SMTP AUTH and ODMR Providers for Personal SMTP Service?

no_such_user asks: "After a few years of successfully running a personal mail server at home via my residential cable modem, some organizations (i.e. AOL) and spam filters are now denying SMTP connections originating from residential/dynamic networks. Additionally, my ISP will likely block incoming SMTP traffic at some point. While I applaud these attempts to fight spam, I enjoy the freedom I have running my own mail server, and don't want to switch to a mail hosting provider using POP/IMAP/Webmail. What I need is a provider which does both ODMR (on-demand mail routing) and SMTP AUTH. Unfortunately, the only provider I've found is outside my country (US) and is more expensive than I was hoping for. Without switching to 'business class' internet service, what are my alternatives so that I can continue to run my own mail server without spending a fortune? I don't mind being subject to reasonable daily transfer limits or speed limits to prove I'm not out to spam anyone. Perhaps these is something like a DynDNS service for mail? Or perhaps someone provides permanent IP addresses which I can add to my server via VPN?"

VPN to hosted server sounds like a good plan

[elliotj]

Or perhaps someone provides permanent IP addresses which I can add to my server via VPN?

Let's face it, with the way things are going thesedays, the chances are that ISPs are going to become even bigger losers about blocking services for their customers. My ISP (Rogers Cable in Toronto) has in recent months chosen to block P2P (more than just block it, if it discovers you using a gnutella client, all traffic to your IP is suspended until you stop using that application).

So it seems to me that the idea of using a colocated server that creates a VPN to you could be the best bet. Pretty much any hosting company that can provide you with a *nix box should be suitable as long as you have enough control over your hosting box to install something like IPSec and tell it to route traffic for you. This solution may be a bit costly (considering it will be over and above you ISP charges), but lots of hosting companies provide such solutions. And, you're protected from your ISP changing their policies somewhere down the line.

Re:VPN to hosted server sounds like a good plan

[mnmn]

You would REALLY want to keep away from Rogers in Toronto. Their pings are low for games, but apart from the abysmal tech support, (and the constant arp tables problem) they frequently overcharge the bill. I tried to cope with them for about 6 months, then switched as they put a download cap. Sympaticos a pain, with setting up pppoe on FreeBSD, later Solaris, but none of the arp table problems.. I am running the same IP now for 6 weeks.

Ive heard of many other cable/DSL ISPs with no cap, some with static IPs, even multiple IPs at the same cost, but theyre no-brand names I cant dare to deal with, unless someone I know recommends. Hope someone can come out with a simple plan for people who want to run a server from home.

ho hum

While I applaud these attempts to fight spam, I enjoy the freedom I have running my own mail server

You, and every other spammer. You want to run your own mail server unchecked, but then you complain about all the spam you get. Can't have it both ways.

Re:ho hum

[Erebus]

No, dickhole, he does not want run his own mail server "unchecked":

I don't mind being subject to reasonable daily transfer limits or speed limits to prove I'm not out to spam anyone.

Re:ho hum

He wants to send all the mail he wants from it, how is that not "unchecked" ? How is that not different from what a spammer who sets himself up on your ISP's DSL service?

Re:ho hum

[abulafia]

The same way I do, from my personal servers.

As much as I want. And none of it is spam, as in unsolicited commercial email.

Getting back to the question, you're going to have to get a box somewhere, get a friend who does, find a tiny, likemined ISP, or pay for business services. ISPs are using the the (very very good) excuse of spam to further restrict service tiers (for which there's less of a good reason).

Good luck.

Sigh... me too

[renehollan]

When I lived in Allen, TX (a suburb of Dallas), I used Internet America for DSL service. While pricy (at US$81.18 a month), $15 of this covered a dedicated dry pair 'cause I was too far from the C/O for a shared POTS/DSL line: Internet America was cool about trying to provide DSL outside the "usual" range as long as I was willing to pay if it worked. Fair enough.

But, back to the topic at hand: running one's own mail server (and, in my case, sinking one's own email). They let me do this, as a matter of course: it was a standard part of their AUP that I could run whatever server I wanted as long as it wasn't "abusive". In this context, this meant no open relay (well, duhhh!), and, of course, no high-traffic web sites. I had ssh, and smtp open.

