[TriLUG] Domains blocking dynamic IPs

Ben Pitzer uncleben at mindspring.com
Tue Sep 16 00:30:45 EDT 2003


Folks,

David is perfectly correct here.  I've said before that more ISPs are
blocking dynamic IP mail hosts, and more ISPs and corporations will come to
do it in the future.  Rather than manage a growing, and ever more cumbersome
list of domains that block dynamic IP mail hosts on your mail server at
home, simply relay or 'smarthost' all of your mail through your ISP's
outbound mail servers.

The reason for this, for those of you who may wonder, is to prevent mail
coming into your inbound mail system from a potentially open relay or
freelance spammer.  While this does make things more difficult for folks
such as yourselves, most of whom run closed relays and don't spam from your
servers, it has been effective in reducing spam on most networks, which is
to everyone's advantage, except the spammers'.

As usual, I fully expect a heated retort.  However, any complaints about the
perfectly functioning outbound RR mail servers will be immediately deleted
for being either misinformed or just stupid. (Easy, just kidding!)

Regards,
Ben Pitzer

---------------------------------------------

"Those that can give up essential liberty to obtain a little temporary
safety
 deserve neither liberty nor safety."
 --Ben Franklin--




> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org]On
> Behalf Of rasch at raschnet.com
> Sent: Monday, September 15, 2003 2:44 PM
> To: Triangle Linux Users Group discussion list
> Subject: Re: [TriLUG] Domains blocking dynamic IPs
>
>
> On Mon, Sep 15, 2003 at 02:37:58PM -0400, Michael Thompson
> <thompson at easternrad.com> wrote:
> > Hey guys, just wondering...  whats wrong with relaying all of your mail
> > through your isp's smtp server and avoiding the hassle of keeping lists
> > of 'unfriendly' mail servers altogether?  If its for security purposes,
> > can't your isp sniff out your unencrypted messages as they are
> > coming/going anyway if they cared that much?
> >
>
>
> This is exactly what I do.  I had enough trouble with me, and my users,
> reporting email servers bouncing their mail that I now relay everything
> through mail.earthlink.net and it goes through no problems.  I've had no
> problem with up-time or reliability of this solution.  If performance is
> a problem, you could add explicit routes for known-good hosts rather
> than bad ones.  Personally, I think that bouncing mail based on black
> lists and dynamic IP lists is stupid and really destroys the paradigm.
> Particularly when an IP on one of these lists is basically irrefutable.
> It's been particularly irritating to me, who operates a closed-relay
> mail server on a dynamic IP.
>
> Just my $0.02
>
> -David
>




More information about the TriLUG mailing list