Re: [Exim] Re: stmp protocol violation, synchronization erro…

Top Page
Delete this message
Reply to this message
Author: Tor Slettnes
Date:  
To: Edgar Lovecraft
CC: exim-users
Subject: Re: [Exim] Re: stmp protocol violation, synchronization error,
On Mar 16, 2004, at 18:56, Edgar Lovecraft wrote:

> I really do not care if people send email form home or not, however,
> from
> an 'anti-spam/anti-worm' type of stance, cutting out 'the noise' is
> very
> helpfull. As to 'how' machines get compromised, it does not matter
> how,
> in this case, it just matters what they are doing as a result (sending
> unwanted/unneeded traffic over tcp port 25).


In other words, your issue is with _outbound_ SMTP traffic. This has
nothing to do with the AUPs of major ISPs that you referred to in your
previous message - these generally prohibit using your home machine as
a _server_, i.e. for inbound SMTP traffic.

For ISPs to be blocking outbound traffic on port 25 (which you
suggested), they would not only degrade the "de facto" service that
they provide, but also degrade the agreed-upon service. As such, most
of them would probably need to update their service agreements to
match. Difficult as this may be, this is a minor issue - the major one
is still a technical one.

I'm going to repeat the fact that it would be impossible to use _any_
MTA other than the one provided by the ISP to send out your mail. I
could not, as I do now, relay mail from my (semi-)dynamic IP address at
home via my co-hosted machine at a different service provider. This is
in exact contradiction to your other statement, where you said that
people who wanted to run their own servers should obtain business-class
service (unless you also want to institutionalize monopoly by saying
that the only one who should be able to offer you such business-class
service is the same ISP that provides your internet connectivity, i.e.
your broadband provider).

I now know you were talking about outbound SMTP traffic -- so the
following is only so relevant -- but to give you a perspective, let me
also give you a reason why many people run their own SMTP servers for
their personal mail (whether at home, or at a hosting provider): To be
able to assert more control of spam, malware, etc.

Another reason: To maintain a stable net.presence (e-mail address, home
page...). When I moved into my new home in 2000, I changed brodband
provider and thus ISP-provided mail domain from @sbc.net (previously
@pacbell.net) to @home.com. @Home went south, and AT&T replaced the
@home.com domain with a @attbi.com domain. AT&T Broadband was
purchased by Comcast, and I now have a @comcast.net address. (Indeed,
it is probably a matter of time before your own @cox.net also becomes
@comcast.net). My personal domain has, however, remained stable since
1995.

> As to you, I do not think I have ever seen you complain that your
> email was not recieved elsewhere because you were sending out from a
> dynamic IP, that is what started my rant on this any way. Once every
> week or two someone says to the list, 'Why should I be blocked just
> because I am on DUL/Broadband connection?', or something very near to
> it.


These were complaining that their mails was rejected by the final
recipient host, which is a far cry from ISP-institutionalized blocking.

There are certainly RBLs out there (e.g. dnsbl.sorbs.net) that list
"dynamically allocated" IP addresses (mostly as provided by various
ISPs). If you want to use it, and are aware of the general problems
associated with DNS-based blocking, then more power to you.

If I want to send a mail from my home machine to my dedicated server, I
don't want my ISP (Comcast) to make that decision for me.


> It is not uncommon to see those same posters ask 'How do I stop all
> the spam?'... It would just be easier to say, nope, sorry, can do that
> if your IP address is always dynamic, send to a 'proper (loose term
> there)' SMTP gateway so that we can help make everyones life just a
> touch easier.


That is generally a good answer.
All major MTAs have "smarthost" support.

(Indidentally, this is probably a "bug"/oversight, but the default Exim
4 configuration does not work too well for a configuration where the
local mail server is someone else's backup MX, but where outbound mail
is forwarded via a smarthost. Basically, the mail is sent to the
smarthost regardless, which, in turn, may bounce the mail back; the
mail loop is detected, and delivery fails. A better default would be
to always forward relayed mails directly to the primary MX, even when a
smarthost is being used).


> Now what would be really, really nice, is if ALL ISP's publicly listed
> their dynamic IP ranges,


By what mechanism? Each ISP maintain their own RBL?

As it stands now, 'dnsbl.sorbs.net' is created with input from lots of
different (major/minor) ISPs.


> and then Offered to help set up proper DNS for any customer that has
> static IP's and wants to run an MTA.


Such customers will probably also want to set up their own DNS (or
maybe use DNS services provided by their domain registrar). What is
the point of hosting your own inbound MTA, if you don't control your
own domain?


> As it stands, where is the fault in my thinking/statement that if you
> want your email to be accepted without question then send from hosts
> that are not questioned when it comes to conntent that they allow to
> be sent.


I had some trouble parsing that sentence. What I think you are asking
is: What is wrong with requesting users with residential IPs to forward
mails through an upstream MTA?

My answer is: Nothing - I fully support this request. However, that is
not what you stated in your previous mail. There, you said:

>>> All ISP's should block port 25 traffic unless you are paying for a
>>> business class service, in which, you should not be on a dynamic
>>> type of IP, but have some statics, that can be properly mapped
>>> through DNS.


Clearly, this would be a Bad Thing(tm).


> I am going to leave the rest of your post , but I am going to pull the
> last
> couple of lines up here and ask what the hell is this about???
>>
>>> Even if you are just hosting your churces (or any other
>>> non/not-for-profit
>>                                      ^^^^^^ [sic]

>>
> How is this a cheap shot, He was the one who said that He hosted his
> churces email on his home account. Would you prefer I have said
> 'your churches (or any one elses...)???


I think we both misunderstood each other here.

My <cheap shot> tag (below) was a reference to my own words, not yours.
(If you are familiar with HTML, then the syntax <tag>something</tag>
would make sense to you).

I lacked the history behind your post, I thought the reference to
providing hosting for a church was your idea, not just something you
responded to.


>> <Cheap shot>
>> That would explain the black-and-white world view we see espoused.
>> </Cheap shot>
>
> Even if you think I brought up church, what does that have to do with
> 'explain the black-and-white world view we see espoused'?? isn't your
> statement rather black-and-white???


Yep. There are two types of people I hate in the world - religious
zealots, and those who categorize others too easily.

(Yeah, that was a joke).

-tor