Great Circle Associates List-Managers
(May 2001)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Spam Filters vs. Mailing Lists
From: Nick Simicich <njs @ scifi . squawk . com>
Date: Fri, 18 May 2001 14:30:01 -0400
To: "William Silvert" <wsilvert @ ipimar . pt>
Cc: "list-managers" <list-managers @ GreatCircle . COM>
In-reply-to: <00d101c0dfa8$6a579b80$99050a0a@silvert>

At 03:37 PM 5/18/2001 +0100, William Silvert wrote:
>I recently rejoined this list after an absence of several years because of
>my growing frustration with the problems caused by spam filters. I run about
>a dozen mailing lists in different sites, based on Majordomo, Listserv and
>Listproc, and find that I am wasting more and more time dealing with message
>rejection by automatic spam filters set up by hyperactive system
>administrators. I would like to initiate a discussion to see how widespread
>the problem is and if there is any way to deal with it.

I find this to be the second largest reason for mail bounces.  The largest
is full mailboxes.  IMHO, this is the largest cost of spam.  SMTP e-mail
used to be very reliable.  Now, because of spam, people have done many
things to e-mail systems which make them less reliable.  Unfortunately,
that is the way it is. It will probably continue to be this way, until and
unless a way is found to curtail spam at the source, by treaty or whatever.

>The sites I run all deal with science, so most of our subscribers are in
>academic or government research environments, often behind firewalls. A
>significant fraction of our subscribers have had to be deleted because the
>firewalls will not pass mail that has been through a mail server. The most
>common error message is "relaying denied" even when the server is properly
>configured to prevent spam relaying.

I'm assuming that you are saying that you are getting a "relaying denied"
message from the other end, even though your server is not actually
attempting to relay, just to deliver.  However, if you are using the server
to deliver your mailing list mail that you used to send this mail, the
problem may be different since that server is not set up correctly.  See
below.

>Usually these spam filters offer no recourse for rejected messages, that is,
>there is no address you can write to point out that there is a configuration
>problem. 

The typical sutuation is that you try to send a message to user@foo.org.
You might get a bounce from the server at foo.org, and you might get a
bounce from the server at bar.org.  In the former case, sending mail to
postmaster@foo.org is typically useless, as that mail will bounce as well.
The latter case might allow you to send mail to "postmaster@bar.org" and
that mail might be accepted and they might fix their servers.  

Now, there are a lot of misconfigurations out there, but there are some
legitimate situations which will cause intermittent mail bounces, such as
when someone changes ISPs and there is a lag in propigation of domain
information or the domain information does not get corrected for some time.

>Currently for example I am being mail-bombed by an automated filter
>that thinks I sent a virus-filled attachment in a message that contained no
>attachment at all, but warned about files containing Visual Basic Scripts
>that were circulating among our members.

I run all of the owner- mail through scripts that tries to deal with it and
only forwards it if it can't deal with it.  Then again, I don't send out
virus warnings at all, I leave that to virus professionals :-).  Actually,
since I run all my mail through demime, I treat "Subject:.*virus" like
"subscribe" ---  it gets bounced back to the originator and the originator
must click on a link in it to send it to an administrator (and the
automated message warns them about hoaxes and notes that my systems do not
distribute attachments and therefore cannot distribute viruses or such).

>The problem is not confined to mailing lists of course. The address from
>which I am sending this, which is a major Portuguese institution whose
>computer gateway is maintained by our national computer facility, is
>routinely blocked by servers in Denmark, France, Spain, the US, and
>Australia, which is a severe blow to scientific communication and
>cooperation. I think that it is time to take action.

If your mail servers are being blocked because they are used for spam or
because the mail servers are not set up correctly with reverse DNS and so
forth, you need to complain to your national computer facility's
administration.  If the mail servers are maintained as open relays, or if
the national computer facility either provides spam havens or is not
actively pursuing and expunging spammers from the user list, or they are
not set up correctly, you can expect the blocking to continue. 

Hmmm, I just checked the address you sent from based on the received lines.
 It does not have reverse DNS set up (there is no in-addr.arpa pointer, so
gethostbyaddr() will not work).   My servers won't accept direct e-mail
from your server either.  Tell the administrators of the major ipimar.pt to
get their act together and fix their configuration problems.  The problem
is at your end.

These days, many servers (as you have discovered) require that the sending
address actually resolve.  Some even require that the helo message be a
system name that exists.  

The in-addr arpa delegation for that address is held by rccn.net, so it is
not a ripe problem (as frequently reported on the postfix list).  rccn
could either delegate the 98.137.193.in-addr.arpa domain or set up a
nameserver for it, since they own 137.193.in-addr.arpa.  

If you are actually using a system which is supposed to be an outbound mail
gateway as a mail gateway you should insist that they fix this immediately,
and not provide excuses.  

>Dr. William Silvert
>Instituto de Investigação das Pescas e do Mar
>Departamento de Ambiente Aquático
>Avenida de Brasília, s/n
>1449-006 Lisboa, Portugal

--
Eat natto in the morning and nothing worse will happen to you for the rest of 
the day - http://scifi.squawk.com/natto.html
Nick Simicich mailto:njs@scifi.squawk.com
http://scifi.squawk.com/njs.html -- Stop by and Light Up The World!



References:
Indexed By Date Previous: Re: Spam Filters vs. Mailing Lists
From: Chuq Von Rospach <chuqui@plaidworks.com>
Next: Re: Spam Filters vs. Mailing Lists
From: "Bernie Cosell" <bernie@fantasyfarm.com>
Indexed By Thread Previous: Re: Spam Filters vs. Mailing Lists
From: "David W. Tamkin" <dattier@ripco.com>
Next: Fw: Spam Filters vs. Mailing Lists
From: "William Silvert" <wsilvert@ipimar.pt>

Google
 
Search Internet Search www.greatcircle.com