Sending E-mail Programmatically via Verizon’s SMTP Server

When I signed up for Verizon FiOS after enjoying complete port freedom with Time Warner Cable, I was pleasantly surprised to find out that Verizon had finally dropped its annoying habit of blocking inbound port 80 (HTTP) on residential accounts. Some obligatory follow-up testing revealed inbound traffic to port 25 (SMTP), among others, was also being allowed.

Unfortunately, Verizon is still blocking outbound port 25 as of this writing. This means that, unless you have access to an external SMTP relay listening on a non-standard port somewhere on the Internet, you will only be able to send mail by funneling it through Verizon’s SMTP server.

The Problems

  1. You cannot deliver mail directly to anybody. Considering that many of Verizon’s residential IP address blocks are blacklisted as spam sources anyway, this is, for practical purposes, a moot point.
  2. Verizon’s SMTP server is sluggish—and there is no way around this unless you have access to an external relay running on a non-standard port as mentioned above.
  3. The Verizon relay requires both authentication and TLS/SSL encryption. While this helps prevent spam by holding Verizon customers accountable for the mail they send, it’s not daemon-friendly—most software that sends e-mail programmatically does not support authentication, let alone secure connections. A good example of this is the Intel Rapid Storage Technology (RST) driver package, which has the ability to send e-mail alerts when problems are detected on a storage volume or RAID array.

The Workaround (For Problem #3, Anyway)

By running an SMTP proxy on your LAN, local programs can send e-mail to the outside world through Verizon’s SMTP relay without having to worry about encryption or authentication, with these being handled transparently by the local proxy.

In looking for a ready-made solution, I first stumbled upon SmtpProxy—an open-source, no-frills Windows service that accepts clear-text connections from the local network and simultaneously opens TLS connections to an external relay. SmtpProxy passes traffic in unencrypted form between the client program and itself, and in encrypted form between itself and the Verizon SMTP server. Unfortunately, SmtpProxy still leaves the burden of authentication to the client, thus solving only half the problem.

Next, I tried out E-MailRelay—an open-source, cross-platform solution that bridges SmtpProxy’s authentication gap and also provides additional functionality, such as local spooling and queuing of messages. E-MailRelay fits the bill, and more.

On Windows, the E-MailRelay installer includes a wizard that asks a few questions and configures the service accordingly by dropping the appropriate command-line switches into a batch file. The basic parameters we want for Verizon as of this writing are as follows:

--as-proxy=<outgoing.verizon.net:587|smtp.verizon.net:465>
--client-auth=emailrelay.auth
--client-tls

The above instructs E-MailRelay to accept mail locally on port 25 over an anonymous, unecrypted connection and forward it, in real-time, to Verizon’s external relay over an authenticated, secure connection to port 465 or 587†. On Windows, the installer will create the authentication secrets file for you. (For information on maintaining, as well as creating this file on other platforms, refer to the E-MailRelay reference.)

When operating as above, the client connection will block while E-MailRelay attempts to forward the message to the external relay. If the latter rejects the message or is otherwise unavailable, E-MailRelay will pass the error back to the client and make no further attempts. This behavior is the same it would be without a proxy.

A more robust approach is to take advantage of E-MailRelay’s spooling and queuing capabilities. By having E-MailRelay store messages locally and queue them up for delivery, client programs can fire off messages instantly without having to sit and wait for the external relay to respond, which can sometimes take quite a while—especially with Verizon. Additionally, should your ISP’s SMTP server ever be unavailable, E-MailRelay will accept and queue messages locally and attempt to redeliver them later. When operating in this mode, E-MailRelay is actually no longer just a proxy; it becomes, in effect, a mail transfer agent (or MTA).

To have E-MailRelay spool and queue messages, use the following switches instead:

--as-client=<outgoing.verizon.net:587|smtp.verizon.net:465>
--client-auth=emailrelay.auth
--client-tls
--poll 300

… where 300 directs E-MailRelay to scan the spool directory for messages to (re)deliver every five minutes. Depending on the nature and volume of e-mail generated by your environment, you will want to adjust this value to strike a balance between load and delivery time.

