× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Let us just say that your experience differs from mine and leave it at that.
 Microsoft solutions have not worked as well as the salesman said in the
places I go.

--------------------------------------------
Booth Martin
MartinB@Goddard.edu
802-454-8315 x235
--------------------------------------------
-------Original Message-------
From: midrange-l@midrange.com
Date: Wednesday, November 21, 2001 10:45:41 AM
To: 'midrange-l@midrange.com'
Subject: RE: fix.your.open.relay.or.die.net
That's not "limited" at all. He's forcing you to go through "corporate"
e-mail servers. By doing so he can ensure a number of things, including 1)
Virus scanning, 2) E-Mail retention rules, 3) Standard disclaimer blocks on
the bottom of messages, 4) Increased security because he doesn't have to
allow POP/IMAP and SMTP connections from the desktop, 5) Decreased help-desk
costs because there is only one e-mail client to support, 6) Scanning for
"offensive" or "confidential" content, 7) etc.
Having said all that, he has made a conscious decision to not allow POP/IMAP
and SMTP from clients. Exchange supports them fine.
-Walden
BTW, I wouldn't WANT to use any other e-mail client. Outlook is rather
full-featured, what features are you looking for that you don't have?
------------
Walden H Leverich III
President
Tech Software
(516)627-3800 x11
WaldenL@TechSoftInc.com
http://www.TechSoftInc.com
-----Original Message-----
From: Booth Martin [mailto:booth@MartinVT.com]
Sent: Wednesday, November 21, 2001 10:38 AM
To: midrange-l@midrange.com
Subject: RE: fix.your.open.relay.or.die.net
#3 discusses it. I am aware of it only because a client relies on this
solution and I am unable to use e-mail on his site with any e-mail program
but Outlook, which really is a pretty limited e-mail solution.
--------------------------------------------
Booth Martin
MartinB@Goddard.edu
802-454-8315 x235
--------------------------------------------
-------Original Message-------
From: midrange-l@midrange.com
Date: Wednesday, November 21, 2001 10:21:40 AM
To: 'midrange-l@midrange.com'
Subject: RE: fix.your.open.relay.or.die.net
Booth, there are millions of people that rely on Exchange to send their SMTP
mail, what's "non-standard" about it? I've never had any problems with
exchange sending SMTP or ESMTP mail, have you? Also, the check before send
solution is a decent one PROVIDED that your SMTP server supports it and your
client checks before sending. My understanding is that most do, but Eudora
doesn't, but that may be a specific version of Eudora or something. Oh, and
talk about non-standard <G>. -Walden
------------
Walden H Leverich III
President
Tech Software
(516)627-3800 x11
WaldenL@TechSoftInc.com
http://www.TechSoftInc.com
-----Original Message-----
From: Booth Martin [mailto:booth@MartinVT.com]
Sent: Wednesday, November 21, 2001 9:57 AM
To: midrange-l@midrange.com
Subject: RE: fix.your.open.relay.or.die.net
Please rethink any decision to disable SMTP and rely on Exchange to send
outgoing mail. These non-standard solutions just create complexity in an
arena that is already fairly well defined. Another solution that works is to
allow SMTP only to people that have checked their incoming mail within 15
minutes. Then your users, however they access the internet, can check their
mail and send mail, but spammers can't relay through you. pair.com does that
and I have been their customer for a couple of years. It works just fine.
--------------------------------------------
Booth Martin
MartinB@Goddard.edu
802-454-8315 x235
--------------------------------------------
-------Original Message-------
From: midrange-l@midrange.com
Date: Wednesday, November 21, 2001 09:38:59 AM
To: 'midrange-l@midrange.com'
Subject: RE: fix.your.open.relay.or.die.net
OK, I'm concerned we're getting confused here. You CAN NOT simply turn off
port 25 access from the outside world to your SMTP host! If you do, how do
you expect to get inbound e-mail? There are two different scenarios here:
1) connections from anywhere on the net where the mail is addressed to
someone AT YOUR location
2) connections from anywhere on the net where the mail is addressed to
someone NOT at your location Scenario 1 is how you get YOUR mail. You can
not turn that off or you have no mail. Scenario 2 is what is called
relaying. Relaying must be disabled in the SMTP server (or a SMTP-aware
proxy/firewall) by looking at the RCPT TO commands in the SMTP stream. It's
simple enough to turn off relaying at the server, but here's the hitch. If
you do that then your employees dialed into the net from the outside world
won't be able to use your SMTP server to send their mail. There are several
possible solutions to this:
1) Allow relaying from internal addresses only and have them connect to your
LAN via a VPN connection. Then they can access the SMTP server from an
INTERNAL address and all is good. A spammer trying to relay off you would
access from an external address and be denied. (IMHO this is the best
solution as the VPN allows so many other "cool" things too.)
2) Allow relaying from external addresses ONLY if user validates w/a
password. This works too, but obviously requires a SMTP server that supports
authentication. IIRC, authentication isn't part of the base RFC, but rather
an ESMTP extension. Does the AS/400s SMTP server support this?
3) Use a higher-level mail client like exchange or domino. In the case of
Exchange (and I think, domino) I'm not actually sending SMTP mail from my
PC. I'm sending a message into Exchange and Exchange passes it off to the
SMTP sender at the server. Using products like Exchange and Domino would
also allow the use of browser-based access to e-mail so the road-warriors
could check/send e-mail from any web browser in the world. -Walden
------------
Walden H Leverich III
President
Tech Software
(516)627-3800 x11
WaldenL@TechSoftInc.com
http://www.TechSoftInc.com
-----Original Message-----
From: R. Bruce Hoffman, Jr. [mailto:rbruceh@attglobal.net]
Sent: Tuesday, November 20, 2001 6:50 PM
To: midrange-l@midrange.com
Subject: Re: fix.your.open.relay.or.die.net
----- Original Message -----
From: "Fritz Hayes" <fhayes@spiritone.com>
To: <midrange-l@midrange.com>
Sent: Tuesday, November 20, 2001 6:13 PM
Subject: RE: fix.your.open.relay.or.die.net
> POP3 or IMAP. How would you propose setting up the SMTP server on the

> AS/400 or Domino to service these users without the user/password

> technique?

It's not really something that _should_ be done on the 400 or any other smtp
server (sendmail, etc.). It's something your firewall should do at a
minimum. Two ways: NO access from outside networks, just filter off port 25
the other
- allow access only from specific static IP addresses. ATT and some of the
other big players do this, which is why you have to dial in to their systems
and use their assigned addresses in order to access their smtp servers. The
idea is that you should not allow access to _any_ smtp server from
unrestricted/uncontrolled hosts. R. Bruce Hoffman, Jr.
-- IBM Certified Specialist - AS/400 Administrator
-- IBM Certified Specialist - RPG IV Developer
"I want to be different, just like everybody else!"
- Ceili Rain
_______________________________________________


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.