IT Services/Petition for SMTP
From CNUpedia, an IEEE Innovation.
The Petition for SMTP consists of various requests of IT Services after they restricted SMTP access to residential students. This article has the original email sent out by ITS to its student workers, along with the text of the petition.
The petition is comprised of requests for various rights, a demand for a say in the matter, and an additional section that states two auxiliary considerations. The petition itself requests more rights than were originally granted before the restrictions. Some of these additional rights, such as the request for encrypted and authenticated communication, the writers thought might constitute better security.
The issue is more complicated than it at first appears, and arguments range from affirming the decision by ITS as sound, to the petition itself, to more somber suggestions that this is merely another example of a school undergoing uneven transition.
Discussion may be held on the discussion page.
Richard's Email
Date: Thu, 25 Jan 2007 08:44:05 -0500
From: "Richard F. Hart II" <rhart@cnu.edu>
Subject: Outgoing Mail in the Residence Halls (SMTP port 25)
To: its_students <its_students@lists.cnu.edu>
Reply-to: its_students <its_students@lists.cnu.edu>
Students,
As you may have noticed we have blocked the port used by SMTP (port 25). This does not allow you to send outgoing email using an email client such as Outlook, Thunderbird, etc. We have blocked this port because it can also be used by a worm, virus, or trojan to send mass emails to the CNU community at large. The software we are using to push this policy and others to Resident Hall Network was causing some inequalities among the switches that make up this network. This is why SMTP may have worked for some of you. We're sorry for the confusion this may have caused, but these changes were enacted to protect the student network and make it usable for everyone.
Thank you, Richard
Petition Text
This is the unofficial version of the petition. See the official text.
The writer of the petition states: I want to recognize that ITS has made many significant achievements. This petition is not meant so much to disparage ITS, but try to find out about what students might want. ITS is not perfect, but neither is it without merit.
- * Petition to IT Services *
- Re: Get Direct SMTP BACK!
IT Services has blocked access to its SMTP system to students on campus, and has long disallowed its use off-campus. SMTP stands for Simple Mail Transfer Protocol, and it is used by programs like Outlook and Thunderbird to send email. It is a well-known standard since at least 1982 and is still used today by countless service providers.
When it was available, it allowed students, faculty, and staff to send email without using the myCNU web portal.
We WANT IT BACK! We believe that IT Services owes us the decency of having a say in the matter. IT Services did a somewhat incomplete job of implementing it in the first place, and we include concrete suggestions for how they could make it more secure along with our general protest.
In short, we protest for
- (1) Direct access to SMTP service for everyone with a CNU email account.
- (2) Access for these authorized users on and off campus
- (3) Authenticated access in a compliant manner. SMTP-Auth has been available since at least 1999.
- (3b) Consideration as to secured authentication, by using such methods as hashing and comparable alternatives.
- (4) We also request the ability to encrypt or not at our option any client-server communications, using such protocols as TLS or SSL.
Technical considerations:
- (1) Sender Policy Framework does not constitute any kind of solution, whatsoever, to the petition listed above. It has a useful but unrelated role to play in email systems.
- (2) Access to off-campus users may be provided by VPN instead of through direct port access. This allows IT Services to maintain, albeit unnecessarily, stronger firewall restrictions.
