[plug] Domains blocking mail from dialup pools
Craig Ringer
craig at postnewspapers.com.au
Fri Nov 5 07:19:11 WST 2004
On Fri, 2004-11-05 at 00:40, Shayne O'Neill wrote:
> track down the anti-dialup pool listings and beg plead and bribe for them
> to take it off the list.
>
> frankly, I dont fancy your chances.
Agreed. I don't know if exim can do it. I think postfix can do it via
the transport map, but that's manual on a host-by-host basis. You could
just set the transport for mail.com to smtp:mail.yourisp.com , for
example.
I doubt any MTA has a configurable option to try a different server for
messages where a delivery attempt connected OK but was _rejected_ by the
server. Of course, with the weird and crazy things going on with email,
one never can be sure.
> also:: blacklisting is a piece of shit. it needs to be said. its a
> ridiculous method that rarely works but cuts a heck of alot of good email
> out of the loop.
I generally agree, but do think one blacklist is very useful - ORDB. It
serves the very useful purpose of encouraging server admins to fix their
servers, many of whom would never otherwise do so.
A similar, but weaker, argument applies to other blacklists - "well, you
shouldn't be hosting spammers then, should you!". The careful,
responsible, well-maintained ones aren't too bad, but certain blacklists
are overzealous and don't seem to bother checking things much. I'm sure
the UWA mail server admins can attest to that ;-)
I think dial-up blacklists as one of the worst sorts of blacklist, worse
than even the absurdly overzealous and badly maintained conventional
blacklists. While it is true that dial-up users can't really operate
effectively as full Internet hosts (dynamic IP and intermittent
connection), it seems unreasonable to go out and block things they _can_
do just because the functionality is sometimes abused. The right
solution to my mind is for the ISP to fix the problem - cancel the
accounts of dialup users who abuse the service _and_ _punish_ _them_. It
also seems wise to block outgoing port 25 by default, but permit the
user to disable the block, and to red-flag hosts sending mail at too
high a rate.
Some sort of blacklist for the IP ranges of dialup services that are
easily abused by spammers would make more sense to me. Blanket blocking
of dialup does not.
While I see blacklists as a useful spam blocking tool (though a crude,
clumsy and generally far from ideal one), I think they're more useful as
a tool to exert pressure on server admins to fix the problem at the
source. That's why I see ORDB as particularly valuable. DSBL is also
very useful and for similar reasons - it just handles a broader set of
relays, such as open proxies. Seventy to eighty percent of our spam at
the POST was coming in via DSBL-blacklisted hosts, and we continue to
block a truly absurd number of delivery attempts from such hosts (more
than six thousand this week).
I also continue to find the idea of ISPs running a random sample of
outgoing mail through a spam filter to identify possibly abusive hosts
quite interesting. The difficulty would be the load on the routers,
which would have to reassemble SMTP sessions from the incoming stream of
packets with DPORT 25. Fast, smart routers are _expensive_. Perhaps
it'll be more practical with the new ones folks like Cisco are coming
out with that have a daughterboard that runs Linux for application
processing.
--
Craig Ringer
More information about the plug
mailing list