|
Home > Archive > IIS and SMTP > July 2007 > SMTP problems
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Edmund 2007-07-03, 1:22 pm |
| My new ISP gives me very bad email service, I cannot send anything most of
the time.
I installed the SMTP thing in win XP but now what?
Where do I dind anything to configure that and can I use that for sending my
emails?
The recieving part from my ISP works OK ( so far )
Thanks for any help
Edmund
| |
| Sanford Whiteman 2007-07-03, 7:22 pm |
| > I installed the SMTP thing in win XP but now what? Where do I dind
> anything to configure that and can I use that for sending my emails?
Do you really have "SMTP problems" with IIS SMTP? Doesn't seem like
it. It seems you don't have experience with SMTP (and thus with DNS)
in general. I know this will come off as harsh, but I daresay you
shouldn't be in charge of a mailserver that's exposed to the public
Net if you don't have those prerequisite skills.
If you restrict your new mailserver to _only_ allowing outbound
connections, though, it's true that you can do little harm to anyone
but yourself. But you are still going to need to learn quite a lot to
make sure that your self-administered mailserver is capable of
successfully delivering to the vast majority of remote servers, even
those with strict anti-spam policies.
To approach your question: the default IIS SMTP is essentially capable
of relaying mail to remote domains right out-of-the-box. You must set
up your mail client to authenticate to the SMTP server. The rest is
out of IIS' hands -- and the *rest* is in fact the most important
part.
The rest:
[1] You must ensure that your server passes the HELO-PTR-A-IP
roundtrip test. This means that
- you must have a PTR record for your mailserver's public IP address
- the HELO greeting sent by your mailserver ("FQHN of the Default SMTP
Virtual Server" in IIS terms, though this requirement applies to all
mailservers) must match the PTR ("reverse DNS") hostname of the public
IP address
- the PTR hostname must have a corresponding A record that resolves to
the public IP address
The roundtrip test is very simple, really: all published DNS and SMTP
data must be consistent. Not every remote server checks _every_
element. But any inconsistency means one more chunk of remote servers
will refuse your mail.
[2] Your ISP's routers must allow you to make outbound connections on
TCP port 25.
[3] Your ISP's EULA must allow you to send mail directly to remote
servers. It is not enough to "fool" your ISP by using a DDNS service.
That might work for inbound HTTP, but not for outbound SMTP. Even if
the ISP does not block you at the network level ([2]) from connecting
on TCP 25, many remote servers use complex and generally accurate
heuristics to determine whether you are using a consumer-grade (that
is, server-free) block of IPs. (Since spambots commonly violate EULAs,
better safe than sorry.)
[4] Self-evident: all usernames and domains you send from must exist
in the public DNS. Your submission server (IIS SMTP) will not look
this up for you. Remote servers happily will.
[5] If you are using a domain with an SPF record, your mailserver's
public IP address must appear as an explicitly allowed sending server,
or, alternately, an SPF query must return an "unknown" result for
your server.
--Sandy
| |
| Edmund 2007-07-04, 1:21 pm |
|
"Sanford Whiteman" <swhitemanlistens-software@cypressintegrated.com> wrote
in message news:op.tuwv0yq16c17zw@gw02.broadleaf.local...
>
> Do you really have "SMTP problems" with IIS SMTP? Doesn't seem like
> it. It seems you don't have experience with SMTP (and thus with DNS)
> in general. I know this will come off as harsh, but I daresay you
> shouldn't be in charge of a mailserver that's exposed to the public
> Net if you don't have those prerequisite skills.
>
> If you restrict your new mailserver to _only_ allowing outbound
> connections, though, it's true that you can do little harm to anyone
> but yourself. But you are still going to need to learn quite a lot to
> make sure that your self-administered mailserver is capable of
> successfully delivering to the vast majority of remote servers, even
> those with strict anti-spam policies.
>
> To approach your question: the default IIS SMTP is essentially capable
> of relaying mail to remote domains right out-of-the-box. You must set
> up your mail client to authenticate to the SMTP server.
OK what do have to fill in on the "SMTP" server part?
And where is my IIS SMTP server?
