 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
discuss-bounces at blu.org wrote: > On Thu, Jul 14, 2005 at 11:48:09PM -0400, David Hummel wrote: >>> I don't see any reason not to use the smart host, which solves >>> both problems. > > > I can see a whole *lot* of reasons to avoid using the smart-host > supplied by an ISP whose primary business is to sell you > connectivity. Comcast and its ilk do not earn a penny providing you > with a reliable, secure email service; in fact it costs them a lot of > money, manpower and aggravation to keep the "smart" host running at > all. If you send all your mail out through a poorly-maintained > server (aka single point of failure), you can expect occasional > reliability problems; periodic acceptable-use policy updates that > force you to change something; and security holes a mile wide that > could enable unauthorized users or government officials to snoop on > your email. > The model they use is for the "average" home user who sets up their Outlook Express to connect directly to the Comcast SMTP server to send (and receive) email. They base their decision on this model. Secure, safe email? Most likely not. Frequent downtime? Less likely - else all their users would whine. I use RCN, so I don't work with Comcast. In my situation, RCN blocks outbound port 25; I smarthost my outgoing mail. This means that my server is as secure as I can make it and simply uses the RCN server as a relay - any difficulty with security would be limited to the times I am connecting to send mail out. I am able to receive email directly on my server; my MX record points there. I'm running anti-spam software, virus software, and a whole bunch of custom-maintained blocking/filtering lists. I've not ever run across an AUP that affected me - yet. Snooping on email? What makes you think that you're not still vulnerable? They still own the hardware, up to the point it connects to your house. They could, if they want, capture all the packets that enter/leave your home. Sending encrypted email might help - with both situations. I've not had reliability problems that weren't system-wide. > I just plain won't do it. > Fair enough. Out of curiosity, does the Comcast terms of service permit a user to operate a server within their network? > So when SORBS picked up my network address for selective spam > enforcement, what I did was search around for a reliable SMTP relay > provider. I also reconfigured my system to use exim (most use > Postfix) instead of sendmail. The results are very pleasing. > > The one I chose is operated by dyndns.com, at a cost of $15/year for > the volume of mail that I send. I configured my outbound rules to > make direct SMTP connections to certain sites to which I send a lot > of mail and which don't try to screen out my IP address, and the rest > of my mail via the relay service. > > -rich > This is very good to know - thank you. -Don
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
