[Novalug] SMTP service providers

James Ewing Cottrell III jecottrell3@comcast.net
Fri Dec 9 11:31:54 EST 2016


Perhaps the REAL Problem is that POP and IMAP didn't Finish the Job, 
using SMTP for Mail Submission, often at an Unrelated Sites. You have 
Already Authenticated to the Actual Site in question.

I started to reply to your post, but you got way over my head. Most of 
what I said is restating what I said before.

On 12/8/2016 9:13 AM, Rich Kulawiec via Novalug wrote:

> A good practice in mail systems is to only allow the envelope-sender
> that matches the authenticated user.

Except that their Customers may have Many Names. In addition to my name 
here, I have a shell account somewhere, and a work account.

> In other words, if Joe is a
> customer of example.net, and wants to send a message via example.net,
> then Joe authenticates (via a username and a password) with one
> of example.net's mail servers as "joe@example.net" and is then allowed
> to submit messages that are from joe@example.net -- but not from
> anybody/anywhere else.

Authenticating Name and Mail Header Name are two different things. I 
would even go so far as to Register names that I wanted to Send as, e.g. 
"I am rbj@shellaccout.somewhere and jcottrell@work.hell", so please 
allow those thru.

I think I'm Preaching to the Choir here tho.

> To explain that snarky comment: look at these hostnames:
>
> 	host-190-131-67-48.ecutel.net.ec
> 	ip-186.249.204-230.globalwave.com.br
> 	177-179-155-4.user.veloxzone.com.br
> 	dhcp-209-159-206-139.bhfc.net
> 	235.66.113.112.broad.km.yn.dynamic.163data.com.cn
> 	95.39.46.54.static.user.ono.com
> 	107-173-27-162-host.colocrossing.com
> 	a2i805.smtp2go.com
> 	fixed-188-29-187-188-29-5.iusacell.net
> 	50-61.hanastarnet
> 	b1c3a645.virtua.com.br
> 	pc-184-205.cecyt8.ipn.mx
> 	114-43-108-97.dynamic.hinet.net
> 	105-185-4-232.apn.mobile.telkomsa.net
> 	c-87-3.cust.wadsl.it
> 	p50933b1c.dip0.t-ipconnect.de

Jeeze...these look like Router or Switch Names.

> What do these have in common?  Now compare/contrast with these:
>
> 	puck.nether.net
> 	mailgate.medicine.wisc.edu
> 	lennier.cc.vt.edu
> 	smtpout.karoo.kcom.com
> 	lists.openbsd.org
> 	smtp3.stanford.edu
> 	mailout.cymru.com
> 	mail.nanog.org
> 	ironman.ucdenver.edu
> 	outbound.smtp.vt.edu
> 	support.opsdc.com
> 	smtp.gms.com
> 	tarragon.mail.virginia.edu
>
> None of the ones in the first group look like the names of hosts that
> someone actually intended to be a mail server.  Oh, they're ALL sending
> mail: but with one exception it's all spam and it's being sent without the
> knowledge/consent of the former owner of the system in question.  All of
> the ones in second group are actual real live legitimate mail servers.

I'm guessing that Ironman is some kind of Appliance, but puck, 
tagarragon and lennier (you go, Billy) look like workstation names.

> More directly: real mail servers have real hostnames, quite often
> containing the strings "smtp" or "mail", or in subdomains containing
> those strings.  Like the second group.  This has been a de facto best
> practice since the rise of the bots, 15-ish years ago.  No, there's no RFC;
> it's not required.  But it's very easy to do and it avoids problems.

Actually, there IS an RFC which mentions Common Hostnames and Mail Names 
(Postmaster, Hostmaster, Webmaster), but you are correct, those are just 
Suggestions...not Required. I can look it up for you, but I'm sure you 
can find it. It's probably below RFC 2000, definitely below RFC3000.

> ---rsk

JIM


More information about the Novalug mailing list