Date: Mon, 26 Nov 2007 23:34:43 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Aryeh M. Friedman" <aryeh.friedman@gmail.com> Cc: freebsd-questions@freebsd.org, Bob Richards <rrichard@blythe-systems.com> Subject: RE: Getting around ISP SMTP firewall settings (Re: Submitting a new port if send-pr is broken) Message-ID: <BMEDLGAENEKCJFGODFOCKECECFAA.tedm@toybox.placo.com> In-Reply-To: <474BB2BC.4010906@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Aryeh M. Friedman [mailto:aryeh.friedman@gmail.com] > Sent: Monday, November 26, 2007 10:02 PM > To: Aryeh M. Friedman > Cc: Ted Mittelstaedt; Bob Richards; freebsd-questions@freebsd.org > Subject: Re: Getting around ISP SMTP firewall settings (Re: Submitting a > new port if send-pr is broken) > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Aryeh M. Friedman wrote: > > > > > Frankly, unless you processing mail for a lot of people, there is no > > > benefit to running your own mailserver, and you really ought to be > > > using a client-server model for getting mail, as you are doing. The > > > OP just hasn't realized this yet. > > > > Actually I am processing mail for over a dozen people and almost 100 > > diff addrs so it does make sense if it is possible. > > > > > > Oops forgot to mention there is a small set of complicating factors: > > 1. The people and addrs I process mail for all have the same domain > but live in locations all around the globe (virtual company) > > 2. The domain should/must be the same as the company's web page (see > my sig for addr) which is on a convention web hosting arrangement > > 3. As far I can all inbound/outbound smtp/http (25, 587, and 80) are > blocked by the ISP (they offer them under a business package that also > includes a static IP but currently that is too pricey) > You really need to clarify what you mean by inbound and outbound. I'll assume that by inbound, you mean you cannot have inbound connections to ports 25, 587, and 80. This is perfectly legitimate for a residential ISP connection. I'll assume that by outbound, you mean you cannot have outbound connections to ports 25, 587, and 80. This is silly. A block on an outbound connection to port 80 would mean you couldn't surf the web. I'll assume you mean that outbound port 25 is blocked to everywhere except for the ISP's own mailserver. That also is perfectly legitimate for a residential ISP connection. A block on an outbound port 587 connection has only ONE purpose, to prevent you from using a legitimate mailserver for sending mail other than the ISPs server. Servers on the Internet that respond to port 587 are only supposed to relay mail from AUTH connections to 587 so allowing ISP customers to use 587 is not a security or SPAM problem. 587 is not used for server-to-server mail traffic. If your ISP is indeed blocking outbound 587 then you have justifyable reasons to scream and bitch, and they do NOT have any justifyable reason to block it. None of the large cable or DLS providers block outbound 587 > 4. The ISP is the only one in my area (semi-rural) that offers high > speed bandwidth > > 5. Even though my web hoster offers mail forwarding it does not offer > mail box and/or mailing list hosting (having prepaid for 2 years and > only being 2 months into the deal I am not going to switch providers) There's plenty of ISP's on the Internet that offer mailboxes only. I can't fault your webhoster for not wanting to get into offering mailboxes. It is a speciality, just as webhosting is a speciality. What you really should have done, (of course hindsight is a great revealer) is to have contracted with an ISP where you could have colocated a server. For probably $100 a month you could have your own box with a public IP address and run a mailserver on it, hosted your website on it, and you could have modified it so that instead of port 587, you did auth-smtp on port 588 and then gotten around your ISP's block on outbound 587 (if infact, such exists) You really only have 2 non-business connection choices as I see it. First, contract with some ISP that will sell you a mailbox that will take domain mail. Next build a mailserver at your site that uses fetchmail to pop down that mail and port 587 to send it out. Last, on your site mailserver, setup a pop3 or imap server that uses a non-standard port#, then config your road warrior clients to use that port, or setup a webmail interface and use a URL like webmail.flosoft-systems.com:86/webmaillogin.cgi to access it. This assumes outbound port 110 and 587 are NOT blocked. If outbound port 587 and 110 ARE blocked, then you cannot do anything other than the colocated box that has all non-standard ports, OR say hell with it and work out a deal with an ISP to do virtual mailboxes and mailhosting. If you want to do that last, I'd be happy to pitch pricing to you for my employer off list. (as no doubt, many other list readers could) Really, as others have said, it's easier to pay the money for the business line. How much extra do they want for it? Ted
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BMEDLGAENEKCJFGODFOCKECECFAA.tedm>