Mailing List Archive

That is also my concern, I have some 500 domains with exactly the same
problem one domain's e-mail system can be used by some 100 different
users, in totally different places round the world, and like you say
most ISP's are blocking relay SMTP traffic.
So how to handle this one ?

Regards
Otto W Nielsen



Peter Winning wrote:

>How do I go about registering where the following conditions are true
>
>email users connect in via their own isp and as a large number of ISP's worldwide are currently blocking SMTP traffic to any but their own mail servers they have to send mail on this domain through other ISP's mailservers which means that mail from this domain can come through any ISP's mailserver even though the primary mail server does exist and most of our users go through that one
>
>Regards
>Peter
>
>-------
>Archives at http://archives.listbox.com/spf-help/current/
>Donate! http://spf.pobox.com/donations.html
>To unsubscribe, change your address, or temporarily deactivate your subscription,
>please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
>
>
>
>

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

> That is also my concern, I have some 500 domains with exactly
> the same problem one domain's e-mail system can be used by
> some 100 different users, in totally different places round
> the world, and like you say most ISP's are blocking relay
> SMTP traffic.
> So how to handle this one ?
>

Use port 26 or 587 instead.

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

I still don't follow if I use port 26 true that most ISP's will let it
through, but what do we achieve here then ? We will use the ISP's SMTP
server and so would the SPAMER, so how would this stop spamers ?
Or would we then have to define all the possible ISP's ?

Regards
Otto W Nielsen

Mark Smith wrote:

>>That is also my concern, I have some 500 domains with exactly
>>the same problem one domain's e-mail system can be used by
>>some 100 different users, in totally different places round
>>the world, and like you say most ISP's are blocking relay
>>SMTP traffic.
>>So how to handle this one ?
>>
>>
>>
>
>Use port 26 or 587 instead.
>
>-------
>Archives at http://archives.listbox.com/spf-help/current/
>Donate! http://spf.pobox.com/donations.html
>To unsubscribe, change your address, or temporarily deactivate your subscription,
>please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
>
>
>
>

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

> I still don't follow if I use port 26 true that most ISP's
> will let it through, but what do we achieve here then ? We
> will use the ISP's SMTP server and so would the SPAMER, so
> how would this stop spamers ?
> Or would we then have to define all the possible ISP's ?

Perhaps I misunderstood the question. I thought the problem was that your
users can't use your mailserver because their ISPs are blocking port 25. If
you tell them to connect on a different port, then they won't have to send
mail through their ISPs' mailserver.

If that isn't what the problem is, could you explain it a bit more?

Mark

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

I agree - and it is nearly impossible to ask 2000+ users 30% of which are IT
Challenged to change their port settings - most of them would think i was
talking about their drinking habits
Most of all why is this system going directly against established best
practices amongs ISP's

Regards
Peter
----- Original Message -----
From: "Otto Willum Nielsen" <nielsen@awtoc.net>
To: <spf-help@v2.listbox.com>
Sent: Tuesday, September 14, 2004 6:17 PM
Subject: Re: [spf-help] Domain registration


> I still don't follow if I use port 26 true that most ISP's will let it
> through, but what do we achieve here then ? We will use the ISP's SMTP
> server and so would the SPAMER, so how would this stop spamers ?
> Or would we then have to define all the possible ISP's ?
>
> Regards
> Otto W Nielsen
>
> Mark Smith wrote:
>
> >>That is also my concern, I have some 500 domains with exactly
> >>the same problem one domain's e-mail system can be used by
> >>some 100 different users, in totally different places round
> >>the world, and like you say most ISP's are blocking relay
> >>SMTP traffic.
> >>So how to handle this one ?
> >>
> >>
> >>
> >
> >Use port 26 or 587 instead.
> >
> >-------
> >Archives at http://archives.listbox.com/spf-help/current/
> >Donate! http://spf.pobox.com/donations.html
> >To unsubscribe, change your address, or temporarily deactivate your
subscription,
> >please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> >
> >
> >
> >
> >
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your
subscription,
> please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
>


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Otto Willum Nielsen wrote:
> That is also my concern, I have some 500 domains with exactly the same
> problem one domain's e-mail system can be used by some 100 different
> users, in totally different places round the world, and like you say
> most ISP's are blocking relay SMTP traffic.
> So how to handle this one ?

We've turned to SMTP Auth, with support on port 587 to handle folks who
may be on ISPs blocking port 25. This assures that any mail sent by our
customers, where ever they may be, is outbound from our server.

