[Dshield] ISP's not blocking egress 25/tcp
areust at comcast.net
Mon Jan 26 04:38:46 GMT 2004
This was based on a company in "some" state had office a couple of states
over. The two basic issues were Sendmail and DNS. You can connect directly
or relay for (from the ISP provider they relay the mail). If they do not
relay for a known specific circumstance then you have to connect directly.
It also means you have to review the contract that you paid for, that is
The meat of the subject:
While it has been awhile it has been awhile (1997), for sendmail (exchange
supports also) for a "host" that connects periodically the term/process is
ETRN. Yes, while it is mostly configure for another "Intermittent MTA, it
can be configured for an intermittent "single host" connection. The key is
the "Host Name/IP" in DNS on both ends. Things have to resolve on both
ends. There are variables depending on what you need/direction you have to
accomplish on both ends.
For the most part the "ISP" should have configured the appropriate DNS
entries that would verify the specific "relay IP/host." Then you make host
entries in your DNS to account for the "out of band IP's" for
somemachine.mydomain.com. That would resolve to a single IP for the MTA.
Then you can specify the specific DNS for IP of 123.456.789.012 with a
subnet mask of 255.255.255.255 which pins it to the specific IP. Sendmail
is the configured to accept for the IP/Host.
Yes if the gateway is know from the remote end and you have a "Routing
Wizard" other nice things can happen with the out of band IP's.
At 09:21 PM 1/24/2004 -0500, Alan Frayer wrote:
>On Sat, 2004-01-24 at 08:08, James C. Slora Jr. wrote:
> > If the local ISP requires SMTP authorization, configure that. If they check
> > "From" addresses on outbound mail and reject mismatches, there are
> > workarounds for this too - I don't recall the specifics, though.
>I wish you would recall these workarounds, and, if preferred, send them
>to me off list. I have a few sites that have e-mail trouble because they
>cannot connect to an outgoing SMTP without using their local ISP's
>assigned e-mail address, instead of the one the corporate office paid
>for with their domain.
>Alan Frayer,CNE,CNI,CIW CI,MCP,Net+ - afrayer at frayernet.com
>Member: Independent Consultants Association (ICA)
>Consultants - FREE Directory Listing - http://www.ica-assn.org
>list mailing list
>list at dshield.org
>To change your subscription options (or unsubscribe), see:
More information about the list