reverse DNS not required by SMTP RFC2821

Hi,

I would like to get peoples views on this. More and more mailservers
(SMTP servers) require that the sending server (the client) have an IP
address with reverse DNS working. I beleive they do this to prevent
spam.
However, RFC2821 states:

"4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO)

These commands are used to identify the SMTP client to the SMTP
server. The argument field contains the fully-qualified domain name
of the SMTP client if one is available. In situations in which the
SMTP client system does not have a meaningful domain name (e.g.,
when
its address is dynamically allocated and no reverse mapping record
is
available), the client SHOULD send an address literal (see section
4.1.3), optionally followed by information that will help to
identify
the client system. y The SMTP server identifies itself to the SMTP
client in the connection greeting reply and in the response to this
command."

So obviously the RFC takes into account those situations where the
client does not have reverse DNS. And when the RFC was made it seems it
was accepted preactice that some clients don't have reverse DNS.
It can therefore be concluded that those SMTP servers not allowing mail
from IP's that don't have reverse DNS are not conforming to standard.
An example of one such organisation that require reverse DNS is America
OnLine.

My organisation is for example running a mailserver that does not have
reverse DNS. The reason for this is that it is located in Africa and
our upstream provider is less than professional and don't want to
assign us the reverse DNS entry. The result is that our clients are not
able to email any of AOL's customers. Furthermore we are not able to
get our own block of IP's assigned by ARIN because we wont be able to
fullfill the requirement of using x% of the assigned IP's within he
first year etc etc. (I don't rememebr the exact percentage required at
this moment) because we are not large enough yet. So when mailservers
on the internet refuses to accept mail from us, they are ruining the
chance for a small ISP, that gives competition to the big useless
national ISP with incredibly lousy service, to exist in this particular
african country. It is typical that people across the internet
introduce these anti spam measures without thinking through the
consequences.
I would rather receive 10 spam mails than loose 1 genuine mail.

I beleive that by not allowing mail from non-reverse-DNS clients and
thus not conforming to standard is symptomatic of the arrogance of the
big corporations and that it ruins the internet, pure and simple.
Granted that spam also ruins the internet, but there are many other
ways of dealing with that problem.

Let me know what you think. Are they *really* not conforming to
standard or is there some room for interpretation in the RFC?
By descriminating which systems a particular server will receive mail
from, are they conforming to standard or not? Does it say anywhere that
descrimination is 'acceptable'?

Regards,
Tobias Skytte

Re: reverse DNS not required by SMTP RFC2821

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-16803-1109247626-0002
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

nsa.usa@gmail.com writes:

> Hi,
>
> I would like to get peoples views on this. More and more mailservers
> (SMTP servers) require that the sending server (the client) have an IP
> address with reverse DNS working. I beleive they do this to prevent
> spam.
> However, RFC2821 states:

I know what the RFC states. However, everyone is entitled to configure and
run their servers the way they see fit. If they don't want to receive mail
from IP addresses that nobody claims ownership of, then it's their privilege
to do so.

> It can therefore be concluded that those SMTP servers not allowing mail
> from IP's that don't have reverse DNS are not conforming to standard.

Maybe, maybe not. Nobody really cares.

> My organisation is for example running a mailserver that does not have
> reverse DNS. The reason for this is that it is located in Africa and
> our upstream provider is less than professional and don't want to
> assign us the reverse DNS entry.

That's unfortunately, but, again, nobody really cares.

> african country. It is typical that people across the internet
> introduce these anti spam measures without thinking through the
> consequences.

What is your evidence that AOL introduced this filter configuration in their
mail servers without considering the consequences?

> I would rather receive 10 spam mails than loose 1 genuine mail.

That's your opinion. Others' opinions may differ. I, for example, believe
that if a particular method results in blocking thousands of junk E-mail, at
a risk of a single false positive, then it's worth it for me. It's not the
end of the world. It's not brain surgery. If someone needs to get ahold of
me, there's always the phone.

> I beleive that by not allowing mail from non-reverse-DNS clients and
> thus not conforming to standard is symptomatic of the arrogance of the
> big corporations and that it ruins the internet, pure and simple.

You are entitled to your beliefs.

> Let me know what you think. Are they *really* not conforming to
> standard or is there some room for interpretation in the RFC?

Maybe they are, may be they aren't. Nobody, cares.

> By descriminating which systems a particular server will receive mail
> from, are they conforming to standard or not? Does it say anywhere that
> descrimination is 'acceptable'?

It is their mail servers. They are fully entitled to run them and configure
them in whatever manner they see fit.

You would not accept someone telling you how to run your own mail servers.
Don't tell AOL how to run theirs.


--=_mimegpg-commodore.email-scan.com-16803-1109247626-0002
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBCHcaKx9p3GYHlUOIRAs2DAJ9cYmvAczpXIRzoNog9VEUFxGgN6ACf Z/XB
6rXIp+AIjxwiLW3hAN5XK58=
=48+3
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-16803-1109247626-0002--

Re: reverse DNS not required by SMTP RFC2821

On 24 Feb 2005 03:55:02 -0800, nsa.usa@gmail.com
wrote:

> Hi,
>
> I would like to get peoples views on this. More and more
> mailservers (SMTP servers) require that the sending server (the
> client) have an IP address with reverse DNS working. I beleive
> they do this to prevent spam. However, RFC2821 states:
>
> "4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO)
>

You can put _anything_ in the HELO greeting as a client, which
is not good.

> These commands are used to identify the SMTP client to the
> SMTP server. The argument field contains the fully-qualified
> domain name of the SMTP client if one is available. In
> situations in which the SMTP client system does not have a
> meaningful domain name (e.g., when its address is dynamically
> allocated and no reverse mapping record is available), the
> client SHOULD send an address literal (see section 4.1.3),
> optionally followed by information that will help to identify
> the client system. y The SMTP server identifies itself to
> the SMTP client in the connection greeting reply and in the
> response to this command."
>
> So obviously the RFC takes into account those situations where
> the client does not have reverse DNS. And when the RFC was made
> it seems it was accepted preactice that some clients don't have
> reverse DNS. It can therefore be concluded that those SMTP
> servers not allowing mail from IP's that don't have reverse
> DNS are not conforming to standard. An example of one such
> organisation that require reverse DNS is America OnLine.
>

The Internet isn't what it was when the RFC was written.

> My organisation is for example running a mailserver that
> does not have reverse DNS. The reason for this is that it
> is located in Africa and our upstream provider is less than
> professional and don't want to assign us the reverse DNS
> entry. The result is that our clients are not able to email
> any of AOL's customers. Furthermore we are not able to get our
> own block of IP's assigned by ARIN because we wont be able
> to fullfill the requirement of using x% of the assigned IP's
> within he first year etc etc. (I don't rememebr the exact
> percentage required at this moment) because we are not large
> enough yet. So when mailservers on the internet refuses to
> accept mail from us, they are ruining the chance for a small
> ISP, that gives competition to the big useless national ISP
> with incredibly lousy service, to exist in this particular
> african country. It is typical that people across the internet
> introduce these anti spam measures without thinking through the
> consequences. I would rather receive 10 spam mails than loose
> 1 genuine mail.
>
> I beleive that by not allowing mail from non-reverse-DNS
> clients and thus not conforming to standard is symptomatic of
> the arrogance of the big corporations and that it ruins the
> internet, pure and simple. Granted that spam also ruins the
> internet, but there are many other ways of dealing with that
> problem.