--
A. Clausen
techlists@alberni.net

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Peter Winning wrote:

> I agree - and it is nearly impossible to ask 2000+ users 30% of which are IT
> Challenged to change their port settings - most of them would think i was
> talking about their drinking habits

I'm afraid at some point you're likely going to have to bite the bullet,
particulary as SPF starts being a requirement with large ISPs.

> Most of all why is this system going directly against established best
> practices amongs ISP's

SMTP Auth has been around for a long time. We've been using it for
several years. A combination of SMTP Auth and listening on both ports
25 and 587, and changing your roaming clients to using your mail server
on port 587 will assure that your customer's messages aren't on the
wrong side of the divide.

The old rules on this are out the door. It's going to be a big pain for
everybody. I had to learn how to write SPF records, use a port
redirector because the mail server I administrate doesn't permit
simultaneous listening on two ports, and I've had to lead some customers
by the hand to alter their mail configurations (I won't even get into my
trials with setting up a Postfix relay server to serve as a proxy
betwenen my mail server and the rest of the world to prevent joe jobs
and the like from knocking it out).

--
A. Clausen
techlists@alberni.net

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Dear Otto,

Tuesday, September 14, 2004, 7:17:07 PM, you wrote:

> I still don't follow if I use port 26 true that most ISP's will let it
> through, but what do we achieve here then ? We will use the ISP's SMTP
> server and so would the SPAMER, so how would this stop spamers ?
> Or would we then have to define all the possible ISP's ?

No, you just configure your clients to send their mail to your own
SMTP server on either port 26 or better port 587, which shold not be
blocked by the foreign ISP they're using to connect...

Best regards,
Johannes

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

HI,

What do we do when port 587 becomes blocked for the same reason(s) as port
25 is being blocked?

Do we just keep switching to unused ports, one after another?

I don't see how end users are going to put up with this mess. They just
want to send their email and they don't what to have to mess around
switching ports because Microsoft or another big guy descides they aren't
going to use port 587 any longer.

There has to be a better way!

-Phil. :)


On Tue, 14 Sep 2004, A. Clausen wrote:

> Peter Winning wrote:
>
> > I agree - and it is nearly impossible to ask 2000+ users 30% of which are IT
> > Challenged to change their port settings - most of them would think i was
> > talking about their drinking habits
>
> I'm afraid at some point you're likely going to have to bite the bullet,
> particulary as SPF starts being a requirement with large ISPs.
>
> > Most of all why is this system going directly against established best
> > practices amongs ISP's
>
> SMTP Auth has been around for a long time. We've been using it for
> several years. A combination of SMTP Auth and listening on both ports
> 25 and 587, and changing your roaming clients to using your mail server
> on port 587 will assure that your customer's messages aren't on the
> wrong side of the divide.
>
> The old rules on this are out the door. It's going to be a big pain for
> everybody. I had to learn how to write SPF records, use a port
> redirector because the mail server I administrate doesn't permit
> simultaneous listening on two ports, and I've had to lead some customers
> by the hand to alter their mail configurations (I won't even get into my
> trials with setting up a Postfix relay server to serve as a proxy
> betwenen my mail server and the rest of the world to prevent joe jobs
> and the like from knocking it out).
>
>

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Hi,

If 587 was used only for SMTP-AUTH like it is supposed to be, it would be
easy to automatically test servers to see if they are compliant and then
automatically add them to the "Port 587 non-compliant RBL" as needed.

Mike



-----Original Message-----
From: owner-spf-help@v2.listbox.com [mailto:owner-spf-help@v2.listbox.com]
On Behalf Of Philip Moose
Sent: Tuesday, September 14, 2004 13:58
To: spf-help@v2.listbox.com
Subject: Re: [spf-help] Domain registration

HI,

What do we do when port 587 becomes blocked for the same reason(s) as port
25 is being blocked?

Do we just keep switching to unused ports, one after another?

I don't see how end users are going to put up with this mess. They just
want to send their email and they don't what to have to mess around
switching ports because Microsoft or another big guy descides they aren't
going to use port 587 any longer.

[..]


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

HI Mike,

Do you have some information that you wish to share on how one could
automatically add non-compliant servers to an RBL? I currently use SMTP
Auth; I am interested.

-Phil.

