This week, I have been using the free WiFi service offered by the hotel I have been staying at. I noticed that they do something that T-Mobile does. Any time that you attempt to send mail, they redirect that connection to their server. Since I have my mail client configured to use authentication, I get a message stating that the server does not allow authentication.
If I was not setup to authenticate my outgoing mail, it would silently go to their servers. I have a few problems with this:
- They didn't inform me that they were going to do this.
- They could potentially store my message on their server
- They could also get my username, password and mail server that I use for sending mail. So now someone could send spam using my authentication information.
I understand their desire to not allow spam to be sent through their access point, but I think that a better solution would be to block all access to this port. If they were to do this, people would be required to use a webmail service, smtps (smtp over ssl), or tunneling though ssh or vpn.