> The rest is
> out of IIS' hands -- and the *rest* is in fact the most important
> part.
>
> The rest:
>
> [1] You must ensure that your server passes the HELO-PTR-A-IP
> roundtrip test. This means that
>
> - you must have a PTR record for your mailserver's public IP address
>
> - the HELO greeting sent by your mailserver ("FQHN of the Default SMTP
> Virtual Server" in IIS terms, though this requirement applies to all
> mailservers) must match the PTR ("reverse DNS") hostname of the public
> IP address
>
> - the PTR hostname must have a corresponding A record that resolves to
> the public IP address
>
> The roundtrip test is very simple, really: all published DNS and SMTP
> data must be consistent. Not every remote server checks _every_
> element. But any inconsistency means one more chunk of remote servers
> will refuse your mail.
>
>
> [2] Your ISP's routers must allow you to make outbound connections on
> TCP port 25.
>
>
> [3] Your ISP's EULA must allow you to send mail directly to remote
> servers. It is not enough to "fool" your ISP by using a DDNS service.
> That might work for inbound HTTP, but not for outbound SMTP. Even if
> the ISP does not block you at the network level ([2]) from connecting
> on TCP 25, many remote servers use complex and generally accurate
> heuristics to determine whether you are using a consumer-grade (that
> is, server-free) block of IPs. (Since spambots commonly violate EULAs,
> better safe than sorry.)
>
>
> [4] Self-evident: all usernames and domains you send from must exist
> in the public DNS. Your submission server (IIS SMTP) will not look
> this up for you. Remote servers happily will.
>
>
> [5] If you are using a domain with an SPF record, your mailserver's
> public IP address must appear as an explicitly allowed sending server,
> or, alternately, an SPF query must return an "unknown" result for
> your server.
>
>
> --Sandy
Thank you,
I will try it step by step
>
>
>
>
| |
| Sanford Whiteman 2007-07-04, 1:21 pm |
| > OK what do have to fill in on the "SMTP" server part?
This question doesn't make all that much sense as-is, but if you mean
"What do I have to configure within IIS Manager for the IIS SMTP
service?" the answer is that you configure your outbound HELO hostname
in
Default SMTP Virtual Server-Properties-Delivery-Advanced-FQDN
> And where is my IIS SMTP server?
It's on the XP machine where you installed the IIS SMTP service.
I'm trying to help, but are you sure you're ready for this project?
--Sandy
| |
|
| Sanford,
If I understand you correctly... Even though I have a dedicated public IP on
my Linksys Router that relays to my XP Pro machine and a valid DNS that goes
to my IP and I have IIS SMTP installed it still does not mean that I can use
my ASP email forms. Even though I do have the proper ports open. What if I
install Win2k Advanced Server? I'd still have problems wouldn't I?
"Sanford Whiteman" wrote:
>
> This question doesn't make all that much sense as-is, but if you mean
> "What do I have to configure within IIS Manager for the IIS SMTP
> service?" the answer is that you configure your outbound HELO hostname
> in
>
> Default SMTP Virtual Server-Properties-Delivery-Advanced-FQDN
>
>
> It's on the XP machine where you installed the IIS SMTP service.
>
> I'm trying to help, but are you sure you're ready for this project?
>
> --Sandy
>
| |
| Sanford Whiteman 2007-07-16, 1:21 am |
| > If I understand you correctly... Even though I have a dedicated
> public IP on my Linksys Router that relays to my XP Pro machine and
> a valid DNS that goes to my IP and I have IIS SMTP installed it
> still does not mean that I can use my ASP email forms.
I'm advising you that running even an outbound-only mailserver
requires that you have a command of DNS and SMTP and can control how
your server is seen by the rest of the Net. If you want to reliably
deliver mail, being able to connect outbound on port 25, while a
prerequisite, is not enough.
> What if I install Win2k Advanced Server? I'd still have problems
> wouldn't I?
The OS you use will have no effect on your ability to deliver mail.
The MTA vendor you use will also have no effect, save for the fact
that some MTAs have a better default configuration and/or easier
configuration interface than others.
--Sandy
|
|
|
|
|