cancel
Showing results for 
Search instead for 
Did you mean: 

[ Idea 2250 ] Authenticated SMTP

N/A

[ Idea 2250 ] Authenticated SMTP

This has been raised many times before in the customer feedback forum, but I don' t think it has made an appearance in 'ideas'.

For those who don't know what this is, it allows password access to the outgoing relay servies (i.e. relay.plus.net). POP mailboxes are always password protected, hence you can get your mail from any ISP dialup. SMTP is not protected at all, so to prevent their servers being used by spammers, the ISPs only allow you to use their relays if you are on their own dialup.

We already use a third party ASMTP provider. This allows our engineers who travel all over the world to use AOL to make their internet connection, then use Outlook as if they were at home. (Please no bitchy comments about us using AOL, unless you can suggest another ISP that works in almost every country in the world on a local dialup). In case you are wondering, AOL refuse to provide a relay server, so you have to use ASMTP if you want to send SMTP mail through an AOL dialup.

Hopefully since this request has been around for so long it may already be somewhere in the PlusNet thought process.
28 REPLIES
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

[ Idea 2250 ] Authenticated SMTP

Hi,

How much extra would you be willing to pay for this type of service if at all?

We have looked at this and actually offer a service for BT Broadband customers in a similiar vein (http://www.plus.net/btbroadband).

Unfortunately, making an ASMTP server available by default, with 150,000 usernames and passwords available meanms that it becomes VERY easy to brute force password crack the server, which is obviosuly a problem.

The alternative is that we would have a additional subscription only server which allowed this, but it would have to be comercially viable for us to make that available...

I'm happy to raise this eitherway, I just wanted to know how important you thought this was!

Regards,
Regards,
N/A

[ Idea 2250 ] Authenticated SMTP

Ian,

If we could get ASMTP on all our mail accounts for £3.49 per month, we would take it. Currently we are paying a bit more than that for 10 accounts, which we can swop among all our users. Saving having to juggle who is using PlusNet SMTP and who is on the ASMTP pay service is a pain, but mostly people stay on one or the other.

Regards

Tony Brown
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

[ Idea 2250 ] Authenticated SMTP

Hi Tony,

Well, I think I might know some people that would go for it with that pricing :-)

When you say all of your mail accounts, is that 10 aliases from one domain or 10 different domains?


Ian's quick terminology guide:

Alias: The bit before the @ sign
Domain: The bit after the @ sign

Regards,
N/A

[ Idea 2250 ] Authenticated SMTP

Ian,

I felt it unwise to fully describe our infrastructure in a public forum. I have sent you a private mail to ian.wild@plus.net (hope I got the address right)

Regards

Tony Brown
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

[ Idea 2250 ] Authenticated SMTP

Not quite - Try iwild@plus.net, but I just got spammed so might not be worth it if you want a reply tonight (I finish at 4 anyway!).

Or Private Message me with the board system!
basil1970
Dabbler
Posts: 21
Registered: 30-07-2007

SMTP/TLS

What about SMTP with TLS ?? :roll: Many corporates are toying with this.
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

[ Idea 2250 ] Authenticated SMTP

I think TLS is probably taking it a little far at the moment, this is certainly suitable for corporate email sysetms, but I would be interested in how you think it would benefit an public relay server as supposed to ASMTP.

I have raised the idea of offering an ASMTP option on all of our products.

Regards,
N/A

Couldn't the same be achieved with SSH tunneling?

It seems that relay.plus.net doesn't have sshd running on it, but surely you could enable that, and then some of us could use relay.plus.net regardless of where we were connected from by using an SSH tunnel. That would at least solve the problem for some of us; probably wouldn't be that much of a hassle for you guys; would be more secure than ASMTP; and less in demand because far fewer users would be willing and/or able to set up an SSH tunnel.

