Re: [Mimedefang] Email Filtering Article
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John Nemeth wrote: On Oct 29, 4:01pm, Chris Gauch wrote: } -Original Message- } From: [EMAIL PROTECTED] [mailto:mimedefang- } [EMAIL PROTECTED] On Behalf Of Paul Whittney } Sent: Wednesday, June 08, 2005 8:52 PM } } Most likely people here read slashdot at times (or all the time ;-), but } there is an article on filtering email, with graphs, and other ideas. } } http://www.acme.com/mail_filtering/ } } Interesting reading...the most memorable paragraph was this one: } } Note that qmail, an alternative mail transport program, generates } post-reception bounce messages in circumstances where other mail transports } would have refused the reception. This means every qmail site is basically } an open spam relay. For this reason alone, qmail should never be used by } anyone. There are third party patches available to fix this and other problems. The original author, Daniel J. Bernstein, is refusing to accept them or to even make the necessary changes himself. The quote is still somewhat true in that out of the box, qmail is a rogue MTA that doesn't behave in an acceptable manner. Well, given that djb makes such bold claims for qmail, allowing such bugs to persist doesn't do much for his credibility. In fact, I doubt that anyone who isn't a skilled programmer is qualified to administer a qmail installation, what with all the patches necessary just to make it fully compliant. - -- Daniel Taylor -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD4DBQFCqlaT8/QSptFdBtURAgblAJdO8JXB7+cvNg7xsFwQLzJBKZxOAJ9Z1MMV y0X11LRt0oO4o41GpGQgkQ== =emSm -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Deadline for SPF records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brenden Conte wrote: | On Tue, 2004-08-10 at 13:55, Daniel Taylor wrote: | | snip | | Say your potential client sends the same e-mail from the same location | and your spam filter sidelines it because it triggered a couple minor | SA rules and was from a blackholed IP range. | | Now your potential client thinks the mail went through, you know nothing | about it, and the business opportunity may well pass permanently because | the potential client thinks you just aren't interested in the business. | They are almost definitely offended by the non-response. | | Which scenario works better for you? | | This assumes that: | a) The user in question knows about and understand SPF, and why it | didn't work and | b) knows and understands email, and that the bounce they just received | was not because our mail servers were broken or we run a shoddy service. | c) no one checks their spam traps. | If neither A or B are true, then you risk a lost potential client. | (This, of course, assumes you are not dealing with 100% technically savvy | client base) | If C is true, thats more of a responsibility issue. For A: if their ISP/Company has deployed strict SPF they should have at least been briefed on it. Strict SPF is a requirement for the reject scenario. For B: People who don't understand e-mail get bounces all the time. They'll do what they alway do, call their IT guy, who will kindly and gently explain the situation to them. ;) And as for C: Yep, and tell me with a straight face that it doesn't happen all the time. - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFBGhKT8/QSptFdBtURAkzcAJwMSEE2jI/nV0UAuRxvQP9Yad+8MgCePoOJ ngwKaD4LA+/kbOHdOTWAS8c= =n2+4 -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Deadline for SPF records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Les Mikesell wrote: | On Tue, 2004-08-10 at 14:10, Richard Laager wrote: | | |If a potential customer sends you a message through a public access |point and their domain has SPF enabled and doesn't list that access |point as a valid relay, is that you fault? No, it's their |administrator's fault for setting up restrictive SPF without properly |configuring their employee's/user's laptops. | | | How would this work for wireless delivery services like Blackberry? | My CEO has one of these and uses it a lot. All messages must | be sent through their server but we want the 'From:' to be | his desktop address. | SPF Classic doesn't check From:, so the SPF classic record would be Blackberry's since it came from their server and would have their MAIL FROM attached to it. For the Marid record you would set ?include:{Blackberry's domain} to reflect the fact that e-mail from that domain claiming to be from you may or may not be authorized. - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD4DBQFBGhSV8/QSptFdBtURAoRZAJimNJ4uss9JM8ff0/FNBUns74FHAJ9mm2MY w7lcnkJVkw62XA/pYGghVg== =115Z -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Deadline for SPF records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 alan premselaar wrote: | as an ISP, you can't be platform biased either. you have to take into | account every possible mail client that anyone using your servers may | attempt to use. like it or not. | You are correct Alan, ISP's will have the toughest time getting to strict SPF. This is definitely a case where private domains with more control over their userbase need to lead the