[ previous ] [ next ] [ threads ]
 
 From:  "Chris Bagnall" <m0n0wall at minotaur dot cc>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] NAT question: redirect all outgoing SMTP to or own SMTP-server
 Date:  Thu, 29 Sep 2005 23:46:20 +0100
There appear to have been quite a few posts about redirecting SMTP traffic
to one's own mailserver over the last few days. The technical discussion is
very interesting, but I fear it does raise a pretty serious privacy issue
when you start redirecting users' traffic to places it wasn't supposed to go
without them knowing about it.

There have been plenty of posts by folks wanting to do this, and I'm really
struggling to understand why at all. Anyone who's sending mail through a
corporate mailserver is probably using authenticated SMTP, so there's a good
chance they can be accessed from any internet connection anywhere (otherwise
there'd be all sorts of problems with home workers unable to send mail and
the like). Many ISPs these days will quite happily accept authenticated SMTP
on their mailservers, even if they don't officially say it's supported.
Again, many mailservers will allow a user to relay from anywhere provided
they've authenticated *somehow*.

If folks are seriously looking to redirect everything on 25 back to their
own mailserver, it may be worth checking the legal ramifications of what
you're doing - especially if you're providing a paid-for service for the
public.

Regards,

Chris
-- 
C.M. Bagnall, Director, Minotaur I.T. Limited
Tel: (07010) 710715   Mobile: (07811) 332969   Skype: minotaur-uk
ICQ: 13350579   AIM: MinotaurUK   MSN: msn at minotaur dot cc   Y!: Minotaur_Chris
This email is made from 100% recycled electrons