I had no trouble with originating my own email -- of course, I had a static IP address out of the ISP's repertoire (no, they didn't charge extra for it -- these guys were cool: when I expressed concern that they'd go PPPoE, they mentioned, "our techs looked at it, saw it was disgusting, and rejected it". Naturally, I responded, "sign me up!").

Back in Canada, I find I can't get a static IP from any cable provider (surprise, surprise), and a static IP from the only decent DSL provider will run me around CA$100 a month. Of course, at that price, I can sink (and, within reason, serve), whatever I want.

I'm afraid you'll have to go with a business service.

Re:Sigh... me too

[crath]

I'm afraid you'll have to go with a business service.

Depending upon your ISP, business class may not even be available to you. I live in Ottawa, and my home is too far from the CO to be able to get DSL; so, a Cablemodem is my only option. The local cablemodem provider here (Rogers) will only sell their business class service to businesses located in commercial buildings. I've tried to get it, since I work fulltime out of my home, but they won't allow me to purchase it.

Re:Sigh... me too

[madstork2000]

What is the exchange rate? Isn't $100 Candanian less than $81 US. At any rate they should be close...So why not just get the static DSL from the DSL provider in Canada?

Re:Sigh... me too

[mnmn]

I had to cope with Rogers for a while before switching to Sympatico, which is a pain due to pppoe, but once setup, doesnt disconnect with arp table problems like Rogers..

Ive had the same IP with Sympatico now 6 weeks, using Solaris and a tokenring network at the other end. For the 6+ domains I used to host I got lucky. I had to setup a VPN server for an office, which has att canada business DSL.. 640k upload. So all that traffic went to that connection (I have 5 IPs there!! 4 are aliased just for playing). Really makes me want to start a hosting service from home, just to get a sweet T1, or a faster SDSL.

Re:Sigh... me too

[renehollan]

Isn't $100 Candanian less than $81 US

Sigh. I wish it were that simple. Back in Canada, I am paid in Canadian dollars, i.e. what those of us Canadians who have lived and worked in the good old U.S. of A. call "dollarettos". So, the exchange washes out.

Unfortunately, (a) salaries tend to be 30% lower, and (b) income taxes a lot higher, so that CA$100 is a much larger chunk of take home pay than the US$80 was.

Re:Sigh... me too

[RevDobbs]

On top of that, I looked into "business class cable" in Kearny, New Jersey, and was informed that they would block inbound port 80, as well as other common ports, and would only provide 8 IPs with no NATing allowed. Completly useless in this case, I had to recommend ISDN (which is hella pricey).

I am afraid.

[/dev/trash]

That's what you are going to have to do....buy the Business account.

Smarthost

[FattMattP]

Why not configure your upstream SMTP server as a smarthost on your SMTP server? That way outgoing mail from your MTA is sent to your ISPs MTA for delivery.

Re:Smarthost

[Ben+Hutchings]

That's the obvious way to send mail, but it's only half the answer. POP3 and IMAP are not well-suited for fetching a whole domain's mail. POP3 even requires you to poll, so it's totally wrong for an always-connected system.

Re:Smarthost

[jerryasher]

PacBell now SBC has provided me a very reliable DSL line for more than five years now.

But their email service has been absolutely abysmal. Slow (seven days or more backlog at one point) and errorful.

I can reliably run a business using their DSL and my own mail server. I can't even if I use their mail server just to relay my email.

Stop and think.

Your problem is twofold:

(1) Sending email.
(2) Receiving email.

Part 1 is not a problem: You merely have to relay your outgoing email through your service provider's SMTP server. This is the way that you should your outbound email configured anyway, you're incorrectly configured if you're not passing mail upstream through your ISP.

ISPs that know what they're doing from a technical standpoint allow you to send mail through their servers with whatever "from" address you want - so long as you're within their network, they know who you are anyway and can still monitor spam attempts. I have Earthlink DSL and they let customers do this (they've allowed this since way back when I was a dial-up customer). For example, I can send outbound email through Earthlink's servers with the "from" field being my Yahoo or work email address. Of course, I can't do this outside their network (500 access denied messages up the whazoo) - when I'm at work and want to send mail "from" my Earthlink account, I use my work's SMTP server.

