Home page logo

nanog logo nanog mailing list archives

Re: Stealth Blocking
From: Daniel Senie <dts () senie com>
Date: Fri, 25 May 2001 00:45:24 -0400

At 08:57 PM 5/24/01, Jason Slagle wrote:

On Thu, 24 May 2001, Mitch Halmu wrote:

> I will give you a solid reason why we won't try this, quoting research
> with POP-before-SMTP conducted by the founder of MAPS TSI, Chip Rosenthal
> http://users.laserlink.net/~chip/relay-pres-9910/
> You don't have to believe me that our clients will not accept that, take
> his words instead:
> "Our users hated it - particularly those using MS Outlook"
> No need to describe what happens when your clients hate your service...

Pop before SMTP has come a long way since 1999, and newer outlook does
SMTP auth.  If you support both, Pop before SMTP for clients who cannot
do SMTP Auth, then you shouldn't have users hating it.

My clients use SMTP AUTH, or (if they either have an old mail client, or don't have AUTH configured) use smtp-after-POP. Both work well. The SMTP AUTH implementation in sendmail 8.11.x works flawlessly, as does the TLS implementation, which we also support and use. Outlook and Outlook Express support SMTP AUTH with no problems whatsoever. Their TLS implementation has some issues.

Eudora 5.1 has the cleanest implementation of TLS and SMTP AUTH I've seen anywhere. They've done a great job with the implementation. Same goes for Qpopper 4.0, which is easy to work with, and supports TLS well.

We do email hosting, but provide no access services. All of our users connect to our mail servers remotely. We've never run an open relay, and our customers have full access to use our SMTP and POP services. It really is possible to do all of this, be successful and have happy customers.

Daniel Senie                                        dts () senie com
Amaranth Networks Inc.                    http://www.amaranth.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]