[COLUG] Dry Loop DSL

Rob Stampfli res at colnet.cmhnet.org
Sun Jul 6 15:02:34 EDT 2008 

On Sun, Jul 06, 2008 at 02:24:42PM -0400, Dan Hill wrote:
> "Robert Grimm" <robertgrimm at gmail.com> wrote:
> ...
> > One problem I have had with AT&T is the SMTP blocking. I understand  
> > that you can request they unblock it. Does anyone here have SMTP  
> > blocking turned off with dry loop, or is that a service for their  
> > mainstream customers? I have a shell script that tunnels SMTP over SSH  
> > to a machine in a data center, but I don't want to have to do that. It  
> > is convenient for sending mail from a coffee shop, but it would be  
> > annoying it I had to use it for all mail from home.
> 
> I can't comment on the dry loop aspect, but regarding the SMTP blocking, if
> you are sshing to a remote system, can't you just setup that server with an
> alternate SMTP port, say port 587?  That way you can setup your mail
> clients w/ port 587 rather than 25.  I've setup quite a few servers that
> way.  It would take the ssh step off your plate and you won't have to worry
> about port 25 blocking anywhere.

I was unaware that AT&T offered "naked DSL" anywhere.  If they do,
that is good news.  Is there a premium for the service over what
they'd offer for DSL over an existing active line?  (Otherwise,
why would everyone not opt for it, as it would mean no filters
needed to be installed.)

As far as SMTP, I agree with Dan.  You really don't want a port 25
exposed to the world on a home machine.  First, it really isn't
viable today to run a full fledged mail server from a residential
IP; too many people will refuse to talk to you.  If you are getting
mail delivered from a server that knows you (and you control), then
set up your mail server and local MTA to talk on some arcane port
that only you know about.  Makes like less hectic.  And, do the
same for SSH.  It's ridiculous how many infiltrated machines there
are today whose sole purpose in life seems to be to find active SSH 
ports and then try to break into them.  Even if they never succeed,
they consume a lot of CPU time trying.

Good luck,
Rob

More information about the colug432 mailing list