Authenticated SMTP

will be effected by this new server configuration and should read this text and make some modifications in their e-mail software as described below.

If you have an e-mail address of one of he above forms but forward all incoming mail to different domain account; you will not be effected by this new authentication system. For example, if you have both a BCC domain account and an EE domain account, but forward all incoming mail to xyz@ee.bilkent.edu.tr and send out e-mail using only the EE domain account through EE domain SMTP server(s), you will not be effected by the new authentication system; therefore you shouldn't make any changes in your e-mail environment.

What is an SMTP (Outgoing Mail) Server?

SMTP stands for "Simple Mail Transfer Protocol". An "SMTP server" is a computer to which your e-mail program sends the e-mail you have just composed to be delivered to its destination when you hit the "Send" button. Another popular name for SMTP Servers is "Outgoing Mail Server".

What are Authenticated SMTP Servers?

The SMTP protocol has been one of the weakest among Internetworking protocols as far as security is concerned. With the regular SMTP protocol, anyone can send fake e-mail messages. The "From:" field of an e-mail message, therefore, cannot and should not be trusted. The ease with which the "From:" field can be set to anything has been recently widely exploited by virus code and social engineering attacks.

Authenticated SMTP servers require a valid account in the "From:" field of an e-mail message and prompt for its password before accepting the e-mail for delivery; hence blocking unauthorized outgoing e-mail.

What problems will Auth-SMTP fix?

The e-mail messages sent out from Bilkent Auth-SMTP servers will have a trusted sender identification.
Infected computers within the Bilkent domains served by Auth-SMTP mail servers will not be able to send out junk and infected e-mail to anywhere.
Our SMTP servers will deliver e-mail for Bilkent users who access the SMTP servers from computers located in non-Bilkent networks. Untill now, Bilkent SMTP servers would refuse servicing computers connected to the Internet through ISP's like kablonet.net.tr, ttnet.net.tr, meteksan.net.tr, superonline.com and through the TurkTelekom ADSL services. With the new Auth SMTP service, we shall provide mail delivery service to all computers on all networks, provided that, the e-mail account settings are made for a valid Bilkent account and the user provides its password.

What problems Auth-SMTP will NOT fix?

Bilkent users will continue to receive delivery error/warning messages mentioning some e-mail received from themselves are infected or cannot be delivered for some reason. These error/warning email messages actually are not related to the recipient. These messages are the result of ignorance of people using infected computers and have at sometime in the past, corresponded with you. The only reason you are receiving such warning mail is that, your e-mail address in a mailbox on this infected computer and the virus code chooses sender/recipient address pairs at random and sends out mail to arbitrarily selected recipient addresses faking the sender addresses.

What will be effect of the new Authenticated SMTP Servers?

Until now, Bilkent SMTP servers did not accept mail delivery requests from computers outside the Bilkent network unless the recipient was a xxx.bilkent.edu.tr address. We were not permitting mail relays to avoid abuse of our mail servers for spamming, etc. Now, since each user will need to provide a password and an implied userID (which will be extracted from the sender address), we shall accept mail to be delivered to any address from computers outside our network. Please note that you will have to specify a valid Bilkent email address in your e-mail client program's account settings.

Who will be effected by the new Authenticated SMTP?

All Bilkent users who read and send mail using e-mail clients (for example Outlook, Eudora, Netscape Mail) will be required to make changes in their e-mail software's settings. Please note that some old versions of these e-mail clients might not support Authenticated SMTP. If Authenticated SMTP is not supported by your e-mail client software, you will need to upgrade to a newer version; or a different client software.

If you are using ONLY the Basilix (Bilkent Webmail) service to access your e-mail, you do not have to do or change anything.

How to find out YOUR Auth SMTP server?

Everybody should use an appropriate SMTP server which is determined by the e-mail address specified in the settings of the e-mail client software. For example; for a user with e-mail address of the form "cayfer@bilkent.edu.tr" (a BCC domain account); the SMTP server is the "BCC domain Auth SMTP Server", namely "asmtp.bcc.bilkent.edu.tr". When cayfer@bilkent.edu.tr wants to sends an e-mail, he should provide the password for his BCC domain account.

You can use the following table to find which Auth SMTP server you should use. (Please note that the physical location or domain of the users' personal computer is NOT important. )

What changes are required in the settings of e-mail clients?

Because of the large number of available e-mail client software in the market and their different versions; we cannot give an exhaustive list and exact settings to be made or changed but we believe the screen shots provided below for some popular e-mail client software will be useful.

The basic idea is

What if your e-mail client software does not support Auth-SMTP?

If your e-mail client does not support the Authenticated SMTP protocol, you'll have to upgrade your e-mail program. We recommend "Mozilla Thunderbird" which is a very good opensource e-mail program which you can download and use freely. You can download Thunderbird here.

What if you do not/cannot make the necessary changes in your e-Mail client software?

If you do not or cannot make the necessary modifications in your e-Mail software (like Outlook, Eudora, Netscape Mail etc.) by the 14th of June 2004, you will not be able to send out e-mail using your software.

You can switch to Basilix (http://webmail.bilkent.edu.tr) untill you fix the problem. Basilix ( or, in other words, Bilkent Webmail) is already set to authenticated SMTP services, therefore you will not have to change anything at all.

e-Mail Address format	Domain	Auth SMTP Server
abc@bilkent.edu.tr	BCC	asmtp.bcc.bilkent.edu.tr
abc@bcc.bilkent.edu.tr	BCC	asmtp.bcc.bilkent.edu.tr
abc@ug.bilkent.edu.tr	UG	asmtp.ug.bcc.bilkent.edu.tr
abc@ug.bcc.bilkent.edu.tr	UG	asmtp.ug.bcc.bilkent.edu.tr
abc@ctp.bilkent.edu.tr	CTP	Service not available yet, no need to make any changes.
abc@fen.bilkent.edu.tr	FEN	Service not available yet, no need to make any changes.
abc@ee.bilkent.edu.tr	EE	Service not available yet, no need to make any changes.
abc@cs.bilkent.edu.tr	CS	Service not available yet, no need to make any changes.
abc@ie.bilkent.edu.tr	IE	Service not available yet, no need to make any changes.
abc@tourism.bilkent.edu.tr	TOURISM	Service not available yet, no need to make any changes.
abc@bups.bilkent.edu.tr	BUPS	Service not available yet, no need to make any changes.
abc@alumni.bilkent.edu.tr	ALUMNI	mezun1.mezun.bilkent.edu.tr
abc@mezun.bilkent.edu.tr	MEZUN	mezun1.mezun.bilkent.edu.tr

Which Bilkent Domain users will be effected?