The information given below is derived directly from Three and I have validated several of the statements for myself. It is easy enough to do, so if you are uncertain please try for yourself and report your findings back here.
The below does not discuss Content Blocking that appears to be set by default by Three. If you want the Content Block removed then you have to contact their Customer Services to have this done.
VPN - Virtual Private Network
Some people seem to have problems getting their personal or company VPN to work across the Three mobile broadband network. Three have the following to say.
We do not block VPN. However one reason they may not work is that the 'maximum packet size' (MTU) on 3G network is lower than the Internet and the VPN client may not be configured by default to take this difference in to account. VPN clients add their own headers to each data packet and so it can happen that the combination of the VPN network protocol headers plus the 3G data connection protocol headers causing the Internet data packets to be too large. If you have problems, try reducing the MTU size setting in your VPN client (e.g. try 1300 or even a bit lower).
So what do Three actually block intentionally?
Inevitably there are some protocol ports, and have this to say about the matter.
We block
Port 25. This is used by email client applications to send email via a protocol called SMTP. We block this as unauthenticated email sent via Port 25 is a common source of Spam email. Customers using an email client (such as Outlook Express) therefore need to configure their client settings to send email via another port. The usual alternative port is Port 587. Most email providers accept SMTP-Auth on this port. The 'Auth' means authenticated i.e. that the email providers usually only accept the email being sent once the user's email account and password have been submitted. Details on the required configuration are in our online help section (search for email port under Help & Support on three.co.uk).
Port 25. This is used by email client applications to send email via a protocol called SMTP. We block this as unauthenticated email sent via Port 25 is a common source of Spam email. Customers using an email client (such as Outlook Express) therefore need to configure their client settings to send email via another port. The usual alternative port is Port 587. Most email providers accept SMTP-Auth on this port. The 'Auth' means authenticated i.e. that the email providers usually only accept the email being sent once the user's email account and password have been submitted. Details on the required configuration are in our online help section (search for email port under Help & Support on three.co.uk).
Continuing with the remaining blocked ports Three have this to say;
Ports 135, 136, 137, 138, 139 and port 445 on Mobile Broadband. These are also blocked by many other ISPs too, as they are a known vulnerability in PCs for malware attacks. These ports are reserved ports in the Internet standards (IETF) for use in Local Area Networks (LANs) e.g. for PCs to discover local printers, fileservers, etc on their networks. 3G networks are Wide Area Network (WAN) and so these ports have no legitimate use in our network. If you have a WiFi router (e.g. MiFi), you can still use these Ports within your own WiFi network between your local devices but not across the 3G internet connection.