Tại sao một máy chủ SMTP trung gian cần thiết để gửi thư?

Why do I need an intermediate SMTP server to send mail? Why is my mail client (Outlook or Thunderbird) unable to send messages directly to the recipient’s SMTP domain?

For example, if I have to send mail to [email protected] with my Gmail account, I send it to the smtp.gmail.com server; then this server sends my message to the MX server of example.com.

It is technically possible to send mail directly to the recipient’s SMTP server from your computer.

Looking at it from a historical basis, if the remote SMTP server is down, you want a system to automatically handle it and keep retrying, hence you have an SMTP server. Similarly, in the old days, not all mail servers were connected all the time (long distance links were expensive), so mail would be queued and sent when a link was established.

Moving on to where Internet services are cheap, it is still useful to have mechanisms to retry sending mail if a server is unavailable. It is not ideal for this functionality to be written into the MUA (Mail user agent/end user mail program). These functions fit into an MTA (Mail server/SMTP server).

But it gets worse-spammers. Most mail (more than 80 percent) is spam. Mail providers do whatever they can to reduce this problem and a large number of techniques make assumptions about the way mail is delivered. The following are important considerations:

1. Greylisting: Some providers will automatically drop a mail connection if the sender and recipient have not communicated before and expect them to try a second time. Spammers often do not retry while an SMTP server is always supposed to. This reduces the volume of spam by about 80 percent, but it sucks to have to do this though.

2. Reputation: It is a lot more likely that someone sending mail through a reputable, known SMTP server is legit compared to a fly-by-night server. To get a feel for reputation, providers do a number of things:

• Block dynamic/client addresses (not 100 percent, but large chunks of the Internet have been mapped out).
• Check to see if the reverse DNS matches the forward DNS. Not very hard to do, but it shows some level of accountability and knowledge of best practices (something a lot of client address blocks do not have).
• Check for reputation. When communicating with other SMTP servers, a lot of providers keep track of the amount of spam and volume of mail sent. They can reduce the amount of spam by limiting connections and keeping an eye on these parameters. There are a lot of ways this is done, not all of them obvious, but which require a known sender.
• SPF and DKIM. These mechanisms tie DNS resources to the domain name to make forging mail harder and would be difficult, but not necessarily impossible to deploy if the mail program (MUA) is responsible for outgoing mail.

There are probably other minor concerns, but these would be the major ones.