Hello!
Friday, January 05, 2001, 9:19:54 AM, Thomas Fernandez <[EMAIL PROTECTED]> wrote:
(A notice to the list members and moderator: the next message could be
easily treated as offtopic (Marck, your comments please :-). Anyone
interested in additional technical details should contact me off-list).
TF>>> It is not an "open" line if you are connected to it.
AGSAA>> Hmm... Didn't catch the point, could you please explain? :-)
TF> The same as you say below, using the more correct term "third party
TF> relay". What I mean is, it does not mean it's open to third parties if
TF> you can use it while being logged in through the same ISP.
OK here :-)
TF>>> Relaying would be if I used an SMTP server in Germany for an account
TF>>> in Thailand while having dialled in through an ISP in Taiwan. If I use
TF>>> the SMTP server of the ISP I dial in through, it is not relaying,
TF>>> never mind the From address.
AGSAA>> Sorry, but you're wrong here.
TF> I meant "third-party relaying". The SMTP server error "sorry, we don't
TF> relay", which I have seen at times, also refers to third-party
TF> relaying, wouldn't it?
In general, yes. However there are some cases (badly administered
servers etc.) when you'll see this reply from the server you're
absolutely authorized to use :-).
AGSAA>> Generally, all SMTP servers are "relays". But the actual server
AGSAA>> behaviour can significantly vary. You can use ORBS, RBL, DRBL, RSS
AGSAA>> whatever databases to prevent spammers from sending your their crap, you
AGSAA>> of course should use some kind of ACL (access.db on sendmail) etc.
TF> GMX has, for example, POP before SMTP. So, you POP nad then you can
TF> use their SMTP server, never mind through which ISP you are logged in.
Correct. But the more convenient scheme is to install some kind of SMTP
authorization on the server. The added benefits are TLS support etc.
The next two ways to prevent unauthorized third-party relaying are:
- separate user-side SMTP server and the core relays (MXers). Good for
the most situations and sites.
- use newly introduced RFC 2476 to completely separate traffic from the
users and servers. The summary of this RFC is: users aren't allowed to
use SMTP servers completely, they submit their mails via a special port
on the relay. Look for an original RFC text on any server
(http://www.rfc-editor.org/ would be great) and also check out this URL:
http://sendmail.net/?feed=rfc2476. I consider this to be a future in the
way users will send their mails.
AGSAA>> Here is the example. Imagine that one of my SMTP servers acts as a relay
AGSAA>> for the following domains:
TF> [...]
AGSAA>> EHLO hostname.client.net.ru
AGSAA>> MAIL FROM:<[EMAIL PROTECTED]>
AGSAA>> RCPT TO:<[EMAIL PROTECTED]>
TF> Is there a way we can see which commands TB actually sends to the
TF> server?
Yes, by installing a so-called SMTP proxy with logging enabled. The
perfect examples known to me are the SMTPepd
(http://www.kanargh.force9.co.uk/smteepd/smteepd.exe) and The
Sleepwalker SMTP Proxy (http://www.thesleepwalker.com/software/).
TF> What is RCPT TO: ? The recipients?
It's the command sent to an (E)SMTP server by the connection originator
containing the so-called "envelope" address of the recipient. For
further information just consult an appropriate (E)SMTP-related RFCs
found on the 'net.
--
Yours sincerely,
Andrey G. Sergeev (AKA Andris) http://www.andris.msk.ru/
--
--------------------------------------------------------------
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
<mailto:[EMAIL PROTECTED]>
To Unsubscribe from TBUDL, double click here and send the message:
<mailto:[EMAIL PROTECTED]>
--------------------------------------------------------------
You are subscribed as : archive@jab.org
