Monday, September 1, 2003

What do you do when your ISP hijacks your email return address?

THIS WEEK'S POWERTIP

By David Gewirtz

What do you do when your ISP hijacks your email return address? A reader, Mark Williford, had just that question:

I have just been introduced to your site and enjoyed the read. I am an (all to familiar) network administrator for a small construction company who got the job by acclamation. They asked for a volunteer to step forward, I wasn't paying attention and everyone else took a step back.

We have Exchange 2000 Server installed and about 40 desktops running Outlook. My users started complaining that people were having trouble replying to their messages. Each computer gets mail from a third party ISP SMTP [Simple Mail Tranfer Protocol] email server through Outlook. So, each user is set up with all the necessary info to go out and get his/her email and, of course, send email. It seems as though the user setup on the server, which gives them an internal email address for Exchange, is replacing the reply address from the local machine with the one that Exchange uses such as markw\@ourdomain.local. This becomes a bit confusing for those getting and trying to reply to our email messages.

What suggestions do you have?

There's some complexity to this question which probably can't be answered in a simple "letter to the editor." I originally encountered this with our own servers when some of our folks tried to connect from remote locations. Some ISPs translate the return address for email traffic that runs through their network. Personally, I consider this a reprehensible practice, but it seems on the rise, rather than declining. Some of those ISPs will, for an additional charge (naturally!), disable this email address translation. In other cases, you're just stuck. There are really two ways around that practice, and both involve bypassing the ISPs: VPNs (Virtual Private Networks) and Web-based email.

The most complete solution is a VPN, where you literally extend your network through the wide-area Internet to the client's machine. While the benefit is increased connection to your network with good security, the downside is that VPNs challenging to set up (and if you hire an expert, expensive). Also, some ISPs block VPN traffic, although some VPN products provide a way to route around. Again, you're talking complex.

The easiest approach is Web-based email. Exchange offers OWA (Outlook Web Access), which is workable. In Exchange 2000, OWA is reasonable, but nothing fancy. In Exchange 2003, OWA has been considerably enhanced. When you (or your clients) use OWA, you're connecting to your Exchange server over a Web-browser interface, and all the outgoing mail goes directly from the Exchange server, without getting "munged" by the ISP. Honestly, if this is a real problem, it's the approach I'd take. It's certainly the easiest to set up, the most robust, and without the complexity you'd find otherwise.

Of course, you could also tell your users to switch ISPs, but I think that's a stopgap measure, rather than a real fix.

Good luck!