[nos-bbs] Sending mail to regular addresses via Winlink

[Michael Fox - N6MEF]

> You're assuming JNOS is using internet to get to Winlink. 

Not at all.  I understand now that he's trying to send SMTP from Thunderbird to JNOS, then AX.25 from JNOS to Winlink RMS, then Winlink RMS to Winlink CMS, then SMTP from Winlink CMS to the Internet.  The better alternative is to put JNOS with a modern mail server at the far side and go straight out to the Internet from there.  No Winlink required.


> Just because internet is disrupted at his EOC running JNOS, does not
> mean the well connected Winlink servers are going to be offline.

Well, the core CMS servers are supposedly "well connected" (or at least there is redundancy there).  But we're not talking about those CMS servers here.  The Winlink RMS at the other end of the radio connection is just a PC with an Internet connection.  It may be a reliable Internet connection or not.  It may have a reliable UPS or not.  I may have mirrored storage, redundant fans, etc., or not.  In other words, it's nothing more special than any other machine you chose to build.  And once you get the message there via radio, it still has to go through the rest of the Winlink infrastructure to reach the Internet.  So, the point is: that PC with the Internet connection could just as well be JNOS with a modern SMTP server and, therefore, eliminate relaying through (and dependence on) the Winlink infrastructure.  And, since we're talking about EOC communications, eliminating extra failure points is really important for an EmComm application.


> > what you're suggesting would make JNOS an open relay.
> 
> I don't think so, if you open up JNOS SMTP to the world, yes, but to
> a local LAN within an EOC or small group of folks with a dedicated
> purpose for it ? no (in my humble opinion).

I understand your point.  And I guess is depends on what you call "open".  One measure of "open" is accepting submission from any address.  And, as you say, I would hope that's not the case.  But since JNOS doesn't have the controls that, say, Postfix has, it simply doesn't have the ability to adequately control what it relays and what it doesn't.  That's not a knock on JNOS, it's just how it is.  So if a client is able to reach JNOS, then JNOS will pretty-much relay everything it gets.

What most people don't realize is that a huge portion (most?) of unsolicited mail comes from zombies/botnets (i.e. machines that have been compromised without the knowledge of the owner/user).  So the folks with the SMTP clients don't need to be bad people or doing anything intentionally malicious and yet they could still be submitting malicious traffic.  Maybe they download something malicious from the web.  Or they pick up a virus on the local LAN.  Or maybe from a USB drive inserted into them.  Now they're compromised.  And JNOS itself has no way to check for that.  So it's just going to relay whatever Internet traffic it gets to the Winlink machine.

But hey, it's not me that anyone needs to convince.  It's the Winlink guys.  Which is why my original response was that the Winlink guys need to be consulted.  I imagine they might have something to say about allowed submission models/options.  Then again, maybe they treat everything inbound as unreliable, no matter how it was submitted.  In that case, they may not care.  Again, that's something to discuss with them.


BTW, a separate but related concern to be aware of is how the reply from the Internet gets back to the sender on JNOS.  And that brings into play the FCC rules:

When you send a message via packet radio directly to a Winlink RMS or JNOS or other packet system with an Internet connection, you, a licensed operator, are initiating the communication over ham frequencies.  When you connect again later to download a reply, you are again initiating the connection.  So, even if the original message went out to the Internet to your grandmother, who is not a licensed ham, retrieving the reply from your grandmother is OK because you, a licensed operator are initiating/controlling the connection.

But forwarding between servers over radio is a different matter.  If that reply comes back from the Internet to one system (Winlink or JNOS or whatever) and is then forwarded to another system over ham frequencies, that's different.  The message was originated by a non-licensed 3rd party and there is no control operator initiating the transmission over the ham frequencies.  It's an automatic process that is effectively a transmission on a ham frequency that is initiated by the 3rd party.  My reading of the Part 97 is/was that there was no provision for automatic forwarding of 3rd party traffic between message forwarding systems.  So, I checked with the FCC enforcement bureau back in 2010 (IIRC).  They agreed.  

So, we had a situation back then which was sort-of like what Glen describes when the local internet is down.  We had JNOS systems in several places but only one had an Internet connection at the time.  The one with the Internet connection ran Postfix with all the bells and whistles.  The rest of the JNOS systems forwarded outbound traffic to that one system over ham frequencies.  But inbound traffic was NOT allowed to be forwarded back to the sender's system over ham frequencies because of the FCC rules.  So email service was one-way outbound.

Since then, we now have internet connections at all sites.  And we're moving the backbone off of Part 97 frequencies so we can forward 3rd party traffic between sites without running afoul of the Part 97 rules.

Bottom line, the biggest problem with the solution being discussed may not be the quotes around the smtp:address.  It may be the FCC rules.

But this is a layman's warning which is worth what you paid for it.  I'm not a lawyer.  So don't take my advice.  And there's no point is a debate because, no matter your or my position or understanding, none of us can relieve any of the rest of their legal responsibilities.  Talk to the FCC (or your country's equivalent) yourself, directly.  And for U.S. folks:  if it turns out that the FCC has changed their mind in the last 6 years, I'd be appreciative of a copy of any ruling that shows that.

Michael
N6MEF