On Tue, 14 Sep 2004, Mike Roberts wrote:

> Hi,
>
> If 587 was used only for SMTP-AUTH like it is supposed to be, it would be
> easy to automatically test servers to see if they are compliant and then
> automatically add them to the "Port 587 non-compliant RBL" as needed.
>
> Mike
>
>
>
> -----Original Message-----
> From: owner-spf-help@v2.listbox.com [mailto:owner-spf-help@v2.listbox.com]
> On Behalf Of Philip Moose
> Sent: Tuesday, September 14, 2004 13:58
> To: spf-help@v2.listbox.com
> Subject: Re: [spf-help] Domain registration
>
> HI,
>
> What do we do when port 587 becomes blocked for the same reason(s) as port
> 25 is being blocked?
>
> Do we just keep switching to unused ports, one after another?
>
> I don't see how end users are going to put up with this mess. They just
> want to send their email and they don't what to have to mess around
> switching ports because Microsoft or another big guy descides they aren't
> going to use port 587 any longer.
>
> [..]
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

----- Original Message -----
From: "Philip Moose" <moose@cyberlynk.com>
To: <spf-help@v2.listbox.com>
Sent: Tuesday, September 14, 2004 12:57
Subject: Re: [spf-help] Domain registration


> HI,
>
> What do we do when port 587 becomes blocked for the same reason(s) as port
> 25 is being blocked?
>
> Do we just keep switching to unused ports, one after another?
>
> I don't see how end users are going to put up with this mess. They just
> want to send their email and they don't what to have to mess around
> switching ports because Microsoft or another big guy descides they aren't
> going to use port 587 any longer.
>
> There has to be a better way!

Port 587 is supposed to be for non-MTA traffic, as is supposed to be used
with SMTP Auth at the answering end. If that is done properly, then why
should anyone complain. We've gone entirely over to SMTP Auth (though we
let local customers using our network get away with sending through us
without authentication). It is very unfortunate that everyone, including
mail server designers got lazy and didn't use this to begin with.

--
A. Clausen
techlists@alberni.net

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

----- Original Message -----
From: "Philip Moose" <moose@cyberlynk.com>
To: <spf-help@v2.listbox.com>
Sent: Tuesday, September 14, 2004 15:04
Subject: RE: [spf-help] Domain registration


> HI Mike,
>
> Do you have some information that you wish to share on how one could
> automatically add non-compliant servers to an RBL? I currently use SMTP
> Auth; I am interested.

I suppose you could simply track those hosts that attempted to send through
587 without auth data. Quite frankly, I don't really see the need for RBLs
at all. Any host trying to open a straight SMTP session without
authentication is going to be given the boot right quick. There's no need
for any further intervention than that. SMTP Auth is an excellent solution
to all these nasty zombified machines, and when used in conjuction with port
587, which is set aside precisely for roaming or external clients to send
mail through your server, any other traffic is just going to get an ugly
error for their trouble.

--
A. Clausen
techlists@alberni.net

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Tue, 14 Sep 2004, Philip Moose wrote:

PM> HI,
PM>
PM> What do we do when port 587 becomes blocked for the same reason(s) as port
PM> 25 is being blocked?
PM>

PM> There has to be a better way!
PM>

A mailserver on port 80?

--
Alan


( Please do not email me AS WELL as replying to the list. Please
address personal email to alan+1@ as lists@ is not read. A
password autoresponder may be invoked if this email is very old. )

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

----- Original Message -----
From: "Peter Winning" <peter@iib.ws>
To: <spf-help@v2.listbox.com>
Sent: Tuesday, September 14, 2004 1:55 PM
Subject: Re: [spf-help] Domain registration


> I agree - and it is nearly impossible to ask 2000+ users 30% of which are
IT
> Challenged to change their port settings - most of them would think i was
> talking about their drinking habits
> Most of all why is this system going directly against established best
> practices amongs ISP's
>
> Regards
> Peter

Umm, using port 587 means using "SMTP-AUTH", which is a fairly standard
setting in most modern email clients. It's a common and vastly preferred way
to allow clients to relay their mail through your server in a wide-open
environment.