I fully understand the rationale for not having an open relay, but it's an enormous pain when you're in a cafe or an airport with a Wi-Fi network but you still can't send email (unless you use some kind of horrendous web mail system, which would be totally impractical for me). GNER are about to roll out Wi-Fi on all their trains - but it won't be much help if I can't actually reply to any of the emails I receive on the Edinburgh-London train.
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

[ Idea 2250 ] Authenticated SMTP

Hi,

I just don't think there would be enough demand for this and it still opens up our network to the same security issues really (ie Brute force password attacks, exploits from anywhere etc). Why not run your own SMTP server locally (Although this is problematic with some spam systems ISPs run). Alternatively, I run my own ASMTP server at home which relays onto relay.plus.net. If you have enough knowledge to set up ssh tunnels, this shouldn't be much harder?

Regards,

Ian
N/A

[ Idea 2250 ] Authenticated SMTP

Quote
I just don't think there would be enough demand for this and it still opens up our network to the same security issues really (ie Brute force password attacks, exploits from anywhere etc). Why not run your own SMTP server locally (Although this is problematic with some spam systems ISPs run). Alternatively, I run my own ASMTP server at home which relays onto relay.plus.net. If you have enough knowledge to set up ssh tunnels, this shouldn't be much harder?


I already do run my own SMTP server (postfix) on my laptop, and it relays to relay.plus.net. However, relay.plus.net only accepts connections from machines in the plus.net network, unless I am very much mistaken. So when I am on the road or in the cafe down the road with Wi-Fi I still can't send mail. That's why I wanted to set up an ssh tunnel to relay.plus.net, say like

ssh -2 -N -f -L 9595:relay.plus.net:25 brierton@relay.plus.net

and then in /etc/postfic/main.cnf set

relayhost = smtp:[127.0.0.1]:9595

What's weird is that I can't seem to SSH into PlusNet at all ATM. Do you allow SSH access? How would I, for example, log into www.brierton.plus.com and set up a cron job?
N/A

[ Idea 2250 ] Authenticated SMTP

Allthough unrealted to the thread.

You can only connect to the CGI server for shell access, including cron jobs.

In adition, you can only connect to this, whilst you are conneted via PlusNet (dialup or DSL).
N/A

[ Idea 2250 ] Authenticated SMTP

Quote
Alternatively, I run my own ASMTP server at home which relays onto relay.plus.net.


Ian - I am assuming though that your ASMTP server is only ever connected to PlusNet. Is there any way to have an SMTP server relay to relay.plus.net when you are connected from elsewhere? (For example, when I am sitting in a cafe with Wi-Fi.)
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

[ Idea 2250 ] Authenticated SMTP

Hi,

I run Qmail at home. My server accepts mail from anywhere, provided the correct authentication is provided. It is then configured to deliver the mail locally within my network for local machines, or forward the mail onto relay.plus.net if it destined for anywhere else on the Internet. I used to deliver all mail directly from my IP, but this caused me a couple of issues as AOL and a few others won't accept mail from just any old IP.

Regards,

Ian
N/A

[ Idea 2250 ] Authenticated SMTP

Quote
I run Qmail at home. My server accepts mail from anywhere, provided the correct authentication is provided. It is then configured to deliver the mail locally within my network for local machines, or forward the mail onto relay.plus.net if it destined for anywhere else on the Internet.


That does require having a separate machine that sits at home and acts as a mailserver, and presumably also requires a static IP address for it (otherwise how would my laptop ever be able to relay anything to it?). I can see how that would have some advantages - I could also use it as a firewall and run an IMAP server on it too. The trouble is that I don't have that much space here to clutter up with another machine (even a headless one). I also don't have any old machnes lying around to use in that way. But probably the most important point is that it would add an extra layer of things to administer, secure, etc., which I really don't want to have to deal with.

Really all I want to be able to do is use my ISP's SMTP server when I am on the road or out and about. It doesn't seem a lot to ask for. Setting up a dedicated mailserver in my flat and getting a static IP address for it just seem like overkill to me.

Quote
I used to deliver all mail directly from my IP, but this caused me a couple of issues as AOL and a few others won't accept mail from just any old IP.


Exactly - that's why I need to relay mail through relay.plus.net.