Date: Mon, 7 Jun 2004 11:29:11 -0400 From: Bill Moran <wmoran@potentialtech.com> To: freebsd-questions@freebsd.org Subject: Re: ISPs blocking SMTP connections from dynamic IP address space Message-ID: <20040607112911.476b0578.wmoran@potentialtech.com> In-Reply-To: <200406071511.i57FB3Ol073942@adsl-68-76-19-75.dsl.klmzmi.ameritech.net> References: <20040607085739.352eba17.wmoran@potentialtech.com> <200406071511.i57FB3Ol073942@adsl-68-76-19-75.dsl.klmzmi.ameritech.net>
next in thread | previous in thread | raw e-mail | index | archive | help
"Lucas Holt" <Luke@FoolishGames.com> wrote: > Just make sure they are truly dynamic ips. Many people block ips identified > as "DSL" connections. Those are not necessarily dynamic ip based. It's wonderful that most ISPs haven't figured out how to play nicely with the rest of the world. I only block when I can verify that it IS a dhcp addy. There are also blocklists that specifically list verified dynamic IPs. It would be nice if all ISPs could agree on a convention that could be used to identify these machines. Such as using <uniquename>.dhcp.<domainname> so it could be easily filtered. > My mail > server runs on a business package dsl with 5 static ips. Not everyone can > afford T1/T3 connections. As for getting a "real mail server", that would > involve colo or getting a T1. Negative. If you have a static IP and are running a real MTA, you have a _real_ mail server. When I refer to servers that are NOT real mail servers, I mean mail software running on a dhcp IP (thus I can't set a policy for it based on its behaviour, because it moves around) or software such as mail-bomb software, spam bots, or malware. What you should do to get it noticed as such is get a PTR record that matches your forward DNS name. Sometimes this can be tough, as consumer-level DSL providers that provide DSL to businesses as well often don't _really_ understand how this works, or why it's even necessary. Just persist and it'll get handled. Complain that you're having trouble sending mail because their DNS is poorly set up and continue to push and they'll finally come around. Every time I've done this, it's been resolved eventually. Heck, you might even find that they'll be able to do it easily. -- Bill Moran Potential Technologies http://www.potentialtech.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040607112911.476b0578.wmoran>