## June 29, 2003

### The Spam Legacy

This is a slightly convoluted tale of spam and the troubles it causes.

SMTP AUTH is the standard for Authenticated SMTP. Back in the “old days,” email delivery was a cooperative process, with each mail server relaying mail onward to its destination. Then came the spammers, who exploited the “open” nature of SMTP to have other people’s mail servers deliver their spam. So mail servers had to be reconfigured to relay only for specific hosts, or for clients which properly authenticated themselves. Hence the need for SMTP AUTH.

When I first got my iBook, I wanted to set it up to use SMTP AUTH, with golem as the outgoing mail server. At the time, Mail.app’s SMTP AUTH support was broken. But, since MacOSX is Unix, that was no problem. I just told Mail.app that the mail server was localhost and configured sendmail on my iBook as a nullclient, using SMTP AUTH to forward all mail to golem.

Eventually, Apple fixed Mail.app’s SMTP AUTH support. But I kept using the above-mentioned system because it was more convenient. I could “send” emails while offline, and have sendmail queue them up for delivery as soon as I got back online. Worked great, and never gave me a lick of trouble.

Imagine my shock on this trip when I discovered that all of the emails I had “sent” out over the course of two days were still queued on the iBook. None had gone out, despite having a working DSL connection! The reason, it turned out, was that Covad DSL filters all outgoing traffic on port 25 (SMTP). Sendmail on the iBook kept trying to contact golem, but the connection kept timing out.

Why is Covad doing such a seemingly dumb thing? Because spamming technology has evolved. Another favourite spammer technique is to use a program which directly contacts the recipient’s mail server, bypassing the spammer’s ISP’s mail server (which might, say, limit the number of outgoing messages per second!). Instead of going after the spammer for violating Covad’s AUP, they decided to simply block all outgoing SMTP traffic. Spammers can’t send their “direct-to-MX” spam, but “roving” users like myself can’t contact their home mail server either.

What to do? Turns out it’s time to ditch sendmail, and reconfigure Mail.app to contact golem, not on port 25 (SMTP), which is blocked, but on port 587 (MSP) which, mercifully, Covad has left unblocked.

I post this hint because, even if you are doing everything right (using authentication, not running an open mail relay, …) you will eventually get screwed — if only indirectly — by the spammers. And I doubt that more than one person in a thousand knows that, in addition to listening as an MTA on port 25, sendmail also listens as an MSA on port 587.

P.S.: This post was composed with the latest version of Kung-Log, which uses the recently-released Webcore rendering engine (i.e. the same one used in Safari) for previewing. Sweet!

Posted by distler at June 29, 2003 12:03 PM

TrackBack URL for this Entry:   https://golem.ph.utexas.edu/cgi-bin/MT-3.0/dxy-tb.fcgi/183

### Re: The Spam Legacy

You could also have configured sendmail to use port 587 on golem, and keep your local queue. Feel free to ping me if you’d like more info.

Posted by: Michael Ivey on July 31, 2003 3:00 PM | Permalink | Reply to this

### Re: The Spam Legacy

But can you use Kung-Log to send email notifications of new posts? It doesn’t work for me, I believe because it derives its email settings from the system internet prefs, which (unlike Mail.app) doesn’t allow specification of authenticated SMTP.