Autor: Chris Lear Fecha: A: Exim, Users Asunto: Re: [exim] DynaStop - I like it!
* Chris Lightfoot wrote (03/11/06 09:53):
[...] >
> You also said,
>
> [ this class of email origination points ]
>> consists of people who have other ways to send their legitimate email.
>> At the very least, they have their ISP's mail relay, which is free (or
>> if it isn't, change provider).
>
> which is obviously nonsense in general -- there are lots
> of ISPs which do stupid things with mail (e.g. prohibiting
> email being sent unless its sender or even From: header is
> in a certain domain) and it is not always true that it is
> practical to change provider. Essentially here your claim
> is ``in every part of the world where there exists one ISP
> selling internet access there also exists a second
> comparable one at about the same price, and in any case
> all such ISPs are paragons of competence''. Again this is
> a lovely theory but it simply isn't true.
>
It's a theory I subscribe to, more or less. I can't prove it except in
the particular case of UK ISPs, because that's what I use, and a single
example of a competent ISP at a reasonable price is sufficient proof.
The "paragons of competence" part is unprovable, but I can live with
"sufficiently competent". I agree that some ISPs have very unhelpful
mail relaying rules, and it isn't easy to find out in advance what these
rules are.
>
> Again I think this is basically a problem of confusing
> feature extraction for machine learning, though the
> `kicking away the ladder' aspect is pretty ugly. I suppose
> I could appeal to the end-to-end principle but apparently
> nobody believes in that any more.
>
You're probably right. That principle (if what you mean is the principle
that it's best to send mail direct rather than via a relay) relies on
the trustworthiness of the endpoints, which is very much in doubt.
I've just spent some time setting up exim on my home adsl link. My ISP
(ukfsn.org) doesn't block outgoing port 25, but I choose to use the
ISP's relay for outgoing mail, because I think that will give the best
chance of delivery. At the moment, I'd rather risk their incompetence
than send mail direct (even with a static ip address and a PTR record).
I wouldn't mind if all ISPs restricted outgoing port 25 to only their
relays. Actually, I'd welcome it. As long as port 587 is still
available, and doesn't become a future spam loophole, of course.