I currently read (nearly) all my mail on a remote system (this one) where I have a Linux shell login. I log in to the system using ssh and read my mail using mutt, this gives me access to my mail from anywhere with little hassle.
Since we now have broadband at home I can transfer this process (remote ssh login and use mutt) to my home Linux machine. This gives me a couple of extra advantages - virtually unlimited storage space and the ability to use a GUI/HTML mail reader when I'm at home if I want to.
The question is should I simply move all my fetchmail bits and pieces from the system where I currently read my mail to my home system or should I receive the mail using SMTP?
I already run a Postfix SMTP server on the home system for people to send mail to the outside world, I see no need to authenticate local users, if they can get into my house I may as well allow them to send mail!
Would it actually be easier/safer to collect all the mail using fetchmail (much of it is collected on the hosting service by using fetchmail to get it from other places) or does SMTP actually confer any advantages? It would actually be pretty easy just to transfer my .fetchmailrc file from where it is now to my home Linux box and not bother with SMTP at all.
If I open up the SMTP port to the outside world what issues are there? I want to deliver mail from my hosting service which handles all mail for my isbd.co.uk and isbd.net domains, I have a web configurator which will let me forward all this mail to my home machine (which is a subdomain of isbd.net). I can thus limit connections to just the hosting service so that will probably deal with most of the security issues, I will also obviously check that relaying is not allowed (I'm pretty sure it isn't now). I will still need to run fetchmail to get mail from a few old POP3 hosts where I get the odd message still.
On Tue, 2005-05-24 at 11:02 +0100, Chris Green wrote: <snip>
The question is should I simply move all my fetchmail bits and pieces from the system where I currently read my mail to my home system or should I receive the mail using SMTP?
As with most things it depends, although many would likely say that SMTP all the way is best - it is certainly cleanest.
<snip>
Would it actually be easier/safer to collect all the mail using fetchmail (much of it is collected on the hosting service by using fetchmail to get it from other places) or does SMTP actually confer any advantages? It would actually be pretty easy just to transfer my .fetchmailrc file from where it is now to my home Linux box and not bother with SMTP at all.
Safer in that you have no open port 25 open to the outside world, and if you have already used fetchmail in the routing inwards then you probably don't gain anything in switching back to SMTP transportation (unless you are then splitting out to multiple accounts again, but this is where having fetchmail in the line complicates things most). The main issue with using fetchmail to collect mail is that some of the header information can be lost or not used in the process. The main situation I've come across here is when an email is sent to multiple recipients at the same domain and it is all collected via fetchmail. Generally only one will see the email without some extra form of intervention. If everything is coming into a single mailbox then there is probably little practical difference in the two methods (except you may not get two copies of a message if you have it sent to you at two addresses).
If I open up the SMTP port to the outside world what issues are there? I want to deliver mail from my hosting service which handles all mail for my isbd.co.uk and isbd.net domains, I have a web configurator which will let me forward all this mail to my home machine (which is a subdomain of isbd.net). I can thus limit connections to just the hosting service so that will probably deal with most of the security issues, I will also obviously check that relaying is not allowed (I'm pretty sure it isn't now). I will still need to run fetchmail to get mail from a few old POP3 hosts where I get the odd message still.
Limiting the IP addresses that can talk to your mail server certainly ties things down nicely, and I would personally opt for SMTP, but at the same time most of my current mail setups use fetchmail at the moment! This is partly due to current and legacy issues with dynamic IP addresses (and I've never bothered to sort out the SMTP pull setup that Demon use where you notify the SMTP server that you are on line and what your IP address is so it can start delivery - can't remember the acronym off the top of my head).
I am in the process of switching over to SMTP myself, but then I run a business off my connection as well as having around 10 - 15 domains to support in various ways (not all on the ADSL connection for all functions, some only backup/development services). My system will also be working with a mail relay in a DMZ that will handle filtering and a few low volume mailing lists.