Part 2 is more tricky. If direct SMTP connections are disallowed to your home system, perhaps the trick would be to get it delivered to an external server that you can then poll every 10 minutes (or get it forwarded to the email address your ISP provided for you, then poll that?) There are a number of companies that can relay mail for you and forward it to another account from your domain - Yahoo being one of them.

Also: You mention DynDNS - Dns2go.com had a mail relay service at one point (I've not used their system since it went commercial) that may be exactly what you're looking for in terms of receiving mail.

Personally though, I like keeping my DSL connection free of automated transfers and manually pull mail from my ISP's POP servers, Yahoo's web mail (search for the "fetchyahoo" perl script) and Hotmail (search for "gotmail" script) to local mail storage. The last thing I'd want is for all that to be triggered and start downloading spam while I'm trying to play a game online.

Re:Stop and think.

[Gothmolly]

This is the way that you should your outbound email configured anyway, you're incorrectly configured if you're not passing mail upstream through your ISP.
This is one of the more assinine, non-troll comments that I've read here. But wait, you're an AC... How did you become authoritative on SMTP policy for the Internet-at-large? How are you an authority on the ins and outs of his ToS with his ISP?

You mention the 'fetchyahoo' package. THAT violates the Yahoo ToS - one could argue, using your loging that 'you're incorrectly configured'.

Re:Stop and think.

[Chris+Coster]

I'm not familiar with his ISP, but if it doesn't let him do what I described - he should find another ISP (it sounds as though he's in the market for one anyway).

Oh, sure, that's a little hypocritical of me when it comes to using Yahoo mail fetch scripts. I'm still pissed at them for stopping the free POP access a little while back (after I actually started using the account & Yahoo Messenger, etc). Now that account mostly just collects spam.

Asinine = bad, non-troll = good. Um.. did you like or hate what I had to say?

And I usually don't like posting as myself because I believe posts should be judged on their content, not who they are posted as.

Re:Stop and think.

why should my smtp packets travel through my ISPs server?

why?

absolutely no reason in the world. except your opinion.

next thing you know my game packets, or voice packets WILL have to travel across someone elses server.

just because they decided and they can charge.

it's pure unadulterated bullshit.

evolution is happening in the reverse of your thinking.

services that started out in control of and provided by the elitist few are now "no big deal" and available for all.

it's not rocket science.

i can send all sorts of packets, representing information, from point A (me) to point B (a friend in alaska).

we already have routers in the middle.

why the need for third party servers?

because YOU think so.

bwha hwhah hw hahah aha

you are a dinosaur.

better keep your eyes open for the small mammals.

it's a sure sign your time has come ...and gone.

Without switching to business class?

[Inoshiro]

If you're running a home SMTP server off of a non-business link, you are barking up the wrong tree. Until everyone raises the expense bar on spamming efforts, spamming won't seem any less interesting to spammers.

Get a business connection, they're only 95$ CDN a month.

Re:Without switching to business class?

[Paul+Jakma]

The spammers already are using "business" links, several even. There is at least one who has 3 T1 links to their house, occassionally getting new ones in as they get kicked from ISPs.

It takes a reasonable amount of bandwidth to send a million+ emails in a reasonable amount of time. Eg, 4KiB message * 1M = 3906MiB, which would take 43 minutes to send across a T1 in itself. Sending via SMTP will require several round trips to the destination SMTP server, per message. So count on it taking /much/ longer than that, with a T1. Probably a day.

Re:Without switching to business class?

[Ben+Hutchings]

Sending via SMTP will require several round trips to the destination SMTP server, per message.

*snort* You really think spammers care about following the protocol? They probably just send all the commands at once without waiting for replies. In any case they can make many connections in parallel so the latency isn't that important.

Re:Without switching to business class?

