AT&T Intentionally blocking inbound HTTP requests to home-hosted webapp.

Good luck buddy.  I am hosting my own on-premise email server.  No problem for 6 months.  Then all of a sudden I start having issues with incoming SMTP connections.  No other hosting issues at all, not a single problem except with incoming SMTP.  I'm now currently having to bring my incoming SMTP connections over a VPN in order to get incoming mail flow to work.  Because I can't get AT&T to even admit there is a problem.

I have analyzed the problem every which way I can.  Ran packet traces, reviewed firewall logs, state tables, etc.  I even had a colleague review everything to make sure I didn't miss something.  We both came to the same conclusion at the end.  On incoming SMTP connection.  When the incoming TCP connection attempts to establish.  A TCP SYN request can be seen coming in.  And a TCP SYN-ACK is sent back to the remote host, but the remote host never receives it.  I can see the packet hit the wire.  But I can't see what happens to it once it hits AT&T's network.  I can only confirm that the remote host never receives it.  And I can confirm that this behavior is only seen on incoming SMTP connections.  I can also confirm that everything works perfectly fine when I bring those incoming SMTP connections over a VPN.

It for this reason that my service is scheduled to be terminated at the end of the current billing cycle.  Maybe you'll have more luck than I did.

Hey @Stricklandrbls, we understand that you're having trouble with your connection.

• Have you setup port forwarding for the website service?
• Have you tried using a remote tester to make sure that port is opened?
• Are you able to reach the site using your cell phones data?
• Is there a router behind your AT&T router?
• Is port 443 open?
• Have you setup SSL certificates for your website?

Please let us know so we can better assist you.

Charles, AT&T Community Specialist

• Have you setup port forwarding for the website service? Yes of course or I wouldn't have been able to test this like I said I did....
• Have you tried using a remote tester to make sure that port is opened? Yes, I've tested from many different remote sources.
• Are you able to reach the site using your cell phones data? Yes but the connections are still blocked for 30-60 seconds per request.
• Is there a router behind your AT&T router? No
• Is port 443 open? Port 80 for HTTP only
• Have you setup SSL certificates for your website? No

Hey @stricklandrbis.

Ok well I don't quite understand how port 443 being open would help the situation since I have no SSL key exchange attempts happening and when I hosted this site on my other ISP I never had issues but I went ahead and did what you said but with 443 being open, server restarted and using multiple browsers, I'm still waiting ~40 seconds for pages to load.

I've tried multiple browsers on multiple different operating systems and even have had my friends try to access the site. ALl with the same results. I can guarantee it's not an issue with the browser being used.

I do agree with you though about the curl to my API being instantaneous since curl is just another HTTP request and if my router was holding HTTP requests for the time then that would also be slowed down...

@stricklandrbis, we are happy to help with your specific networking concerns.

AT&T ConnecTech provides solutions for your computer and home network needs.

• Whether your computer is running slow, not responding, or has completely crashed, AT&T ConnecTech can provide fast, expert help, when you need it.
• To learn more visit our website or call 866.294.3464.

If you have any additional concerns, please feel free to reach out to us.

Thank you for contacting us on AT&T Community Forums!

Lafayette, AT&T Community Specialist

So I called that number and they told me they changed some settings in the router and then to restart it. After the restart my router could never get a connection so now I had to take a day off of work to wait for the technician to come out and replace the router...

Not even to mention the fact that I still cannot get a single request to my server to work in a timely, normal, manner.

I'm having this problem too. I'd switch away from AT&T but my building has set things up so that AT&T is the ONLY provider. I plan on complaining to the FTC for whatever that will do.