Skip to Content
Skip to Table of Contents

← Previous Article Next Article →

ATPM 7.10
October 2001

Columns

Segments

How To

Extras

Reviews

Download ATPM 7.10

Choose a format:

Segments: Slices from the Macintosh Life

by Evan Trent, etrent@atpm.com

DSS and SMTP Authentication

Now I don’t want to get off on a rant here, but…

It now seems inevitable that I will hereafter establish myself as the Dennis Miller of the computer world, ranting on a regularly scheduled basis with little or no regard for political correctness. The voice of sanity, however, must be heard from time to time even when it does little more than bitch and moan. Wouldn’t you agree?

That said, welcome to this month’s edition of ramblings and frustrations fresh from ATPM’s technical wizard. The topic of the moment is the lack of Mac and LAN support for a broadband Internet access system that shows enormous potential for the huge numbers of folks in areas where DSL and cable are not available; and the latest moronic implementation of anti-spam technology that set me off like the ranting techno weenie firecracker that the ATPM community has come to know and love.

A Brief History

Last month I helped my parents install a Digital Satellite System (DSS) for Internet access. They live in rural Vermont and do not receive cable, cannot benefit from DSL, and would have to spend a lot on a repeater as part of an ISDN installation. The only solution, aside from dialup access, is DSS.

As they already have a DSS television service they decided to investigate their options. Pegasus Express presented itself as the best choice. Their satellite system is bi-directional, so you no longer need an analog modem for upstream data transfer; this is a serious improvement over the original DirecPC system. Simply hook up a USB modem to the dish, and—hey presto—you have high-speed Internet access that you can use for both downloads and uploads.

The Catch

The problem is that, as with most things in life, Pegasus Express (and every other DSS system) is only compatible with Windows. It is also designed for use on only a single machine and not in a network environment. So regardless of platform, you will need to rig up a soft router if you want to share the connection over a local area network. My parents use a Mac, like all good citizens, so I had to set up a Wintel box as a headless soft router in the basement, sitting next to the USB modem for the DSS system.

The PC maintains a download speed of around 200KB/s, sometimes more. Upstream speeds aren’t quite so fast but still pack a punch. Yes, it really is that fast. I was amazed. I have a very zippy DSL line here in Chicago, essentially the equivalent of a T1 in both directions, and this thing was getting better speeds than my DSL line from time to time. Pretty groovy for rural Vermont.

Hey…I Thought PCs Were Fast?

As if the platform restriction weren’t bad enough, sharing the connection knocks the speed down several notches. I had trouble transferring more than 40KB/S on any client connected to the PC, regardless of operating system.

There aren’t a lot of options out there for folks using a DSS such as Pegasus Express, because it relies on the Windows TCP stack. You cannot use a product such as Vicom’s Internet Gateway (an industrial strength, speedy product which I highly recommend), because it uses its own proprietary TCP stack and turns off Microsoft’s. As a result it is only compatible with Ethernet-based devices. Oops! No USB devices with proprietary drivers allowed.

My eventual solution was to download a slick little product called SatServ, a soft router designed specifically for DSSs. It is reliable, flexible, and faster than Microsoft’s Internet Connection Sharing (ICS); but it still won’t allow me speeds even close to what I enjoyed on the PC connected directly to the satellite.

If you really want to use a DSS with your Mac, you can hook your Mac up directly to the USB modem and run Virtual PC. I haven’t experimented much with the configuration, but there are shortcomings. For one thing, your Mac doesn’t see the Internet connection, so you have to use Virtual PC with PC software to do all your Internet chores, unless you try to set up ICS or some sort of soft router within Virtual PC and then access that from your Mac, an ugly scenario. Although download speeds under Virtual PC aren’t up to snuff with a “real” PC, they are however faster speeds than your Mac would enjoy under a shared connection hosted by a PC soft router.

The Solution

Even a die-hard Mac advocate such as myself can understand how Pegasus (or DirecPC) could be lame enough to shun anybody not using Windows (Unix, Linux, and Mac users to name but a few). Realistically it would be trivial to write a driver for the Mac that would support the Pegasus Express hardware, but be that as it may, I am sure that from an MBA’s standpoint it isn’t a fiscally sound pursuit. Bean counters…sheesh.