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

They are using SMTP authentication but some of the ISP's still dont let it
through - they are blocking all external SMTP traffic

and as an example when sending through a yahoo mail server via a NTL email
account the message went straight through to the recipients mailserver who
is "protected" by SPF yet on my domains account using the same route it got
blocked - try it and see - there is no need to mess around your users as the
system to handle this is obviously in place

So what i am asking is how did they do that because that is how i would need
this to function

Regards
Peter

----- Original Message -----
From: "Nico Kadel-Garcia" <nkadel@merl.com>
To: <spf-help@v2.listbox.com>
Sent: Wednesday, September 15, 2004 1:29 AM
Subject: Re: [spf-help] Domain registration


>
> ----- Original Message -----
> From: "Peter Winning" <peter@iib.ws>
> To: <spf-help@v2.listbox.com>
> Sent: Tuesday, September 14, 2004 1:55 PM
> Subject: Re: [spf-help] Domain registration
>
>
> > I agree - and it is nearly impossible to ask 2000+ users 30% of which
are
> IT
> > Challenged to change their port settings - most of them would think i
was
> > talking about their drinking habits
> > Most of all why is this system going directly against established best
> > practices amongs ISP's
> >
> > Regards
> > Peter
>
> Umm, using port 587 means using "SMTP-AUTH", which is a fairly standard
> setting in most modern email clients. It's a common and vastly preferred
way
> to allow clients to relay their mail through your server in a wide-open
> environment.
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your
subscription,
> please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
>


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Hi the Chinese are blocking port 587 so now what to do ?

Regards

Otto

Peter Winning wrote:

>They are using SMTP authentication but some of the ISP's still dont let it
>through - they are blocking all external SMTP traffic
>
>and as an example when sending through a yahoo mail server via a NTL email
>account the message went straight through to the recipients mailserver who
>is "protected" by SPF yet on my domains account using the same route it got
>blocked - try it and see - there is no need to mess around your users as the
>system to handle this is obviously in place
>
>So what i am asking is how did they do that because that is how i would need
>this to function
>
>Regards
>Peter
>
>----- Original Message -----
>From: "Nico Kadel-Garcia" <nkadel@merl.com>
>To: <spf-help@v2.listbox.com>
>Sent: Wednesday, September 15, 2004 1:29 AM
>Subject: Re: [spf-help] Domain registration
>
>
>
>
>>----- Original Message -----
>>From: "Peter Winning" <peter@iib.ws>
>>To: <spf-help@v2.listbox.com>
>>Sent: Tuesday, September 14, 2004 1:55 PM
>>Subject: Re: [spf-help] Domain registration
>>
>>
>>
>>
>>>I agree - and it is nearly impossible to ask 2000+ users 30% of which
>>>
>>>
>are
>
>
>>IT
>>
>>
>>>Challenged to change their port settings - most of them would think i
>>>
>>>
>was
>
>
>>>talking about their drinking habits
>>>Most of all why is this system going directly against established best
>>>practices amongs ISP's
>>>
>>>Regards
>>>Peter
>>>
>>>
>>Umm, using port 587 means using "SMTP-AUTH", which is a fairly standard
>>setting in most modern email clients. It's a common and vastly preferred
>>
>>
>way
>
>
>>to allow clients to relay their mail through your server in a wide-open
>>environment.
>>
>>-------
>>Archives at http://archives.listbox.com/spf-help/current/
>>Donate! http://spf.pobox.com/donations.html
>>To unsubscribe, change your address, or temporarily deactivate your
>>
>>
>subscription,
>
>
>>please go to
>>
>>
>http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
>
>>
>>
>
>
>-------
>Archives at http://archives.listbox.com/spf-help/current/
>Donate! http://spf.pobox.com/donations.html
>To unsubscribe, change your address, or temporarily deactivate your subscription,
>please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
>
>
>
>

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

This is all getting very silly - why can't we get a straight answer to "why
does this not interfere with traffic from a major ISP going through another
ISP's SMTP server and yet it blocks our domain when going through the same
route" and how can this be set up but don't tell us that they have all
registered with SPF because I do not beleive that for a second

----- Original Message -----
From: "Otto Willum Nielsen" <nielsen@awtoc.net>
To: <spf-help@v2.listbox.com>
Sent: Wednesday, September 15, 2004 9:36 AM
Subject: Re: [spf-help] Domain registration


