I host a webmaster who looks after a customer in Alaska and they had some guy come in to
configure their e-mail accounts on the office PC's. I have the mail accounts on my server
and have configured it for smtp via SASL on port 587 because of ISP blocking port 25. He
was unable to figure out how to set up SMTP via SASL in Outlook, and reverted to using the
ISP instead. I quote here from his "explanation" of how the ISP's operate -
GCI and ACS are the competing ISP's in Alaska
http://www.gci.net and http://www.acsalaska.com
##########
Since GCI is a CLEC in Anchorage, Competive Local
Exchange Carrier, they are always in a battle with ACS, the old converted
Telephone Utility(now commercially owned). To make life more difficult for
each other and to help prevent their systems from being used as open relays
for Spammers, both GCI and ACS refuse to local route data between their two
networks, and both refuse to route forward mail.
If you understand how Spamming works then this makes sense.
What GCI has done to accomodate customers, both business and residential, is
to have those people trying to send mail through an off network email server
to send it through GCI's smtp server. No username or password is required
and GCI performs no blocking of any email, unless the email is being sent to
more than 25 people as it is then considered mass mailing, or SPAM.
Simply, the only thing I had to do was to change the SMTP server port back
to 25, turn off SMTP server authentication, and use smtp.gci.net as the
outbound server instead of mail.example.com.
##########
So - if you have an account with this ISP it would appear that you can happily spoof any
domain you like, and you don't need a username or password - just pop before smtp
(presumably). I suppose the next thing will be complaints from the customer when his
mails are rejected by SPF because his ISP is not included in the spf record?
Can anyone see anything right about this arrangement - or am I blinkered/stupid?
Slainte,
JohnP
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com