North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMTP authentication for broadband providers

  • From: Daniel Senie
  • Date: Wed Feb 11 16:02:17 2004

At 03:13 PM 2/11/2004, Sean Donelan wrote:

On Wed, 11 Feb 2004 [email protected] wrote:
> On Wed, 11 Feb 2004 11:15:20 PST, Dave Crocker said:
> > what about port 25 blocking that is now done by many access providers?
> > this makes it impossible for mobile users, coming from those providers,
> > to access your server and do the auth.
> Port 587.

So is it time for ISPs to start blocking port 587 too?
Why, to restrain trade? To forbid people from using AUTHENTICATED services of their mail provider of choice? Why shouldn't users be able to hire an Email service provider who might have a LOT more clue about how to run email services than the broadband vendor they happen to buy a circuit through?

Please read the RFC 2476, the Standards Track document on the Submission protocol. Read especially section 3.3. While reading the document you will notice that at the time it did not require authentication (it's a MAY) but I think you'd find most deployment of Submission does use authentication of one sort or another.

If the complaints are going back to the IP address anwyay, why shouldn't
an ISP force it subscribers to go through the ISPs mail servers so it can
control any messages sent by its subscribers?
Are the complaints going back to the ISP? Or are they going to the email services provider who authenticated the user? (read the headers on emails and you'll see there is a notation regarding the authentication).

People spent the time and effort to build a solution to the issue of port 25 being largely open and unauthenticated. That solution is the SUBMISSION protocol. Many companies heavily use this mechanism to offer premium services to end users.