RE: Is your ISP blocking outgoing port 25?

[Ted Hardie <hardie () qualcomm com>]

At 9:38 AM -0700 6/22/09, John R. Levine wrote:
> > The bootstrap question is addressed by requiring the end-user to know their
> > e-mail address and password.  Based on the domain name, the implementation
> > would reach out to https://something.domain-name.tld and download the
> > relevant "schema" and data for IMAP, SMTP, POP3, etc, in ordered priority.
> > Based on what the e-mail client could support, the desired settings would be
> > displayed, and upon end-user approval, applied.
>
> End-user approval?  That means support calls, ISPs wouldn't like that.
>
> I can believe something like this could be made to work, but I would think
> hard about all the way that web sessions can get screwed up or hijacked
> before I persuaded myself that a scheme was likely to work where it needed
> to work (e.g., when connecting to a hotspot that hijacks all web sessions
> until you log in) while not being subject to hostile spoofing.
>
> Followups definitely to IETF-something.

I would suggest following up at discuss () apps ietf org; the folks there
can point you to things like RFC 2244 (ACAP, the Application Configuration Access Protocol),
describe why that got turned in XCAP by the RAI area (RFC 4825, primarily used
in SIP contexts but designed to be multi-use), and caution you that the many
hours spent designing these things have not generally born fruit in the marketplace.

Is this possible for email?  Sure.  With strong support from a vendor with a tied house
model (e.g. RIM or Apple), it might even get to be popular.  But as a general
purpose approach, it has not hit that sweet spot.

                        regards,
                                Ted Hardie

> R's,
> John