undefined | Better HN

0 pointsxp846d ago0 comments

[ Note: Anyone who has been a geek since the 90s, there's nothing you don't already know here ]

> most SMTP servers would accept email from anyone anywhere to anyone anywhere (i.e. 'open relay').

to date that claim, I'd say that by the late 90s at least, true open relays ("from anyone to anyone") were still numerous but carried a huge assumption of being part of spam operations (willingly or through ineptitude), and the most basic spam filtering would reject mail that came out of one.

That said, (before things like SPF) it was easy enough to deliver email to anyone you wanted even if you didn't have your own real email account and SMTP server; you could just look up the destination's MX and connect to it with telnet like that. Since your own random IP probably wasn't blocklisted it would generally be accepted and delivered.

Back then it was still basically considered bad form to reject email simply because the server didn't know where it was from... sadly, if we were still playing by those rules today, I can only imagine how useless email would be. Now it's definitely guilty-till-proven-innocent.

0 comments

6 comments · 2 top-level

awesome_dude6d ago· 4 in thread

The magic for me, to this day in fact, is knowing that mail is essentially anyone on the internet being allowed to write to a mail servers disk.

There are rules now, but the concept is still almost intact, random people writing to the servers disk - to be later read by someone

soneil6d ago

It used to be even more literally so - network mail started off as using FTP to SNDMSG onto a remote system instead of your own. In RFC475, FTP has MAIL and MLFL (mailfile) commands to support this.

I think it's neat that you can still find echoes of this. MAIL worked by just appending to MLFL, separating records with CRLF.CRLF - which is still how Data segments are terminated in SMTP.

inigyou5d ago

Was that before or after UUCP? I know that UUCP carried a command in each message, so you would specify a message body with a tag that says pass it to the mail receiving peogram.

soneil3d ago

SNDMSG-over-ftp pre-dates UUCP by 5 years, so I think that one's pretty clear-cut.

(Not that I'm claiming anything's original here, ftp & smtp are both in the nwg/ietf family tree, which makes it easy to draw parallels. There's probably 100 other influences.)

inopinatus5d ago

This generalises to NNTP, in which anyone writes to everyone and is read by no-one.

xenadu024d ago

> That said, (before things like SPF) it was easy enough to deliver email to anyone you wanted even if you didn't have your own real email account and SMTP server

Yup, this was also a fun exercise. Use nslookup, find the MX records, then telnet to them and deliver some mail destined for domains that email server handled. At that point you're just a slower version of a mail daemon.

In 2006 when FIOS first rolled out they assigned ARIN IP blocks to anyone who requested a static IP and I hosted my own webserver and email server on the web. So for a long time I had my own netblock and my email server had been around for so very long it was in everyone's legacy trusted list. Even gmail never bounced emails from me, despite not having SPF or DKIM and whatever else. Though I did eventually set those up. Only authed users could send email and that was a limited list so my netblock never actually delivered a spam message.

Funny enough I also setup default routing so all non-registered addresses went into a separate mailbox for me and I used the "companyname@mydomain.net" for everything. For many years I knew about every single data breech before anyone else. Often months or years ahead as spam would arrive out of nowhere to that address.

When I finally moved to the bay area to work in tech for real the entire world had changed. You couldn't just get a netblock assignment anymore. And lord knows even if your ISP wasn't deliberately sabotaging your ability to run a server every other system on the internet would assume you're a scamming spammer. I had to give up self-hosting on-prem.

j / k navigate · click thread line to collapse