Evolution send mail though proxy setting, how to? -- 2.26.1 still doesn't work!
Chan Chung Hang Christopher
christopher.chan at bradbury.edu.hk
Wed May 13 16:11:53 UTC 2009
Derek Broughton wrote:
> Christopher Chan wrote:
>
>
>> Derek Broughton wrote:
>>
>>> Christopher Chan wrote:
>>>
>>>
>>>
>>>> Could be a generic Gnome thing for all I know. I do not use Evolution.
>>>> You won't find any proxy setting in Thunderbird. Proxy servers caught
>>>> facilitating smtp connections will be firewalled, blocked and placed on
>>>> appropriate black lists.
>>>>
>>>>
>>> That's a really poor attitude, and likely to get _your_ servers
>>> blacklisted.
>>>
>>>
>> Ha! You have no idea what you are talking about. Have you heard about
>> open proxies?
>>
>
> Of course I have - and if that's what you're blacklisting that's fine, but
> if you're blacklisting servers _purely_ because they're proxying, then you
> _will_ get blacklisted yourself. You can't be blocking mail sent through
> proper channels.
>
Emphasis on proper channels.
>>> There's nothing inherently wrong with proxying SMTP connections.
>>>
>>>
>> So long as they are connecting to their smarthosts to submit their email
>> and other than the fact that natting is most probably the better way to
>> allow smtp/submission/smtps/pop3/imap connections. Oh, that is besides
>> the fact that this capability is inherently meant to get around
>> firewalls and most likely, therefore, company policy if the network
>> administrator did not open up email related connections in the
>> firewall/gateway.
>>
>
> So what? I do, in fact, send my email through an SSH tunnel when I'm in
> this location. Otherwise, because the client's firewall intercepts _any_
> attempt to connect to port 25 on any system, and redirects it through its
> own server, my emails would seem to come from the client, not my own
> company's server. In fact, that's technically a violation of their policy -
> which do you think is more honest?
>
>
Why do you think the submission port (587) exists?
>> Any proxy server connecting to anything other than a smarthost will be
>> blacklisted and blocked locally.
>>
>
> Ah, so now you're backing down from your absolute statement that proxies
> will be blacklisted.
>
>
Nope. Just clarifying or adding context. A smtp server designated for
authenticated smtp is not the same thing as a mx.
>> Using a local SMTP as a smarthost is NOT the same as using a proxy
>> server. Period. A proxy server does not follow the rules of mail
>> delivery.
>>
>
> A proxy does whatever it is configured to do.
>
>
Proxy servers do not queue email and deliver them.
>> It does what it is told by the email client (connect to
>> smtp.gmail.com please). A mta looks up the mx of the recipient domain in
>> the email and connects accordingly. Any 'mta' that does anything else
>> will get itself listed and blocked. Period.
>>
>
> My proxy says "connect to an SMTP server - if the destination is within the
> client's domain, use theirs, otherwise use mine". If you get email from me,
> it's always routed correctly and if you block it there are blackhole lists
> for admins like you, too.
>
>
Link to proxy server that has some smtp smarts in it please. Oh, link to
blackhole lists for admins that block open proxies too (that is what a
proxy that connects to a mx will be defined as).
Shall I post a thread on this in NANAE too? Maybe I will post a thread
on spam-l too. Why do you think ISPs have taken the step of redirecting
smtp connections to their own smtp servers AND scanning emails being
sent out via them too?
>> The fact that using a proxy server does not work all the
>> time is evident that admins with clue know to reject smtp/pop3/imap
>> requests.
>>
>
> No, it's evidence that some people don't know how or when to set up such a
> proxy correctly.
>
>
I am sorry but people who configure squid to proxy smtp connections are
just asking for trouble. They better hope they don't have some botnet
slave(s) within their internal lan.
>> Therefore, I reiterate, email clients are supposed to connect
>> directly to their smarthosts.
>>
>
> It's hard to reiterate something that you didn't say in the first place. I
> agree mail clients should connect to their smarthosts, though that's
> actually counter to normal linux thinking (sysadmins often insist that a
> _client_ should never talk SMTP at all, and should only pipe to sendmail),
> but "directly"? Not always.
>
Fine. Chop off the 'to their smarthosts' part then.
Link to sysadmins often insisting that a client should never talk smtp
at all? First time I have ever heard of that. Or do you need to add
context to that statement as well? I certainly would find it hilarious
that any sysadmin would insist that Evolution or Thunderbird pipe to
/usr/sbin/sendmail or /usr/lib/sendmail.
More information about the ubuntu-users
mailing list