[Paul+Jakma]

They care about sending spam, so they cant just shovel everything down the connection without getting replies. Most MTAs do /not/ support SMTP PIPELINE which would support it, and the ones that do (eg sendmail) generally are no longer configured to allow 3rd party relay. So they have to wait, or most of their spam probably wont be sent. (be great if they did what you say they do, we wouldnt get anywhere near the levels of spam currently..).

They could indeed make lots of connections in parallel, but they cant make a million in parallel. they could at most have ~65k in parallel with IPv4, and even that would be asking too much of an OS (work out the amount of memory 65k TCP connections would take just for OS to maintain state, now add the memory requirements for the SMTP spamming application). Probably # of connections in parallel is 100 at most (probably more like order of 10 or so).

Re:Without switching to business class?

I think the really high-volume spammers use networks of compromised machines, which scale rather nicely in terms of bandwidth use at the head end.

As postmaster of a large site, I can tell you that a significant portion of our spam is sent from Comcast and RoadRunner machines that have been cracked and incorporated into large-scale spam distribution systems.

ISPs like Comcast and RR are too greedy and incompetent to take effective action; I could set up snort-triggered scripts to isolate all the code reds, nimdas etc. on comcast in less than 48 hours. In a week I could implement automatic spam detection and node isolation.

Organizations like MAPS make it worse when they include cable networks (which have nodes with traceable ownership and physical location) in their DUL (Dial-up link list, which is for nodes that DON'T have traceable location/ownership), which is then used by the clueless to block incoming legit Email.

Somebody will have to hold the broadband ISPs feet to the fire. MAPS is not helping (although that is their stated purpose) because they are too indiscriminate. Note, Open Relay lists are another matter entirely and I personally find the MAPS-type solution appropriate for that. This seems the perfect place for either government interference or extremely severe vigilantism!

don't use dns2go.com

Nevermind, I just checked their site and it seems as though one of their other products is mass-email spamming / "marketing" software. It's probably best to not support them.

Getting a Co-location Service

[davesamson]

One solution to this would be to get a coloc which would give you a static ip address and full root access to the server. Currently me and a few buddies are paying for a redhat coloc from John Companies and we all love it.

If you use a portion of your coloc to host your open source project, you can get the coloc for $45 USD a month. For that, you get the following:

• - root on your own server
• - Full Linux Filesystem
• - 4 gigs disk - Up to 10 IPs
• - 40 Gigs transfer / Month
• - Firewall access
• - Unlimited tech support
• - They supply the hardware

Doing this, it is very easy to set up your own mail/web/etc server without many of the problems you get from hosting those services at home.

Just an idea.

The Second Digital Divide

[theCoder]

Beware, the following post is slightly off-topic, as it doesn't really offer any advice to the poster, but the poster's question prompted me to write this...

While I applaud these attempts to fight spam,

That's your first problem. Efforts like this are largely starting what I'm calling the second "Digital Divide". The first (and traditional) digital divide is between those who have the resources to get online and those who do not. However, I'm noticing a second division amoung those who are online -- those who are able to consume and create content and those who are only allowed to consume it. Most ISPs are moving towards the consume only model. Whether it's through artificial upload caps or through overly restrictive AUPs, it seems that most people are only clients on the Internet.

Right now, for example, I am apparently not allowed to serve web pages over my (expensive) cable connection for any reason whatsoever. It doesn't matter that I would be using very little bandwidth, or that it was for personal use, I'm not allowed to serve content on the Internet. This unfortunately, is being done by a technical block (incoming port 80 is firewalled off) and not a legal one (of their many AUPs, the only reference I can find to servers is that all servers must be secure). But the effect is the same.

It seems that more and more, only businesses are allowed to be creators. And "business class" service is really just the regular service but without the artifical limitations. And I should pay twice as much (or more) for that?

This assult on email by AOL and others is just another indication for this phenomenon (I don't think it's happening by design any more than the first digital divide happened by design). AOL, in it's attempt to fight an onslaught of worthless spam, has started blocking thousands of innocent emailers. I don't condone this any more than I would condone sending an innocent man to prison in order to convict a thousand guilty men or dropping a nuclear bomb on Bagdahd to get Saddam. Some people would be OK with things like that, but that's not the sort of ends justify the means world I want to live in. Frankly, AOL should be kicked off the net for their actions, but I know that's not going to happen because too many people either agree that the ends justify the means, or just don't give a damn because it doesn't affect them.

