I have a WiFi setup at a hotel.

Most hotel guests know how to access their web based email at our hotel WiFi, when they are away from home. That is at the hotel they don't use their SMTP email.

But just recently I had a hotel WiFi user ask for the:

1. outgoing email server name
2. User ID assigned to the DSL line (it's dsl broadband)
3. Password assigned to the DSL line

They wanted this information so they could set up their Outlook to send email out. Evidentally they didn't know how to access their web based email or they didn't have that capability.

Anyway...

Is this a security problem for me to hand out the above 3 pieces of information in order for them to send out email?

That is can they use this information in some unscrupulious way?

I don't think they can, since that User name and password are tied only to that DSL phone number. So they couldn't use it from any other phone line other then that phone line (at least thats what the Verizon DSL tech guy said).

He even said that several people at that WiFi location could get on to send outbound email using that same User ID and password, as long as they all were on the same DSL phone line.

That sound right to you?

If there doesn't seem to be any security problems, then I might start handing out the User ID and password so people can do SNTM outgoing email.

Thanks for the info.

I don't know...I'd be a little scared.

If they know enough to ask for that info, then they probably know enough to buy and use a VPN, but are too cheap.


You have to protect your network. They can obviously use the email when they get on site..where ever they are going.

You can even set up a yahoo account to get other accounts mail, but they send out of their yahoo account.

I don't see anyone asking Starbucks for their info...


My vote - NO!

Hi spiderbite:

I like the way you put it about being too cheap. Thats funny.

I found out that Verizon also has "sub accounts". That is I can have up to 9 email accounts tied to that DSL number that don't use the main User ID and password.

But I still think that may not be good, since I think those sub accounts still could be used for spamming or something malicious.

I'm thinking whatever email account they use, it should be something tied back to the user...not the hotel.

But I am open to finding a solution to helping out the h otel users.

Thanks for the response.

Many hotels I stay at have their own smtp server and you must have that smtp server set to send email or their server blocks outbound mail.

The work around is to use Yahoo or Mail2Web if the hotel will not give you the SMTP address. That is all you need to send email.
Enter the correct SMTP.xxx.yyy for that hotel in your email send command and you are set.

P.S. Most hotels don't even know the SMTP address.

You don't need passwords or names.

Hi ddodge1:

Thanks for the reply.

When you say they have their own smtp server, do you mean the smtp server that is associated with their ISP, since ISPs will give an smtp connection? Like for Verizon its: outgoing.verizon.net

Most ISPs don't block port 25, so they should accept outgoing email even from other ISPs, from what I understand. Verizon and Earthlink told me they don't block port 25.

<The work around is to use Yahoo or Mail2Web if the hotel will not give you the SMTP address. That is all you need to send email.>

Yes. Yahoo web mail or Mail2Web should work for them. Isn't Mail2Web kind of an email redirection method? I don't understand it all that well.

So if port 25 isn't blocked the WiFi user should only need to configure their Outlook with the outgoing SMTP name. But if it needs authentication then it will need to have the User name and password configured in the Outlook for the smtp mail.

<P.S. Most hotels don't even know the SMTP address.>

You are right there.

<You don't need passwords or names.>

I believe you might need the passwords and users ids for the smtp servers that want authentication.

Thanks much

Bob,

They should not have to touch the Outlook settings..

Just let them set up a yahoo acct. to check other mail...

I can check however many email accts. I want...


But I can only send mail through my yahoo address!


But then I got me a VPN thingy and this is no longer an issue for me!

Necessity is the mother of invention and Bob Inc, needs to figure out how to provide yet another valuable service to keep cheap travelers out of the lurch...

Go forth and prosper...

Hi Spiderbite:

I did try to tell this one guy that he should see if his email account is set up so he can access it web based email. But he didn't seem to want to try that.

He seemed so intent on wanting to get our user id and password. I was suspicious.

Yep. His company should set him up with VPN.

Question: Do I need a special router in order to let him do VPN?

The company I work for hosts email accounts on our servers. I'm thinking of trying to sell email hosting accounts to hotel WiFi users who want to do outbound email from the hotels.

