Webone blocking port 25??

Marek Samoc mjs111 at rsphy1.anu.edu.au
Fri Jul 26 05:39:56 EST 2002 

On Thu, 25 Jul 2002, Rasjid Wilcox wrote:

RW> On Thu, 25 Jul 2002 10:44 pm, Jeremy wrote:
RW> > The best solution for me would be an authenticating SMTP server
RW> > accessable from anywhere on the web.  I haven't seen any ISPs do it,
RW> > but I suspect that some of those boutique email companies would.
RW> >
RW>
RW> I know there was a contributed addon to Mitel SME, which was basically POP3
RW> authentication before SMTP.  When you check your email via POP3 (with SSL I
RW> hope!) it would add your IP address to the 'allowed hosts' for 10 minutes.
RW>
RW> This would allow remote users with laptops etc to send out mail via the SME
RW> server, regardless of where they were, but without turning the server into an
RW> open relay for all the wonderful spammers out there.
RW>
RW> Rasjid.
RW>

The problem with SMTP authentication is that many people still use clients
that do not know how to authenticate.
pop3 before smtp is a good solution. For about two years I have been using
drac which integrates well with qpopper. The main problem with this scheme
is that many e-mail clients actually try to push the queued e-mail BEFORE
connecting to the popper, even if specifically asked to check mail.
This causes unneeded stress for a roaming customer...

Returning to the topic of the usual setup of ISP's mail servers, just
about anybody uses checking of IP range from which the SMTP connection
originates and then mail is accepted on the basis of further rules:
anything originating locally can be relayed anywhere, anything originating
remotely can only be relayed to specified e-mail addresses (local
addresses plus those we specifically allow relaying to).
Nobody checks the From: address for being local. This is just too easy to
spoof. A normal procedure is just resolving both the From: and To:
addresses.
If they don't resolve, the mail is rejected. If one gets a temporary
failure then the mail may actually get accepted and queued.

Marek
(almost 7 years as a one-person-shop-ISP and trying to survive
administering the thing remotely from the US now)

More information about the linux mailing list