So, maybe I'm just a little too idealistic here, but these things just shouldn't be happening. I don't know what the end outcome will be. Maybe the Internet will become like TV -- still having some worth and still a big part of people's lives, but missing it's potential (TV, like radio before it, was supposed to bring about an age of enlightenment, or at least knowledge in the population). Maybe a sub-Internet will form over the existing Internet (possibly encryped and/or hidden) that allows people to be creators. Maybe wireless will change everything.

I don't know the future and I don't have any good solutions. This is just what I see happening now.

Re:The Second Digital Divide

[0x0d0a]

It seems that more and more, only businesses are allowed to be creators. And "business class" service is really just the regular service but without the artifical limitations. And I should pay twice as much (or more) for that?

Yes. It sucks, but before, people that used their broadband connections only lightly were subsidizing P2P users and people operating high-bandwidth servers. It's not "making things more expensive", it's "making people pay for what they're using".

Granted, your server may not use much bandwidth, but it's difficult to make finely-grained enough pricing tiers for ISPs -- and they want their pricing to be clear to everyone. Until such time as all desktop OSes have easy-to-use total bandwidth usage monitors built in and enabled by default, it's easier for them to just say "Web servers cost N dollars" than "Web servers cost N dollars *up to* for less than one gig outgoing a month".

Re:The Second Digital Divide

Paying by the bit for a contended service is a disguisting idea. Are business lines priced on transfer? Colo is priced on transfer - for a reason and this reason does not apply to a leased line or DSL/cable connection.

Until such time as all desktop OSes have easy-to-use total bandwidth usage monitors built in and enabled by default,

What the hell is a desktop OS? Is my rack running unix without X a 'desktop OS'? This is the point the original poster was making - ISP's assume we are all morons who can barely clickity-click an icon. To mainstream ISP's we are nothing but chicken - they force-feed us garbage content and we pay them for it. I'm paying for access, I'm not interested in my ISP's 'value added bollocks' and for the record I've run my own mailserver for years - it's never been used to relay spam and never will be. Speaking of which, I don't get ANY spam other than the stuff sent to non-existant accounts at work. And I'm supposed to change the way I run my mail, why?

Two Links

[RJM]

Wow, what a coincidence, I've been researching the same topic recently.

Here are two providers that I've found so far:

• domainMX.net - located in Ontario (at least it's North America...)
• Dynu.com - look for the "Email store/forward" service.

Both of these providers seem to meet my needs and have reasonable pricing, under $20/year. There were some other business-class services out there that I ruled out due to $100+ monthly costs.

Re:Two Links

[.smoke]

Another one: http://www.no-ip.com/

I was researching this a while back, too, but fortunately a friend with a less restrictive ISP had a box I could use.

B*B,
-Smoke.

You can fix this, for now (Slightly offtopic)

[RevRagnarok]

You can see here http://slashdot.org/comments.pl?sid=60679&cid=5724 232 how I fixed the mail problem with AOL and EarthLink.

- RR

change the port

[TheSHAD0W]

SMTP doesn't HAVE to operate on port 25. If you mapped it to a high port range, say over 10000, it might not be filtered.

Re:change the port

[lewp]

At which point nobody can deliver to him. Not such a good idea. There's no way to put port numbers in your MX records, unfortunately.

Ummm an A Record would help.

[Dolemite_the_Wiz]

Half of the problems with destination mail domains not allowing SMTP to relay is that originating mail servers such as yours do not have AT LEAST an A Record registered in DNS.

Most mail servers today will not allow relay or send transmission if the destination mail server is not able to find an A/MX record on the originating mail server.

Also, SMTP is a protocol not an e-mail server like Sendmail/Exchange.

Dolemite
_____________________

Good advice, take it. (was Re:Stop and think.)

[Nathaniel]

"[Sending email] is not a problem: You merely have to relay your outgoing email through your service provider's SMTP server. This is the way that you should your outbound email configured anyway, you're incorrectly configured if you're not passing mail upstream through your ISP."

