Re: [EXIM] (un)blocking dynamic IP addresses [Was: A way to …

Pàgina inicial
Delete this message
Reply to this message
Autor: Jeffrey Goldberg
Data:  
A: Steve Lamb
CC: exim-users@exim.org
Assumptes vells: Re: [EXIM] A way to do this?
Assumpte: Re: [EXIM] (un)blocking dynamic IP addresses [Was: A way to do this?]
On Sat, 17 Apr 1999, Steve Lamb wrote:

> On 18 Apr 1999 01:08:46 -0500, Jason L Tibbitts III wrote:
>
> >More and more sites do not accept mail for dialups
>
>     Which is entirely unacceptable.


This list is not the place for this dicussion. So what's my excuse?
Well, I've got a wishlist request tacked on to the end.

Since using DUL and DSSL (as well as MAPS), I have seen only a very small
number of false positives. Almost all of those were Cranfield users who
failed to follow instructions when using other ISPs. (We document how to
read and use mail at Cranfield when both dialing up to Cranfields PPP
server or when using another ISP.) I have had exactly one case of
something being on the DSSL which shouldn't have been. The DSSL people
fixed it extremely quickly. So, as far as I am concerned, we've had one
false positive from DUL and DSSL.

The errros contain references to

http://www.cranfield.ac.uk/ccc/email/siteblocking.html

which also explains that mail still can be sent to postmaster and abuse
to query these policies. So, I am willing to assume that there have been
very extremely few legitimate users who have been blocked, of the, say 30
or so RBL blockings that occur on a typical day.

That document does say

 These should not affect legitimate users except for those with the
 following misconfigurations:
     * Cranfield users using external ISPs, but who have set their SMTP
       hosts to be the Cranfield servers. Only those at Cranfield or
       using Cranfield's dial-up service should do that. All other       
       dial-up users should set their SMTP hosts to those adviced by       
       their ISPs. Note that this still allows these users to read mail
       delivered to Cranfield.
     * External dial-up users who insist on doing their email transport 
       directly instead of via their ISP. There is no reason why those 
       using dynamic IP addresses via should be doing that. Instead they
       should configure their mail transport system to send all mail via 
       their ISPs mail hubs. The better ISPs force such behaviour.    
       Further information about that is documented at the DUL and DSSL  
       sites.                                       


Now, that document claims "there is no reason why those using dynamic IP
addresses" to go direct.

If I am wrong about that, I would very much like to here your reasons
(off this list) for going direct from a dynamically allocated address. So
far, I've just said that it is wrong to block these and it is wrong for
ISPs to prevent them, you have not given any reason why you might want to
go direct to arbitrary mail exchangers on the net. (I can imagine why you
might want to go via a specific relay for all your mail which is not your
ISPs). If your only reason is that you don't trust your ISP... well
switch.

Admittedly, there is an argument against DUL and DSSL (and in favor of
MAPS) which is that the former is doing the ISPs job for them, while only
the latter is actually putting pressure on ISPs which host spammers. But
again, this is not the place for that very well trodden debate. Exim does
the right thing, by allowing me to pick my policy, and implement it well
and easily. At least the problem that you have with Cranfield and sites
like it is one of policy questions and not of genuine misconfiguration.

One low priority thing for the wishlist (though I think its been
mentioned) is that I would like to do my blocking with MAPS, DUL and DSSL,
but get warnings of things that hit ORBS. When new RBL services come on
line, I would like the ability to test their effect without having to
disable my existing RBLing.

-j

-- 
Jeffrey Goldberg                +44 (0)1234 750 111 x 2826
 Cranfield Computer Centre      FAX         751 814
 J.Goldberg@???     http://WWW.Cranfield.ac.uk/public/cc/cc047/
Relativism is the triumph of authority over truth, convention over justice.



--
*** Exim information can be found at http://www.exim.org/ ***