That's what _all_ corporations do, not just the big ones: Rave
about the wonders and blessings of competition and then try
to eliminate it.

>
> Let me know what you think. Are they *really* not conforming
> to standard or is there some room for interpretation in the
> RFC? By descriminating which systems a particular server will
> receive mail from, are they conforming to standard or not? Does
> it say anywhere that descrimination is 'acceptable'?
>
> Regards, Tobias Skytte
>

I think that you need to route your outgoing mail through a proxy
server that has a reverse-DNS listing. At least the mail destined
for AOL, etc.

Or maybe you could contact them and work something out...

I sympathize with your situation, but the spam problem is serious
and serious problems sometimes require desperate measures.

I've considered running reverse-DNS checks on a percentage of
my incoming mail and dumping any that failed.

Of course, as long as 4% of the people actually buy from the
spammers, nothing is going to work. And most of the major ISPs
make it easy for them while pretending to be working their tails
off to fight it.

Because that's what the people _really_ want. If 4% buy, then
40% consider it, and 80% read it. Regardless of what they _say_.

Most of the so-called "spamfighters" spend a good deal of time
reading spam because they have to see what new tricks the
spammers are up to so they can update their filters and make sure
that it hasn't eaten any mail they want to get.

See the "Spam Study" post of mine from yesterday.

Message-ID:

AC

--
Pro-Active Spam Fighter
Pass-list --> Spam-Filter --> Challenge-Response
http://tinyurl.com/2t5kp

Re: reverse DNS not required by SMTP RFC2821

>Hi,
>
>I would like to get peoples views on this. More and more mailservers
>(SMTP servers) require that the sending server (the client) have an IP
>address with reverse DNS working. I beleive they do this to prevent
>spam.

You are right with your believe. Unfortunately many mail server
operators take countermeasures which restult in violation of RFC's or
other negative side effects. They obviousely don't like these side
effects but are otherwise helpless. So from their point of view it's a
compromise. Yet another side effect of such countermeasures is that a
high degree of false positives will remain undetected. This obivousely
will further convince operators of such systems that the method used
is good. Don't get this wrong, without more enhanced technology at
hands I understand these kind of countermeasures and I'm sure I would
do the same thing if I were in this situation.

It is still unfortunate in that meanwhile spam filtering techniques
are available which filter spam reliably (read without false
positives). The problem is that these techniques are not free (while
not all of them are really expensive), whereas simple blocking is
relatively cheap to implement.

In the mid to longer run I'm very confident though that techniques
which lead to false positives - be it by blocking innocents or bad
filters - will be replaced because of their disadvantages. I'm also at
the same time conviced that the spam problem by itself will never go
away completely and that all countermeasures (i.e. filtering, larting,
laws etc.) have their place and must be used to bring it to a level
which is aceptable for the users.

Just my 2¢ though

Markus

Re: reverse DNS not required by SMTP RFC2821

>I know what the RFC states. However, everyone is entitled to
configure

It was quoted for you and other people's convenience.

>and
>run their servers the way they see fit. If they don't want to receive
mail
>from IP addresses that nobody claims ownership of, then it's their
>privilege to do so.

Sure I guess they can do whatever they want. But when they sell a
product to their customers and call it 'email' then their customers
should be able to send and receive mail according to internet (RFC)
standards. Otherwise they can't call it email IMHO.

>Maybe, maybe not. Nobody really cares.

Why not care? If the standards get eroded, the internet wil not
function smoothly. Just look at the uglyness going on in http
world.....

>That's unfortunately, but, again, nobody really cares.

Maybe you don't care, but I'm sure lots of other people care....

>What is your evidence that AOL introduced this filter configuration in
their
>mail servers without considering the consequences?

The evidence is circumstantial. The scheme is so braindead IMO that
they couldn't possibly have thought it through......

>That's your opinion. Others' opinions may differ. I, for example,
believe
>that if a particular method results in blocking thousands of junk
E-mail, at
>a risk of a single false positive, then it's worth it for me. It's
not the
>end of the world. It's not brain surgery. If someone needs to get
ahold of
>me, there's always the phone.

Hell why not just block *all* mail then we wont get any spam either!
great!
Or we can go back to the phone a you say! yes! now lemme think....how
do I stuff this 2 mb attachment down the phone....hmmmm.....and I
wonder what long distance to Ougudougu costs......hmmmm....

>Maybe they are, may be they aren't. Nobody, cares.

I thing you're wrong, lots of admins having non-reverse-DNS systems
care. You just don't hear from them because their bloody email is not
working...:-)

>You would not accept someone telling you how to run your own mail
>servers.
>Don't tell AOL how to run theirs.

I run my mailservers according to standards, so yes I actually do allow
someone to tell me how to run them. They're called IETF.

Tobias Skytte

Re: reverse DNS not required by SMTP RFC2821

>The Internet isn't what it was when the RFC was written.

Ok, well isn't it time a new RFC is written then?

>That's what _all_ corporations do, not just the big ones: Rave
>about the wonders and blessings of competition and then try
>to eliminate it.

Yes that's probably true.

>I think that you need to route your outgoing mail through a proxy
>server that has a reverse-DNS listing. At least the mail destined
>for AOL, etc.

Yes I have thought of that, and might have to resort to that. It's
just yet another added headache and expense.

>Or maybe you could contact them and work something out...

Been there, done that, didn't get a t-shirt nor a reply....:-(

>I sympathize with your situation, but the spam problem is serious
>and serious problems sometimes require desperate measures.

I agree the spam situation is out of control, but by blocking legit
mail we are just making the whole email system work even worse,
reducing its reliability and convenience. There are other measures that
can be taken.

>I've considered running reverse-DNS checks on a percentage of
>my incoming mail and dumping any that failed.

Please don't do that. It's IMHO a quick-fix that's got bigger
consequences than it seems. There are many non-reverse-DNS servers
around the world (and I suspect especially in the 3rd world). When your
customers start complaining what will you tell them? Many in your
situation would probably say something along the lines of " we're
blocking all those suspect servers out there sending spam, and the
address you're trying to get mail from is probably in some 3rd world
mismanaged server...blah blah", it's a rant that'll probably work but
you know deep down that that's not the cause and that it's because you
yourself are not adhering to standards.

>Of course, as long as 4% of the people actually buy from the
>spammers, nothing is going to work. And most of the major ISPs
>make it easy for them while pretending to be working their tails
>off to fight it.

