rchandra
Stargate S G-1 And Atlantis Fan
Premium
join:2000-11-09
14225-2105
clubs:
| reply to fhmiller5
Re: Verizon's is actually the more-sensible approach
said by fhmiller:
The mail server we use at work requires the ip address be one of it's [sic] own for sending. Therefore we can't send through it from home. If we used Verizon for home dsl we couldn't send work mail.
That simply means you haven't set up a mail server that can do this. Go to the Verizon thread and read about the various schemes, the most popular being authenticate-then-email (POP then [E]SMTP). Also, it sounds like you haven't thought about setting up VPN connections (which would put your home computer or network in the IP address space of your company).
If you're not willing to do either of these, it's not VZ's fault, it's the fault of your company.
--
Those willing to sacrifice freedom for security deserve neither. |
|
richb01803
Rich
join:2001-02-14
02100
| reply to dru
Well, maybe having the big ISPs implement really annoying restrictions will force the software companies to innovate and provide better email software.
Email's the #1 most popular application on the Internet, and it's been that way since the beginning.
Software vendors put their heads in the sand ages ago and decided that complying with a 20-year-old RFC with the likes of sendmail (world's buggiest program), Eudora and Outlook (world's least secure program) from now until eternity is a fine and acceptable state of affairs.
Well, I reiterate: email software as it stands today is "not well made". It's not up to the average 10-employee small business to come up with the answer to this problem; it's up to the well-heeled software vendors to do it. If not them, then perhaps the Linux freeware development community will take on this challenge (if for no other reason than to do an end run around SMTP port 25 when the ISPs gang up and block it).
I don't think the ISP managers are playing a good game of chess here. They'll bring worse problems on themselves by continuing these policies without also seeking long-term solutions in cooperation with the software development industry. |
|
dru
join:2000-09-14
Corona, CA
| reply to richb01803
What do you mean by, "not well made"? Just what SMTP security protocol have you seen implemented and standardized upon that deals with this issue?
SMTP was standardized when the internet was a trusting, open place. That's the problem. IMAP4 addresses these issues, but not universally supported by all client programs.
Obviously, software that runs on individual corporate servers could and should restrict incoming SMTP mail to originating headers, like what Verizon is implementing. But many do not offer this, and I believe that there is an issue with the appearance of being "open relay" to the current detection algorithms employed by such systems as ORBS and MAPS. So you still have to restrict via IP address, and this is difficult if you have traveling employees or those using dialup or dynamic IP service.
As for "not well made" commercial offerings including those from Microsoft, Eudora, and others do not provide many SMTP security features other than restriction by IP address. When asked, they claim such reasons as "RFC blah blah compliance" which of course means to be a fully compatible piece of software it has to interoperate with mail clients that hail from the days of Windows 3.1 Of course ISPs with the talent can modify and recompile smtp software to meet their needs, but the average small business doesn't possess this type of talent.
The biggest problem we have had recently is with business clients not intentionally abusing our servers or spamming themselves, but setting up servers for their own use but leaving them open to mail relay (the default configuration, out of the box for many server programs) and with the plethora of scanners and bots used by spammers to find open relays, they are discovered and exploited within a few hours. |
|
richb01803
Rich
join:2001-02-14
02100
| reply to fhmiller5
Why is that? Why can't your office email server be set up to relay your email?
Software which attempts to restrict access based on an IP address isn't well-made. It should have some other means of getting you to prove who you are.
However, I will grant you the point that today's email software has a lot of limitations which force folks to come up with all these bizarre kludges.
I don't think it's possible to barricate the 'net against spam so long as we're all merely trying to jam our pinky fingers in the dike. |
|
fhmiller5
join:2000-01-23
Dobbs Ferry, NY
| reply to justin
The person that said they cannot think of why someone would disagree, isn't thinking very hard.
We are a small office any many of us work from home using our various connections. The mail server we use at work requires the ip address be one of it's own for sending. Therefore we can't send through it from home. If we used Verizon for home dsl we couldn't send work mail.
Fred |
|
