[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: more on starttls, gnutls-cli and using tls for mail

From: Karl Fogel
Subject: Re: more on starttls, gnutls-cli and using tls for mail
Date: Wed, 17 Aug 2011 10:28:15 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux)

Tim Cross <address@hidden> writes:
>OK, thanks Jijay. So, it would seem the use case is possibly something
>specific google has done to detect possible abuse of an email account.
>I've not run into this myself, but at least this gives one possible
>data point on why this additional complexity may be required.

There's another issue too:

Although "smtp.gmail.com" is the One True Server for sending mails
through Google [1], the account you log in with there could be a regular
Google/Gmail account (call this type "A") or it could be a Google Apps
For Your Domain (type "B") account.

These are rather different beasts.  While you could set up your "A"
account such that it's able to send mail with a From address that is
really of type "B", I had some experiences -- clean reproduction recipes
are hard to create, unfortunately -- that indicated there could be authn
problems or being-blocked-as-spam problems if I sent from type "A"
repeatedly with a From address of type "B".  But these problems go away
if I authenticate to smtp.gmail.com as user "B" whenever sending mail
with an address of type "B".

Again, in practice it's impossible to get definitive answers to what the
rules are.  Running experiments is very time consuming, it's hard to
isolate variables, and Google doesn't have the staff to answer in-depth
technical questions (though random members of the public sometimes do --
see [2]).

Essentially, running one's own email server has become too hard
nowadays, but if one uses an email server hosted by an organization
large enough to deal competently with the running an email server in the
modern era, then by definition that organization will be too large to
answer individual questions.  The problem is systemic; I'm not blaming
Google -- I'm glad they offer the smtp.gmail.com service.

So I have to get Emacs to switch sender authn creds on an email-by-email
basis.  Recent smtpmail.el changes have made this harder, not easier.


[1] The reason I send mail through Google is because if I use my own
    server, it can be difficult to avoid the server being blacklisted
    even when that server is not the origin of any spam.  See

[2] http://www.google.com/support/forum/p/gmail/thread?tid=45781946ea84651e

reply via email to

[Prev in Thread] Current Thread [Next in Thread]