However, the fact that the DirecPC system is only compatible with single terminal environments is a major shortcoming. Every other broadband Internet technology has an Ethernet router. Such support under DirecPC would fix the speed problem, eliminate the need for software altogether, and thus resolve any platform compatibility issues.

Pegasus claims it is working on a solution (Pegasus Express Pro) that will be designed for multiple users on a LAN, but it will be for business accounts. This of course means you would have to buy an expensive piece of software, plus a PC to run it on, and an overpriced service plan. An Ethernet router would be cheaper, faster, more reliable, platform independent: just plain better.

The Straw that Broke the Camel’s Back

As if the folks at Pegasus weren’t already dense enough, having developed a product that delivers the speed of a T1 but only to one computer at any given time, they have also made an incredibly obnoxious decision in their capacity as an Internet Service Provider (ISP).

The latest version of Pegasus’ software will only let you send an e-mail if your “From” address ends with “@pgtv.net.” In other words, you can only use their mail servers to send mail using a Pegasus e-mail account (the service plan comes with ten accounts, which is nice). This proves highly problematic, however.

If you are like me, you have more than one e-mail account. My local ISP here in Chicago, for example, is Verio. Verio will only let me use their outgoing mail server if I am connected to their network (via dialup or my DSL line). So if I want to send mail (or respond to a message) from my Verio e-mail account when I am in Vermont at my parents’ house, I can’t.

This effectively made it impossible for me to deal with my e-mail while I was in Vermont. I could not respond to mail on most of my accounts (and I have many). A lot of people keep their existing e-mail accounts when they upgrade to a broadband Internet connection, and to expect these people to give up those accounts or stop sending mail from them is just plain silly.

So I made a quick call to the folks at Pegasus. A nice gent picked up the phone after a couple of rings. I played dumb. I love to play dumb when I call up tech support people. It’s always incredibly amusing.

“Hi! I can’t send mail. I am getting some weird error about relaying or something, whatever that means.”

I was given an explanation of the new Pegasus policy not to relay mail (in other words, to not let you use the Pegasus mail server to send mail from non-Pegasus e-mail accounts).

“But how do I send mail from my other accounts?”

Get this—he suggested that I dial into my ISP(s) to send mail from those accounts.

Riiiiiight.

That makes a lot of sense. Pay money to install the dish, pay money for the monthly service, and then when you want to send mail using an existing e-mail account, plug in ye olde reliable analog modem? I think not.

Spam

The reason that Pegasus has implemented such a harsh and overbearing policy regarding the sending of e-mail is spam. To prevent spam, many ISPs have taken steps to tighten up their mail servers and prevent them from being used by would-be spammers.

The most common tactic employed by ISPs is to only allow users to send mail through their mail server if the user is on the same network. This is the case with my ISP Verio; if I wish to send mail using their mail server, I must be on their network (and thus presumably a customer). Otherwise I am denied access. Most ISPs operate in this fashion.

Pegasus does not. Instead, what they have done is completely brain-dead. Rather than checking to see if the user sending mail is on the Pegasus network, they check to see if the “From” address contains an e-mail address ending in “@pgtv.net.” Faking a from address isn’t terribly difficult; anyone wanting to use the Pegasus mail server to send spam simply needs to format the header to read “From: spam_guy@pgtv.net,” for example. If you have a functioning keyboard and a brain stem, you’re good to go.

So, what Pegasus has done is make it impossible for me, a paying customer, to use their mail server to send mail from any account but theirs, and completely trivial for a spammer to use their server to send spam. Good job boys. That’s high tech.

Easy Now

In all fairness I should take it easy on Pegasus. They’re not the only buffoons on the Net. A lot of folks are going off the deep end with anti-spam mentality and screwing everything up in the process. Even ISPs such as Verio—that operate in a fashion which allows me to use their mail server to my heart’s content when on their network—do not make it easy for me to use it when not on their network, even if I am sending an e-mail from my Verio-provided e-mail account.

If more outgoing mail servers implemented SMTP authentication then there wouldn’t be a problem. SMTP authentication is a technology which lets you send mail using an SMTP server, regardless of whether you are on the same network, if you have successfully negotiated a POP logon recently (you can define the timeout on the server). Typically this allows a user to check mail and then send mail directly afterwards, ensuring that only a user with a valid POP name and password can send mail. This technology would let me use Verio’s SMTP server while connected via Pegasus.

