A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.comp.home-networking (UK home networking)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.comp.home-networking (UK home networking) (uk.comp.home-networking) Discussion of all aspects of computer networking in the home, regardless of the platforms, software, topologies and protocols used. Examples of topics include recommendations for hardware or suppliers (e.g. NICs and cabling), protocols, servers, and specific network software. Advertising is not allowed.

Email security question



 
 
Thread Tools Display Modes
  #1  
Old November 10th 06, 04:20 PM posted to demon.local,demon.tech.pc,demon.service,uk.comp.home-networking,uk.comp.homebuilt
Phil Kyle
external usenet poster
 
Posts: 87
Default Email security question

Tony Wright verbally sodomised in
:

In message , Graham
writes

Ordinarily, a user has an email address and an internet connection that
match: for example,

The user sends outgoing email to the Demon smtp server -
smtp.demon.co.uk - which relays for him.


Not that it matters, in this context, but it would be post.demon.co.uk


So why mention it then?

Some recipients will check that the domain
does exist and the IP address is one of a the range
registered to Demon - if this check fails the email might be rejected.


No. They may check that post.demon.co.uk is who is connecting and their
DNS/rDNS is valid. They may also check that post.demon.co.uk is not in
Spamhaus/Spamcop/etc. blocklists

Some users buy their own domains and email hosting from a third party:
for example
. These users will normally send email
using the smtp server provided by their hosting service - something like
smtp.mydomain.co.uk.


No. Normally it will be smtp.hosting_service.com or
relay.hosting_service.com and it will probably require SMTP
Authorisation, or similar, before it works. Since the hosting service
provider doesn't have a way to verify your credentials by your
connection, they will generally require some other form of
authentication.

In the past such users may have handled email for
other people, so may wish to send emails of the form

through the smtp.mydomain.co.uk server. Most hosting services now
prevent this, since it can allow spammers to take over their smtp server
as an anonymous relay. If the user can demonstrate the legal right to
use
then the hosting service might allow the user
to send through their relay.


Yes SMTP-Auth or similar

A similar situation may be true of ISPs. A user may have
but wish to send through his ISP's email server
smtp.any-isp.com - and the ISP might allow it.


Yes. Because the ISP knows the user is connected to the Internet via
them and can cut them off if they do dumb things.

But what happens to that email when it reaches its destination? The
recipient's email server sees the email coming from
.

The recipient's email server sees a message coming from the ISP's
smarthost or from the hosting server's smarthost

The DNS lookup should succeed - but the smtp server that sent the email
will bear no relation to @HisDomain.Co.Uk - because it might be
smtp.mydomain.co.uk or smtp.any-isp.com - so is the email accepted or
rejected?


Any DNS/rDNS/Blacklists will be done on the smarthost, not the sender
email address or domain. Of course a recipient rule may block messages
from a particular sender but I don't think that's what you're asking.

Can anybody explain what actually happens, and suggest whether any
further tightening of security might occur?


What happens at the other end can be complicated but has little to do
with
. as far as DNS/rDNS is concerned.


So you don't know either.

--
Phil Kyle™

T
h i
i s
s l
f i l
S o n o
i u e n
g r s g
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
question about wifi security David Horne, _the_ chancellor of the royal duchy of city south and deansgate uk.telecom.broadband (UK broadband) 18 September 29th 06 10:33 PM
Migrated from BT to a better ISP - question over BT email and pay as you go? [email protected] uk.telecom.broadband (UK broadband) 4 December 8th 05 08:19 AM
Security question R D S uk.comp.home-networking (UK home networking) 10 May 4th 05 10:29 PM
Wireless Networking Security Question Patrick uk.comp.home-networking (UK home networking) 9 January 5th 04 05:19 PM
Plusnet email is dreadful, need email provider Tx2 uk.telecom.broadband (UK broadband) 30 October 9th 03 09:52 PM


All times are GMT +1. The time now is 05:01 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright ©2004-2019 BroadbanterBanter.
The comments are property of their posters.