way. For those of us with private domains, or running corporate domains, we have the easiest job. It is (among other things) a brand control issue. Your domain name is roughly equivalent to company letterhead, and should be protected. Any non-technological executives you may need to explain the situation to will understand the analogy, and you may find them more enthusiastic for a solution to the forgery problem than you are. Just consider how the CEO would react if he discovered that someone was sending bomb threats to random people and companies around town on your company letterhead... - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFBGhaX8/QSptFdBtURApAeAJ4yLSQM24lnFJo1solxulPxjSKu4QCeLmbK NtHAwDdLKf8t34kpNHnf3as= =I2pb -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Deadline for SPF records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Les Mikesell wrote: | On Tue, 2004-08-10 at 12:55, Daniel Taylor wrote: | | |Say your potential client sends the same e-mail from the same location |and your spam filter sidelines it because it triggered a couple minor |SA rules and was from a blackholed IP range. | | | Well, that would be my own choice, wouldn't it? | | |Now your potential client thinks the mail went through, you know nothing |about it, and the business opportunity may well pass permanently because |the potential client thinks you just aren't interested in the business. |They are almost definitely offended by the non-response. | |Which scenario works better for you? | | | The latter, because I can apply my own valuation to the filtering and | check every message if I consider it worthwhile. If it happens at | the transport level, individual consideration no longer applies. | For exactly this reason, I never discard spam at the transport | level but tag it with MD in a way that lets individuals choose | their own filtering level. | | The place where it might be useful is in catching viruses that | forge the sender address, though. We've recently seen at least | two that came through before the scanners recognized them so | you can't really count on detecting them by content. | As the recipient it is your choice. I would also note that if you are philosophically opposed to rejecting e-mail messages you can have your SPF filter operate in Tag-only mode. Much depends on who you have to work with. - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFBGj2I8/QSptFdBtURAjkzAJ9XyHIPIumZtHBlhO4M+4lxUwpmswCeIICO BM2eZANvE3rG6/CaU+Ms5eo= =OXII -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Deadline for SPF records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Les Mikesell wrote: | On Wed, 2004-08-11 at 10:38, Daniel Taylor wrote: | | |As the recipient it is your choice. |I would also note that if you are philosophically opposed to rejecting |e-mail messages you can have your SPF filter operate in Tag-only mode. | | | But then how does the sender ever learn that his domain is | misconfigured for his use (or vice versa...).? | He finds out when he sends a message using the broken configuration to someone who does reject SPF Fails. Same as many people find out about open relays and other SMTP misconfigurations now. | |Much depends on who you have to work with. | | Everyone - I thought that was the point of the Internet. I meant more specificly, who you are supporting. I've got few enough users that I can give them the personal attention to make sure they are properly configured everywhere they need to be. Others are not so lucky, and have to depend to a great extent on their own users' savvy. - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFBGmcW8/QSptFdBtURAivdAJ4oIn76Velbs8X3ZmdnoMLOjGHmuQCfUWYF amZB2LEWBz9KeGGp9lz7w2U= =bmJi -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Deadline for SPF records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David F. Skoll wrote: | On Mon, 9 Aug 2004, Daniel Taylor wrote: | | |All SPF-Pass means is that the e-mail came from an authorized |sender for the domain in question. | | | Right. SPF is *not* an anti-spam technology. | Oh no, not again. This is why I held off from responding to this thread. Sender verification is a necessary but insufficient tool in the anti-spam arsenal. It does little to nothing *BY ITSELF*, but it enables the use of tools such as Domain-based blackhole lists that are impossible without it. Just because a hammer won't hold two boards together doesn't mean that it isn't a construction tool. SPF IS an anti-spam technology, because it enables more effective anti-spam measures. SPF IS NOT the solution to spam. SPF right now is great fodder for your Bayesian filter, and blocks quite a few hostile e-mails cheap, such as from=recipient pattern spam/viruses. Nobody else in the world needs to use it for you to gain those benefits, since you can apply a weak default SPF record to any domain that doesn't publish. - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFBGL+i8/QSptFdBtURAqewAJ4rPtV76XFVt7iZh9fTNtLk8j/VxgCeO59g lcSMjMl+jTaO1Tam7XLkqHE= =FkpP -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Deadline for SPF records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Les Mikesell wrote: | On