4% sounds like a very high figure. Where does it come from?

>Because that's what the people _really_ want. If 4% buy, then
>40% consider it, and 80% read it. Regardless of what they _say_.

hmmmm. I think you're wrong. Nobody I have ever heard off actually
*wants* spam! and those figures are way too high.

regards,
Tobias Skytte

Re: reverse DNS not required by SMTP RFC2821

>You are right with your believe. Unfortunately many mail server
>operators take countermeasures which restult in violation of RFC's or
>other negative side effects. They obviousely don't like these side
>effects but are otherwise helpless. So from their point of view it's a

But there are other solutions than blocking non-reverse-DNS servers.
Some ISP's also block their clients outgoing port 25 which IMHO is just
as bad. Yes, desperate measures are needed, but how about some
intelligent ones instead of just braindead blocking.

>It is still unfortunate in that meanwhile spam filtering techniques
>are available which filter spam reliably (read without false
>positives). The problem is that these techniques are not free (while
>not all of them are really expensive), whereas simple blocking is
>relatively cheap to implement.

Yes it's cheap, but braindead. Certainly big ISPs like AOL can afford
to filer. And I'm sure they do that also.
It would be interresting to see if anybody has made a study on the
effectiveness of filtering versus blocking versus other methods.

>In the mid to longer run I'm very confident though that techniques
>which lead to false positives - be it by blocking innocents or bad
>filters - will be replaced because of their disadvantages. I'm also at
>the same time conviced that the spam problem by itself will never go
>away completely and that all countermeasures (i.e. filtering, larting,
>laws etc.) have their place and must be used to bring it to a level
>which is aceptable for the users.

Yes, better laws and tougher penalties, and more cops to track down the
spammers. In the meantime I just hope the standards don't become so
eroded that the net nolonger works because everybody has implemented
different systems that can't communicate with each other.

Tobias Skytte

Re: reverse DNS not required by SMTP RFC2821

Actually I just got a reply from AOL on this. A standard form letter
telling me to get my IP reverse-DNS'ed, I replied to them but only
noticed afterwards that the reply address was set to: noreply@aol.com.

What a bunch of lamers.....with that attitude they *will* go bust
eventually......

regards,
Tobias Skytte

Re: reverse DNS not required by SMTP RFC2821

In article <1109258221.027389.45160@f14g2000cwb.googlegroups.com>, says...

> >I know what the RFC states. However, everyone is entitled to
> >configure

> It was quoted for you and other people's convenience.

But it does not prove the particular point you wish to make.

> >and
> >run their servers the way they see fit. If they don't want to receive
> >mail
> >from IP addresses that nobody claims ownership of, then it's their
> >privilege to do so.

> Sure I guess they can do whatever they want. But when they sell a
> product to their customers and call it 'email' then their customers
> should be able to send and receive mail according to internet (RFC)
> standards. Otherwise they can't call it email IMHO.

The RFCs are not requirements, just suggestions. If I set up a server which
uses SMTP commands, it is an email system, regardless of any restrictions
that I may apply.

> >Maybe, maybe not. Nobody really cares.

> Why not care? If the standards get eroded, the internet wil not
> function smoothly. Just look at the uglyness going on in http
> world.....

It the standards were adhered to literally by everybody, spam would bury us;
the Internet would still be broken.

> >That's unfortunately, but, again, nobody really cares.

> Maybe you don't care, but I'm sure lots of other people care....

People are of two minds about spam. Those who'd wade through 10,000 spam
messages for that one really important email will sign up with a provider
which will give that kind of service. Those who'd rather risk losing an
occasional good mail to cut down on the spam will sign up with a provider
which will give them that kind of service. Whether you sign up for the
former, if you try to send email to a customer of the latter kind of
service, you will just have to accept that some of your email won't be
delivered. You can't force them to accept your email if they don't want to
accept it.

> >What is your evidence that AOL introduced this filter configuration in
> their
> >mail servers without considering the consequences?

> The evidence is circumstantial. The scheme is so braindead IMO that
> they couldn't possibly have thought it through......

They considered how their customer would respond to that kind of filtering.
Apparently their customers like them running their servers that way, else
the complaints would have compelled them to drop that method of filtering.

> >That's your opinion. Others' opinions may differ. I, for example,
> >believe
> >that if a particular method results in blocking thousands of junk
> >E-mail, at
> >a risk of a single false positive, then it's worth it for me. It's
> >not the
> >end of the world. It's not brain surgery. If someone needs to get
> >ahold of
> >me, there's always the phone.

> Hell why not just block *all* mail then we wont get any spam either!
> great!
> Or we can go back to the phone a you say! yes! now lemme think....how
> do I stuff this 2 mb attachment down the phone....hmmmm.....and I
> wonder what long distance to Ougudougu costs......hmmmm....

Some people even block whole countries. Whatever works to alleviate the spam
pain.

> >Maybe they are, may be they aren't. Nobody, cares.

> I thing you're wrong, lots of admins having non-reverse-DNS systems
> care. You just don't hear from them because their bloody email is not
> working...:-)

You are guessing. For every admin having no rDNS configured, you will find
at least one who takes pains to get rDNS configured.

> >You would not accept someone telling you how to run your own mail
> >servers.
> >Don't tell AOL how to run theirs.

> I run my mailservers according to standards, so yes I actually do allow
> someone to tell me how to run them. They're called IETF.

I do believe that it is not a requirement to do so. Remember, the Internet
is a system of mutual interconnections. The standards facilitate
interconnection, but those who are willing to risk lower levels of
connectivity may try non-standard ways of hooking up.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

Re: reverse DNS not required by SMTP RFC2821

In article <1109261579.301174.33330@z14g2000cwz.googlegroups.com>, says...

> Some ISP's also block their clients outgoing port 25 which IMHO is just
> as bad.

Wouldn't affect me in the least. I am not supposed to be running an MX
client for end-to-end relay of email anyway, per the TOS of my ISP. The off-
ISP mail services that I do use all offer SMTP message submission on ports
other than 25. So I use my ISP's SMTP server to relay for my domain (within
the terms of my ISP), and I use ports other than 25 for client connection
off-ISP. Either way, a port 25 block does not hinder me.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

Re: reverse DNS not required by SMTP RFC2821

In article <1109264863.004504.126090@g14g2000cwa.googlegroups.com>, says...

> Actually I just got a reply from AOL on this. A standard form letter
> telling me to get my IP reverse-DNS'ed, I replied to them but only
> noticed afterwards that the reply address was set to: noreply@aol.com.

> What a bunch of lamers.....with that attitude they *will* go bust
> eventually......

It won't be that attitude which will cause them to go bust.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

Re: reverse DNS not required by SMTP RFC2821

>But it does not prove the particular point you wish to make.

It shows that the designers of that RFC took into account that some
mailservers would not have reverse DNS, thereby implying that that's
ok.

>The RFCs are not requirements, just suggestions. If I set up a server
>which uses SMTP commands, it is an email system, regardless of any
>restrictions that I may apply.

