[ale] Hellsouth's wonderful email service

Bob Toxen bob at verysecurelinux.com
Tue Jul 20 02:29:02 EDT 2004 

I suggest doublechecking that your system's sendmail.cf is set up
correctly to list HellSouth's outgoing mailserver as its smart server.
This would be the "DS" macro that should look like:

     DSsmtp.bellsouth.net

Of course, if you have authority on someone else's system, you could
set up a SSH encrypted pipe between TCP port 25 on your system and
theirs and completely bypass HellSouth.  I've done this to get around
ISP's braindamaged networks.

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002

On Sun, Jul 18, 2004 at 12:58:49PM -0400, Chuck Huber wrote:
> 
> 
> Well... The Hellsouth saga will soon be over.
> 
> <vent>
> I knew when I signed up for their service I'd be sorry.  And I am.
> Why'd I do it?  Well, I've been on Speed Factory forever. Upon
> relocation to the mountains of North Carolina, I found that HellSouth
> was the only company to offer DSL service in my area.  Hence, I
> chose them from a field of 1 company - what a choice.
> 
> I took a while, but I learned that outbound connections to port
> 25 are blocked.  Thanks HellSouth.  So I reconfigured sendmail
> to send everything through their mail server only to find out that
> relaying was not allowed from the IP address I was using. The 550
> error also stated that the solution was to connect from the
> HellSouth Internet Service.  Duh... what did they think I was using?
> 
> Then there's this authentication thing.  Their stated purpose was
> "to reduce junk e-mail or 'spam' on the Internet."
> 
> So... I'm now stuck not being able to send mail.  After about 30
> hours of conversations with their tech non-support, I finally was
> able to talk to a supervisor who admitted that they block port 25,
> something that, of course, was not disclosed when I signed up, and
> that they didn't allow relaying of emails through their mail server.
> To correct the problem, I would have to sign up for Business DSL, a
> prerequisite of which was a Business phone line.
> 
> Granted, I'm not the Winbloze user with whom they're so accustomed
> to speaking.  I host my own domain (so mail appears to be from
> cehuber.org) and an family email list (about 30 or so users - all kin).
> 
> All in all, I found that HellSouth tech-nonsupport team doesn't even
> know how to speak English.  One technician (they really shouldn't
> call themselves technicians) asked me if I wanted him to "axe" his
> supervisor to get an answer - a vernacular prevalent in the black
> community.  Another tech said "try [this] and if that don't work ...",
> yet another abuse of the language.  Not one person was knowledgeable,
> they seemed to be just following scripts - kinda like memorizing
> phonemes of lyrics to a song written in a foreign language. (I recall
> a Star Trek episode that said something like "... saying 'Juliet on
> the balcony' - without having read the play, it's meaningless."
> 
> </vent>
> 
> Well... to end the ISP nightmare once and for all, I'm renting an
> unmanaged server somewhere up in Virginia.  It has Red Hat Fedora
> installed on it and WebMin.
> 
> The problem I'm facing right now it trying to configure sendmail
> to handle virtual email domains.  On my system at home, I've been
> using linuxconf to do this quite easily.  (As bad as linuxconf is
> in other areas, it was able to handle this one function quite
> efficiently.)
> 
> Well linuxconf hasn't been around since RH 8.0 (I think), and WebMin
> seems to fall short of the functionality I found in linuxconf.
> 
> Can anyone give me some pointers as to how to setup virtual email
> domains with these tools?  Alternatively, I can install a different
> MTA that has such functionality.
> 
> One thing I considered doing to bypass the blocked port 25 was to
> use iptables to forward outbound connections to port 25 to an outside
> host, then translate them back on the other end and forward them right
> out.  I haven't explored that to finality - just considered it.
> 
> Thanks in advance to all,
>     - Chuck
> 
> --
> "The purpose of encryption is to protect good people
> from bad people, not to protect bad people from the government."
>     -- Scott McNealy, CEO Sun Microsystems
> "The tree of liberty must be refreshed from time to time
> with the blood of patriots and tyrants."
>     -- Thomas Jefferson
> "If there must be trouble let it be in my day,
> that my child may have peace."
>     -- Thomas Paine
> "The liberties of our country, the freedom of our civil constitution,
> are worth defending against all hazards: And it is our duty to
> defend them against all attacks."
>     -- Samuel Adams
> "They that can give up essential liberty to obtain a little temporary
>    safety deserve neither liberty nor safety."
>     -- Benjamin Franklin
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list