[145881] in North American Network Operators' Group
Re: Outgoing SMTP Servers
daemon@ATHENA.MIT.EDU (Ricky Beam)
Tue Oct 25 15:47:57 2011
To: "Jeroen Massar" <jeroen@unfix.org>
Date: Tue, 25 Oct 2011 15:46:55 -0400
From: "Ricky Beam" <jfbeam@gmail.com>
In-Reply-To: <4EA69A34.4080300@unfix.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, 25 Oct 2011 07:15:00 -0400, Jeroen Massar <jeroen@unfix.org> wrote:
> On that iToy of yours it is just a flick of a switch, presto.
Where "flick of a switch" is actually several steps...
Settings -> Network -> VPN... there's your switch.
Wait for it to connect
Go back to mail, refresh...
And one's VPN profile has to be setup in advance.
Plus, it doesn't always work. I gather you've never been in a network
where an IPSec VPN wouldn't connect. I've seen it too many times. (I've
even seen ISPs where it didn't work. Apparently GRE isn't IP to them.)
An SSL VPN will often get around that, but it's additional
hardware/software/setup/licenses/etc. (For a Cisco ASA, it's an additional
word in your vpn setup, and a license... base "demo" is only 2
connections.)
It's *MUCH* easier to setup the mail server on ports 465 and 587, require
auth and tls. Done right, it's 100% transparent to the traveling user.
Works perfectly even in networks where a VPN doesn't and the idiot hotel
intercepts port 25 (not blocks, redirects to *their* server.)
--Ricky
