On Oct 26, 2008, at 7:23 PM, Jeremy Chadwick wrote:
1) Incoming SMTP (e.g. someIP:* --> yourIP:25)
2) Outbound SMTP (e.g. yourIP:* --> someIP:25)

#2 has become prominent in the past few years, and is applied by ISPs
because they want to curb their customers sending spam out onto the
Internet (usually as a result of viruses, trojans, etc.), getting their
IPs blocked by DNSBLs and giving them a bad social rep.  Instead, they
force customers to relay outbound mail through their own SMTP servers
(called a "smart host" in sendmail terms).

There's absolutely no way around this; you can beg them all you want,
but the chances of them adding a pass-through for you is very slim.

If you want to do direct to MX mailing, you are going to need to negotiate that separately. At the very least you will need a static IP address. If you pay for that, then you will probably be allowed to do direct to MX mailing.

On the whole, I think that Access Service Providers are right in this policy. Back in the old days of smaller ASPs, there were several that had a simple policy. You could be allowed destination:25 traffic merely by asking for it. They figured that anyone smart enough to ask for it knew what they were doing. But it was blocked by default.

But keep in mind that if you don't have a static IP address, the mail hosts you try to reach are also very likely to block you.

The Linksys router has two outbound firewall rules applied to it: it
only allows bsdIP on my LAN to connect to someIP:25,587 -- thus, only
one machine on my LAN is allowed to speak SMTP to the world. I do this purely as a precautionary measure (in case one of my friends comes over
with his/her laptop, which happens to be infected and sends spam, etc.
-- it won't work, period).

Wise choice.  I wish more home and business networks did that.

Eventually they stated that I could send mail through their mail servers
on port 587.  I quickly set this up, and found it failed -- their
servers require SMTP AUTH on port 587, no exceptions (note: this is
NOT mandatory by the RFC; it's OPTIONAL).

Again.  I think that this is fit and proper.

The reason I do not like siphoning mail through Comcast: their mail
servers are known to act wonky or /dev/null mail for mysterious reasons.

Then pay money to a company whose business depends on doing mail right. I use fastmail.fm which I highly recommend.

I hope the experience with your ISP is better than mine.  Good luck.

A business account (needed for a static IP address) is expensive. But don't expect to mail directly to MX (without going through some mailhub, either comcast's or a service that you pay separately for) without one.


freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to