved.

That makes sense!

You could try one of two things (both of which have worked for me)

1. Use Port 366 as an alternative. This worked for me today but for some reason didn't work a few days ago.

2. Use an SSL connection to Port 465. This has been working for me with no problems for about a year.