The Wallaces

Using ASSP on a WebHost when your ISP blocks SMTP Relay Over Ports 25 and 465

(Posted 2/15/08) - Here's the scenario, you've created a new domain name "XYZ.com", set up a website at that address, and have created email addresses like "somebody@XYZ.com" for use with the website. You've also perhaps activated the webhost's anti-spam package, called ASSP (Anti-Spam SMTP Proxy).

But, if your ISP is not your webhost, you may have some work ahead of you to make this all work properly. Because there have been so many fraudulent attempts to relay email through ISP mail servers by locally connected clients, the current policy is for an ISP to allow SMTP connections only to their email servers over ports 25 (in the clear) and 465 (Secure Socket Layer).

If you try to set up an SMTP connection to your webhost's mail server, mail.XYZ.com over either port 25 or 465, you will get back a "Server Refused Connection - 10061 Error."

You may be tempted to just SMTP to your ISP mail server and identify your originating email address as "somebody@XYZ.com." Your POP3 incoming server would of course be set to use your webhost's email server "mail.xyz.com." The reason this is not a good idea has to do with the fact that your ISP server and your webhost server are in different domains. This fact comes to the fore when you use a proxy like ASSP, which is what this tech article is all about.

ASSP is a powerful set of semantic and mail header consistency checking tools (which query DNS data). ASSP requires that the SMTP outgoing and POP3 incoming email servers reside in the same domain (in this example XYZ.com). Since your ISP's email SMTP server is not in that domain the assumptions break down at the outset! What get's broken?

• WhiteList generation fails. ASSP automatically whitelists each email address to which you address email from your "XYZ.com" domain. Since all your outgoing email is from your ISP's domain nothing is whitelisted!
• Manual marking of received emails as Spam or Non-Spam fails, because ASSP will only preprocess assp-white, assp-spam, or assp-notspam@XYZ.com messages if they come from the XYZ.com domain (see ASSP manual).
• All incoming email is classed as unsolicited, because nothing is ever placed in the whitelist database! The result will be a higher incidence of false positives for SPAM detection, because most emails are non-local and get a little bump-count as a result.

How do webhost mail-severs accomodate customer's in this environment? They set up the ASSP proxy to also listen on port 26 or on port 587 (varies by company). When you set up your client just enter the appropriate port number, select server requires authentication, and enter your "mail.XYZ.com" wehbost mail server address. Nothing has to change for the incoming side (POP3 server).

Configure ASSP to use the spambox@ plugin so that it will download any emails identified as SPAM into your /SPAM directory on your mail client. Things should improve dramatically as your outgoing emails automatically whitelist your email community. Manually generated assp-white and assp-notspam messages to ASSP quickly correct any falsely blocked correspondents.

Happy Emailing with ASSP!