Yes but if everybody did that nobody would be able to communicate.

>It the standards were adhered to literally by everybody, spam would
bury >us;
>the Internet would still be broken.

I don't agree. There are other ways of dealing with spam: filtering,
more resources to police, better laws, political will etc. or changing
of the standards.

>People are of two minds about spam. Those who'd wade through 10,000
>spam messages for that one really important email will sign up with a
>providerwhich will give that kind of service. Those who'd rather risk
losing

I think that when people buy an email account they have absolutely no
clue if the provider blocks certain domains. I think that 98% of users
have no idea that that is even possible and they don't even know what a
'domain' is.....

>an
>occasional good mail to cut down on the spam will sign up with a
provider
>which will give them that kind of service. Whether you sign up for the
>former, if you try to send email to a customer of the latter kind of
>service, you will just have to accept that some of your email won't be
>delivered. You can't force them to accept your email if they don't
want to
>accept it.

I don't think so. Have you ever seen an ISP advertise that they block
legitimate emails so they can cut corners whith their spam protection?

>They considered how their customer would respond to that kind of
>filtering. Apparently their customers like them running their servers
that >way, else the complaints would have compelled them to drop that
method >of filtering.

I don't think so. They are so arrogant and obviously don't give a damn
about their customers. When people complain to them (as I did) they
respond with a form letter telling me to basically piss-off......

>Some people even block whole countries. Whatever works to alleviate
the >spam
>pain.

Yeah, they wont be in business long.....
Why not block all mails from all countries! The most spam I get is
about products in the USA, and I am located in Africa......so maybe I
should tell my mailserver to block the US.......great!

>You are guessing. For every admin having no rDNS configured, you will
>find at least one who takes pains to get rDNS configured.

Well we can only guess as neither of us have any hard figures.

>> someone to tell me how to run them. They're called IETF.

>I do believe that it is not a requirement to do so. Remember, the
Internet
>is a system of mutual interconnections. The standards facilitate
>interconnection, but those who are willing to risk lower levels of
>connectivity may try non-standard ways of hooking up.

Well, the internet was made to facilitate communication. Blocking
legit communication is counter to that aim. If everybody ignores the
standards the internet will quickly sink.....
Rigtht now I am blocking all mail comming from AOL, as they are
blocking us, so now the internet has just sunk that tiny little bit
further down into the mud........

Tobias Skytte

Re: reverse DNS not required by SMTP RFC2821

On 24 Feb 2005 08:02:22 -0800, nsa.usa@gmail.com
wrote:



>
>>Or maybe you could contact them and work something out...
>
> Been there, done that, didn't get a t-shirt nor a reply....:-(
>

Not surprising. Trying to find someone at a big ISP that
actually knows something about networking and is interested in
anything but evading responsibility is nearly impossible.

I don't use mine for anything but a doorwary onto the Internet.



>>I've considered running reverse-DNS checks on a percentage of
>>my incoming mail and dumping any that failed.
>
> Please don't do that. It's IMHO a quick-fix that's got bigger
> consequences than it seems. There are many non-reverse-DNS
> servers around the world (and I suspect especially in the
> 3rd world). When your customers start complaining what will
> you tell them? Many in your situation would probably say
> something along the lines of " we're blocking all those suspect
> servers out there sending spam, and the address you're trying
> to get mail from is probably in some 3rd world mismanaged
> server...blah blah", it's a rant that'll probably work but you
> know deep down that that's not the cause and that it's because
> you yourself are not adhering to standards.

Okay.

>
>>Of course, as long as 4% of the people actually buy from the
>>spammers, nothing is going to work. And most of the major ISPs
>>make it easy for them while pretending to be working their
>>tails off to fight it.
>
> 4% sounds like a very high figure. Where does it come from?

http://groups.google.com/groups?selm=hxWSd.3925$873.3884@new sread3.news.pas.earthlink.net

>
>>Because that's what the people _really_ want. If 4% buy, then
>>40% consider it, and 80% read it. Regardless of what they
>>_say_.
>
> hmmmm. I think you're wrong. Nobody I have ever heard off
> actually *wants* spam! and those figures are way too high.

You are underestimating human greed ("But there could be a
_really_ good deal there...") and the human capacity for self and
inter-personal deception. Most people present a false face to the
public and look through spam, cursing it and pretending that they
are just idly curious and that it doesn't count.

The fact is that if around 4% of the people didn't buy stuff
they wouldn't do it. There'd be no point! It wouldn't be
economical/profitable.

Actions speak louder than words.

AC

Re: reverse DNS not required by SMTP RFC2821

In article <1109279035.669957.288320@z14g2000cwz.googlegroups.com>,
wrote:
>
>>But it does not prove the particular point you wish to make.
>
>It shows that the designers of that RFC took into account that some
>mailservers would not have reverse DNS, thereby implying that that's
>ok.

There is a difference between the technical side of protocols
(interoperability) and policy issues.

RFCs are mainly concerned with protocols and the technical aspects thereof.
This is quite obvious in remote login protocols: even if you speak the
procotol, your can't get in without an account and a password/key.

The SMTP protocol works fine: when an MTA rejects mail due to lack of reverse
DNS you typically get an SMTP error that indicates a failure, which allows
the sending MTA to report the back to the sender.

Some people install IP level filters in routers. This is a much nastier
solution, because the sending MTA will typically try for about a week before
returning an error to the sender.

It is quite possible that AOL's servers are capable of accepting mail
from systems without reverse DNS. It also possible that you have to pay
them quite a bit money to install a while-list entry for your systems.
Those kinds of policy issues are all beyond the scope of most RFCs.

The RFCs describe how people should implement protocols if they want to
communicate. Typically there are no RFCs that describe what you have to
do if people do not want to communicate. And in a world with spam,
lots of people do not want to communicate with people who can't be bothered
to maintain their networks properly, which includes reverse DNS.


--
That was it. Done. The faulty Monk was turned out into the desert where it
could believe what it liked, including the idea that it bad been done by.
It was allowed to keep its horse, since horses where so cheap to make.
-- Douglas Adams in Dirk Gently's Holistic Detective Agency

Re: reverse DNS not required by SMTP RFC2821

nsa.usa@gmail.com wrote:

> My organisation is for example running a mailserver that does not have
> reverse DNS. The reason for this is that it is located in Africa and
> our upstream provider is less than professional and don't want to
> assign us the reverse DNS entry. The result is that our clients are not
> able to email any of AOL's customers.

AOL is clearly, indisputably wrong to block systems without reverse DNS.

There's also probably nothing at all you can do about it.

The cheapest solution for you would probably be to rent a $79/month
dedicated server in the United States that *does* have reverse DNS, and
use it as a smarthost for your outgoing mail.

Regards,

David.