You are assuming that the domains are the same. If a home user has their own domain they may have legitimate need/desire to seperate their domain's email from their ISP's domain. This does not constitute incorrect configuration.

Re:Good advice, take it. (was Re:Stop and think.)

[Xformer]

You're assuming that the domains have to be the same... they don't, unless your ISP is overly restrictive. I've done the "relay outgoing through ISP server" thing for some time now, and my domain isn't even in the same TLD as theirs (arthurian.nu vs. rr.com).

I have it both ways.

Can't have it both ways.

All you have to do is turn off relaying.

I have earthlink cable... they just started

[LWolenczak]

Earthlink just started, but here is the funny thing... I can't send to their mail server. To an address on their mail server.. from a customer IP address!

How lame is that?!? And time warner has never (as far as I can remember) let earthlink cable users use their local smtp server.

ODMR provider recommendation

[Brian+Blessed]

I use Fetchmail's ODMR support to pull mail into my Postfix server, and it works very well (and avoids the problems that POP3 has).
I can heartily recommend Gradwell in the UK.

- Brian.

Try vserver.de

Try the virtual hosting offered by Vserver.de. They have a virtual RedHat 7.3 system for 9.99 EURO per month. With the current exchange rate it works out to be a really good deal in US Dollars. For that you have a complete Linux box and can setup email services however you like it.

Re: domainMX.net

This is pretty much the problem that forced me to set up my first colo box, and wanting to save other folks the effort resulted in domainMX.net. I don't do ODMR, but I find that alternate port SMTP to a dynamic IP works pretty well, especially if you add SMTP AUTH (for *incoming*, ie I authenticate to you and requeue if I can't) to avoid the "my IP has been reassigned" problems.

As has been pointed out, many (most?) ISPs can handle your outgoing mail regardless of what sender address you use, but I do offer outgoing as well as long as you can use a sendmail-supported SMTP AUTH mechanism.

Oh, and at least one of my boxes is physically located in the US (Washington, DC). The others are in Canada (Toronto, Ottawa, Edmonton).
- Scott

SMTPAUTH, ODMR are commonly available from most...

[tlambert]

SMTPAUTH, ODMR are commonly available from most providers.

Most ISPs support this, though they do not advertise it, as such. Normally, all you have to do is change the server name, and tell it to use SMTP AUTH. For example, for EarthLink, the server is "smtpauth.earthlink.com"; works for any dialup account, so long as you include your domain name in the login.

ODMR is harder and easier; it wasn't supported by anyone for a very long time; we had the first implementation, written by Jennifer Meyers (of BUGTRAQ/Security Focus/"geek-girl" fame) as part of our "IBM Web Connections" service (IBM Global Small Business division, formerly Whistle Communications). Sad to say, though we beat everyone by about 3 years, IBM Web Connections and the InterJet are no more. 8-(.

These days, everyone and their dog supports it, and you can usually get it very cheaply; a Yahoo or Google search for "ODMR" and "mail" will give you about 2,600 and 3,300 hits, respectvely, with the Yahoo results skewed to service providers instead of source code.

-- Terry

Don't try vserver.de!

[bodoschlecht]

I was their customer: The servers are serveral times a month not reachable at all (sometimes for days) because of internal network problems. This disastrous situation did not change within the last 6 Months. Worst thing of all: They earn money with that because they offer no free support, only a pay-line for EUR 1,86 per Min.

SPAM

[iolkennyw]

The company I work for gives customers the ability to block out SPAM or not and it has several levels in between. But as far as your particular problem, I think you will find it more and more difficult to run a mail server unchecked because of the recipricol damage that could be done to the host providing you the option. You will eventually have to pay for your own bandwidth to get the most freedom.

Two Static IPs and servers allowed

[HighOrbit]

Right now I'm stuck with Cox cable because DSL is not available in my neighborhood. If and when DSL becomes available, I'm going to go with speakeasy.net . They have a "sysadmin" package for around $60 per month that explicitly allows servers and gives you 2 static IPs. Go to their website and click on the sitemap and check out the home packages. I hope this helps.