Re: [Exim] Re: Example of legit email rejected by testing on…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: James P. Roberts
Date:  
À: patrick-dated-1040586360.81036a, exim-users
Sujet: Re: [Exim] Re: Example of legit email rejected by testing on reverse IP lookup
> > It is a static IP block, of course.
>
> Are you sure... your address 64.105.159.234 shows up in my tools as

belonging
> to one contiguous address range 64.105.0.0 - 64.105.255.255 which

means it
> is most like part of an ISP's dynamic addresses. Unlike someone

booking a /24
> to /29 Internet IP address range. This puts you (along with a lot of

people
> with DSL/cable connections) in that 'twilight' zone of not really a

'business'
> class connection but maybe still running a business on it!


Absolutely sure it is static. However, it is a static block of 8 IPs
from the large list controlled by Covad; and, they have so far failed to
delegate the block to my authority, even though I am paying for it. I
am permitted by the contract to run servers on this block.

>
> You cannot get away from the situation that sites/MTA's out of your

control are
> going to consider your host to be suspect and maybe play it safe and

block you.

I know. It is driving me crazy. To the point of looking for a new ISP.

>
> This is irrespective of whether your ISP (this week) is returning your

reverse
> lookup OK, things like MAPS work on *IP addresses*. Also some sites

(as has
> been said) look at reverse IP and if it has any IP address range data

in it
> block the host, whether we agree with that or not will not necessarily

change
> the situation.
>
> So what's to do -
>
> Two considerations - mail in and mail out. As long as your ISP does

not block
> incoming traffic on port 25 on their net address block then your

incoming is
> OK.


Correct. I even have a way to let customers whose ISPs DO block port 25
to connect to my server on an alternate port, authenticate, and then
send mail. ONLY my customers are permitted to relay through me, and
only after successful SMTP AUTH. I have a policy of cutting off any
customer that sends spam (I have not had to actually do that, yet).

> Outgoing you either:
> * redirect everything to smart host - your ISP's relay server or;


I don't like this idea, since I would have to trust Covad to handle all
that mail, it adds an extra stop on the route to it destination, another
set of headers, etc. etc.

> * send mail out directly, wait for rejects then put those domains into

list
> then make a manual route to go before dnslookup router to send to

ISP's mail
> relay server.
>
> manual_domains:
> driver = manualroute
> domains = ${lookup{$domain}lsearch{/the/file/name}}
> transport = remote_smtp
> route_list = * your.isp.mailserver
>
> this will try all domains in '/the/file/name' if domain not found will

pass
> through to next router - dnslookup.
>
> To have this happen automatically... hmmm more difficult. Exim would

have to
> selectively process the error and know the difference between real

mail
> failures and failures due to this issue. This would be *after* the

fact of it
> having chosen a router and processed message.
>
> Patrick


Thank you! I think this is the essence of what I need to do, short
term. (When I finish ironing out the details, I will publish to the
list). Long term, I need a new ISP. :(

Jim Roberts
Punster Productions, Inc.