running a local smtp server on my powerbook

| 12 Comments

One of the great frustrations of being a mobile user who doesn't use webmail is having to manually change SMTP servers each time I switch locations. There's one for when I'm at home, another for when I'm at work. And when I'm on the road, I have to remember to VPN into work in order to use their SMTP server. (Yes, I know, I should be using the VPN all the time...but it only protects traffic between my computer and RIT, and much of my traffic goes elsewhere.)

No more.

Yesterday I found an article by David Reitter, a PhD student at the University of Edinburgh, called Send E-Mail Everywhere: Postfix on Mac OS X (and other Unix systems). It has step-by-step instructions on how to securely set up a local SMTP server on your Powerbook.

It seems to be working...I ran a test where I sent mail to myself on six or seven different email accounts, and the test messages all arrived safely. And it's a whole lot faster than using the RIT SMTP server.

So, Mac tech gurus...have a made a terrible mistake? Has this set me up for abuse of my system in ways I can't anticipate or protect from?

12 Comments

Prof. thats sounds pretty handy, is there instructions for Windows users?

FYI, a lot of spam filters will drop your messages if you're using a local SMTP server for delivery.

Brad --

Postfix is a Unix-based program and only runs on systems that use Unix-style methods of abstracting hardware and communicating between processes, like Linux, commercial Unixes, and Mac OS X.

You might try Googling words like "local SMTP server Windows" to find something that will run on Windows.

As far as security goes with any SMTP server, you just need to make sure that your setup will NOT relay messages that are handed off to it by another computer. (It should only accept messages from localhost, 127.0.0.1, or you might be able to use some kind of user/password authentication). If your system will blindly relay any message that comes into it via port 25, then it can be hijacked by spammers. But I don't know enough about Postfix configuration to know how to go about securing it (sorry Liz!).

Liz, do you know if any of the servers that you sent your test to check for proper and/or matching Reverse DNS entries? I know my provider does, so if you want to test that, try sending one to me.

I was doing that for awhile, and then realized a lot of people weren't getting my emails because there were getting filtered. :(

As a mail admin, I can say: looks fine. If you followed the instructions correctly, you're not a spam relay. For additional protection, you could configure the OS X firewall to block anything on the outside from coming in on port 25.

Now, as for reliability, not so hot. A lot of ISPs will make you use their mail server. When that's not the case, your mail will be marked as likely spam because it's coming from a user address.

A better answer, much similar to what you are doing now, is to find a server that will allow you to use SMTP-auth on port 587. 1and1's cheapest email account ($0.99/mo) gives that. COTSE (www.cotse.net, $5/mo) gives that and a lot more in the way of privacy features. There are many more services that will do the same, but those are two I have experience with.

Another alternative is, if you know someone with their own domain, have them set you up a send-only account on their mail server and use with SMTP-auth. It's easy to set up assuming you already are providing mail to some users.

Yeah, as a lot of other people are pointing out, your emails might get filtered at various times because:

- they're coming from an IP address known to be a dialup or dynamic IP range (people maintain lists of the things)

- they're coming from an IP address without a reverse lookup

One common but fixable mistake people make is not setting the envelope-from correctly on their local server too. (You can't tell easily by looking at the mails that get through what the envelope sender setting was -- it's different from the From: header. You can tell from the mail logs -- if all the mails are going through as from liz@localmachinename, that's a problem. You want that address to be a real address so that bounces can get back to you!)

I have a local Postfix server on my Linux laptop, but I set it up to forward all email to a set relay which then sends it onto its destination. If you have access to a fixed SMTP relay that allows authenticated connections from anywhere, you can configure either a local Postfix mail relay or your mail client to talk to it. (Sometimes networks will block access to port 25, so it's handy to have access to a fixed relay that leaves another port -- usually 587 -- open as well.)

In addition to the increased chance of being filtered at the receiving end, a number of ISPs will drop outbound SMTP traffic that isn't going through their cannonical relays.
I'd use the VPN if I had it available. Sure, it only protects the traffic up to RIT, but that's the traffic that matters more than avarage. Plus, it solves the SMTP server problem.

Another possibility is to use the Gmail smtp, which works everywhere. Cheers

Mauro

For reference, anyone with an RIT computer account (read: anyone at RIT) can send not just through smtp-server.rit.edu but also through mymail.rit.edu. The advantage of the mymail.rit.edu host is that it has TLS/SSL enabled for SMTP, so you get a secure connection with less need for VPN.

Both servers require authentication from off-campus, which is why you need an RIT computer account. Neither requires VPN, but the lack of TLS/SSL support on smtp-server.rit.edu currently means that a VPN connection is good to have. As long as you're authenticating, neither server should prevent you from sending mail, even for other accounts. (Mymail.rit.edu may be a little more strict in looking for an RIT e-mail address in the "From" field, however.)

The addition of mymail.rit.edu as a secure mail server is relatively recent (I believe it has been within the last 6-9 months), and the documentation hasn't entirely caught up yet.

The downside is that it's an unknown SMTP server and some services will not accept mail from it (and this number is growing).

It's been a while now, has this been a problem for you?

how to run a local mail server if we are using easyphp ?

Leave a comment

 

Categories

Archives

Recent Photos

www.flickr.com
This is a Flickr badge showing public photos and videos from mamamusings. Make your own badge here.

Upcoming Travel

Creative Commons License
This blog is licensed under a Creative Commons License.

About this Entry

This page contains a single entry by Liz Lawley published on February 4, 2005 10:05 AM.

sick and tired was the previous entry in this blog.

sabbatical plans is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.