Re: reverse DNS not required by SMTP RFC2821

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-16803-1109294386-0005
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

nsa.usa@gmail.com writes:

>>and
>>run their servers the way they see fit. If they don't want to receive
> mail
>>from IP addresses that nobody claims ownership of, then it's their
>>privilege to do so.
>
> Sure I guess they can do whatever they want. But when they sell a
> product to their customers and call it 'email' then their customers
> should be able to send and receive mail according to internet (RFC)
> standards. Otherwise they can't call it email IMHO.

That's for their customers to decide. If their customers have a problem,
they'll take it up with them directly. But since you are not their
customer, you have no standing to tell them how to run their business.

>
>>Maybe, maybe not. Nobody really cares.
>
> Why not care?

Why should anyone care about your opinion of AOL's mail plant?

> If the standards get eroded, the internet wil not
> function smoothly.

I have a picture of the world's smallest violin right here: →←=


> Just look at the uglyness going on in http
> world.....

The http world is doing just fine.

>>That's unfortunately, but, again, nobody really cares.
>
> Maybe you don't care, but I'm sure lots of other people care....

You, and how many other sock puppets?

>>What is your evidence that AOL introduced this filter configuration in
> their
>>mail servers without considering the consequences?
>
> The evidence is circumstantial. The scheme is so braindead IMO that
> they couldn't possibly have thought it through......

Their scheme is not braindead just because you said so.

>>That's your opinion. Others' opinions may differ. I, for example,
> believe
>>that if a particular method results in blocking thousands of junk
> E-mail, at
>>a risk of a single false positive, then it's worth it for me. It's
> not the
>>end of the world. It's not brain surgery. If someone needs to get
> ahold of
>>me, there's always the phone.
>
> Hell why not just block *all* mail then we wont get any spam either!
> great!

I most certainly block all mail from some parts of the Internet. Presence
or absence of reverse DNS notwithstanding.

>>Maybe they are, may be they aren't. Nobody, cares.
>
> I thing you're wrong, lots of admins having non-reverse-DNS systems
> care.

If they really care about getting their mail to AOL, they'd fix their
reverse DNS, or smarthost their mail through a better-organized provider.

> You just don't hear from them because their bloody email is not
> working...:-)

And here's the world's second smallest violin: →←

>>You would not accept someone telling you how to run your own mail
>>servers.
>>Don't tell AOL how to run theirs.
>
> I run my mailservers according to standards, so yes I actually do allow
> someone to tell me how to run them. They're called IETF.

And be sure to thank them for all the spam in your mailbox.


--=_mimegpg-commodore.email-scan.com-16803-1109294386-0005
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBCHn0yx9p3GYHlUOIRAoqsAJ4prbCFmp5RDg52u1AKxWuI79TI3QCc CNED
qFeL1vHXin42xAo3bZLZi+c=
=Xxit
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-16803-1109294386-0005--

Re: reverse DNS not required by SMTP RFC2821

In article <1109279035.669957.288320@z14g2000cwz.googlegroups.com>, says...

> >But it does not prove the particular point you wish to make.

> It shows that the designers of that RFC took into account that some
> mailservers would not have reverse DNS, thereby implying that that's
> ok.

While it does imply that it is ok to accept email from servers which don't
have rDNS configured, it does not imply that one must accept email from
servers which don't have rDNS configured.

> >The RFCs are not requirements, just suggestions. If I set up a server
> >which uses SMTP commands, it is an email system, regardless of any
> >restrictions that I may apply.

> Yes but if everybody did that nobody would be able to communicate.

The level of functionality of the Internet probably depends upon the level
of compliance with the RFCs. But there is no requirement that anybody
connecting to the Internet must have full functionality. Each operator is
free to decide how much functionality they are willing to use, and to
implement the RFCs in such a manner as to achieve the desired level of
functionality.

> >It the standards were adhered to literally by everybody, spam would
> >bury >us; the Internet would still be broken.

> I don't agree. There are other ways of dealing with spam: filtering,
> more resources to police, better laws, political will etc. or changing
> of the standards.

If I couldn't rely on the methods I currently use, I would just drop email
altogether. About 2/3ds of the spam headed my way doesn't even reach those
vaunted filters because I am willing to ignore some parts of the RFCs. In
the absence of that option, nobody would be able to send me email because I
wouldn't have it.

If I am not free to choose how to manage my Internet connection, I am
certainly free to not connect to the Internet at all.

> >People are of two minds about spam. Those who'd wade through 10,000
> >spam messages for that one really important email will sign up with a
> >providerwhich will give that kind of service. Those who'd rather risk
> losing

> I think that when people buy an email account they have absolutely no
> clue if the provider blocks certain domains. I think that 98% of users
> have no idea that that is even possible and they don't even know what a
> 'domain' is.....

I think that people who buy an ISP probably aren't fully aware of what that
ISP does about filtering email. But people who buy an email account do so
because they aren't satisfied with the email account offered by their ISP;
these people almost certainly pick their email provider on the basis of how
much, or how little spam blocking the provider offers.

> >an occasional good mail to cut down on the spam will sign up with a
> >provider which will give them that kind of service. Whether you sign
> >up for the former, if you try to send email to a customer of the
> >latter kind of service, you will just have to accept that some of your
> >email won't be delivered. You can't force them to accept your email if
> >they don't want to accept it.

> I don't think so. Have you ever seen an ISP advertise that they block
> legitimate emails so they can cut corners whith their spam protection?

Not an ISP, but an email service provider; yes, I actually have. Try
"Spamblocked".

> >They considered how their customer would respond to that kind of
> >filtering. Apparently their customers like them running their servers
> >that way, else the complaints would have compelled them to drop that
> >method of filtering.

> I don't think so. They are so arrogant and obviously don't give a damn
> about their customers. When people complain to them (as I did) they
> respond with a form letter telling me to basically piss-off......

They almost certainly are balancing your complaint against ten complaints
from people getting spam because they aren't more aggressive about blocking
it.

> >Some people even block whole countries. Whatever works to alleviate
> the spam pain.

> Yeah, they wont be in business long.....

If they are blocking a whole country, it is almost certain that they aren't
even doing business with anybody in that country. Why should a business
which has no customers, or operations in, say, India, have to accept spam
from India when they could just turn off all email from India?

> Why not block all mails from all countries! The most spam I get is
> about products in the USA, and I am located in Africa......so maybe I
> should tell my mailserver to block the US.......great!

Works for me, for email from places like South Korea and the PRC.

> >You are guessing. For every admin having no rDNS configured, you will
> >find at least one who takes pains to get rDNS configured.

> Well we can only guess as neither of us have any hard figures.

Well, I have seen a half dozen mail administrators seeking assistance to get
rDNS set up.

> >> someone to tell me how to run them. They're called IETF.

> >I do believe that it is not a requirement to do so. Remember, the
> >Internet is a system of mutual interconnections. The standards
> >facilitate interconnection, but those who are willing to risk lower
> >levels of connectivity may try non-standard ways of hooking up.

