Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

No no no this is bad journalism. Is not just blocking "access" to gmail, but one out of of five Gmail's MX servers are blocked

    gmail-smtp-in.l.google.com (74.125.31.26, blocked)
    alt1.gmail-smtp-in.l.google.com
    alt2.gmail-smtp-in.l.google.com
    alt3.gmail-smtp-in.l.google.com
    alt4.gmail-smtp-in.l.google.com
to be specific, all traffic to address of 74.125.31.0/24, including gmail-smtp-in.l.google.com, got null routed after AS4134

This means China now risks becoming isolated in global email network, not just "access" to Gmail.

And no, your VPN/SSH/whatever_tunnel won't work if all of the MX servers are blocked.



Why doesn't my tunnel work in China?


The issue is that Google's mail servers can't communicate with servers within China, so any user of a Chinese mail service will not be able to send mail to Gmail users (and vice versa). If you are within China using a VPN to access Gmail, Google still can't send emails back in to Chinese machines.


Ah. Seems dumb of them. There are millions of Chinese people all around the world that will be trying to email their family back home. Why block just one email provider? Why try to segregate yourself from the world's email network? It isn't even going to work because what every Chinese person will do is get a tunnel to sign up for the non-Chinese email service (maybe even Gmail!) and it will just further push people to use encryption.

If the Chinese government were shrewd, they would do what the American government does: make using American servers as easy as possible then spy on the contents.


Why block one email provider? Because China isn't a fan of Google. Yes they will be cut off from the world. But if you want to communicate with the Chinese, you will simply use something other than Gmail.


China might have figured out how to read the other major email providers.

If I worked in Yahoo!'s SOC this'd put me on high alert.


So those millions of Chinese people use a Chinese service instead.


Possible because they don't want USA/NSA to read their mail. And probably because they can't force Google to let them read "their" mail.


This is the sort of thing SMTP relaying would be useful for, if it hadn't been effectively shut down by spammer abuse.


I don't see how that follows. Your MX indicates your preference for inbound traffic. It has no relationship to outbound traffic.


By the way, how did you figure out that network was blocked? Is there a looking-glass-alike I can use to check?

The reason I ask is because that particular network you mentioned is only one of dozens that Google serves up as the A record for gmail-smtp-in.l.google.com. From my location, it's on 74.125.25.26 instead. And the MX for Google Apps hosted domain customers (including google.com itself) is aspmx.l.google.com, which (again from this location) is 173.194.79.27 or 74.125.28.26 or 74.125.20.27 or one of dozens of other IPs.


It's just mtr or ping. No magic here.


Are Gmail's MX records necessary for Chinese email users to receive email from Gmail? If so, why?


No, but they are required for sending email to Gmail. And an email provider may misscharacterize a message as spam because it's lacking.

Saying that they "Blocked Gmail" has an intuitive meaning that they blocked the HTTP interface to it, but they also blocked a part of the SMTP interface.


    > No, but they are required for sending email to Gmail
Unless the user is using a web-based email application, like Yahoo Mail, who can route their mail however they want. This would seem to hurt Chinese email providers more than anyone else.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: