ISPDB configs without STARTTLS and/or SSL (was: Autoconfig for aol.com and friends)

Ben Bucksch ben.bucksch at beonex.com
Sat Jan 19 15:10:33 UTC 2013


On 16.01.2013 20:08, Andrew Sutherland wrote:
> If you know of specific examples of ISPs that do not support SSL but 
> do support STARTTLS, I'd definitely appreciate them. 

comcast.net - SMTP is STARTTLS only, only POP3
email.it - SMTP is STARTTLS only
ewetel.de - SMTP is STARTTLS only
hotmail.com - SMTP is STARTTLS only, only POP3
some unheard-of Japanese ISPs - STARTTLS only
inbox.lt, inbox.lv - SMTP is STARTTLS only
kabelmail.de - POP3 only
posteo.de - STARTTLS only
telenor.dk (with lots of domains) - STARTTLS only
skynet.be - SMTP is STARTTLS only
sympatico.ca - SMTP is STARTTLS only
t-online.de - SMTP is STARTTLS only (they are huge!)
web.de - SMTP is STARTTLS only (they are huge!)
uol.com.br - SMTP is STARTTLS only (that's your target group, right?)

The following configs have either incoming or outgoing with neither SSL 
nor STARTTLS, but unsecured. Some of them are POP3 only:

almost all configs in *.jp
charter.com
earthlink.net, mindspring.com
peoplepc.com
rr.com
bigpond.com
nifty.com
francetelecom.fr
free.fr
sfr.fr
alice.it
libero.it
terra.es
versatel.de
aon.at
broba.cc
kelcom.net
mail.dk
seznam.cz
skynet.be
tiscali.cz
upcmail.nl
ziggo.nl

In addition, the following ISPs have only POP3, no IMAP:
hotmail.com
rr.com
att.net
comcast.net
verizon.net
bigpond.com
nifty.com
sympatico.ca
aon.at (big Austrian cable ISP)
kabelmail.de (big German cable ISP)
ewetel.de
broba.cc
inbox.lt
inbox.lv
kelcom.net
mail.dk
o2.pl
onet.pl
seznam.cz
studenti.univr.it
tiscali.cz
upcmail.nl
wp.pl
xs4all.nl
xtra.co.nz
ziggo.nl

Please note that I generally tried to find and list all working configs, 
not only those that are officially supported, so if there's no SSL 
server listed, then most likely there simply is no working one (at least 
at the time when we did the config).

I just double-checked some of the important configs that have STARTTLS, 
but no SSL:

  * T-Online securesmtp.t-online.de works with SSL on port 465, so we
    could add that. I only checked whether the server responds, but not
    whether the certificate is OK and a login actually works.
  * ditto uol.com.br
  * smtp.web.de SSL 465 does not work. web.de is one of the biggest mail
    providers in Germany, and in the top 5 world-wide for Thunderbird.
  * smtpauth.peoplepc.com SSL 465 blackholes, no response at all
  * ditto earthlink, mindspring.com


Also note that I cannot guarantee that the above lists are correct. I 
have missed aol.com, so I have made mistakes. I only quickly looked over 
the configs, it's just a survey.


Conclusion:
Without supporting STARTTLS, you are going to take a hit, but it's not 
that big, if we update some configs. But updating the configs is going 
to cost time as well, if we do it diligently. It's not clear that this 
is faster than implementing STARTTLS support. Esp. t-online.de, 
uol.com.br, web.de and earthlink/mindspring/peoplepc are significant, 
whereby the latter 2 simply don't have an SSL server, only STARTTLS, and 
they are big.


However, without supporting plain (non-SSL) connections, you are going 
to miss a huge amount of configs. Ditto with POP3.

Dropping the user into manual config is highly unfair, because that 
sends the user searching for something that we *know* doesn't exist. The 
point of autoconfig was to save time for the user, not waste it.

Compiling this list took some time, so please draw some constructive 
conclusions from it.

Ben




More information about the tb-planning mailing list