> Well, the internet was made to facilitate communication. Blocking
> legit communication is counter to that aim. If everybody ignores the
> standards the internet will quickly sink.....
> Rigtht now I am blocking all mail comming from AOL, as they are
> blocking us, so now the internet has just sunk that tiny little bit
> further down into the mud........

You don't think that spammers are ignoring the standards? They most
certainly are. They do so because ignoring the standards will get their
email through to those servers which don't break the standards. Ah, but I
see somebody else has explained that there are more than technical standards
to making the Intrnet work. The point is that anybody connecting to the
Internet is free to do so in ways that work for them. If that means ignoring
this, or that part of an RFC, so be it. You, alas, can't control what
somebody else does for their purpose. You, alas, are stuck with trying to
find a way that works with their method; unless you have some kind of power
to compel them to comply with your requirements.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

Re: reverse DNS not required by SMTP RFC2821

NormanM wrote:

> While it does imply that it is ok to accept email from servers which don't
> have rDNS configured, it does not imply that one must accept email from
> servers which don't have rDNS configured.

You must recognize that owners of small domains have a lot more freedom
than companies like AOL or Hotmail that own a large percentage of the
world's e-mail addresses. Huge organizations have a responsibility to
weigh their decisions very carefully, because they affect millions of
people.

In my opinion, if you choose not to accept mail from servers that lack
rDNS, that's just rude. If AOL does it, it's more than rude -- it's
detrimental to the Internet.

> But there is no requirement that anybody
> connecting to the Internet must have full functionality.

There are MUST requirements in most RFCs. Anyone who is on the Internet
and breaks a MUST requirement is rude, and huge organizations that do
it are harmful to the Internet.

(I'm not saying that RFC2821 implies that you MUST accept mail from
servers that lack rDNS, just pointing out that there should be restrictions
on how freely RFCs can be interpreted.)

> If I couldn't rely on the methods I currently use, I would just drop email
> altogether. About 2/3ds of the spam headed my way doesn't even reach those
> vaunted filters because I am willing to ignore some parts of the RFCs.

As far as I know, I obey all the relevant RFCs and get almost no spam in
my mailbox. There are dozens of attempts per day, but our anti-spam
system stops almosd all of them. Maybe one or two a month get through.

You do *not* have to do harm in order to do good.

> If they are blocking a whole country, it is almost certain that they
> aren't even doing business with anybody in that country.

Or they're ignorant. The company I own is based in Canada. We sell
anti-spam software. At least one of our clients has banned the "ca"
TLD. :-) (Good thing we're a .com)

> You don't think that spammers are ignoring the standards? They most
> certainly are. They do so because ignoring the standards will get their
> email through to those servers which don't break the standards.

In many cases, you can detect this behavior and block it, without
breaking RFCs yourself. For example, greylisting remains quite
effective against around 25-30% of spam attempts.

Regards,

David.

Re: reverse DNS not required by SMTP RFC2821

In article ,
David F. Skoll wrote:
>NormanM wrote:
>
>> While it does imply that it is ok to accept email from servers which don't
>> have rDNS configured, it does not imply that one must accept email from
>> servers which don't have rDNS configured.
>
>You must recognize that owners of small domains have a lot more freedom
>than companies like AOL or Hotmail that own a large percentage of the
>world's e-mail addresses. Huge organizations have a responsibility to
>weigh their decisions very carefully, because they affect millions of
>people.
>
>In my opinion, if you choose not to accept mail from servers that lack
>rDNS, that's just rude. If AOL does it, it's more than rude -- it's
>detrimental to the Internet.

You are complaining about the equivalent of a restaurant or a club enforcing
a dress code. AOL has been rejecting mail based on the lack of reverse DNS
for years. And it is not as if there is no alternative to AOL. Hotmail is
just a few clicks away. Most sites in the US have reverse DNS, probably
because they want to be able to send mail to AOL. So most of AOL's customers
are not really missing anything.

If you can't afford to 'dress' properly on the Internet, then that will
be detrimental to your Internet access. Reverse DNS is just a matter of
adding a couple of lines to a zone file. If your ISP is too cheap to do that
then it is reasonable to assume that they are also too cheap to have a
proper abuse desk and anti-abuse mechanisms. So they should be blocked as
a precaution.



--
That was it. Done. The faulty Monk was turned out into the desert where it
could believe what it liked, including the idea that it bad been done by.
It was allowed to keep its horse, since horses where so cheap to make.
-- Douglas Adams in Dirk Gently's Holistic Detective Agency

Re: reverse DNS not required by SMTP RFC2821

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-20780-1109428994-0001
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Philip Homburg writes:

> adding a couple of lines to a zone file. If your ISP is too cheap to do that
> then it is reasonable to assume that they are also too cheap to have a
> proper abuse desk and anti-abuse mechanisms. So they should be blocked as
> a precaution.

This point is worth noting.

Lack of proper reverse DNS resolution is evidence of sloppy administration
and oversight. You could split hairs whether it's the ISP's fault, or the
regional IP allocation authority's. It doesn't matter. Someone in the
chain of command is out to lunch. Who exactly it is, isn't important. What
is important is that you can draw a logical, reasoned conclusion that when
you have sloppy oversight, there's greater likelyhood of abuse coming out of
there. It's been my experience that lack of proper forward/reverse DNS
resolution indicates a higher likelyhood of spam, and backscatter.



--=_mimegpg-commodore.email-scan.com-20780-1109428994-0001
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBCIIsCx9p3GYHlUOIRAn3FAJ4gbVPff1sQ1qheYwp9SPPJiHdPgQCe PXjq
wgTDjjaWZ9nV0hhvR1RCgZk=
=Ynu+
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-20780-1109428994-0001--

Re: reverse DNS not required by SMTP RFC2821

On Thu, 24 Feb 2005 nsa.usa@gmail.com wrote:
> I would like to get peoples views on this. More and more mailservers
> (SMTP servers) require that the sending server (the client) have an IP
> address with reverse DNS working. I beleive they do this to prevent
> spam.
> However, RFC2821 states:
>
> "4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO)
>
> These commands are used to identify the SMTP client to the SMTP
> server. The argument field contains the fully-qualified domain name
> of the SMTP client if one is available. In situations in which the
> SMTP client system does not have a meaningful domain name (e.g.,
> when
> its address is dynamically allocated and no reverse mapping record
> is
> available), the client SHOULD send an address literal (see section
> 4.1.3), optionally followed by information that will help to
> identify
> the client system. y The SMTP server identifies itself to the SMTP
> client in the connection greeting reply and in the response to this
> command."
>
> So obviously the RFC takes into account those situations where the
> client does not have reverse DNS. And when the RFC was made it seems it
> was accepted preactice that some clients don't have reverse DNS.
> It can therefore be concluded that those SMTP servers not allowing mail
> from IP's that don't have reverse DNS are not conforming to standard.
> An example of one such organisation that require reverse DNS is America
> OnLine.

