[Lilux-help] Port 587 the solution?

[Thibaut Britz]

Hi,

> .................................................
> .................................................
> I wonder if PT actually guarantees you the "relay
> service", or if they 
> were just to lazy to configure their SMTP server
> otherwise (as I know PT 
> I suspect that the latter might be true).

Provider mail servers are meant to be used to send your mail, whatever
the from email address is, because many mail providers _don't_ even have
smtp servers (at least in the past). I always send all my emails 
through the service provider's smtp server I'm currently connected to.

> Also remember that any PT customer is able to send
> mails using your ETH 
> address though the PT relay.
> Thus even by examining
> the mail header, I 
> can not verify that this mail is really coming from
> you (if you do not 
> signature your mail)! As long as your mail has not
> been relayed by ETH's 
> mail servers the authenticity of your mail is
> questionable. 

As long as the email is not digitally signed, you can never be sure who
sent you the email, and you shouldn't really rely on the outgoing mail
server.... (hint: check this email's mail server)

> Ok, I know 
> that it is possible to fake the headers by spoofing
> ETH's IP addresses, 
> but this is outside the possibilities of infected
> PCs and spammers.

In order that an email is send, data has to be exchanged between both
participating parties.... To my knowledge, if you spoof your ip address,
no data gets back to you, so you get no TCP connection to the server.

> We need SMTP authentification over SSL, there is no
> way around this. The 
> other solutions are temporal at best.
> Prepare that PT will block all non @pt.lu mails
> sometime in the future. 

Well, maybe in a 100 years..... ;)

> Hope that they will warn you on time!
> Greeting, Patrick Kaell

Thibaut