> Hi the Chinese are blocking port 587 so now what to do ?
>
> Regards
>
> Otto
>
> Peter Winning wrote:
>
> >They are using SMTP authentication but some of the ISP's still dont let
it
> >through - they are blocking all external SMTP traffic
> >
> >and as an example when sending through a yahoo mail server via a NTL
email
> >account the message went straight through to the recipients mailserver
who
> >is "protected" by SPF yet on my domains account using the same route it
got
> >blocked - try it and see - there is no need to mess around your users as
the
> >system to handle this is obviously in place
> >
> >So what i am asking is how did they do that because that is how i would
need
> >this to function
> >
> >Regards
> >Peter
> >
> >----- Original Message -----
> >From: "Nico Kadel-Garcia" <nkadel@merl.com>
> >To: <spf-help@v2.listbox.com>
> >Sent: Wednesday, September 15, 2004 1:29 AM
> >Subject: Re: [spf-help] Domain registration
> >
> >
> >
> >
> >>----- Original Message -----
> >>From: "Peter Winning" <peter@iib.ws>
> >>To: <spf-help@v2.listbox.com>
> >>Sent: Tuesday, September 14, 2004 1:55 PM
> >>Subject: Re: [spf-help] Domain registration
> >>
> >>
> >>
> >>
> >>>I agree - and it is nearly impossible to ask 2000+ users 30% of which
> >>>
> >>>
> >are
> >
> >
> >>IT
> >>
> >>
> >>>Challenged to change their port settings - most of them would think i
> >>>
> >>>
> >was
> >
> >
> >>>talking about their drinking habits
> >>>Most of all why is this system going directly against established best
> >>>practices amongs ISP's
> >>>
> >>>Regards
> >>>Peter
> >>>
> >>>
> >>Umm, using port 587 means using "SMTP-AUTH", which is a fairly standard
> >>setting in most modern email clients. It's a common and vastly preferred
> >>
> >>
> >way
> >
> >
> >>to allow clients to relay their mail through your server in a wide-open
> >>environment.
> >>
> >>-------
> >>Archives at http://archives.listbox.com/spf-help/current/
> >>Donate! http://spf.pobox.com/donations.html
> >>To unsubscribe, change your address, or temporarily deactivate your
> >>
> >>
> >subscription,
> >
> >
> >>please go to
> >>
> >>
> >http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> >
> >
> >>
> >>
> >
> >
> >-------
> >Archives at http://archives.listbox.com/spf-help/current/
> >Donate! http://spf.pobox.com/donations.html
> >To unsubscribe, change your address, or temporarily deactivate your
subscription,
> >please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> >
> >
> >
> >
> >
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your
subscription,
> please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

It doesn't work from here... says it may have expired.

Cf


----- Original Message -----
From: "Mike" <info@netforum.com.br>
To: <spf-help@v2.listbox.com>
Sent: Wednesday, September 15, 2004 6:05 AM
Subject: Re: [spf-help] Domain registration


> Take a look !!
>
>
>
>
http://story.news.yahoo.com/news?tmpl=story&ncid=738&e=1&u=/nm/20040914/tc_nm/tech_microsoft_security_dcc
>
>
>
> ==================================
>
> Está procurando / Ofertando emprego ?
> Envie email para listas@netforum.com.br
> No assunto ponha: SUBSCRIBE VAGAS
> Siga as instruções, e após isto para enviar mensagem
> para a lista envie para: vagas@netforum.com.br
>
> Este email passou por www.netforum.com.br e submetido
> a rigoroso teste de anti-virus e é 100% livre de SPAM.
>
> Se você está procurando relacionamentos, não deixe de
> visitar: http://www.netforum.com.br
> Quem sabe você encontra um bom relacionamento.
>
> Quer ter seu FotoBlog Pessoal ? Crie seu Álbum Público
> ou Privativo. Deixe os outros verem e comentarem.
> Igual a este você nunca viu !!
> http://www.netforum.com.br http://www.marulo.net
>
> Se você gosta de listas de email envie mensagem para:
> listas@netforum.com.br e no subject ponha: LIST
> Você verá as listas disponíveis. Depois é só seguir
> instruções.SE quiser, faça o mesmo digitando: HELP, assim você fica
sabendo
> como se inscrever em uma lista.
>
> Gosta de imagens? Visite a galeria de imagens
> em 3D. Você pode enviar postais, comentar, votar e fazer
> downloads.
>
> http://www.netforum.com.br
>
>
> =================================
> Este Sistema executa REVERSE DNS LOOKUP em HELO/EHLO DOMAIN.
> Esteja certo de enviar email via Dominio Real.
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your
subscription,
> please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

What is says is:

But the IETF, citing potential issues of compatibility between Microsoft's
patent-protected technology and freely licensed protocols, rejected
Microsoft's proposals.

(for its sender ID/SPF combo proposal.)



CF







----- Original Message -----
From: "Mike" <info@netforum.com.br>
To: <spf-help@v2.listbox.com>
Sent: Wednesday, September 15, 2004 6:05 AM
Subject: Re: [spf-help] Domain registration


> Take a look !!
>
>
>
>
http://story.news.yahoo.com/news?tmpl=story&ncid=738&e=1&u=/nm/20040914/tc_nm/tech_microsoft_security_dcc
>
>
>
> ==================================
>
> Está procurando / Ofertando emprego ?
> Envie email para listas@netforum.com.br
> No assunto ponha: SUBSCRIBE VAGAS
> Siga as instruções, e após isto para enviar mensagem
> para a lista envie para: vagas@netforum.com.br
>
> Este email passou por www.netforum.com.br e submetido
> a rigoroso teste de anti-virus e é 100% livre de SPAM.
>
> Se você está procurando relacionamentos, não deixe de
> visitar: http://www.netforum.com.br
> Quem sabe você encontra um bom relacionamento.
>
> Quer ter seu FotoBlog Pessoal ? Crie seu Álbum Público
> ou Privativo. Deixe os outros verem e comentarem.
> Igual a este você nunca viu !!
> http://www.netforum.com.br http://www.marulo.net
>
> Se você gosta de listas de email envie mensagem para:
> listas@netforum.com.br e no subject ponha: LIST
> Você verá as listas disponíveis. Depois é só seguir
> instruções.SE quiser, faça o mesmo digitando: HELP, assim você fica
sabendo
> como se inscrever em uma lista.
>
> Gosta de imagens? Visite a galeria de imagens
> em 3D. Você pode enviar postais, comentar, votar e fazer
> downloads.
>
> http://www.netforum.com.br
>
>
> =================================
> Este Sistema executa REVERSE DNS LOOKUP em HELO/EHLO DOMAIN.
> Esteja certo de enviar email via Dominio Real.
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your
subscription,
> please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Take a look !!



http://story.news.yahoo.com/news?tmpl=story&ncid=738&e=1&u=/nm/20040914/tc_nm/tech_microsoft_security_dcc



==================================

Está procurando / Ofertando emprego ?
Envie email para listas@netforum.com.br
No assunto ponha: SUBSCRIBE VAGAS
Siga as instruções, e após isto para enviar mensagem
para a lista envie para: vagas@netforum.com.br

Este email passou por www.netforum.com.br e submetido
a rigoroso teste de anti-virus e é 100% livre de SPAM.

Se você está procurando relacionamentos, não deixe de
visitar: http://www.netforum.com.br
Quem sabe você encontra um bom relacionamento.

Quer ter seu FotoBlog Pessoal ? Crie seu Álbum Público
ou Privativo. Deixe os outros verem e comentarem.
Igual a este você nunca viu !!
http://www.netforum.com.br http://www.marulo.net

Se você gosta de listas de email envie mensagem para:
listas@netforum.com.br e no subject ponha: LIST
Você verá as listas disponíveis. Depois é só seguir
instruções.SE quiser, faça o mesmo digitando: HELP, assim você fica sabendo
como se inscrever em uma lista.

Gosta de imagens? Visite a galeria de imagens
em 3D. Você pode enviar postais, comentar, votar e fazer
downloads.

http://www.netforum.com.br


=================================
Este Sistema executa REVERSE DNS LOOKUP em HELO/EHLO DOMAIN.
Esteja certo de enviar email via Dominio Real.


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Which is obviously not true (obvious to those reading the ietf list
dealing with this). PRA is still in the running. If only those news
people would check their facts, and if only those reading news stories
would remember themselves that news stories generally contain very
little truth in them.