Wrong RFC. It is true that in RFC 2821, the HELO/EHLO parameter is supposed to
be a domain name, or if not, a bracketed IP-address literal, but other than
checking to see if it's one's OWN name (and not from one's own machine), there
is NO CONCLUSION that can be drawn from any other syntactically valid
parameter. In fact, for a multi-homed client, the domain name given may not
even map to the name in the domain of the interface used.

What most people are doing is taking the address from the TCP socket itself,
checking for a PTR record that has a corresponding A record mapping back to the
IP address of the socket. This can mean checking several combinations if there
are multiple PTR or A records. Having a matching set is acceptable, or
optionally, NO PTR records at all may be acceptable. What is not acceptable is
having a PTR record but no A record to return to the starting IP address. That
is classified as RFC-ignorance under the RFCs that govern DNS structures and
practices, not SMTP.

Why? Anyone who has control of the reverse mapping can insert any PTR record
indicating any domain name they want. However, only those who have control of
the forward mapping can return that name back to the starting IP address; DNS
hacking notwithstanding. Therefore, both lookups are performed (and needed)
for consistency purposes.

> My organisation is for example running a mailserver that does not have
> reverse DNS. The reason for this is that it is located in Africa and
> our upstream provider is less than professional and don't want to
> assign us the reverse DNS entry. The result is that our clients are not
> able to email any of AOL's customers. Furthermore we are not able to
> get our own block of IP's assigned by ARIN because we wont be able to
> fullfill the requirement of using x% of the assigned IP's within he
> first year etc etc. (I don't rememebr the exact percentage required at
> this moment) because we are not large enough yet. So when mailservers
> on the internet refuses to accept mail from us, they are ruining the
> chance for a small ISP, that gives competition to the big useless
> national ISP with incredibly lousy service, to exist in this particular
> african country. It is typical that people across the internet
> introduce these anti spam measures without thinking through the
> consequences.

Your ISP is going to need to change their practice. Without consistent forward
and reverse naming, we can't confirm that you are you via DNS.

In your case, you don't have any PTR record, so in the general sense, you
should be treated as an UNNAMED server. Apparently, AOL doesn't like the
unnamed.

> I would rather receive 10 spam mails than loose 1 genuine mail.
>
> I beleive that by not allowing mail from non-reverse-DNS clients and
> thus not conforming to standard is symptomatic of the arrogance of the
> big corporations and that it ruins the internet, pure and simple.
> Granted that spam also ruins the internet, but there are many other
> ways of dealing with that problem.
>
> Let me know what you think. Are they *really* not conforming to
> standard or is there some room for interpretation in the RFC?
> By descriminating which systems a particular server will receive mail
> from, are they conforming to standard or not? Does it say anywhere that
> descrimination is 'acceptable'?

Since many dial-up ports didn't [used to] have names and many new allocations
don't have names that have propagated through the DNS, while legitimate hosts
do, there is a presumption that a named host is going to be around a lot
longer.

Also, there's the point that having an A record will mean that a reply will be
deliverable (at least for the domain part). In that respect, an A record
(looked up first) that doesn't have a PTR back to it could likewise be an
indication of a forged host.

Re: reverse DNS not required by SMTP RFC2821

Philip Homburg wrote:

> You are complaining about the equivalent of a restaurant or a club
> enforcing a dress code. AOL has been rejecting mail based on the lack of
> reverse DNS for years. And it is not as if there is no alternative to AOL.

That's not really the point. I can decide not to use AOL. But if I'm
a business with thousands of customers on AOL, I can't ask them to switch.

I agree that not having reverse-DNS is sloppy. I don't agree that your
e-mail should be automatically banned just for that reason. It's one
indicator of a problem, but not enough for outright rejection, in my
opinion. It's often (usually?) the case that a small organization has
no control over its PTR records, and switching ISPs, especially in
developing countries, can be a major hassle.

Of course, as I indicated in another post, AOL is unlikely to change
its policies, so the cheapest solution for the original poster is to
get a machine with rDNS entries and use it for outgoing mail. In this
case, it's cheaper to switch than fight.

--
David.

Re: reverse DNS not required by SMTP RFC2821

In article ,
David F. Skoll wrote:
>Philip Homburg wrote:
>
>> You are complaining about the equivalent of a restaurant or a club
>> enforcing a dress code. AOL has been rejecting mail based on the lack of
>> reverse DNS for years. And it is not as if there is no alternative to AOL.
>
>That's not really the point. I can decide not to use AOL. But if I'm
>a business with thousands of customers on AOL, I can't ask them to switch.

If you have a business with thousands of customers on AOL then you
probably had reverse DNS in the past.

>I agree that not having reverse-DNS is sloppy. I don't agree that your
>e-mail should be automatically banned just for that reason. It's one
>indicator of a problem, but not enough for outright rejection, in my
>opinion.

I'm not going to use an ISP for e-mail unless they let me control the
filtering. (I want at least the ability to turn it off). But this is
up to the customers of AOL. You may not like it, but nobody is asking you.

>It's often (usually?) the case that a small organization has
>no control over its PTR records, and switching ISPs, especially in
>developing countries, can be a major hassle.

Well, if people really want to communicate with such an organization, they
can arrange for unfiltered e-mail addresses.

On the other hand, buying the products of sloppy ISPs keep them in
business.

>Of course, as I indicated in another post, AOL is unlikely to change
>its policies, so the cheapest solution for the original poster is to
>get a machine with rDNS entries and use it for outgoing mail. In this
>case, it's cheaper to switch than fight.

True. An if you want to send mail to verizon, having smarthosting in the US
is also a good idea.

I wonder how long it will take before ISPs will start offering mail exit
points in various countries to avoid overly general block lists.


--
That was it. Done. The faulty Monk was turned out into the desert where it
could believe what it liked, including the idea that it bad been done by.
It was allowed to keep its horse, since horses where so cheap to make.
-- Douglas Adams in Dirk Gently's Holistic Detective Agency

Re: reverse DNS not required by SMTP RFC2821

>You are complaining about the equivalent of a restaurant or a club
>enforcing a dress code. AOL has been rejecting mail based on the lack

Nope, it's the equivalent if the restaurant was racist.

>of reverse DNS for years. And it is not as if there is no alternative
to AOL. >Hotmail is just a few clicks away. Most sites in the US have
reverse DNS,

I don't have an alternative when my clients want to send mail to AOL
adresses through our server.

>probably because they want to be able to send mail to AOL. So most of
>AOL's customers are not really missing anything.

Their customers don't ge mail sent to them from many thirdworld (and
firstworld) mailservers..... so they *are* missing out.

>If you can't afford to 'dress' properly on the Internet, then that
will
>be detrimental to your Internet access. Reverse DNS is just a matter
of
>adding a couple of lines to a zone file. If your ISP is too cheap to
do that
>then it is reasonable to assume that they are also too cheap to have a
>proper abuse desk and anti-abuse mechanisms. So they should be blocked
>as a precaution.