Tue, 2004-08-10 at 09:12, Dave Williss wrote: | | |You mean like an employee on the road using a hotel's ISP or at a |wireless hotspot connecting back to your mail server to send mail |as from your company? _Make_ them use authentication. | | | Put a price tag on that. If you are selling a product, how many | dollars worth of orders are you willing to discard because the | potential customer sent a request for information through a | public access point instead of their own ISP? Discarding their | mail is the only way you can _make_ someone else do things | your way. Is it worth it, when what really matters is the | individual authentication and/or the message content? I just | don't see much value in some untrusted third party's claim | of authentication. | Excellent point. Unfortunately for your intended point it cuts both ways. In the case of an SPF reject the potential client gets an immediate notification that something is wrong, and can take corrective action if they are that interested. Since their company must be publishing a strict SPF record for this scenario to occur they just may appreciate your respecting their policy and call you instead. Say your potential client sends the same e-mail from the same location and your spam filter sidelines it because it triggered a couple minor SA rules and was from a blackholed IP range. Now your potential client thinks the mail went through, you know nothing about it, and the business opportunity may well pass permanently because the potential client thinks you just aren't interested in the business. They are almost definitely offended by the non-response. Which scenario works better for you? - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFBGQwl8/QSptFdBtURAifNAJ4pcMpfqvm/7W8QC8Kd0aeQkezxcQCfVej0 6/vne8j6V6GsqleCcnW0unc= =PgoW -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Deadline for SPF records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Les Mikesell wrote: | On Mon, 2004-08-09 at 10:47, Dave Williss wrote: | | |So back to the postal analogy, you'd could drop a letter in your own |mailbox from anywhere in the world as long as you had the key. |Although, if the authentication is done by password sent in clear text, I |don't think I would like that option. | | | Yes, analogies are always flawed, but my point is that I don't | want aol or msn to claim, rightly or wrongly, that they control | the content of my messages even if they happen to originate | from that domain. As I understand it, that's what you get from | SPF and if people come to rely on that, it will be enforced to | make it true. | You overestimate what SPF does. All SPF-Pass means is that the e-mail came from an authorized sender for the domain in question. Aol can use SPF to say that e-mail from smtp.aol.com is from an aol user or employee, while if it comes from pool-dynamic-11-12-12-12.DSLexample.net it is unauthorized, and probably forged. Content is beyond the scope. For content authorization or verification you need GPG, S/MIME or something similar. - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFBF9Hc8/QSptFdBtURAj9KAJ99H+I79kMmNELbO234cajbqqYUMQCfYFq2 m0oPRy7KbCY1eM7GKOZjWwg= =nNRo -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Sender validation
); | } | } else { | debug_log(0,filter_sender: $sender (unchecked 2)); | } | } else { | debug_log(0,filter_sender: $sender (unchecked 1)); | } | --8-- | | Even with the rather go ahead than reject too much philosophy and the excempted stuff, this would reject quite a lot of stuff. So far the stuff above hasn't hit any legit mail. | | Regards | /Jonas | | PS. As a curiosity I've also noticed that some spammers use domains for wich there're no MX servers actually accepting mail (there are MX records in the DNS, but the servers they point to doesn't accept mail for the domain). | - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD4DBQFA2vqD8/QSptFdBtURAn4iAJ9J/9O2kMgO/++Ai/D9R3JcnTHyoACY3TY7 aqd55G/Go+UL3C0QWufLTQ== =WNkv -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Sender validation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David F. Skoll wrote: | On Thu, 24 Jun 2004, Daniel Taylor wrote: | | |It is easier to use SPF for this. Then you can access the Received-SPF: |header both for SA rules and Bayesian filtering. | | | That relies on the domain owners publishing SPF records, which still isn't | very common. | The SPF Milter allows you to define a default SPF record to be used when the site does not have a published record. It beats trying to roll your own solution, and reduces the chances of false positives since published SPF records reflect the _actual_policy_ of the domains publishing them, and the default policy you set reflects your policy for the sites that can't be bothered to tell you theirs. - -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA2yNB8/QSptFdBtURAiRaAJ9dAjWDvOlGS7ny0qLvxq7RzJ+mRACfYysN BFPKqegTTXZ4R7O8mNYjbxI= =ELq6 -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Sender validation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tony Nelson wrote: | Quoting Daniel Taylor [EMAIL PROTECTED]: | |The SPF Milter allows you to define a default SPF record |to be used when the site does not have a published record. | | | | I use the SPF Milter.. and missed the concept of default SPF record. What would | make sense as a value? mx ~all ? What do you use, and how do you set it up? The default default record is essentially a mx ?all. I have seen some hints of how to change it, but I haven't gotten that deep into it yet because I _like_ the default behavior for work. I'll probably use a stricter rule for home though, like a mx -all ;) To enable it use: push (@extraParams, guess = 1); about line 800 (version 1.41) I like it because it at least gives me _some_ additional info to work from, and I seem to be getting better filtering from it. - -- Daniel Taylor -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA24928/QSptFdBtURAiFpAJ4lVP0pk4ciZJoLYRhC/38JVQfpQQCfXDI1 c6rnq6Ghr82xFlAXNN+uK7A= =chex -END PGP SIGNATURE- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] MIMEDefang not working with SA and ClamAV
Iván Belmonte wrote: Looking the sysog, It shows the next line for each mail I get: mimedefang.pl[18144]: MDLOG,i4KB3wpv018889,mail_in,,,[EMAIL PROTECTED],[EMAIL PROTECTED],some subject And nothing more. Sendmail i properly configured, it's obvious, if not MIMEDefang wouldn't work. Any ideas? Here's what I do for tracking. The magic incantation is the md_graphdefang_log calls. Oh, the X-Keywords header is so that mimedefang tagged emails show up as junk automaticly in Mozilla et al. if ($hits = $req) { action_change_header(X-Spam-Score, $hits ($score) $names); action_add_header(X-Keywords,Junk); md_graphdefang_log('spam', $hits, $names); } else { # Delete any existing X-Spam-Score header? md_graphdefang_log('notspam', $hits, $names); action_delete_header(X-Spam-Score); } -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Why did my Filter Reject this?
Mark Penkower wrote: It appears that my filter bounced an email with a .doc extension. I have not instructed the filter to block this extension. Please explain why the filter bounced this, and what changes I can make to the filter to allow this in the future. MDLOG,i45JH3SL032136,bad_filename ,T. Rowe Price letter.doc,application/msword,[EMAIL PROTECTED],[EMAIL PROTECTED] enet.com,comment letters I thought that the the filter did not like the naming convention, so I make a word document and called it: T. Rowe Price letter.doc What you are seeing here is the difference between T. Rowe Price\nletter.doc and T. Rowe Price letter.doc The newline is what it would be catching. -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Extremism or just leveling the playing field..
Ben Kamen wrote: Boy, as I sit here and watch the spammers try to A: use me as a relay (same IP, multiple tries) B: scan for usernames C: try and deliver to bogus names I've used on the net I would love to have a hook in mimedefang to auto-blackhole these IP's... kinda like the greylisting where the entry times out after a while.. but after so many misses, the IP gets null-routed... I have thought about this too, especially when I was watching this poor sod with an infected machine out in NY hitting me with dozens of virus e-mails yesterday. A temporary IP blackhole, say with a variable timeout ranging up to about a month, would be good. It could probably be done with the existing greylist code. I don't think I could deploy something like that at work (yet), but at home it would be sweet. I know there's probably ways to do this.. I'd just have to sit down and do it.. but don't have the time... But don't you guys and gals get mad when you see some pathetic loser try and bash the doors down to your mail server?? Yeah, just want to route them out of existence. Yeesh. I'd like to rub the nose of my local legislative reps in this stuff... Bad idea, but it would be nice to be able to call the cops on folks trying to break into your servers just like you would if they were trying to break into your office. But who would you call? -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Black Listed
Andrea Venturoli wrote: ** Reply to note from [EMAIL PROTECTED] Tue, 6 Apr 2004 15:10:33 -0400 My ISP here (Bigpond) is about to implement blocking port 25 for all their dynamic IP customers. Good! That's ok with me, as soon as their smtp server, which I'm then forced to use is not blacklisted! This would not be acceptable to me at home on my cable modem. I only use my cable modem ISP for transport only. My mail accounts require authentication before I can relay off them. If I relay through an Adelphia server, but have a StumpyDogs.org or RVClub.net address on the email, that could look like a forgery. There could be workarounds. Like for example allowing connection to outside servers on port 587, which should be authenticated. SPF can help here. I have mx:mn.rr.com set for argle.org so that receiving mailservers know that argle.org e-mail can originate from RoadRunner's servers legitimately. Port 587 should only be used for authenticated submissions to keep from being an open relay. -- Daniel Taylor VP OperationsVocal Laboratories, Inc. [EMAIL PROTECTED] http://www.vocalabs.com/(952)941-6580x203 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang