Loading ...
Sorry, an error occurred while loading the content.

Re: smtpd_recipient_restrictions evaluation question

Expand Messages
  • Simon Morvan
    ... And how am I supposed to send mail from my own mail server if I don t trust my ISP mail relay nor have $$$ to have a colo space and my own IP space ? And,
    Message 1 of 24 , Nov 1, 2009
    • 0 Attachment
      Daniel V. Reinhardt a écrit :
      > ----- Original Message ----
      >
      >
      >> From: Stan Hoeppner <stan@...>
      >> To: postfix-users@...
      >> Sent: Sun, November 1, 2009 1:00:30 PM
      >> Subject: smtpd_recipient_restrictions evaluation question
      >>
      >> Simon Morvan put forth on 11/1/2009 4:20 AM:
      >>
      >>
      >>> That's prevent rejection but also prevent my ability to ensure my
      >>> freedom to use the network :
      >>> http://en.wikipedia.org/wiki/Network_neutrality
      >>>
      >>> That's will be my last message on-list for this topic but feel free to
      >>> keep on discuss this off-list :)
      >>>
      >> Net Neutrality has nothing to do with SMTP receivers. It has everything
      >> to do with network carriers and QOS. You have no inherent right to send
      >> email to _my_ MX, nor anyone else's. Your rights end where mine begin.
      >> If I chose to drop your SMTP connections due to the rDNS name of your
      >> sending MTA, its status as being listed in the Spamhaus PBL, or any
      >> other reason, that's my right, and dropping you does not in any way
      >> infringe upon _your_ rights, because in this case, again, you have no
      >> rights.
      >>
      >> If, after reading this, you feel that receivers who reject mail sent
      >> directly from your residential IP are infringing upon your rights, then
      >> we can safely file your comments into the kook folder.
      >>
      >> --
      >> Stan
      >>
      >
      > Very well said Stan. Residential IP's are common to be malware infected with malware that sends itself out via its own SMTP program, and as such should be stopped.
      >
      > Thanks,
      > Dan
      >
      >
      >
      >
      >
      And how am I supposed to send mail from my own mail server if I don't
      trust my ISP mail relay nor have $$$ to have a colo space and my own IP
      space ?

      And, Stan, you refuse mails from my ISP mail relay... (the second
      biggest in France...)

      --
      Simon
    • Daniel V. Reinhardt
      ... Simple you get a business account, and have them edit your rDNS and other important records accordingly. Residential IP s shouldn t be allowed to send
      Message 2 of 24 , Nov 1, 2009
      • 0 Attachment
        ----- Original Message ----
        > From: Simon Morvan <garphy@...>
        > To: postfix-users@...
        > Sent: Sun, November 1, 2009 2:37:14 PM
        > Subject: Re: smtpd_recipient_restrictions evaluation question
        >
        > Daniel V. Reinhardt a écrit :
        > > ----- Original Message ----
        > >
        > >
        > >> From: Stan Hoeppner
        > >> To: postfix-users@...
        > >> Sent: Sun, November 1, 2009 1:00:30 PM
        > >> Subject: smtpd_recipient_restrictions evaluation question
        > >>
        > >> Simon Morvan put forth on 11/1/2009 4:20 AM:
        > >>
        > >>
        > >>> That's prevent rejection but also prevent my ability to ensure my
        > >>> freedom to use the network :
        > >>> http://en.wikipedia.org/wiki/Network_neutrality
        > >>>
        > >>> That's will be my last message on-list for this topic but feel free to
        > >>> keep on discuss this off-list :)
        > >>>
        > >> Net Neutrality has nothing to do with SMTP receivers. It has everything
        > >> to do with network carriers and QOS. You have no inherent right to send
        > >> email to _my_ MX, nor anyone else's. Your rights end where mine begin.
        > >> If I chose to drop your SMTP connections due to the rDNS name of your
        > >> sending MTA, its status as being listed in the Spamhaus PBL, or any
        > >> other reason, that's my right, and dropping you does not in any way
        > >> infringe upon _your_ rights, because in this case, again, you have no
        > >> rights.
        > >>
        > >> If, after reading this, you feel that receivers who reject mail sent
        > >> directly from your residential IP are infringing upon your rights, then
        > >> we can safely file your comments into the kook folder.
        > >>
        > >> --
        > >> Stan
        > >>
        > >
        > > Very well said Stan. Residential IP's are common to be malware infected with
        > malware that sends itself out via its own SMTP program, and as such should be
        > stopped.
        > >
        > > Thanks,
        > > Dan
        > >
        > >
        > >
        > >
        > >
        > And how am I supposed to send mail from my own mail server if I don't
        > trust my ISP mail relay nor have $$$ to have a colo space and my own IP
        > space ?
        >
        > And, Stan, you refuse mails from my ISP mail relay... (the second
        > biggest in France...)
        >
        > --
        > Simon

        Simple you get a business account, and have them edit your rDNS and other important records accordingly. Residential IP's shouldn't be allowed to send mail except from their own ISP Mail Server. If you don't trust your ISP, then its time to find another one.
      • mouss
        ... AFAIK, the policy didn t change. but chances are that people who used to send directly have moved to a relay model. The PBL is used in many places. and
        Message 3 of 24 , Nov 1, 2009
        • 0 Attachment
          Simon Morvan a écrit :
          > Le 30/10/2009 16:05, /dev/rob0 a écrit :
          >>[snip]
          >>>
          >> Consider Zen here. It also incorporates the (not-quite-so) new PBL,
          >> which has been very effective here.
          >>
          >>
          > The last time I tried it, Zen included too many legitimate users behind
          > ADSL lines. The "Policy" behind PBL is a bit too restrictive. Maybe it
          > changed, I'll give it another try.

