| ▲ | jraph 8 hours ago |
| > Can't even name the domains on my own damn server with an expectation of privacy now. You never could. A host name or a domain is bound to leave your box, it's meant to. It takes sending an email with a local email client. (Not saying, the NAS leak still sucks) |
|
| ▲ | ahoka 3 hours ago | parent | next [-] |
| I have internal zones in my home network and requests to resolve them never leave the private network. So no, it's not meant to. |
| |
| ▲ | jraph 3 hours ago | parent [-] | | "Meant to" may indeed not be really accurate. However, domains and host names were not designed to be particularly private and should not be considered secret, many things don't consider them private, so you should not put anything sensible in a host name, even in a network that's supposed private. Unless your private network is completely air-gapped. Now, I wouldn't be surprised that hostnames were in fact originally expected to be explicitly public. |
|
|
| ▲ | zaptheimpaler 7 hours ago | parent | prev [-] |
| I don't know much about email, but how would some random service send an email from my domain if I've never given it any auth tokens? |
| |
| ▲ | TheDong 5 hours ago | parent | next [-] | | You don't need any auth to send an email from your domain, or in fact from any domain. Just set whatever `From` you want. I've received many emails from `root@localhost` over the years. Admittedly, most residential ISPs block all SMTP traffic, and other email servers are likely to drop it or mark it as spam, but there's no strict requirement for auth. | | |
| ▲ | prmoustache 4 hours ago | parent | next [-] | | > Admittedly, most residential ISPs block all SMTP traffic, and other email servers are likely to drop it or mark it as spam, but there's no strict requirement for auth. Source? I've never seen that. Nobody could use their email provider of choice if that was the case. | | |
| ▲ | namibj 4 hours ago | parent | next [-] | | They don't do DPI, they just look at the destination port.
And that's why there's a separate port for submission to mail agents where such auth is expected and thus only outbound mail is typically even attempted to be submitted to.
Technically local delivery mail too, e.g. where the From and the To headers are valid and have the same domain. | |
| ▲ | TheDong 3 hours ago | parent | prev [-] | | The 3 most common ISPs in the US are Comcast, Spectrum, and AT&T Comcast blocks port 25: https://www.xfinity.com/support/articles/email-port-25-no-lo... AT&T says "port 25 may be blocked from customers with dynamically-assigned Internet Protocol addresses", which is the majority of customers https://about.att.com/sites/broadband/network What ISP are you using that isn't blocking port 25, and have you never had the misfortune of being stuck with comcast or AT&T as your only option? | | |
| ▲ | prmoustache 21 minutes ago | parent [-] | | Well I am not in the USA for a start but if it is blocked it must be only inbound otherwise it would break everybody. |
|
| |
| ▲ | flexagoon 3 hours ago | parent | prev [-] | | You can, but most email providers will immediately reject your email or put it into spam because of missing DKIM/DMARC/SPF |
| |
| ▲ | jraph 7 hours ago | parent | prev [-] | | It should not, but it's usual to configure random services to send mails to users, for instance for password resets, or for random notifications. Another thing usually sending mails is cron, but that should only go to the admin(s). Some services might also display the host name somewhere in their UI. |
|
