On 8/9/23 15:51, Sagar Acharya wrote:
SRV records would get port, like
https://xmpp.org/extensions/xep-0368.html
The logic would be like, say there is opensmtpd on the other server
too.
dig _mail._smtp.humaaraartha.in. SRV get_port_from_SRV() if
found_different_port() try_port() else try_25()
Sounds okay… but you'd have to get that supported by:
- sendmail
- postfix
- netqmail
- opensmtpd
- exim
- Microsoft Exchange
- Google's mail server (whatever they call it)
… and umpteen other possible mail servers.
It isn't yet as far as I know.
Another is for the MX record to support `hostname:port`, although one
could argue MX could be readily replaced by SRV.
Also, this does not solve your outbound SMTP issue: it'd only advertise
to others that "I listen on a different port".
It doesn't tell my server to start listening on a different port. Nor
does it tell any firewalls in between to suddenly allow this
out-of-the-ordinary connection.
Caching can also be done for future requests.
Yeah well, DNS will do that anyway. That's what the TTL field is for.
You and I are small fish. I've been mucking around with mail
servers pretty much this whole century so far.
OpenBSD and suckless are moving forward and providing solutions.
Which mailserver do you use?
Postfix on AlpineLinux is my primary MX. Simply out of familiarity, I
started with sendmail then later Qmail, but migrated to Postfix some
time around 2006 or so.
OpenSMTPD (and spamd) on OpenBSD is my secondary MX. I have some custom
scripts that then store the email OpenPGP-encrypted for later collection
by the primary MX in case there's downtime.
The vast majority of my email traffic is direct to the primary MX
(probably because of spamd's greylisting).
If we can establish that any software be run on any port, then
blocking ports won't make sense. Besides, they can block any domains
and they already do if they find spam there. SPAM is just an excuse.
Moving ports won't solve the problem. Yes it'd be nice to say, "ohh, by
the way my SMTP is listening on port 2225", but that won't help you.
You're expecting the world to move off 25/tcp for SMTP so you can hit it
behind your ISP's firewall.
That won't happen.
Your options are:
1. set up a server outside your ISPs network that can transmit the
message for you (e.g. if Internode decide to block port 25 or withdraw
my public IP, I might use my secondary MX as the outbound mail server
relay.)
2. use your ISPs mail server as a relay (after adding it to your SPF
records along with any DKIM keys needed)
3. move to an ISP that lets you do this stuff
I'd suggest (3) is your best option… as trying to circumvent firewall
rules will likely get you disconnected for violating their Terms of
Service anyway. (I note humaaraartha.in appears to be hosted by MTNL
India, but their website is not responding for me at this time.)
--
Stuart Longland (aka Redhatter, VK4MSL)
I haven't lost my mind...
...it's backed up on a tape somewhere.