          AFAIK, the policy didn't change. but chances are that people who used to
          send directly have moved to a relay model. The PBL is used in many
          places. and some large sites use more restrictive lists anyway. so
          insisting on sending directly only causes grief, and things are mostly
          likely to "get worse".

          I personally use dnswl.org. so users who get blocked by the PBL are
          invited to submit their IP to dnswl.org.


          >>> reject_rhsbl_sender dsn.rfc-ignorant.org,

          you find PBL policy too restrictive, yet you use a non-spam related
          list. anyway, your server your rules...

          >> [snip]
        • /dev/rob0
          ... A truly static IP address (with custom rDNS) on PBL can be removed by the user; there is a web form with automated checks and a manual review process. This
          Message 4 of 24 , Nov 1, 2009
          • 0 Attachment
            On Sunday 01 November 2009 12:24:54 mouss wrote:
            > Simon Morvan a écrit :
            > > Le 30/10/2009 16:05, /dev/rob0 a écrit :
            > >>[snip]
            > >>
            > >> Consider Zen here. It also incorporates the (not-quite-so) new PBL,
            > >> which has been very effective here.
            > >
            > > The last time I tried it, Zen included too many legitimate users behind
            > > ADSL lines. The "Policy" behind PBL is a bit too restrictive. Maybe it
            > > changed, I'll give it another try.
            >
            > AFAIK, the policy didn't change. but chances are that people who used to
            > send directly have moved to a relay model. The PBL is used in many
            > places. and some large sites use more restrictive lists anyway. so
            > insisting on sending directly only causes grief, and things are mostly
            > likely to "get worse".
            >
            > I personally use dnswl.org. so users who get blocked by the PBL are
            > invited to submit their IP to dnswl.org.

            A truly static IP address (with custom rDNS) on PBL can be removed by
            the user; there is a web form with automated checks and a manual
            review process. This typically shouldn't take more than a day or two.

            If it's NOT static, why should it be whitelisted? When will it
            change? Are checks done to ensure that it's still under control of
            the dnswl.org. submitter?
            --
            Offlist mail to this address is discarded unless
            "/dev/rob0" or "not-spam" is in Subject: header
          • Sahil Tandon
            On Sun, 01 Nov 2009, Simon Morvan wrote: [blah blah] ... I thought you said your previous message was your last on this topic? Please, let s close this thread.
            Message 5 of 24 , Nov 1, 2009
            • 0 Attachment
              On Sun, 01 Nov 2009, Simon Morvan wrote:

              [blah blah]

              > And how am I supposed to send mail from my own mail server if I
              > don't trust my ISP mail relay nor have $$$ to have a colo space and
              > my own IP space ?
              >
              > And, Stan, you refuse mails from my ISP mail relay... (the second
              > biggest in France...)

              I thought you said your previous message was your last on this topic?
              Please, let's close this thread.

              --
              Sahil Tandon <sahil@...>
            • mouss
              ... sorry, I was talking about static IPs. obviously, there is no point in whitelisting a dynamic IP.
              Message 6 of 24 , Nov 1, 2009
              • 0 Attachment
                /dev/rob0 a écrit :
                > On Sunday 01 November 2009 12:24:54 mouss wrote:
                >> Simon Morvan a écrit :
                >>> Le 30/10/2009 16:05, /dev/rob0 a écrit :
                >>>> [snip]
                >>>>
                >>>> Consider Zen here. It also incorporates the (not-quite-so) new PBL,
                >>>> which has been very effective here.
                >>> The last time I tried it, Zen included too many legitimate users behind
                >>> ADSL lines. The "Policy" behind PBL is a bit too restrictive. Maybe it
                >>> changed, I'll give it another try.
                >> AFAIK, the policy didn't change. but chances are that people who used to
                >> send directly have moved to a relay model. The PBL is used in many
                >> places. and some large sites use more restrictive lists anyway. so
                >> insisting on sending directly only causes grief, and things are mostly
                >> likely to "get worse".
                >>
                >> I personally use dnswl.org. so users who get blocked by the PBL are
                >> invited to submit their IP to dnswl.org.
                >
                > A truly static IP address (with custom rDNS) on PBL can be removed by
                > the user; there is a web form with automated checks and a manual
                > review process. This typically shouldn't take more than a day or two.
                >
                > If it's NOT static, why should it be whitelisted? When will it
                > change? Are checks done to ensure that it's still under control of
                > the dnswl.org. submitter?

                sorry, I was talking about static IPs. obviously, there is no point in
                whitelisting a dynamic IP.
              Your message has been successfully submitted and would be delivered to recipients shortly.