North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: mobile user strawman argument

  • From: Brad Knowles
  • Date: Thu Jun 30 13:43:44 2005

At 2:51 AM -0700 2005-06-29, Mike Leber wrote:

 Ya, ya, ya... you are going to say 1) its impossible to get people to use
 designated servers for outgoing email.  Or you will say 2) even if you do
 this there will still be *spam*! (egads shock horrror!)  Ugh please.
That's not the problem. The problem is that there are plenty of providers who transparently proxy *all* outgoing SMTP requests to their servers, e.g., AOL. If you publish SPF records for your business and a customer is roaming and using AOL to access the Internet (which is one of the primary reasons why a lot of people keep their AOL accounts), they will be unable to send e-mail as their userid on your server, because that connection will instead be silently routed to the AOL servers.

Yes, you can bypass this by using alternative ports, but not all MUAs support alternative ports, or support them correctly.

Of course, if you're going to do this, you should also be doing at least SMTPAUTH and preferably TLSSMTP, but then again many clients are broken and don't support these technologies or don't support them correctly.

There are alternative solutions to the mobile user problem -- webmail services, VPNs, and shell e-mail. But none of them are a panacea, and if you want to talk about a private customer as opposed to a business person who is on an official trip, these options are much less practical if it is their home ISP who has done this to them.

Brad Knowles, <[email protected]>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755

SAGE member since 1995. See <> for more info.