|
On 4/12/2005 8:42 PM, Ken Sims wrote: > Hi Roger - > >> One is where someone (like me) has their own domain and their ISP wants >> triple $$$ to host it as compared to one of the major hosting providers. >> If the user's home ISP blocks port 25, as I have heard Cox and Comcast >> have, then they wouldn't be able to send email from their domain since >> it would be via a "foreign mail server." Yes, the ISP could allow all >> "from domains" through their servers but then the reverse lookup >> wouldn't match and it would get marked as spam. Also, if they let >> everything through what stops spammers, except #2 below? BTW, while >> Sprint was in the pre-paid dial up business they also blocked port 25 so >> badly that you could only send mail via a web client which meant only >> from your Sprint address. > > > Just because you have your own domain hosted on a server on a > different ISP doesn't mean you have to send through that server. > Except for some brain-dead ISPs, you can send email for your own > domain through their SMTP servers. > I am not so sure about the ISP being brain-dead. Part of making sure a crud isn't using their network to spam or phish is to make sure the from address (not the HELO/ELHO envelope) is from a domain the ISP "knows" should be coming from their IP range. Talking end node ISP. Backbone/upstream ISPs have to pass port 25 because of the downstream ISP servers. > Only brain-dead spam-blocking requires the HELO/ELHO name and/or rDNS > to match the sending domain. Spam-blocking shouldn't even require > HELO/ELHO to match rDNS. > And yet one of the widest used (I believe even David uses it for the lists) blockers is SpamAssassin and it uses HELO vs rDNS as one of its series of tests. > The three things that should be true are: > 1. HELO/ELHO resolves to the connecting IP address. > 2. The connnecting IP address has rDNS. > 3. The host name from the rDNS resolves to the connecting IP address. > > I have my own mail server on business-class cablemodem service but for > various reasons have an agreement to relay through the SMTP server of > an ISP (which is NOT the ISP which provides my connectivity). All of > my email has a mis-match between the sending domain and the ELHO/HELO > and rDNS. I've never run into a problem. > >> Second is a business that has people work at home occasionally. It is >> not often enough to justify a VPN but they need to respond to customers >> and need to use the company's SMTP because the return address is their >> company address. The company exists on another ISP. Home workers are a >> growing portion of the workforce. > > > Same as above, your ISP should allow you to send email for your > company's domain through their SMTP servers. > But without a thorough ISP tracking record this allows a crud to sign up for a dial up account, SPAM through the ISP's server and the blocking port 25 has done nothing useful. > -- > Ken > http://www.ke9nr.net/ > Opinions expressed are my own and do not necessarily represent the > views of my employer or anyone in their right mind. > I'll admit that using your ISP's SMTP and blocking all other port 25 traffic except from commercial customers is workable but it: 1) Doesn't address the commercial customer that just installs a mail server. They (and their software supplier) need to be held accountable, not just put a cover-up on the problem. 2) Limits the user's feature/service choice. Not that much of the USA has multiple ISP (especially broadband) service that can be used to let the best rise to the top and instead you can get locked into bottom of the barrel. 3) Lets a truly brain dead ISP screw up the blocking and tell you that they haven't hurt you because "every ISP is blocking port 25." Virus infections that use their own SMTP engine are not the only high volume/ high speed infections. Sasser clogged the internet almost as bad without SMTP as Melissa or I Love You did with. Just thought of another problem with the ISP blindly passing everything that comes from their IP range. Ex-employee (or just someone) gets an address close to a commercial customer, sets their mail program to use a from address of the commercial customer and sends a bunch of destructive email. How does anyone, without the audit ablity I have been harping on, prove it didn't come from a current "home worker" of the commercial customer. It didn't come from the commercial customer's server, but it doesn't have to to be legitimate because the ISP says that home workers can't use the commercial customer's server that does use authentication. Roger -- *** Vicker Programming and Service *** Have bits will byte *** www.vicker.com *** The price of greatness is the responsibility.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.