Page 1 of 1
SMTPD
Posted: Mon Mar 08, 2021 10:32 pm
by Questman
Replace the SMTPD, or at least add modern features to support DKIM, DMARC, policies, anti-relaying capability, better SPAM control, blocklists, etc.
Re: SMTPD
Posted: Tue Mar 09, 2021 12:49 am
by daniel_spain
Questman wrote:
> Replace the SMTPD, or at least add modern features to support DKIM, DMARC,
> policies, anti-relaying capability, better SPAM control, blocklists, etc.
you made this? I made back in 2002 a mod of the current that supported the
auth command so you could log into a smarthost that required authentication.
this was back when isps required base64 encryption so it could be dated.
Re: SMTPD
Posted: Tue Mar 09, 2021 5:54 pm
by Questman
No, just adding the topic to the Feature Request list since this one is a major issue for folks who setup new BBSes unaware there's a default SMTPD on. It's so insecure.
Re: SMTPD
Posted: Wed Mar 10, 2021 2:42 am
by daniel_spain
Questman wrote:
> No, just adding the topic to the Feature Request list since this one is a
> major issue for folks who setup new BBSes unaware there's a default SMTPD
> on. It's so insecure.
smtp is also a HUGE hackable element in its current state. because you do not have an option to force use of auth if you are on an isp with no restrictions such as I am with business fios from Verizon, if you have port 25 open they attach to it and the smtp.out files get as large as 2gb within days. I had to disable smtp mail and add the require auth to send and the bastards still found a way around it with anon login.
so yes, new smtp a huge need.
Re: SMTPD
Posted: Wed Mar 10, 2021 1:39 pm
by Questman
Ugh that is awful. Yep, it's definitely a need. I wonder if it makes sense to adapt qmail or something open source and proved. The main concern I have is threading and control of the process for too long. Much of the TCPIP kit is cycled to work with the BBS loop.
Telnetd is also rife with "non-SGA client" errors in the audit trail ... and lots of losers with scripts trying to login as root.
Re: SMTPD
Posted: Thu Mar 11, 2021 2:23 am
by daniel_spain
Questman wrote:
> Ugh that is awful. Yep, it's definitely a need. I wonder if it makes
> sense to adapt qmail or something open source and proved. The main concern
> I have is threading and control of the process for too long. Much of the
> TCPIP kit is cycled to work with the BBS loop.
>
> Telnetd is also rife with "non-SGA client" errors in the audit
> trail ... and lots of losers with scripts trying to login as root.
when i implemented facebook and twitter into the forums i did just that.
Went with a 3rd party app that accepted the message and send it to twitter/fb
and vice versa, only thing i never got done was a way to put them in the forums
with html tagging for easy reading. the company (actually church) that had
got me to work on it disappeared so i never finished. but 3rd party relaying
at least right now is ideal. as a free option you can use synchronet and only run the smtp
server and use it as your smarthost and using my galsmtp mod it will actually log onto
synchronet with the sysop account and authenticate the relay hence adding secure email
to worldgroup.
Re: SMTPD
Posted: Thu Mar 11, 2021 7:30 am
by BadOPCode
At risk of sounding like a horrible ad... :) I use SMTP services from a outfit called DNSExit.com. So I use the redirect service ... the mail relays to through them and than to my server on a non-standard port. This prevents hacks on my end. This service comes with anti-spam and mail holding. I had held mail from a year ago when I shutdown my Synchronet BBS and much later connected WG. The other service I use is their SMTP relaying. With the SMTP service I get free DDNS hosting and a wildcard SSL certs for my domain name off of their chain. Altogether I think it's like $30 a year.
I know it's not in the free category that everyone typically loves but for those willing to flip a few bucks to have e-mail without the hassle it's worth a look at in my opinion.
Re: SMTPD
Posted: Thu Mar 11, 2021 8:28 am
by daniel_spain
BadOPCode wrote:
> At risk of sounding like a horrible ad... :) I use SMTP services from a
> outfit called DNSExit.com. So I use the redirect service ... the mail
> relays to through them and than to my server on a non-standard port. This
> prevents hacks on my end. This service comes with anti-spam and mail
> holding. I had held mail from a year ago when I shutdown my Synchronet BBS
> and much later connected WG. The other service I use is their SMTP
> relaying. With the SMTP service I get free DDNS hosting and a wildcard SSL
> certs for my domain name off of their chain. Altogether I think it's like
> $30 a year.
> I know it's not in the free category that everyone typically loves but for
> those willing to flip a few bucks to have e-mail without the hassle it's
> worth a look at in my opinion.
im of the belief that if something is worthwhile it is worth something. all this bbs stuff should be free talk
is nonsense. should a 256 channel server be 9,995.00 in 2021? no. is it too far off to ask for a few bucks?
no again. is it worth 30 dollars a year for halls free email, absolutely.