On Wed, Sep 15, 2004 at 06:04:04AM -0500, Cary Fitch wrote:
> What is says is:
>
> But the IETF, citing potential issues of compatibility between Microsoft's
> patent-protected technology and freely licensed protocols, rejected
> Microsoft's proposals.
>
> (for its sender ID/SPF combo proposal.)
>
>
>
> CF
>
>
>
>
>
>
>
> ----- Original Message -----
> From: "Mike" <info@netforum.com.br>
> To: <spf-help@v2.listbox.com>
> Sent: Wednesday, September 15, 2004 6:05 AM
> Subject: Re: [spf-help] Domain registration
>
>
> > Take a look !!
> >
> >
> >
> >
> http://story.news.yahoo.com/news?tmpl=story&ncid=738&e=1&u=/nm/20040914/tc_nm/tech_microsoft_security_dcc
> >
> >
> >
> > ==================================
> >
> > Está procurando / Ofertando emprego ?
> > Envie email para listas@netforum.com.br
> > No assunto ponha: SUBSCRIBE VAGAS
> > Siga as instruções, e após isto para enviar mensagem
> > para a lista envie para: vagas@netforum.com.br
> >
> > Este email passou por www.netforum.com.br e submetido
> > a rigoroso teste de anti-virus e é 100% livre de SPAM.
> >
> > Se você está procurando relacionamentos, não deixe de
> > visitar: http://www.netforum.com.br
> > Quem sabe você encontra um bom relacionamento.
> >
> > Quer ter seu FotoBlog Pessoal ? Crie seu Álbum Público
> > ou Privativo. Deixe os outros verem e comentarem.
> > Igual a este você nunca viu !!
> > http://www.netforum.com.br http://www.marulo.net
> >
> > Se você gosta de listas de email envie mensagem para:
> > listas@netforum.com.br e no subject ponha: LIST
> > Você verá as listas disponíveis. Depois é só seguir
> > instruções.SE quiser, faça o mesmo digitando: HELP, assim você fica
> sabendo
> > como se inscrever em uma lista.
> >
> > Gosta de imagens? Visite a galeria de imagens
> > em 3D. Você pode enviar postais, comentar, votar e fazer
> > downloads.
> >
> > http://www.netforum.com.br
> >
> >
> > =================================
> > Este Sistema executa REVERSE DNS LOOKUP em HELO/EHLO DOMAIN.
> > Esteja certo de enviar email via Dominio Real.
> >
> >
> > -------
> > Archives at http://archives.listbox.com/spf-help/current/
> > Donate! http://spf.pobox.com/donations.html
> > To unsubscribe, change your address, or temporarily deactivate your
> subscription,
> > please go to
> http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> >
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Listen,

As I understand it, your original question was:

"How do I go about registering where the following conditions are true
email users connect in via their own isp and as a large number of ISP's
worldwide are currently blocking SMTP traffic to any but their own mail
servers
they have to send mail on this domain through other ISP's mailservers
which
means that mail from this domain can come through any ISP's mailserver
even
though the primary mail server does exist and most of our users go
through that
one "


If you want people to be able to send mail from your domain through
whatever smtp server just don't publish spf or publish +all. The
consequence: people you don't know will use your domain to send out spam
or whatever too. That's the consequence.

If you want to control who sends out mail pretending to be from your
domain, you will have to limit the number of ways in which mail from
that domain can be sent and publish spf on the domain stating the
limited number of options.

One way to do this is to include all the isp's the users of the domain
use, and have them send through the isp's servers. This has a couple of
drawbacks: any of the other customers of those isp's can also send from
the domain and it is impossible to keep track of all isps's used for
500+ domains.

Another solution is to get a centralized mail injection point, eg. an
SMTP-AUTH server, so that you only have to list that one server. Problem
with that apparently is that some ISP's block every port including port
80 (what good is such an isp anyway?), so that your clients can not
submit mail. Other options are: set up webmail, use a remailing service,
etc..

Why do ISP's block port 25? They don't want to be held responsible for
spam/virusses from their customers zombied machines. Ok, so why do
domain owners publish spf records? Because they don't want to be held
responsible for spam/virusses from their domains. Does the ISP care
about the domain owners? No. They just want to protect their reputation,
and therefore block port 25, and that's that.

So the choice is basically: keep allowing the flexibility of everyone
sending mail pretending to be from your domains or protect your domains
with spf and sacrifice the anyone-can-send-from-anywhere freedom that
made spam so great.


Now for your last reply, about it all getting silly. You there pose a
question that has nothing to do with the original question. First of
all, what is 'this all'. Could you clarify your question. If you want
straight answers, ask straight questions.