That way I won't have to give them the hotel user id and password.

What you think?

Yes, even Verizon blocks email from other accounts than their own users. From a Holiday Inn I stayed a recently I had to use SMTP.outbound.verizon.net and then I could send mail.


I use Eudora as it is not as vulnerable as Outlook. It readily traps my junk mail and alerts me if a program tries to run inside it.

Don

Hi ddodge1:

I had a question please:

< Yes, even Verizon blocks email from other accounts than their own users. From a Holiday Inn I stayed a recently I had to use SMTP.outbound.verizon.net and then I could send mail. >

That conflicts with what the Verizon technician told me today. They told me they don't block port 25 (which would block email form non-Verizon accounts).

Yes outbound.verizon.net is their outbound server.

But that smtp server needs authenticated with a valid User ID and password. I assume you had to put a User ID and password in your email program in order for Verizon's smtp server to send out that email. I have Verizon DSl here and have to authenticate it with the proper User ID and password...otherwise it won't work.

Am I correct? Thanks much.

If you use a router for more than one computer on your DSL line it has your user and password on it. You should not have to use your username and password on any computer connected to the router. But for sending email, the SMTP setting must match your provider or it may be blocked. Earthlink, SBC, Verizon all do this now in an effort to block spammers.

Hi ddodge1:

< But for sending email, the SMTP setting must match your provider or it may be blocked. Earthlink, SBC, Verizon all do this now in an effort to block spammers. >

Are you sure about that, since Verizon and Earthlink told me the opposite for SMTP not coming from their connections.

They told me just yesterday.

Try it yourself. I have several accounts and must always use the correct SMTP setting depending upon who I send the message through. i.e. when connected dialup through earthlink, I must use smtp.earthlink.net. When using T-Mobile, who have no SMTP service, I must use smtpauth.earthlink.net to get through earthlinks blocker on sending through a foreign system. Verizon, SBC, Boingo all require me to use their SMTP server or they block it, ie the smtpauth of earthlink is blocked.

Don

Wow.

Thats really news.

That really contridicts what Verizon and Earthlink (and Earthlink's web site info) say.

Goes to show I can't believe the tech people I speak to at those places.

I noticed that you have an outgoing smtp Earthlink address to get out on non Earthlink addresses. H ow did you get that.

Maybe that method could be used on Verizon lines?

But if you look at this link:

http://support.earthlink.net/mu/1/psc/img/walkthroughs/Help_FAQ/7280.psc.html

It is an EArthlink. It seems to contradict your actual findings.

That means EArthlink has it wrong on their web site too.

The earthlink page assumes that you are using an earthlink account. We have a domain registered with earthlink and I must use the smtauth to connect when using earthlink for the connection.

Others ie verizon and SBC block the smtpauth from being used through their access.

There are two issues. 1. who's access are you using. i.e. a hotel with a verizon DSL, who block foreing smtp requests

2. your email account. the standard email account assumes that you are using your own access.

The path from your message goes through your email program to the access system. They have to allow pass through.

It is rather frustrating to keep track of the paths. I am on the road alot and often have to try several methods before you hit on the one that works. Most tech support either does not know the answer or are reluctant to give it to you. I have found that sometimes the "graveyard shift" folks are most helpful.

Good luck

dodge1:

Thanks:

I really read the EArthlink web link incorrectly. Sorry.

< The earthlink page assumes that you are using an earthlink account. >

You are right, it does.

< We have a domain registered with earthlink and I must use the smtauth to connect when using earthlink for the connection. >

Does this mean if I register a non Earthlink account with Earthlink, that EArthlink will let me use it?

I never heard of "smtpauth" before. That must be something that lets non EArthlink accounts use an Earthlink connection.

Sounds like you use this stuff a lot.

Thank you for the info.

Bob,

I would really consider against offering a service that people can get for free.


Go open a yahoo/ hotmail/ google/ email acct....I'll wait...


Good, that was easy...Now in there somewhere is the ability to check other mail. You point to whatever server you recieve email on and bingo! you can check your mail while your away...

