IWETHEY v. 0.3.0 | TODO
1,095 registered users | 1 active user | 1 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New And that has WHAT to do with the names?
Netblocks = names? C'mon. Pull the other one - it's got bells on.

If they were blocking a range of addresses, having your own dynamic address would do NOTHING.

You're reaching, here.

If it was reverse DNS matching that they were looking for, I couldn't send mail to them.

I can. I do. Without error. Without whitelisting. Reliably. Consistently. Forever.

Therefore, it's not reverse DNS matching.


Imric's Tips for Living
  • Paranoia Is a Survival Trait
  • Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
  • Even though everyone is out to get you, it doesn't matter unless you let them win.


Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.
 
 
New It's BOTH
C'mon.

You seem to be purposefully dense on this subject.

Think of this as a design pattern, where multiple things
have to be right in order to qualify as a success.

Just because it SOMETIMES works, and possibly ALMOST all
the time, does not make it it correct.

Mail servers do a couple of things. The recieve mail
for people that they serve locally. The forward mail
to other servers. Everything else is an outgrowth of
these 2 functions.

In pursuit of these 2 functions, they also LIMIT who they
will forward for. They do not want to open themselves up
to abuse for spammers, which means they will not forward
for people who are not their clients. If they do, they
quickly end up blackholed.

Another configuration option is to only trust other servers
in the case of inbound messages. That way they can ensure
that when a message enters the mailstream there is at least
a possibility of some accountability in the event it is spam.

Whether or not this configuration is turned on or off, and
the level of granularity that it acts upon is up the the person
who runs the mail server.

Some of the steps that the decision is based on are:
IS the system currently sending me mail:
1) blacklisted?
2) in somebody's DNS?
3) in the known end-user address ranges?
4) in somebody's DNS with an MX record?
5) currently sending me too many messages at once?
6) (the list goes on, you got the idea)

A "send only" system is not a mail server, it is a client.

You've setup a client. The client is "technically" capable of
acting as a server, but you've ignored the generally accepted
rules of what a server means when it has to play nice with other
servers.

Just because you've managed to connect to X amount of systems
in X amount of time and send X amount of messages means NOTHING.

It's like lying on your resume about have a degree. Sure, it
may work for a while, but sooner or later you'll get nailed.
It may not matter, or it may.

Either way you have no standing to say:

Hey, I got away with it for this long, no one else cared,
so you might as well give me a pass as well.


Which is essentially what you are doing when you nitpick on
pieces of the equation.

So please, accept that you are wrong and fix it. Or STFU
when you can't send an occasional message.
Expand Edited by broomberg Feb. 19, 2006, 12:45:04 PM EST
New I don't have just a client. Except if you claim EVERY
mailserver is a client.

I have a server. A sendmail server. It serves about 10 people as full scale accounts, as well as a mail forwarder for another 10 or so addresses. It recieves messages. It sends messages. It's a server, not just a client. If I wanted to, I COULD be a client to my ISP's mail server; I choose not to do that. I do NOT allow relaying. What I have is a SERVER. It performs ALL the functions you define for a mail server. Get it?

YOU say reverse dns prevented you from contact with AOL and Comcast. I was puzzled, as this has not been an issue for me.

And, BTW - And let me say it again - THE ONLY server that denies me is warhead. NOT AOL. NOT Comcast. NOT Earthlink. NOT ANYBODY but warhead. The domains you mentioned NEVER deny mail from me. Let me repeat, because it's not 'almost' never. It's NEVER. Except for warhead.

My mail address DOES have an MX record in register.com's DNS. However, it's an external DNS to my provider; check the IP address and it doesn't show up as the name(s) I use.

Telling me I'm being intentionally dense and to STFU on the subject when I'm asking legitimate questions isn't helpful, it's rude, and doesn't point at any particular knowledge. Hey - I'm not the only one that warhead denies, either.

Well - anyway, I know now that I won't get real answers from you, anyway. Certainly you've given me no useful data on whether I should consider setting up my own DNS server.

And yes, when one server out of the whole internet denies me, I don't consider it a reason to change my setup. You've given me no indication otherwise.

Imric's Tips for Living
  • Paranoia Is a Survival Trait
  • Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
  • Even though everyone is out to get you, it doesn't matter unless you let them win.


Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.
 
 
New OK. maybe I've both misunderstood and overreacted
On the other hand, that message was the 1st time I've seen all the pieces put together.

I was under the impression you had no MX records and you were not running an inbound server.


My mail address DOES have an MX record in register.com's DNS. However, it's an external DNS to my provider; check the IP address and it doesn't show up as the name(s) I use.


We've just hit into "who owns the block"? Who is the authoritative DNS server for the block?

In order to do a reverse DNS, you've got to start with that.

Who's name DOES show up when you do a reverse?

I seem to recall when my company does some complex DNS setups, dealing with other company's servers being dropped into our address space, we needed to setup some type of DNS delegate structure to allow it to work. Got nasty.

Let's get back to the email server conversation.

Your's connects to the other one.
Him: Who are you?
You: mail.whatever.net
Him: (does reverse DNS) - Liar! <breaks connection>

This is a perfectly reasonable response.
New Well - that's the way I understood warhead to work
Who's name DOES show up when you do a reverse?

The address that's returned is: dsl027-160-095.atl1.dsl.speakeasy.net. In an experiment, I set the MX for imrics.net to point to it (after setting sendmail to accept mail for it), so that's what's in the MX record right now. Once upon a time, though, I used to point it at imrics.net. I left the dsl027* address in place because it seemed more logical to me. Either way seemed to be effective.

And - thanks if you can give me any insight (or help in connecting to warhead) - as you know, I don't claim any big expertise in this stuff... All I have is my own experience to go by - and I don't do this stuff professionally.

Imric's Tips for Living
  • Paranoia Is a Survival Trait
  • Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
  • Even though everyone is out to get you, it doesn't matter unless you let them win.


Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.
 
 
New Is this a personal or business account?
And is the address a static or DHCP one?
New Personal -
Though one of the forwarders is professional. Speakeasy doesn't care, as long as you're not spamming or doing anything illegal. The address is static...

Imric's Tips for Living
  • Paranoia Is a Survival Trait
  • Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
  • Even though everyone is out to get you, it doesn't matter unless you let them win.


Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.
 
 
New You need to pay speakeasy more money to make it work.
I've got a business account with them.
One if the features of a business account is DNS setup.

Without the DNS setup, you CANNOT get a reverse DNS to work since no matter what you say at register.com, if the ISP does not delegate the addresses it is not the authoratative name server, which means no one knows to go to it for the address.

Bottom line: You work by accident. No matter how well, it is still an accident.

But: You may be able to kludge it. Some more.

Change your system name to match the reverse DNS entry. Give it a shot.
New No surprises.
I understand that a reverse isn't going to work. I don't think it COULD work for my setup. That's why I don't understand how it can be a common check for mailservers though. It isn't logical (to me anyway) that I can have no trouble with virtually all mailservers when reverse DNS won't work for me, if even a sizable percentage were using it.

Interesting idea about the system name though. Gonna try it.

Imric's Tips for Living
  • Paranoia Is a Survival Trait
  • Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
  • Even though everyone is out to get you, it doesn't matter unless you let them win.


Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.
 
 
     Mail servers? - (tuberculosis) - (66)
         no imap, bad monkey - (boxley) - (2)
             I think I wasn't clear on my use case. - (tuberculosis) - (1)
                 mailx is your friend, why teach an app mail when you can - (boxley)
         Look into courier for imap & squirrelmail for webmail -NT - (pwhysall) - (2)
             Aye - I use both - they work really well. - (imric)
             Seconded with a proviso. - (static)
         Here's what I do - (broomberg) - (59)
             I question the reverse DNS thing. - (imric) - (58)
                 Almost ALL DSL ISPs refused mine - (broomberg) - (14)
                     I send to both Comcast and AOL - (imric) - (13)
                         Can't answer that - (broomberg) - (12)
                             Karsten always bitched that he couldn't mail his mum... - (pwhysall) - (11)
                                 K - but that isn't a DNS issue... - (imric) - (10)
                                     Yeah, it was. - (pwhysall) - (9)
                                         And that has WHAT to do with the names? - (imric) - (8)
                                             It's BOTH - (broomberg) - (7)
                                                 I don't have just a client. Except if you claim EVERY - (imric) - (6)
                                                     OK. maybe I've both misunderstood and overreacted - (broomberg) - (5)
                                                         Well - that's the way I understood warhead to work - (imric) - (4)
                                                             Is this a personal or business account? - (broomberg) - (3)
                                                                 Personal - - (imric) - (2)
                                                                     You need to pay speakeasy more money to make it work. - (broomberg) - (1)
                                                                         No surprises. - (imric)
                 break down, haul yer ass uphill for dinner and beer - (boxley) - (42)
                     How can you help - (broomberg) - (41)
                         gotta get him drunk first - (boxley) - (40)
                             Since your shop SHOULD refuse his email... - (broomberg) - (39)
                                 naw, I whitelisted him :-) - (boxley)
                                 OT we need to back channel about yer bidness moydel - (boxley) - (6)
                                     Send contact info to biz account - (broomberg) - (5)
                                         two stupid for that - (boxley) - (4)
                                             This your work #? -NT - (broomberg)
                                             Does not work - (broomberg) - (2)
                                                 well if I could type and was not dyslexic - (boxley) - (1)
                                                     Can't go there right now - (broomberg)
                                 A bug in all systems? - (imric) - (30)
                                     He whitelisted you - (broomberg) - (29)
                                         Very possible. Very plausible. -NT - (imric)
                                         That is ... - (drewk) - (7)
                                             For *very* low values of "multi-week". - (CRConrad) - (3)
                                                 You finished? - (drewk) - (2)
                                                     Fsck, there was THAT much of it? - (CRConrad)
                                                     And that was IN flames. - (imric)
                                             Um. No. - (imric) - (2)
                                                 Oh come on, I was just poking CRC - (drewk) - (1)
                                                     And quite deservedly so. <shakes head/> -NT - (CRConrad)
                                         no sharing of whitelists, only black -NT - (boxley) - (19)
                                             *grumble* - (imric) - (18)
                                                 See what I mean? - (drewk) - (17)
                                                     *sigh* I suppose so. - (imric) - (16)
                                                         My variation on that - (drewk) - (14)
                                                             Our network admin was just bit by that - (imric) - (13)
                                                                 what exactly is the error you get? -NT - (boxley) - (12)
                                                                     I'll let you know after I see him - - (imric) - (11)
                                                                         oops replied to wrong post - (boxley) - (10)
                                                                             Here: - (imric) - (9)
                                                                                 Have you tried e-mailing Alaric? - (Another Scott) - (1)
                                                                                     Nah - I have a workaround. - (imric)
                                                                                 send an email to function01 at cigarboat.cox.net thx -NT - (boxley) - (6)
                                                                                     DIrectly? 1 min - have to reset sendmail to send directly. -NT - (imric) - (1)
                                                                                         let me know when, hasnt hit my mta yet -NT - (boxley)
                                                                                     Sent... - (imric) - (3)
                                                                                         clearly the issue - (boxley) - (2)
                                                                                             Now that's something I needed to know. - (imric) - (1)
                                                                                                 list handling itself is a whole nother topic - (boxley)
                                                         Put the needle on the record....skrrrpppt! - (folkert)

Ahead two thirds!
100 ms