I think that's a little shortsighted. rDNS may be simple where *you*
are from. Where *I* am located, our uplink provider is so useless they
won't configure it for us. Secondly, we are too small to get our own
/22 block of addresses, thirdly we don't have a choice in uplink
provider unless we go satellite but that's currently too expensive for
us (i.e. we don't yet have enough customers for that). So it's not just
a matter of bothering to configure it. This is just the attitude that
AOL has, and it is totally wrong.

Regards,
Tobias Skytte

Re: reverse DNS not required by SMTP RFC2821

Please see my response to Philim Homburg also.

Please also read the title of this topic!
I shall repeat it here for your convenience: " reverse DNS not required
by SMTP RFC2821"

ergo it is *not* sloppy oversightbecause it is *not* required.........

regards,
Tobias Skytte

Re: reverse DNS not required by SMTP RFC2821

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-29915-1109721844-0003
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

fivefive555@gmail.com writes:

> Please see my response to Philim Homburg also.

Why?

> Please also read the title of this topic!
> I shall repeat it here for your convenience: " reverse DNS not required
> by SMTP RFC2821"

So?

> ergo it is *not* sloppy oversightbecause it is *not* required.........

Correct. It is sloppy for other reasons.



--=_mimegpg-commodore.email-scan.com-29915-1109721844-0003
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBCJQL0x9p3GYHlUOIRAn86AJ99yK+UW606TDECRB5t4YUPDfGhLgCf QbiD
WlTjm0uFGcp983aX2WuObYE=
=Ms6O
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-29915-1109721844-0003--

Re: reverse DNS not required by SMTP RFC2821

fivefive555@gmail.com wrote in
news:1109717367.166525.147220@l41g2000cwc.googlegroups.com:

>...
> rDNS may be simple where
> *you* are from. Where *I* am located, our uplink provider is so
> useless they won't configure it for us. Secondly, we are too
> small to get our own /22 block of addresses, thirdly we don't
> have a choice in uplink provider unless we go satellite but
> that's currently too expensive for us (i.e. we don't yet have
> enough customers for that).

Fourthly, (explanation why you can't run your server on a colo box,
which can be rented with plenty of bandwidth for less than $100/mo,
goes here).

Re: reverse DNS not required by SMTP RFC2821

In article <1109717367.166525.147220@l41g2000cwc.googlegroups.com>,
wrote:
>>You are complaining about the equivalent of a restaurant or a club
>>enforcing a dress code. AOL has been rejecting mail based on the lack
>
>Nope, it's the equivalent if the restaurant was racist.

How is (lack of) reverse DNS related to skin color, religion, etc.?

We moving in the direction of Godwin; I wonder how long it will take...

>>of reverse DNS for years. And it is not as if there is no alternative
>to AOL. >Hotmail is just a few clicks away. Most sites in the US have
>reverse DNS,
>
>I don't have an alternative when my clients want to send mail to AOL
>adresses through our server.

So, who cares? Your clients should get themselves an ISP who can provide
reverse DNS when needed.

>>probably because they want to be able to send mail to AOL. So most of
>>AOL's customers are not really missing anything.
>
>Their customers don't ge mail sent to them from many thirdworld (and
>firstworld) mailservers..... so they *are* missing out.

So, you are talking about people living in the US who chose AOL as a
provider. What else do you expect? That McDonalds provides high quality
meals?

Anyhow, somebody who has something important to say can make sure that
he has reverse DNS. You can buy smarthosting, colocation, etc. everywhere.

>I think that's a little shortsighted. rDNS may be simple where *you*
>are from. Where *I* am located, our uplink provider is so useless they
>won't configure it for us. Secondly, we are too small to get our own
>/22 block of addresses, thirdly we don't have a choice in uplink
>provider unless we go satellite but that's currently too expensive for
>us (i.e. we don't yet have enough customers for that). So it's not just
>a matter of bothering to configure it. This is just the attitude that
>AOL has, and it is totally wrong.

You left out smarthosting or a colo.

Next ting you know, your upstream is in all kinds of blocklist due to an
abuse desk that does not function, etc. Getting your addresses from a
transit provider who can't be bothered to do reverse DNS is bound to
cause trouble.



--
That was it. Done. The faulty Monk was turned out into the desert where it
could believe what it liked, including the idea that it bad been done by.
It was allowed to keep its horse, since horses where so cheap to make.
-- Douglas Adams in Dirk Gently's Holistic Detective Agency

Re: reverse DNS not required by SMTP RFC2821

Philip Homburg wrote:

>>That's not really the point. I can decide not to use AOL. But if I'm
>>a business with thousands of customers on AOL, I can't ask them to switch.

> If you have a business with thousands of customers on AOL then you
> probably had reverse DNS in the past.

Maybe I never had e-mail before? And I used to correspond via FAX/Phone/Mail?

> I'm not going to use an ISP for e-mail unless they let me control the
> filtering. (I want at least the ability to turn it off). But this is
> up to the customers of AOL. You may not like it, but nobody is asking you.

I agree that AOL is within its rights to do as it pleases. I don't agree
that AOL *should* be within its rights to do as it pleases. I know this
is anathema to many, but once an ISP reaches a certain size, it becomes
like a common carrier and should be subject to regulation.

> On the other hand, buying the products of sloppy ISPs keep them in
> business.

In a lot of places, people don't have a choice.

Regards,

David.

Re: reverse DNS not required by SMTP RFC2821

In article ,
David F. Skoll wrote:
>Philip Homburg wrote:
>
>>>That's not really the point. I can decide not to use AOL. But if I'm
>>>a business with thousands of customers on AOL, I can't ask them to switch.
>
>> If you have a business with thousands of customers on AOL then you
>> probably had reverse DNS in the past.
>
>Maybe I never had e-mail before? And I used to correspond via FAX/Phone/Mail?

In that case you can simply continue corresponding via fax,phone,mail :-)

>> I'm not going to use an ISP for e-mail unless they let me control the
>> filtering. (I want at least the ability to turn it off). But this is
>> up to the customers of AOL. You may not like it, but nobody is asking you.
>
>I agree that AOL is within its rights to do as it pleases. I don't agree
>that AOL *should* be within its rights to do as it pleases. I know this
>is anathema to many, but once an ISP reaches a certain size, it becomes
>like a common carrier and should be subject to regulation.

It funny you should say that. The last time I looked at the Dutch
telecommunications law, it looked there was such a requirement. The problem
with that law is that is was written for telcos and now some parts of it
also apply to ISPs.

The interesting thing is: who gets to set the price for interconnection and
who gets to set the standards. I think that if AOL would say that they
willing to interconnect e-mail provided that you have proper reverse DNS
for your outging mail servers, then that would probably be within the
limits of that law.


--
That was it. Done. The faulty Monk was turned out into the desert where it
could believe what it liked, including the idea that it bad been done by.
It was allowed to keep its horse, since horses where so cheap to make.
-- Douglas Adams in Dirk Gently's Holistic Detective Agency