Get Real

The reality of the situation is that we will never eliminate spam. Sorry folks, but that’s the truth. Every mail server from here to kingdom come has spam filters in place and has taken anti-spam precautions. Every e-mail client has spam filters in place. And guess what? We still get lots and lots of the stuff every single day. All that has been accomplished merely makes it that little bit more difficult for normal law-abiding Net users to check and send e-mail, and gives mailing list administrators such as myself huge headaches through having to deal with novice users who don’t know how to properly configure their e-mail client to filter out spam.

Incidentally, the only way I managed to send e-mail while I was in Vermont was to set up an open relay mail server on my PowerBook and send mail through it. This was not a solution; this was a hack, but it worked, and I suspect that spammers across the globe are doing the same thing. ORBS and other anti-spam databases are doing their darndest to keep those servers blacklisted, but it isn’t even terribly difficult to convince ORBS that your server is doing its job correctly; all you need to do is filter out the IP address of their test engine and you will pass their test. No technology is going to eliminate spam.

People get so infuriated over spam and I’ve never understood it. Talk about a non-intrusive and generally amusing form of mass marketing—how can you complain? The higher tech these people get, the less of a pain in the neck they become. It’s just spam—it’s not a telemarketer from the Publisher’s Hotline telling you how they’ll send you ten magazines per month for the rest of your life if you just send them $1000 per year. You don’t need to hang up on anybody and feel guilty about your lack of manners. Spam is not a junk fax advertising cheap airfare to Hawaii. It’s not wasting paper or forcing anybody to even read its contents.

I respect the fact that for folks with slower connections, spam makes checking for e-mail a longer and more painful process than it already is, but even when I’m on a dialup modem overseas I’d rather deal with spam than some yokel calling me up to tell me about some new credit protection plan. Spam is just e-mail—a bold title. Press the delete key. Problem solved.

And don’t even talk to me about wasted bandwidth or network congestion. In the broadband age you have people downloading MPEGs of Pamela Anderson on her honeymoon doing, er, typical honeymoon stuff, and you’re complaining about a couple of bytes of text? Get a grip.

Also in This Series

Reader Comments (2)

anonymous · October 4, 2001 - 16:48 EST #1
Here's my rant concerning isp's: Three years ago, I signed up with a local provider. When I had a problem, I talked to a person. One guy even helped me out with a printer problem I was having! Their reputation was so good, they were eaten--er--purchased by a slightly bigger fish. Now, my calls "were very important to them, please hold...." Once in a while I'd get disconnected or get an authentification error, but that coincided with their policy of no busy signals; can't get one if you can't connect. Then they were eaten by E-Link. I now get disconnected every 5 to 20 min. They sent their customers a new dialup number that invokes an authenication error the first time you try to log on *every* time you log on, so I have to connect twice to get connected. Their tech support gave me a dialup number a couple weeks ago that was answered by a PacBell operator. When you call tech support on the phone, their robot always asks if I want a Windows or Mac tech, but I've never ever gotten a Mac tech. I can't use their e-mail form for support because they don't list "the grid," my first ISP. They answered an e-mail once, with Windows instructions to solve my problem! They conveniently blame all my troubles on the phone lines, how clever! I could go on forever, but I'll spare you my pain. I looked into Optistream, the only Mac-supported satellite provider so far, but they want $2,500 just to set you up. E-Link would be perfect, since they work with Dish Network, my TV provider, but no Mac support--hey Apple, buy some more shares and twist their arm. I live in the Mojave desert, so my options are limited. I hear blue sky will have Mac support when the go public next summer. Meanwhile, I put up with web pages that never load and constant disconn----.
Evan Trent (ATPM Staff) · October 4, 2001 - 20:15 EST #2
I would like to make a correction to my article. I seem to have confused SMTP authentication with POP before SMTP, which is a totally different technology. SMTP authentication is a system which allows you to log on to an SMTP server directly, and is unrelated to what I describe, whereby the SMTP server checks to see if you made a POP login (thus POP before SMTP). My apologies to our readers.

Add A Comment





 E-mail me new comments on this article