spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: How can this work?

2004-10-07 09:14:30
from [guy] [Permanent Link] 
I have used putty to create a tunnel to my home SMTP server, on the intranet
side.  Localhost:2525 goes to 192.168.0.1:25  Then set email client to use
localhost:2525  But if I had enough users that could not understand this, I
would not publish with -all.

ssh and putty are cool!

This really freaks out customers that think they have a firewall and I use
scp to copy files to/from my home systems.  What firewall?  Now the USPS
have a firewall, no connection allowed to my home!  Bogus!  Going off topic
again!

Guy

-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Dan 
Barker
Sent: Thursday, October 07, 2004 11:54 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] How can this work?

I see how SPF records can help if you are at the office. What about when you
are on the road?

You will connect to the 'net via your cellphone, a dial-up, or a wireless
network. Most likely, the ISP won't route port 25 traffic to your "home"
system's SMTP servers, so you must use the remote ISP's SMTP servers. They
have no idea who you are, and your home server has no idea from where you
might connect.

I just don't see any way around this except using a cumbersome "remote
control" program (NetOp, Remote Desktop Connection, SSH, telnet, Terminal
Services, PC Anywhere) to access your "home" system for any outbound email.
That's just not workable.

Example:

dbarker(_at_)visioncomm(_dot_)net

At home, SMTP is mail.visioncomm.net.

On the road, I plug my cellphone into my laptop and connect to
smtp.sprintpcs.com (outbound and mail.visioncomm.net inbound). Sprint won't
route SMTP to mail.visioncomm.net so I send as 
dbarker(_at_)visioncomm(_dot_)net using
their SMTP server.

The only work-around I can imagine is if all ISP's update their SMTP traffic
filter to check if the Reply-To address's home system is SPF compliant, and
only if so allow the remote user to pass SMTP traffic home. I'm not sure I
know how to do that with iptables<g>.

Dan Barker

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription, 
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Re: [SPF Classic] Policy best practices should be kept out, Tony Finch
Next by Date:  RE: Re: [SPF Classic] Policy best practices should be kept out, guy
Previous by Thread:  Re: How can this work?, Ernesto Baschny
Next by Thread:  Re: How can this work?, David Brodbeck
Indexes:  [Date] [Thread] [Top] [All Lists]