<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/xhtml; charset=utf-8">
</head>
<body>
<div style="font-family:sans-serif"><div style="white-space:normal">
<p dir="auto">“… surely using mail submission (port 587 or 465…”</p>
<p dir="auto">With SES, most definitely - but not a big deal…if my own server, can literally use any port I want…</p>
<p dir="auto">“…mandatory TLS encryption and authentication and DKIM signatures added with "d=amazonses.com”)…”</p>
<p dir="auto">Most definitely - just prudent…</p>
<p dir="auto">“…published a SPF record in DNS for leding.net which explicitly declares that your mail may legitimately be coming out of SES…”</p>
<p dir="auto">Again, very true - which is exactly what people should be doing - at least with their own domains. I know some may opt to not use SPF but given that more and more admins are requiring SPF checks for all inbound mail, just foolish not to have it…</p>
<hr style="background:#333; background-image:linear-gradient(to right, #ccc, #333, #ccc); border:0; height:1px" height="1">
<p dir="auto">On 24 Jul 2021, at 20:59, Bill Cole wrote:</p>
</div>
<div style="white-space:normal"><blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px"><p dir="auto">On 2021-07-24 at 23:03:04 UTC-0400 (Sun, 25 Jul 2021 03:03:04 +0000)<br>
Antonio Leding <mailmate@lists.freron.com><br>
is rumored to have said:<br>
</p>
<blockquote style="border-left:2px solid #777; color:#999; margin:0 0 5px; padding-left:5px; border-left-color:#999"><p dir="auto">“…not feasible to send mail claiming to be from a particular address through any arbitrarily chosen mail server…”<br>
<br>
Mostly true but there’s ways around such hindrances…<br>
<br>
<a href="https://www.wpoven.com/blog/free-smtp-servers-sending-emails/" style="color:#999">https://www.wpoven.com/blog/free-smtp-servers-sending-emails/</a></p>
</blockquote><p dir="auto">All of those require you to set up accounts with the providers in question. For example, you cannot simply decide to route your mail through Google's mail servers without having a Google account and configuring it to allow you to send mail using that account with sender addresses that are not hosted at Google.<br>
<br>
So: not quite "arbitrarily chosen."<br>
</p>
<blockquote style="border-left:2px solid #777; color:#999; margin:0 0 5px; padding-left:5px; border-left-color:#999"><p dir="auto">I haven’t used any of my “assigned” SMTP servers since 2000. And since 2013, been using a combo of Amazon’s SES or my own Postfix…the latter is especially nice if one wants to use a non-standard port...</p>
</blockquote><p dir="auto">Sure, but you are almost surely using mail submission (port 587 or 465, with mandatory TLS encryption and authentication and DKIM signatures added with "d=amazonses.com") and you have published a SPF record in DNS for leding.net which explicitly declares that your mail may legitimately be coming out of SES.<br>
<br>
Back before spam was a problem, it was possible to submit mail without authentication through nearly all SMTP servers, using whatever envelope sender and/or From address you felt like using with any server. This has evolved over time to the current situation where authentication (and hence server-specific account setup) is almost universally required along with TLS encryption. Some mail clients (including, at least in the past, Apple Mail) have configured submission (i.e. SMTP-like) servers independently of IMAP accounts and allowed users to arbitrarily select which outbound path to use with each message, regardless of which sender address is used. That is not generally safe today, but it was once entirely reasonable.<br>
<br>
</p>
<blockquote style="border-left:2px solid #777; color:#999; margin:0 0 5px; padding-left:5px; border-left-color:#999"><p dir="auto">- - -<br>
<br>
On 24 Jul 2021, at 19:47, Bill Cole wrote:<br>
</p>
<blockquote style="border-left:2px solid #777; color:#BBB; margin:0 0 5px; padding-left:5px; border-left-color:#BBB"><p dir="auto">On 2021-07-24 at 21:15:55 UTC-0400 (Sat, 24 Jul 2021 18:15:55 -0700)<br>
Ralph Alvy <mailmate@lists.freron.com><br>
is rumored to have said:<br>
</p>
<blockquote style="border-left:2px solid #777; color:#BBB; margin:0 0 5px; padding-left:5px; border-left-color:#BBB"><p dir="auto">If I have more than one Source Acct, how do I tell Mailmate with SMTP server to use for outgoing mail?</p>
</blockquote><p dir="auto">Each account has its own exclusive SMTP Server settings. This is good because on the modern Internet, it is not feasible to send mail claiming to be from a particular address through any arbitrarily chosen mail server. It might work, but more likely your mail would be rejected or worse: dropped silently.</p>
</blockquote></blockquote><p dir="auto">-- <br>
Bill Cole<br>
bill@scconsult.com or billcole@apache.org<br>
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)<br>
Not Currently Available For Hire<br>
_______________________________________________<br>
mailmate mailing list<br>
mailmate@lists.freron.com<br>
<a href="https://lists.freron.com/listinfo/mailmate" style="color:#777">https://lists.freron.com/listinfo/mailmate</a></p>
</blockquote></div>
<div style="white-space:normal">
</div>
</div>
</body>
</html>