Re: blueyonder decide who can email you

Way back On Tue, 8 Nov 2005, Bob Eager wrote:

> The Spamhaus list is used to check the actual sending IP address

Using DNSrbls, such as sbl-xbl, in that way is indeed a first line of
defence, and is presumably what they are doing to cut down unnecessary
use of their resources. However, in general it's not the whole story
(I can't of course speak for what *they* do, but I know what *we* do
in our dept'l mail server).

> - not a (probably faked) sending email address.

There are lots of ways by which spammers can sneak spam through nodes
which haven't yet been blacklisted, so it's certainly appropriate to
apply further tests to mail offers which got past the first hurdle.

It can make sense to look up the (purported) envelope sender domain.
If it resolves to an IP that's in Spamhaus (or other appropriate
blocking lists), then that's another good reason to reject the mail
offer. (Which of course is why a lot of spam is faking harmless-
looking addresses of innocent third parties as its envelope sender..)

> I use the Spamhaus lists myself and find them invaluable.

Indeed, we use sbl-xbl and more

> However, for an ISP to use it and not have the option to turn it
> off...well, that is a pain.

"Their server - their rules", I'd say, and it *is* going to take this
kind of action on a much broader front to convince pink-contract ISPs
to reform themselves. That rates to benefit us all, in the long run,
despite the short-term pain for those innocents who signed-up to
providers of ill repute.

If you have the resources to devote to a more differentiated mail
acceptance process, you would need to be running your own
Internet-facing MTA - with all the consequences which that brings.

Don't take this personally but, in general terms, a poorly managed MTA
is a liability, not just to its operator but to everyone else, and is
sure to get itself blacklisted sooner or later, and cause other kinds
of problem for the network access provider which it uses. (Our own
network provider, JANET, carries out intensive 'hostile' attacks on
every mail server on their network, and if we make the mistake of
relaying one of its proffered abuse mails, we'd be directed to fix our
mailer pronto or shut it down. That's good, and in our own interests;
but it would be understandable that it's not the kind of service which
one would get from a typical low-tariff home ISP account.)
.

Relevant Pages

  • RPC over https not working after changing ip address.
    ... I recently moved my server to a different location and change my ISP ... provider. ... Everything seems to be working fine inside the network, ...
    (microsoft.public.windows.server.sbs)
  • Newbie MX record question
    ... I have a small network where the email is hosted at a provider that is not ... our ISP. ... Darrell ...
    (microsoft.public.windows.server.dns)
  • Re: routing 2 T1s
    ... > Aren't you going to need an ASN from your ISP? ... ++ Well from what i understood its the same provider, ... one so that as his network grows and he gets multihomed at some point in time ...
    (freebsd-isp)