† As of this writing, Verizon is recommending that users ditch the legacy outgoing.verizon.net:587 in favor of the new smtp.verizon.net:465 for sending mail; however, the latter is unusable on my account—while I am able to connect, the server remains silent and never sends a 220 greeting.

5 thoughts on “Sending E-mail Programmatically via Verizon’s SMTP Server”

  1. This is a helpful post and has me halfway to resolving my issue. I’m wondering if you can see how to resolve the other half?

    I have Intel Rapid Storage on my new laptop. It monitors the health of my HDD and *supposedly* can send me emails if I have a problem.
    I do not have my own domain, so I just want to send from my personal gmail address to the same address.

    The situation is well described at http://community.spiceworks.com/topic/707744-configure-intel-rst-to-send-email-with-authentication and several other sites.
    They all say “use emailrelay!” and then the OP says “yay! that worked!” but never explains exactly how to do it!

    The big question I am having now is that Intel Rapid Storage asks for an SMTP Host, Port, and Sender Email Address. I see how to assign a Port in EmailRelay, but not a Host name!
    Do you know how to assign the hostname?

    1. @Nathaniel:

      Since the point of using E-MailRelay is to isolate your mail-sending applications (e.g. Intel RST) from your ISP’s mail server, once you’ve set up E-MailRelay on your local network, that’s where you want to tell your client applications to send mail. So for example, if you’ve installed E-MailRelay on the same computer where Intel RST is running, you’ll want to put “localhost” (or 127.0.0.1) in the SMTP Host field. If, on the other hand, you’ve installed E-MailRelay on a computer other than the one running Intel RST, you’ll want to use that computer’s hostname instead. Does that make sense?

      Thank you for your comment! I hope that helps.

  2. Thanks for the reply. It helps, but I’m still not getting something right…

    Email relay is running on the same machine as RST.

    When I run emailrelay-gui.exe (as Administrator) I set it as follows:

    Directories screen (after license)
    Installation directory: default (C:\Program Files (x86)\emailrelay)
    Spool directory: default (C:\windows\system32\spool\emailrelay)
    Configuration directory: default (C:\Program Files (x86)\emailrelay)

    Installation type screen
    Server: SMTP server
    Mail Forwarding: When client disconnects

    SMTP server
    Local server port: 25
    Require authentication: not checked

    SMTP client
    Remote server hostname: smtp.gmail.com
    Port: 465
    Allow TLS/SSL encryption: checked
    Supply authentication: checked
    Authentication mechanism: LOGIN
    New Acount name: my gmail address
    Password: my password

    Logging
    Verbose logging: checked
    Write to the system log: checked

    Connections
    Listen on: all interfaces
    Clients: allow remote clients

    Server startup
    Automatic – at system startup: checked
    Automatic – when logging in: not checked
    Manual – add to start menu: checked
    Manual – add to desktop: checked

    After it has finished setup, I click the icon on my desktop. Now it’s running in my taskbar.

    I then go into the Intel Rapid Storage Technology software and set it as follows:
    SMTP Host: localhost
    Port: 25
    Sender e-mail address: my gmail address
    Recipient e-mail address 1: my gmail address

    When I click the button to send a test email, it comes back as Test status: Failed.

    I also tried inserting the line –as-proxy= as the first switch in the emailrelay-start.bat and emailrelay-start-with-log-file.bat.
    I still get a Failed test in RST.

    Can you see anything I am missing, or have any troubleshooting suggestions? Would it be helpful to paste the hole batch file?

    Thanks a lot! I guess once this is working these comments will be a complete guide for noobs like me!

    1. Does your ISP allow you to connect directly to third-party mail servers, though? Try this in a console:

      telnet smtp.gmail.com 465

      If this fails, you will have to use your ISP’s mail server, as did I.

  3. It appears your comments feature stripped out the actual proxy in my above comment: –as-proxy=(open angle bracket) smtp.gmail.com:465 (close angle bracket)

Leave a Reply to Nick Cancel reply

Your email address will not be published. Required fields are marked *