How E-Mail Relaying Works

Every so often I have to explain e-mail relaying to a client so that they can figure out how to set up their e-mail if they are hosting a domain with me. I thought the general information might be interesting enough that others might benefit as well, so here’s the explanation I sent out:

—–

OK, here’s how it all works.

A user has an Internet Service Provider that provides the “wire” to their house. For clarity, we will call this company “ISP.com.” They are the ones that you pay for your DSL, or broadband, connection. In my case, for instance, I have a broadband connection provided by the Piedmont Triad Road Runner division of Time-Warner. So, ISP.com provides service to you. You are in their “cloud” of domain security, and they, by default, “trust” you as “one of their own.â€? It is a cozy, happy relationship. As far as ISP.com is concerned, your house, and your PC, are “on their network” and they allow you to “send and receive” pretty much whatever you want, to and from, them.

Now, outside of ISP.com, there are other ISP’s, other companies, and other network services. These folks are “outside” the friendly confines of ISP.com. ISP.com does NOT trust these other companies. And, sadly, they shouldn’t! There are too many bad guys out there to lower your guard! I have often said that the Internet is like the old “Wild West” days. You have to carry a six-shooter with you to protect yourself from the guys in black hats!

Now, you (a member of the ISP.com community) contracts with an outside vendor to provide business e-mail (like me,) we with call this company “MAIL.com.” MAIL.com has it’s own DNS, infrastructure, e-mail servers, firewalls, and, it, too, has a responsibility NOT to trust anyone outside of it’s “cloud” of influence. MAIL.com trusts YOU as a customer, but MAIL.com DOESN’T trust ISP.com, and ISP.com doesn’t trust MAIL.com. Rather than being a bad thing, in computer and networking circles, this is “business as usual” since both companies know that the rules are; “If I can’t control it in my own datacenter, then it is NOT to be trusted.â€?

Mail servers have an ability called “relaying” that allows one trusted source to “relay” mail to another trusted source. “Relaying” is ONLY turned on WITHIN a network “owned” by the vendor that controls it. For instance, MAIL.com may have four servers sending mail BEHIND their firewall, and WITHIN their own datacenter. Among this “big, happy family,” these servers may be set to relay mail to each other all day long. But, MAIL.com would NEVER open a relay to ISP.com, and ISP.com would NEVER open a relay to MAIL.com. On the Internet, these mail servers are called “Open Relays” and as soon as they are found, they are “blacklisted” as spamming servers, or, they are isolated in other ways to be sure that they do not become “carriers” of all the ills of the Internet like Viruses, Spam, Malware, etc. No one wants to be found out to be an “Open Relay” server. Aside from the fact that it is bad computer management, and opens up abuse problems, it is also just plain “dumb,” and other computer geeks think that the company that does this is clueless and should be sent back to Networking 101! (They also poke fun at them in dark, shady, corner Geek Bars and have a laugh at their expense!)

So, what is a customer to do? He (you, in this case) is “stuck” between two “Wild West gunslingersâ€? that don’t trust each other! However, MAIL.com trusts YOU as its customer, and ISP.com trusts YOU as its customer! So, you can RECIEVE mail from MAIL.com, and you can SEND mail from ISP.com! Therefore, you have to set up your mail client so that:

INCOMING mail is set to the e-mail server at MAIL.com
OUTGOING mail is set to the e-mail server at ISP.com

In this way, you can both send mail OUT, because ISP.com trusts you. You are in their network, after all. And you can receive mail sent IN to “insert-your-personal-domain-here”.com because MAIL.com trusts you as a customer and will gladly send your client e-mail destined to you.

So, now, let’s drop back to the “real world” at my house, as a real “for instance.” My ISP is Road Runner, so I would have my home e-mail set to SEND OUT via Road Runner. But I would have my RECIEVE server set to DrBillBailey.NET (since that is my personal domain.) So, my e-mail client would be set:

SMTP OUTGOING server: smtp-server.triad.rr.com
SMTP (or POP3) INCOMING server: mail.drbillbailey.net

Now, since I am “within” the Road Runner “world” I don’t even need a password to “relay” off the “local-to-me” Road Runner e-mail server. However, I DO need a username and password to connect to my personal account at DrBillBailey.NET.

So, what you will need to do, is be sure that your e-mail client is pointing toward YOUR ISP’s SMTP server for OUTGOING SMTP traffic, and to the e-mail server at “insert-your-personal-domain-here”.com’s server (with your username and password) for the INCOMING mail. This SHOULD clear up any problems. Sorry for the long story, but I have found it helps to “get” the underlying concepts when setting these things up!