As before, I'm answering several related E-mails in one posting.
We do not allow connections from dynamic IP addresses.
I think that's a bad policy.
There is simply no way to account for unauthenticated email (that is what
we're talking about here) without at least tying the messages to a fixed IP
address.
Even once you DO, that again is closing the barn door after the horse has
gotten
out.
Of course our users can let specific addresses through such a block based on
a
request by the remote user (via URL).
They first have to _realize_ that their mail is getting blocked.
Likewise, since I have a "residential" type high speed connection, I have
*very* limited abilities (and that only because of my own domain names, but I
don't have my own Net-accessible DNS server in any case) to manipulate the DNS
records associated with those domains.
If you want to be an MTA, we feel you should be registered as one in DNS.
I wouldn't particularly have a problem in principle with doing that, and I
certainly have the iron here to support it (running both NT 4.0 and Win2K
servers, among other machines here) but the terms of my service agreement with
my ISP prohibit me from offering ANY server services visible to the Net (and
that presumably includes DNS).
That, combined with the fact that I don't have a fixed IP address, makes it
difficult to comply.
You don't even need the registered name to be in your domain, it simply
needs to map to a name which then maps back to the original IP address.
Without this, bad users in a dynamic IP range cannot be blocked individually.
Again, I don't have a net-accessible DNS server here, nor do I have any fixed
IP
addresses.
As of this week, Cox in Phoenix (possibly nationwide) is blocking all
outgoing
port 25 connections from its DHCP pools.
Yes, and I've had [business!] clients that have been subjected to just such
restrictions. :-((
This has caused some consternation
in local discussion groups, but if those users are as advanced as you claim,
they should be able to smarthost through Cox's SMTP servers, or just pay the
extra money for a business connection with a static IP. I've chosen the latter.
The "business connection" costs at least three or four times as much money, and
with the economy being the way it's been for about three years now, that's
simply not a viable option for many of us.
If I eventually develop a greater need for my own local servers being directly
on the Net, perhaps I can eventually justify that extra expense. That's not
the
case, though, yet.
If you have dynamic IP addresses, why run your own MTA?
There are a variety of operational reasons to want to do that, including the
ability to send outgoing mails by quite directly inserting them into the MTA's
xmit holding queues rather than having to send them via SMTP... this allows
more
easy and fast/efficient integration of e-mailings through other business
applications (invoicing, drafting, etc.)
It's no use for incoming mail,
I don't use my SMTP server (of course) for incoming mail (well, not DIRECTLY,
anyhow). It's for outgoing mail only. Obviously, an incoming mail server
would
need to be directly accessible from elsewhere on the Net.
I have a different system here which handles incoming mail... a SPITBOL-based
daemon which retrieves mail periodically from my various POP3 mailboxes all
around the Net, applies filtering rules and a whole series of modification
procedures to those messages, and then puts the preprocessed messages directly
into the incoming message (pending pickup) queues at my local (EMWAC) MTA. So
in a way, I *am* using my local mail server for incoming mail, but not (to stay
within my TOS restrictions of my ISP) in a way that makes it accessible from
elsewhere on the Net, only within my local LAN here.
...and for outgoing mail you could use your ISP's MTA.
In fact, at the moment I am basically doing that, although in the case of one
of
my consulting clients they can't readily use the ISP's SMTP MTA while still
using their own corporate domain name. :-(
Presently my outgoing mail goes from my mail client software to my local EMWAC
SMTP server (on my NT4 server), from there through WinProxy (on my Win2K
server)
to my ISP's SMTP server and from there on out through my cable modem router and
NAT box to the Net.
I still would greatly prefer to use my own directly accessible outgoing SMTP
server, if for no other reason than because it would reduce a lot of totally
pointless bulk in my outgoing E-mails (due to the additional Received: lines
which get added for each additional intermediate stage) and because it would
give me better control over the whole E-mail operation.
But again, it's not only just about my NORMAL operations here from my home
office. It's also about what I need to do when I'm travelling, such as from
Internet cafes (possibly in foreign countries, possibly onboard cruise ships
etc) where one has truly NO control over outgoing mail server configuration.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment! Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg