[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Pop-before-smtp

Subject: RE: [cobalt-users] Pop-before-smtp
From: Dom Latter <DLatter@xxxxxxxxxxxxxxx>
Date: Fri May 4 00:58:18 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> I'm having an email problem and searched the archives.  I've 
> repeatedly seen POP before SMTP mentioned.  Anyone have a low 
> down on this?

As mail relaying is denied (see article below for what that is)
POP before SMTP is a way of allowing people to send and receive
email through a Cobalt box fropm any other IP address - typically,
a dial-up account from some other ISP.

With POP before SMTP installed, users are able to firstly collect
their email (that's the POP bit): when they do that, they have to
provide a valid username / password combination.  The IP address
they are collecting their mail from is then marked as "valid" for
a short length of time and they are allowed to relay email (that's
the SMTP bit) through the server.


"Relaying Denied" = What's Going On?
====================================

Many Cobalt users report problems with mail being refused by the 
appliance, on the grounds that "relaying is denied".

At the heart of a mailserver is a Mail Transport Agent, or MTA.
In the case of Cobalt products, it is a program called Sendmail.
It passes email from one machine (for example your desktop PC)
to another (for example the mailserver of the person you are
writing to).

Many moons ago, when the word "Spam" still referred to a canned meat 
product, mailservers were generally configured to allow mail to be 
passed from any machine to any other machine.

Unfortunately this can be, and is, abused by spammers.  They find 
an "open" machine and then use it to send their spam.  One reason 
is that someone else's machine can do the hard work - they only 
need to send the one email, plus the list of addresses to send it
to, while the victim's machine actually sends, or tries to send,
the email to all of the addresses.

Another side-effect is that it makes it harder to work out where 
the spam is coming from; and the naive user will think that it is
actuall coming from the victim's machine.

Hence, Cobalt products by default do not allow relaying.

(Sometimes you do wish to allow relaying from specific and trusted
domains and / or machines, so there is an "allow relaying from"
box on the Cobalt GUI.)

They do this by checking that one of the machines it is talking to
is "local".

If you get a "relaying denied" error, it is (generally) because your 
desktop machine is not registering as being "local", due to a failure
of reverse DNS.

The fix therefore is to enter the *IP address* of your local machine
or network into the "allow relaying from" box.  Or fix your DNS.

Many users report that by entering the domain name of the intended 
recipient into the "allow relaying from" box, they can send email.
This is because sendmail doesn't really know or care whether email
is incoming or outgoing: so if one of the machines matches the list
of domains or IP addresses in the "allow relaying from" box, the mail
will go through.

In fact, it's a misleadingly named feature.

Prev by Date: Re: [cobalt-users] Chinese Hackers - was: Raq 3 Problem "Powered by H.U.C(c0011i0n).-----1i0n Crew
Next by Date: [cobalt-users] Re: Webalizer Cron
Previous by thread: RE: [cobalt-users] Pop-before-smtp
Next by thread: [cobalt-users] pop-before-smtp

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index