[OT] was SORBS
Here's the chuckle Mail transport error, MTSPro SMTP Relay Agent could not deliver the following message for users@spamassassin.apache.org. Reason: 550 Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?217.36.54.209 --==-- Original Message Headers Follow --==-- Received: from snakepit.bleh (snakepit.bleh [192.168.2.32]) by blue-canoe.org.uk (envelope-sender ni...@blue-canoe.com) with ESMTPA (MTSPro MTSSmtp 1.61) for users@spamassassin.apache.org; Fri, 30 Apr 2010 11:25:10 +0100 From: Nigel Frankcom ni...@blue-canoe.com To: SpamAssassin users@spamassassin.apache.org Subject: [OT] Was SORBS Date: Fri, 30 Apr 2010 11:25:09 +0100 Organization: Blue Canoe Networks Message-ID: kfblt5t3h1mksks6taaa9r1kohe1psj...@blue-canoe.net X-Mailer: Forte Agent 6.00/32.1186 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Abuse-Report-URL: http://www.blue-canoe.net/abuse X-Envelope-Sender: ni...@blue-canoe.com X-Envelope-Receiver: users@spamassassin.apache.org Here's my message :-D Hi All, First a big thanks to all those who offered advice and actively assisted in getting my SORBS problem resolved. BT have admitted they screwed things up with SORBS a while ago and, at least on an individual level, regret that. That aside, they have worked hard and with patience and professionalism to help me get this resolved. For those of you with BT accounts that find yourself in the same situation, give me a shout and I'll happily pass on the info for the people and departments I worked with... Someone may read the archives :-D Once again, thanks one and all for your help and support (and to the list admins for not yelling at me to say this had nothing to do with SA :-D) Cheers all Nigel
Re: UCEPROTECT
On Thu, 22 Apr 2010 10:44:53 -0400, Jared Hall jh...@tbi.net wrote: Nigel, It takes two to tango. 1) If your recipient's Email server didn't use UCEPROTECT, you would not be having this issue. 2) If your recipient's ISP ran their own local cached copy of the UCEPROTECT zone file(s), they could simply remove your IP address. 3) If your recipient's ISP ran a local DNS Whitelist, they could simply add your IP address and you would be fine. 4) If you run your mail operations off a dynamic IP address, that is just poor system administration. 5) If the recipient's ISP doesn't have any control over blocking capability, they shouldn't be in the mail server business. Anybody using some externally controlled service, without local override capabilities, can expect Email delivery problems forever. 6) If YOU used a decent ISP that gave a crap about you, you would not be having this problem. In terms of extortion, I don't see any liability whatever. Level 1 addresses auto-expire. If you want that expedited, you pay. Sounds fair to me. Level 2 and Level 3 addresses require intervention by the sender's ISP. A fee is charged, presumably to cover the cost of scanning netblocks to verify the problem has been resolved. Not altogether an easy thing to do, and a MAJOR cost factor, as also indicated at SORBS. Problems exists elsewhere, as well. RFC-Ignorant listings come to mind. Nobody is forced to use UCEPROTECT. For those that do, see 2,3, and 5 above. Solutions abound. In your case, item 6 seems most appropriate. Jared Hall n.frank...@gmail.com wrote: Hi All, For reference the SORBS issue is still ongoing, my ISP (BT) is working hard to resolve it. I mentioned in one of my posts how UC (UCPROTECT) were also an issue. They seem to have taken entire netblocks and are demanding 20Euro's per year to remove individual IP's Does anyone have any information about this and in particular any law enforcement involvement since this smacks of extortion to me. TIA Nigel Your points are taken and I agree ISP's could do more. But in terms of payment for removal I don't see why that should happen. CBL seem to cope well without it. I agree anyone running off a dynamic IP has no business doing so, however, the definition of a dynamic IP is a blurred one, this is an issue I'm having to deal with currently. In BT's defence, they do appear to be doing all they can. Sadly in true large organisation fashion those that used to deal with these issues are no longer there and the replacements don't know what their full remit is. This is an issue I'm working with BT on now so that their customers won't get as badly affected as they are currently. IMO yelling at them solves little, working with them to resolve the problem is a much better option. In the years I've used BT as my ISP I've had issues certainly, but the same can be said for any ISP. To date BT have resolved all of mine. Thanks for your thoughts though. They do make some sense and have given me a better idea of how UC operate. I still don't agree with their operating procedures but I guess that's my issue. Kind regards Nigel
Re: UCEPROTECT
On Fri, 23 Apr 2010 12:58:02 +0200, Mariusz Kruk mariusz.k...@epsilon.eu.org wrote: On Friday, 23 of April 2010, Matus UHLAR - fantomas wrote: This is now what ISPs should do - enforce no-spam policies, apparently including blocking outgoing SMTP for non-MTAs. We (at my employer) are doing this now, even because of UCEPROTECT but also because of different reasons. Of course. But that's kinda ortogonal to the whole UCEPROTECT issue. But I wouldn't count on that, and I think that if you have spammed, they'd have proof against you... Well... There is no way to contact them if you're listed. Even if it's not level1. Not to mention that they never provide any proof of any abuse which is supposed to have caused the listing. A bit of a catch 22 situation. How to know why you are in a list if nobody has reported abuse to you. For myself, every outgoing email from our mailserver has a URL embedded in the header from which abuse can be reported. I can't speak for others, but for our networks those reports are acted on immediately. Nigel
UCEPROTECT
Hi All, For reference the SORBS issue is still ongoing, my ISP (BT) is working hard to resolve it. I mentioned in one of my posts how UC (UCPROTECT) were also an issue. They seem to have taken entire netblocks and are demanding 20Euro's per year to remove individual IP's Does anyone have any information about this and in particular any law enforcement involvement since this smacks of extortion to me. TIA Nigel
Re: SORBS
On Tue, 20 Apr 2010 11:26:27 -0700, John Rudd jr...@ucsc.edu wrote: Having full rDNS isn't the issue. What probably happened was something like this: 1) your ISP reported their dynamic addresses to SORBS, or SORBS inferred them via various means. 2) SORBS listed those addresses in DUL 3) Your ISP ran low on static addresses, and allocated to you one of the addresses that was formerly a dynamic address. 4) Your ISP did NOT inform SORBS of the change, or SORBS mechanisms for inferrence didn't pick up the change (or they don't bother to try to detect such changes) 5) You're in the DUL even though you think you shouldn't be, because you're on a static IP. What you need to do is force #4 to get fixed. rDNS is a helpful part of the bigger picture, but has nothing to do with the above 5 steps/events. On Tue, Apr 20, 2010 at 10:17, Nigel Frankcom n.frank...@gmail.com wrote: My IP has full rDNS supplied by my ISP - please feel free to ping -a 217.36.54.209 and tell me what exactly is wrong wit that? On 20 April 2010 16:08, Benny Pedersen m...@junc.org wrote: On tir 20 apr 2010 15:04:53 CEST, Nigel Frankcom wrote If anyone has any ideas - please let me know? if your isp give you dul ip, then you must use isp smtp servers as relay not a fault of sorbs some isp is badly informing users on howto if you really want to use you ip as server make sure it relly is allowed from your isp, the report from sorbs says me its not a static ip ps: if you need to have mail sent from home server make it use smtp auth to gmail, and the problem is totaly gone, if that is not possible change isp ! -- xpoint http://www.unicom.com/pw/reply-to-harmful.html Fair point, just come off the phone to my ISP, they can't get any response from sorbs. Nigel PS - the ISP approach was my 1st attempt - a week ago tomorrow (GMT)
