Re: [Asrg] 0. General - Administrative - for M. Wild

[Richard Rognlie <rrognlie@gamerz.net>]

On Sat, Aug 30, 2003 at 10:25:31PM +0200, Brad Knowles wrote:
> At 9:42 AM -0400 2003/08/30, Richard Rognlie wrote:
> 
> > It's no worse than listening to a DUL RBL.  If you don't know
> > the IP you are connecting through, I don't want to talk to you.
> > I want to speak to *well behaved* MTAs.   If you're behind a NAT,
> > talk to your local provider's MTA.
> 
> 	This doesn't work if people start adopting RMX-like solutions, 
> and I have a dozen e-mail addresses.  Or .forwards.  Or 
> /etc/alias-based mailing lists.  Or other reasons for attempting to 
> use legitimate third-party relays.

My measure has nothing to do with email addresses.  Only the HELO/EHLO
argument.   I'm asking that if you are not going to conform to the 
standards of the net, please relay your mail through a host that does
and does not mind you not doing so (use your local ISP's mail server
as a smart host)

I did discover my NAT/router was getting blocked by the filter when it
tried to send me alerts ( ... "hey!   here's a spoofing attempt from
IP x.y.z.t on the WAN" ... )  So I added that IP to the exemption list
for the drip milter  (-x xx.yy.zz.tt/32).  

> > e.g.  my personal mail server recently ran afoul of rr.com anti-spam
> > efforts.  it seems someone on the /24 where my boxes reside sent a bunch
> > of bad email to rr.com, so they blocked the whole /24, not just the
> > single IP... their servers, their rules...  but I was able to route
> > rr.com mail through my ISPs mail servers until the block was lifted.
> 
> 	How many people have the knowledge and skills necessary to do 
> this sort of thing?

True.  I'm a bit of a sendmail snob, but that's mostly because I can
beat it into submission (regardless of what that stupidity I need to
make it do... can you say "99 bottles of beer" in .cf?   I can... 8^)

> > We'll see how many complain about what's in place now.  I don't
> > think I'm being draconian.  Just asking that people run their
> > own services well.
> 
> 	But how many complaints are you not getting?  For example, I 
> don't ever talk to anyone who uses a TMDA/ASK-like system, not even 
> to complain about their anti-spam measures.

For now, I'm still getting all the mail being submitted to me by
"real" MTAs (as opposed to spamware/malware).  That's due to my
dripmilter returning the error on the MAIL FROM:, not the RCPT TO:.

So, the mail fails over to my backup MS host...  And I'm seeing a
LOT more mail coming from him that I used to.

The proof in the pudding is to count how much "legitimate" mail is 
how showing that host in the Received headers.

(Just what I need... another task to do...)

-- 
 /  \__  | Richard Rognlie / Oracle Prophet / Gamerz.NET Lackey
 \__/  \ | http://www.gamerz.net/rrognlie/    <rrognlie@gamerz.net>
 /  \__/ | I can only please 1 person per day.  Today is not your day.
 \__/    | Tomorrow doesn't look good either.


_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg