[Lilux-help] Port 587 the solution?

Patrick Kaell sparc at kayoon.net
Sat Jul 3 09:40:26 CEST 2004 

Thibaut Britz wrote:

> Provider mail servers are meant to be used to send your mail, whatever
> the from email address is, because many mail providers _don't_ even have
> smtp servers (at least in the past). I always send all my emails 
> through the service provider's smtp server I'm currently connected to.

I used Deutsche Telekom's DSL service for 2 years. T-Online's relay 
server never allower something like this. Only @t-online.de addresses 
were allowed.

I studied the mail headers of the mails on this list yesterday. I was 
*really* surprised how many of you actually send through your dialups 
relay. I would never have thought this ;-)

> As long as the email is not digitally signed, you can never be sure who
> sent you the email, and you shouldn't really rely on the outgoing mail
> server.... (hint: check this email's mail server)

Also true. The mail signature is the best guarantee for this. But 
remember: Not long ago you could send mails with anything in the From: 
field. Spammers used From addresses where even the DNS part didn't 
exist. Today such mails do not get delivered anymore. This is the state 
of art today. I think that in future this checking will get more strict. 
Recieving Mail servers will not only try to resolve the DNS part of the 
 From address but will also check if the mail actually has been relayed 
by at least of one server which reverse resolves to the same DNS suffix. 
It is not practical to do this with mail signatures.

> In order that an email is send, data has to be exchanged between both
> participating parties.... To my knowledge, if you spoof your ip address,
> no data gets back to you, so you get no TCP connection to the server.

You have to been on a backbone to do this. This is outside the 
possibilities of the infected PCs and spammers.

This *will* effective be a *real* spam and worm killer!

>>We need SMTP authentification over SSL, there is no
>>way around this. The 
>>other solutions are temporal at best.
>>Prepare that PT will block all non @pt.lu mails
>>sometime in the future. 
> 
> 
> Well, maybe in a 100 years..... ;)

Well, maybe. But I hope not. The spam and the worms are just too 
annoying. Something has to be done against it. And spammers get always 
smarter. Now they use 'p0rn' and 'v1agra' to get around spam filters. 
And if you filter too aggessively, there are also a certain percentage 
of good mails which get deleted. A perfect spam filter just has not been 
developed yet!

I think that generic mail relays are perfectly legitimate. But as we 
have to give up some freedom for more security, they will have to go. 
Just as the open relays had to go five years ago. As soon as nobody 
accepted mails from open realys anymore, users of open relays had to 
search for an alternative. This will also happen to the generic mail relays.

Greetings, Patrick Kaell

Greetings, Patrick

More information about the Lilux-help mailing list