Evolution send mail though proxy setting, how to? -- 2.26.1 still doesn't work!

Chan Chung Hang Christopher christopher.chan at bradbury.edu.hk
Wed May 13 16:11:53 UTC 2009 

Derek Broughton wrote:
> Christopher Chan wrote:
>
>   
>> Derek Broughton wrote:
>>     
>>> Christopher Chan wrote:
>>>
>>>   
>>>       
>>>> Could be a generic Gnome thing for all I know. I do not use Evolution.
>>>> You won't find any proxy setting in Thunderbird. Proxy servers caught
>>>> facilitating smtp connections will be firewalled, blocked and placed on
>>>> appropriate black lists.
>>>>     
>>>>         
>>> That's a really poor attitude, and likely to get _your_ servers
>>> blacklisted.
>>>   
>>>       
>> Ha! You have no idea what you are talking about. Have you heard about
>> open proxies?
>>     
>
> Of course I have - and if that's what you're blacklisting that's fine, but 
> if you're blacklisting servers _purely_ because they're proxying, then you 
> _will_ get blacklisted yourself.  You can't be blocking mail sent through 
> proper channels.
>   

Emphasis on proper channels.
>>> There's nothing inherently wrong with proxying SMTP connections.
>>>   
>>>       
>> So long as they are connecting to their smarthosts to submit their email
>> and other than the fact that natting is most probably the better way to
>> allow smtp/submission/smtps/pop3/imap connections. Oh, that is besides
>> the fact that this capability is inherently meant to get around
>> firewalls and most likely, therefore, company policy if the network
>> administrator did not open up email related connections in the
>> firewall/gateway.
>>     
>
> So what?  I do, in fact, send my email through an SSH tunnel when I'm in 
> this location.  Otherwise, because the client's firewall intercepts _any_ 
> attempt to connect to port 25 on any system, and redirects it through its 
> own server, my emails would seem to come from the client, not my own 
> company's server.  In fact, that's technically a violation of their policy - 
> which do you think is more honest?
>
>   

Why do you think the submission port (587) exists?
>> Any proxy server connecting to anything other than a smarthost will be
>> blacklisted and blocked locally. 
>>     
>
> Ah, so now you're backing down from your absolute statement that proxies 
> will be blacklisted.
>
>   
Nope. Just clarifying or adding context. A smtp server designated for 
authenticated smtp is not the same thing as a mx.
>> Using a local SMTP as a smarthost is NOT the same as using a proxy
>> server. Period. A proxy server does not follow the rules of mail
>> delivery.
>>     
>
> A proxy does whatever it is configured to do. 
>
>   
Proxy servers do not queue email and deliver them.
>> It does what it is told by the email client (connect to
>> smtp.gmail.com please). A mta looks up the mx of the recipient domain in
>> the email and connects accordingly. Any 'mta' that does anything else
>> will get itself listed and blocked. Period.
>>     
>
> My proxy says "connect to an SMTP server - if the destination is within the 
> client's domain, use theirs, otherwise use mine".  If you get email from me, 
> it's always routed correctly and if you block it there are blackhole lists 
> for admins like you, too.
>
>   
Link to proxy server that has some smtp smarts in it please. Oh, link to 
blackhole lists for admins that block open proxies too (that is what a 
proxy that connects to a mx will be defined as).

Shall I post a thread on this in NANAE too? Maybe I will post a thread 
on spam-l too. Why do you think ISPs have taken the step of redirecting 
smtp connections to their own smtp servers AND scanning emails being 
sent out via them too?

>> The fact that using a proxy server does not work all the
>> time is evident that admins with clue know to reject smtp/pop3/imap
>> requests.
>>     
>
> No, it's evidence that some people don't know how or when to set up such a 
> proxy correctly.
>
>   
I am sorry but people who configure squid to proxy smtp connections are 
just asking for trouble. They better hope they don't have some botnet 
slave(s) within their internal lan.

>> Therefore, I reiterate, email clients are supposed to connect
>> directly to their smarthosts.
>>     
>
> It's hard to reiterate something that you didn't say in the first place.  I 
> agree mail clients should connect to their smarthosts, though that's 
> actually counter to normal linux thinking (sysadmins often insist that a 
> _client_ should never talk SMTP at all, and should only pipe to sendmail), 
> but "directly"?  Not always.
>   
Fine. Chop off the 'to their smarthosts' part then.

Link to sysadmins often insisting that a client should never talk smtp 
at all? First time I have ever heard of that. Or do you need to add 
context to that statement as well? I certainly would find it hilarious 
that any sysadmin would insist that Evolution or Thunderbird pipe to 
/usr/sbin/sendmail or /usr/lib/sendmail.

More information about the ubuntu-users mailing list