Re: SMTP Server for outgoing only behind a home router
From: hector (nospam_at_nospam.com)
Date: 12/29/04
- Next message: hector: "Re: SMTP Server for outgoing only behind a home router"
- Previous message: Bernard: "Re: IIS 6.0 NNTP Server"
- In reply to: ~~Alan~~: "Re: SMTP Server for outgoing only behind a home router"
- Next in thread: hector: "Re: SMTP Server for outgoing only behind a home router"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 29 Dec 2004 07:30:59 -0500
"~~Alan~~" <alan.shepro.NOSPAM@verizon.net> wrote in message
news:#YG7h7H7EHA.208@TK2MSFTNGP12.phx.gbl...
> It did have a valid destination email address. I removed it so as not to
> advertise it.
>
> My ISP is Verizon. They cliam to ONLY block port 80 to keep me from
running
> a web server. How can I test and see which ports they block?
>
Use TELNET.EXE ip_address [port#]
Telnet port is 23, but you can open port using the 2nd option.
All the internet protocols, HTTP, SMTP, POP3, FTP, etc, are all
conversational text based client/server protocols so you can use telnet to
test them all. You just need to know the "state machine" or the
conversation commands required for each.
For example, lets say you want to send mail to bill.gates@Microsoft.com
For SMTP, first, you need to look to get the MX host records microsoft.com,
To the the MX records of a email domain name, type:
nslookup -query=MX microsoft.com
Three comeback with equal preference (lowest first)
microsoft.com MX preference = 10, mail exchanger = maila.microsoft.com
microsoft.com MX preference = 10, mail exchanger = mailb.microsoft.com
microsoft.com MX preference = 10, mail exchanger = mailc.microsoft.com
In layman terms, these are the "post offices" at microsoft available to
receive mail. These can expand to more than 3. So technically, you need to
do another lookup for the A record for each one.
But for testing, you telnet to port 25 for one of these or the direct IP
address one of these, like so:
telnet maila.microsoft.com 25
If successful, you will get a 220 greeting line from the remote SMTP server:
220 IGR-IMC-02.redmond.corp.microsoft.com <Inbound SMTP Virtual Server>
Wed, 29 Dec 2004 03:55:34 -0800
Any other number than 220 is considered a failure or server not available
state.
If you don't see this, it means you will have trouble sending mail from your
machine. But it all depends.
1) A fast connect refuse usually means you are blocked,
2) A very long connection failure could mean that the remote server doesn't
exist,
3) Dynamic IP or Home based users.
For dynamic IP (usually home base accounts), a remote SMTP server might
connect with you but give you a NON-220 response showing that you are not
allowed as a dynamic IP machine. For example. I get this from my home
machine when you connect to a AOL.COM MX host.
554- (RTR:BB) http://postmaster.info.aol.com/errors/554rtrbb.html
554- AOL does not accept e-mail transactions from dynamic or residential
554- IP addresses.
554 Connecting IP: 65.2.204.201
Although AOL.OCM may say it is for anti-spam protection, technically, AOL is
not following and are voilating the RFC standards with this automatic
DYNAMIC IP rejection.
Why?
First, the SMTP RFC specifically says you MUST not reject mail based on a
IP/HELO authentication. Yes, ANTI-SPAM reseachers are trying to change
this, but this is the CURRENT rule.
Second, and more importantly, AOL pre-emptys the possibility of an ESMTP
AUTH (Login Authentication) session from taken place to authorize the
transaction. This automatic rejection at the greeting does not allow for
the possibility of a client issueing the Extended HELO (EHLO) and AUTH LOGIN
commands that could authorize the process.
So AOL.COM methods stops legitimate roaming users from using ESMTP AUTH to
connect. See #4.
4) ESMTP AUTH
Some ISPs will allow you to login on dynamic machines using ESMTP AUTH on
port 25 or the special port 587.
The latter port is part of the "Message Submission Protocol" RFC 2476, which
in short, basically enforces the otherwise optional ESMPT AUTH.
In other words, if you connect on port 25, then ESMTP AUTH is optional. If
you connect at port 587, the remote SMTP server will EXPECT a ESMTP AUTH
login session will take place.
In general, the big ISPs did not support ESMTP AUTH for roaming users, but
this is changing.
So look to see of your ISP supports ESMTP AUTH for dynamic IP users and/or
if your ISP supports the Message Submission Protocol.
Finally, what you might want to do is setup what is called a "Smart Host"
By doing what you did, you creating a router. Outlook sends to your local
machine and you want your local machine to sent out machine.
Well, never mind the fact, this is ANTI-SPAM 101, stuff we Anti-Spam
developers are specifically targeting in "regulating and controlling", if
you want to do it correctly, you should prepare your local machine SMTP
server to send all machine directly VIA your ISP or some "pre-arranged"
SMART HOST that understand who you are and authorizes you to do "relay"
machine thru their machine.
This is a traditional setup using a IP address, but since you are dynamic
IP, some SMTP servers will allow you to prepare a smart host using a ESMTP
AUTH login with username and password, just like you do for the "user based"
Outlook program called the MUA (Mail User Agent).
Hope these tips help
Happy Holidays
--- Hector Santos WINSERVER "Wildcat! Interactive Net Server" WCSAP "Wildcat! Sender Authentication Protocol" http://www.winserver.com/sslinfo support: http://www.winserver.com sales: http://www.santronics.com
- Next message: hector: "Re: SMTP Server for outgoing only behind a home router"
- Previous message: Bernard: "Re: IIS 6.0 NNTP Server"
- In reply to: ~~Alan~~: "Re: SMTP Server for outgoing only behind a home router"
- Next in thread: hector: "Re: SMTP Server for outgoing only behind a home router"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