The only inconvienence is having to SEND on the yahoo acct..

If I have to be inconvienenced, why pay for the privelege of that inconvienence from you...I can get it for free?

As far as the VPN goes. I do it here at the house out of my linksys befsr41 whoopty-doo I bought from target.

The VPN stuff is the other guys problem....

Here (http://support.earthlink.net/mu/1/psc/img/walkthroughs/Help_FAQ/7280.psc.html) is Earthlink's setup procedure and info on using their Authenticated SMTP server which allows you to send email through them from any connection, not just theirs. Of course, you have to have an Earthlink account to do this.

For customers without VPNs, sending emails is a frequent issue. Even major WISPs like WayPort provide their customers with instructions (http://www.wayport.net/support/configemail) on how to configure email programs for outgoing email through their system. Others, such as T-Mobile (Starbucks' WISP), do CAPTIVE SMTP which basically captures all Port 25 traffic and re-writes/sends it through their own SMTP server, regardless of the users outgoing mail server settings. This has caused problems (http://www.mobilewhack.com/networking/wifi/beware_of_captive_smtp.html) for some users though.

Some routers such as Airpath's WSG-100 provide the capability to enter your preferred SMTP server domain or IP address to re-route Port 25 traffic (see Pg. 27 of this 1.2Mb PDF (http://www.hotspotsolution.com.tw/100b/Manual_WSG100_6830100_0220_V1.01.pdf)), though it didn't seem to work properly when I tried it and had complaints from some customers that their email was not being sent.

Our current solution is provide our own outgoing email server name to our customers and instruct our Windows 2000 Server to allow all outgoing email traffic from the IP addresses of our customer accessed routers. This prevents us from having to provide any kind of username/password info, just our outgoing mail server name.

This will work and several of our outside sales folks told me that the hotels they stayed at last week now give them a card that says: our SMTP address smtp.xxxx.yyy

And that works for them also.

Thanks
Don

I think this may be a great answer for all of those using Nomadix. Maybe you can get it without the Nomadix...its worth calling them. This is the info release

"Nomadix SMTP Service Simple Mail Transfer Protocol (SMTP) servers are used by ISPs to send outgoing mail. In order to mitigate security risks such as mail spoofing (forging a source identity other than your own on an outgoing mail message), ISPs frequently configure their SMTP servers to reject outgoing mail sent from source addresses outside the local network. The consequence for traveling broadband users is an inability to send mail when away from home. The user’s normal SMTP server sees outgoing mail requests coming from a foreign network and ignores them.
The SMTP redirection feature of the NSE recognizes attempts to send SMTP mail and redirects the outgoing mail to an available SMTP server maintained by the local ISP. Since the request to send the outgoing mail now comes from a local address, the local SMTP server allows the mail to be sent. Guest network users can send E-mail using the local SMTP server, even though their normal mail server would reject their requests. The recipient of the E-mail message is unaware that a surrogate SMTP server was utilized. To the recipient, the E-mail message looks completely normal and it can be responded to like any other message.
However some of the local ISPs do not offer a local SMTP server that can be utilized by the Nomadix Gateways to redirect the outgoing mail. To enable SMTP redirection in such scenarios, Nomadix is offering the SMTP service. As a part of this service Nomadix is hosting an SMTP server for clients who do not have SMTP servers provided by their ISPs.
The SMTP server hosted by Nomadix is an industrial class server hosted at the Nomadix Network Operations Center. It is not an open SMTP server but implements the Login Authentication to support end users with E-mail clients that send authentication information to the SMTP servers. The SMTP server also supports IP Access Control Lists to support end users whose E-mail clients do not send authentication information and at the same time precluding spammers from illegally using it. In order to limit spamming, the SMTP server also employs well known flow control and tar-pitting techniques.
Technical Support for the SMTP server will be provided by Nomadix as per the general Technical Support guidelines. "

I think this will definatly help this problem that we all have and its ONLY $200 per year, not bad for solving customer service calls and service dissatisfaction.