Koen

On Wed, Sep 15, 2004 at 11:57:46AM +0100, Peter Winning wrote:
> This is all getting very silly - why can't we get a straight answer to "why
> does this not interfere with traffic from a major ISP going through another
> ISP's SMTP server and yet it blocks our domain when going through the same
> route" and how can this be set up but don't tell us that they have all
> registered with SPF because I do not beleive that for a second
>
> ----- Original Message -----
> From: "Otto Willum Nielsen" <nielsen@awtoc.net>
> To: <spf-help@v2.listbox.com>
> Sent: Wednesday, September 15, 2004 9:36 AM
> Subject: Re: [spf-help] Domain registration
>
>
> > Hi the Chinese are blocking port 587 so now what to do ?
> >
> > Regards
> >
> > Otto
> >
> > Peter Winning wrote:
> >
> > >They are using SMTP authentication but some of the ISP's still dont let
> it
> > >through - they are blocking all external SMTP traffic
> > >
> > >and as an example when sending through a yahoo mail server via a NTL
> email
> > >account the message went straight through to the recipients mailserver
> who
> > >is "protected" by SPF yet on my domains account using the same route it
> got
> > >blocked - try it and see - there is no need to mess around your users as
> the
> > >system to handle this is obviously in place
> > >
> > >So what i am asking is how did they do that because that is how i would
> need
> > >this to function
> > >
> > >Regards
> > >Peter
> > >
> > >----- Original Message -----
> > >From: "Nico Kadel-Garcia" <nkadel@merl.com>
> > >To: <spf-help@v2.listbox.com>
> > >Sent: Wednesday, September 15, 2004 1:29 AM
> > >Subject: Re: [spf-help] Domain registration
> > >
> > >
> > >
> > >
> > >>----- Original Message -----
> > >>From: "Peter Winning" <peter@iib.ws>
> > >>To: <spf-help@v2.listbox.com>
> > >>Sent: Tuesday, September 14, 2004 1:55 PM
> > >>Subject: Re: [spf-help] Domain registration
> > >>
> > >>
> > >>
> > >>
> > >>>I agree - and it is nearly impossible to ask 2000+ users 30% of which
> > >>>
> > >>>
> > >are
> > >
> > >
> > >>IT
> > >>
> > >>
> > >>>Challenged to change their port settings - most of them would think i
> > >>>
> > >>>
> > >was
> > >
> > >
> > >>>talking about their drinking habits
> > >>>Most of all why is this system going directly against established best
> > >>>practices amongs ISP's
> > >>>
> > >>>Regards
> > >>>Peter
> > >>>
> > >>>
> > >>Umm, using port 587 means using "SMTP-AUTH", which is a fairly standard
> > >>setting in most modern email clients. It's a common and vastly preferred
> > >>
> > >>
> > >way
> > >
> > >
> > >>to allow clients to relay their mail through your server in a wide-open
> > >>environment.
> > >>
> > >>-------
> > >>Archives at http://archives.listbox.com/spf-help/current/
> > >>Donate! http://spf.pobox.com/donations.html
> > >>To unsubscribe, change your address, or temporarily deactivate your
> > >>
> > >>
> > >subscription,
> > >
> > >
> > >>please go to
> > >>
> > >>
> > >http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> > >
> > >
> > >>
> > >>
> > >
> > >
> > >-------
> > >Archives at http://archives.listbox.com/spf-help/current/
> > >Donate! http://spf.pobox.com/donations.html
> > >To unsubscribe, change your address, or temporarily deactivate your
> subscription,
> > >please go to
> http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> > >
> > >
> > >
> > >
> > >
> >
> > -------
> > Archives at http://archives.listbox.com/spf-help/current/
> > Donate! http://spf.pobox.com/donations.html
> > To unsubscribe, change your address, or temporarily deactivate your
> subscription,
> > please go to
> http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> >
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

----- Original Message -----
From: "Peter Winning" <peter@iib.ws>
To: <spf-help@v2.listbox.com>
Sent: Wednesday, September 15, 2004 3:59 AM
Subject: Re: [spf-help] Domain registration


> They are using SMTP authentication but some of the ISP's still dont let it
> through - they are blocking all external SMTP traffic
>
> and as an example when sending through a yahoo mail server via a NTL email
> account the message went straight through to the recipients mailserver who
> is "protected" by SPF yet on my domains account using the same route it
got
> blocked - try it and see - there is no need to mess around your users as
the
> system to handle this is obviously in place
>
> So what i am asking is how did they do that because that is how i would
need
> this to function
>
> Regards
> Peter

Hmm. Who's blocking SMTP-AUTH? The ISP's that I know of blocking SMTP are
very carefully avoiding interfering with the SMTP-AUTH outbound. Mind you,
they may be blocking it *inbound* to keep their clients from running SMTP
servers against their contractual agreements.

I tend to provide a webmail service over HTTPS for people to use from
offsite, so the mail comes from the webserver or its SMTP server which is
within my domains and doesn't cause confusion for people like me who read
their email headers to verify emails involving money.

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com