On Tue, May 24, 2005 at 02:46:22PM +0100, Paul Tansom wrote:
On Tue, 2005-05-24 at 11:02 +0100, Chris Green wrote: information can be lost or not used in the process. The main situation I've come across here is when an email is sent to multiple recipients at the same domain and it is all collected via fetchmail. Generally only one will see the email without some extra form of intervention. If everything is coming into a single mailbox then there is probably little practical difference in the two methods (except you may not get two copies of a message if you have it sent to you at two addresses).
I doubt I'll have a problem with that, there are only three or four users and I can't imagine a situation where the same mail will get sent to more than one of them.
[snip]
Limiting the IP addresses that can talk to your mail server certainly ties things down nicely, and I would personally opt for SMTP, but at the same time most of my current mail setups use fetchmail at the moment! This is partly due to current and legacy issues with dynamic IP addresses (and I've never bothered to sort out the SMTP pull setup that Demon use where you notify the SMTP server that you are on line and what your IP address is so it can start delivery - can't remember the acronym off the top of my head).
Do you mean ETRN? Though I thought Demon (I was with them) used something that wasn't ETRN because they had to invent it in the days before POP3 existed even. (... or is it SDPS)
I am in the process of switching over to SMTP myself, but then I run a business off my connection as well as having around 10 - 15 domains to support in various ways (not all on the ADSL connection for all functions, some only backup/development services). My system will also be working with a mail relay in a DMZ that will handle filtering and a few low volume mailing lists.
Thinking about it I will probably stay with fetchmail as some of the mail has to be fetchmail and I might as well just go for an easy life and get it all that way.
On Tue, 2005-05-24 at 15:04 +0100, Chris Green wrote:
On Tue, May 24, 2005 at 02:46:22PM +0100, Paul Tansom wrote:
<snip>
Limiting the IP addresses that can talk to your mail server certainly ties things down nicely, and I would personally opt for SMTP, but at the same time most of my current mail setups use fetchmail at the moment! This is partly due to current and legacy issues with dynamic IP addresses (and I've never bothered to sort out the SMTP pull setup that Demon use where you notify the SMTP server that you are on line and what your IP address is so it can start delivery - can't remember the acronym off the top of my head).
Do you mean ETRN? Though I thought Demon (I was with them) used something that wasn't ETRN because they had to invent it in the days before POP3 existed even. (... or is it SDPS)
That's the one. I really can't remember whether that is exactly what they used, it was all built into Turnpike when I was hooked up with them, although I must have stopped using that before I left them because I only moved to Nildram when I got onto the Wires only ADSL trial (Demon were just too slow on the ADSL uptake). I'm sure I wasn't still using Turnpike in 2001! I certainly had a Linux firewall in between me and the outside world, so it wasn't handling the connection. Ook, my memory is going!
I am in the process of switching over to SMTP myself, but then I run a business off my connection as well as having around 10 - 15 domains to support in various ways (not all on the ADSL connection for all functions, some only backup/development services). My system will also be working with a mail relay in a DMZ that will handle filtering and a few low volume mailing lists.
Thinking about it I will probably stay with fetchmail as some of the mail has to be fetchmail and I might as well just go for an easy life and get it all that way.
I run my own mail server and apart from my ISP mail (which I don't think gets any, I haven't checked for a while) and the odd webmail account (Gmail and iirc Operamail, I've probably got a Yahoo! and Netscape mail address if I cared to check too). I've got two of my domains migrated across to the ADSL line coming in to my relay mail server. It's not proving a priority job though, and fetchmail is doing fine for now :)
I'm not planning to migrate the rest until I've got the full setup done on the two test ones. Currently the relay doesn't relay (just collects), but then both the internal mail server and the relay are due for rebuilding onto new hardware, so it was more of an experimental setup. The two domains aren't used for mail either, so all I collect is spam (a depressing amount since neither of the domains have ever been used for email or had any addresses published, and the websites are merely holding pages!).
Somewhere I've got a Round Tuit plate, I really must dig it out, there are so many things that would get done if I did ;)
-
Chris Green -
Paul Tansom