On Tue, 16 Aug 2005, Håkon Alstadheim wrote:
If only ISPs would start to offer SMTP with TLS or SSL. As it is I
either have to run my own mail server (on a dynamic ip, through an ADSL
line) or use whatever SMTP server is available at wherever i connect
when I'm travelling. If the SMTP server at "wherever I connect" starts
enforcing consistency on headers in emails exiting their network, I
sincerely hope my own ISP will let me start logging into their (MY! )
SMTP server through some secure method. The worst case would be strict
egress filtering + no SSL or TLS login available + recipients dumping
mail sent directly from dynamic IP-adresses. That would really s*ck.
For outgoing mail (as opposed to internal office memos), TLS is not
necessary. Your email is unecrypted anyway once it leaves the MTA
and goes into the wild, wild internet.
There are many services offering SMTP AUTH on arbitrary ports (standard
submission port is 587), which you can use from an ISP that blocks
port 25. It is cheap too, dnsmadeeasy.com is $15/yr. The catch is, that I
have yet to see one that actively prevents cross customer forgery.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.