| 1 |
On 4 Sep 2009, at 21:49, Alan McKinnon wrote: |
| 2 |
> On Friday 04 September 2009 17:23:15 Stroller wrote: |
| 3 |
> ... |
| 4 |
> Every other solution out there has this one little problem that |
| 5 |
> people seem to |
| 6 |
> ignore. |
| 7 |
> |
| 8 |
> Per RFC, if you accept the connection and the mail, you will deliver |
| 9 |
> it. |
| 10 |
> That's what it says. It also says this since days long before spam |
| 11 |
> problems, |
| 12 |
> but still. We all conveniently ignore this if we are talking about |
| 13 |
> what *we* |
| 14 |
> consider spam, and by "we" I mean "everyone who cares to take an |
| 15 |
> interest |
| 16 |
> except the actual recipient". |
| 17 |
> |
| 18 |
> ... Yet we accepted the mail implying that we will deliver it... |
| 19 |
|
| 20 |
I don't think it's necessary to break RFC if you reject based on a |
| 21 |
bogus HELO. The connection is initiated, but you do not get as far as |
| 22 |
accepting the mail. |
| 23 |
|
| 24 |
> Instantly, 85% of the problem goes |
| 25 |
> away, and I have numbers to prove it. |
| 26 |
|
| 27 |
85% of the problem goes away if you use Spamhaus, and that doesn't |
| 28 |
require you to discard legitimate email. |
| 29 |
|
| 30 |
> And why is a user on a DSL range running a mail server anyway? |
| 31 |
|
| 32 |
Personally, from my own point of view, it's so that I can see clearly |
| 33 |
that a message has been delivered. |
| 34 |
|
| 35 |
EG: |
| 36 |
|
| 37 |
Sep 1 18:42:22 compaq postfix/smtp[6121]: A66A2137D25: to=<XXX@××××××××.uk |
| 38 |
>, relay=mx1.mail.eu.yahoo.com[217.12.11.64], delay=2, status=sent |
| 39 |
(250 ok dirdel) |
| 40 |
|
| 41 |
I get complaints ALL the time from my customers, "oh, my brother / |
| 42 |
mother / customer / supplier says they sent me an email and I never |
| 43 |
received it". The only way I can debug this is to send them test |
| 44 |
messages (sometimes daily) and tell them to let me know if they don't |
| 45 |
arrive. |
| 46 |
|
| 47 |
If a customer comes to you with a log entry that looks like the above, |
| 48 |
referring to your server's hostname & IP, complaining the message was |
| 49 |
never delivered, then you can, reluctantly, look in the problem, |
| 50 |
grepping for A66A2137D25. |
| 51 |
|
| 52 |
If the customer comes to you with a log entry like the above with |
| 53 |
relay=smtp.my-isp.com then your response will be "oh, we probably |
| 54 |
never got the message from your ISP". I presumably can log a support |
| 55 |
issue with my ISP & expect them to come up with the log of the message |
| 56 |
being delivered to your servers, but it's simply easier if I can debug |
| 57 |
non-deliveries myself. |
| 58 |
|
| 59 |
> The vast |
| 60 |
> overwhelming majority of them are Windows zombies! |
| 61 |
|
| 62 |
Which are easily filtered by checking their HELO resolves to an |
| 63 |
independent domain. Or am I missing something here? |
| 64 |
|
| 65 |
The remainder of those you're inefficiently filtering are Linux |
| 66 |
enthusiasts running Postfix on their Gentoo boxes. |
| 67 |
|
| 68 |
> And finally, my mail servers are mine and I make decisions about |
| 69 |
> them, not |
| 70 |
> someone else. |
| 71 |
|
| 72 |
Sure, but you're making unilateral decisions about the validity of |
| 73 |
emails on behalf of your customers. And around here the customer comes |
| 74 |
first. |
| 75 |
|
| 76 |
If Bob wants to send Alice an email, he shouldn't have to reconfigure |
| 77 |
his email server because Fred, the systems administrator at Alice's |
| 78 |
ISP, is being a knob about things. |
| 79 |
|
| 80 |
You may be the exception, having a narrow pipe and being unable to |
| 81 |
afford the Spamhaus / DNS lookups to filter spambots in efficient |
| 82 |
ways. Most systems administrators using this policy are unable to |
| 83 |
justify the decision. |
| 84 |
|
| 85 |
> Best policy is to stipulate in the ISP's terms of service that you |
| 86 |
> will not |
| 87 |
> accept inbound mail connections from range you feel you cannot trust |
| 88 |
> and users |
| 89 |
> must use their ISPs mail relay instead. |
| 90 |
|
| 91 |
You certainly won't get me subscribing to your service. |
| 92 |
|
| 93 |
Stroller. |
Archives