Post #245,403
2/19/06 12:16:00 PM
|
And that has WHAT to do with the names?
Netblocks = names? C'mon. Pull the other one - it's got bells on.
If they were blocking a range of addresses, having your own dynamic address would do NOTHING.
You're reaching, here.
If it was reverse DNS matching that they were looking for, I couldn't send mail to them.
I can. I do. Without error. Without whitelisting. Reliably. Consistently. Forever.
Therefore, it's not reverse DNS matching.
Imric's Tips for Living
- Paranoia Is a Survival Trait
- Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
- Even though everyone is out to get you, it doesn't matter unless you let them win.
|
Nothing is as simple as it seems in the beginning, As hopeless as it seems in the middle, Or as finished as it seems in the end.
|
|
Post #245,404
2/19/06 12:42:35 PM
2/19/06 12:45:04 PM
|
It's BOTH
C'mon.
You seem to be purposefully dense on this subject.
Think of this as a design pattern, where multiple things have to be right in order to qualify as a success.
Just because it SOMETIMES works, and possibly ALMOST all the time, does not make it it correct.
Mail servers do a couple of things. The recieve mail for people that they serve locally. The forward mail to other servers. Everything else is an outgrowth of these 2 functions.
In pursuit of these 2 functions, they also LIMIT who they will forward for. They do not want to open themselves up to abuse for spammers, which means they will not forward for people who are not their clients. If they do, they quickly end up blackholed.
Another configuration option is to only trust other servers in the case of inbound messages. That way they can ensure that when a message enters the mailstream there is at least a possibility of some accountability in the event it is spam.
Whether or not this configuration is turned on or off, and the level of granularity that it acts upon is up the the person who runs the mail server.
Some of the steps that the decision is based on are: IS the system currently sending me mail: 1) blacklisted? 2) in somebody's DNS? 3) in the known end-user address ranges? 4) in somebody's DNS with an MX record? 5) currently sending me too many messages at once? 6) (the list goes on, you got the idea)
A "send only" system is not a mail server, it is a client.
You've setup a client. The client is "technically" capable of acting as a server, but you've ignored the generally accepted rules of what a server means when it has to play nice with other servers.
Just because you've managed to connect to X amount of systems in X amount of time and send X amount of messages means NOTHING.
It's like lying on your resume about have a degree. Sure, it may work for a while, but sooner or later you'll get nailed. It may not matter, or it may.
Either way you have no standing to say:
Hey, I got away with it for this long, no one else cared, so you might as well give me a pass as well.
Which is essentially what you are doing when you nitpick on pieces of the equation.
So please, accept that you are wrong and fix it. Or STFU when you can't send an occasional message.
Edited by broomberg
Feb. 19, 2006, 12:45:04 PM EST
|
Post #245,408
2/19/06 3:19:37 PM
|
I don't have just a client. Except if you claim EVERY
mailserver is a client.
I have a server. A sendmail server. It serves about 10 people as full scale accounts, as well as a mail forwarder for another 10 or so addresses. It recieves messages. It sends messages. It's a server, not just a client. If I wanted to, I COULD be a client to my ISP's mail server; I choose not to do that. I do NOT allow relaying. What I have is a SERVER. It performs ALL the functions you define for a mail server. Get it?
YOU say reverse dns prevented you from contact with AOL and Comcast. I was puzzled, as this has not been an issue for me.
And, BTW - And let me say it again - THE ONLY server that denies me is warhead. NOT AOL. NOT Comcast. NOT Earthlink. NOT ANYBODY but warhead. The domains you mentioned NEVER deny mail from me. Let me repeat, because it's not 'almost' never. It's NEVER. Except for warhead.
My mail address DOES have an MX record in register.com's DNS. However, it's an external DNS to my provider; check the IP address and it doesn't show up as the name(s) I use.
Telling me I'm being intentionally dense and to STFU on the subject when I'm asking legitimate questions isn't helpful, it's rude, and doesn't point at any particular knowledge. Hey - I'm not the only one that warhead denies, either.
Well - anyway, I know now that I won't get real answers from you, anyway. Certainly you've given me no useful data on whether I should consider setting up my own DNS server.
And yes, when one server out of the whole internet denies me, I don't consider it a reason to change my setup. You've given me no indication otherwise.
Imric's Tips for Living
- Paranoia Is a Survival Trait
- Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
- Even though everyone is out to get you, it doesn't matter unless you let them win.
|
Nothing is as simple as it seems in the beginning, As hopeless as it seems in the middle, Or as finished as it seems in the end.
|
|
Post #245,409
2/19/06 4:00:36 PM
|
OK. maybe I've both misunderstood and overreacted
On the other hand, that message was the 1st time I've seen all the pieces put together.
I was under the impression you had no MX records and you were not running an inbound server.
My mail address DOES have an MX record in register.com's DNS. However, it's an external DNS to my provider; check the IP address and it doesn't show up as the name(s) I use.
We've just hit into "who owns the block"? Who is the authoritative DNS server for the block?
In order to do a reverse DNS, you've got to start with that.
Who's name DOES show up when you do a reverse?
I seem to recall when my company does some complex DNS setups, dealing with other company's servers being dropped into our address space, we needed to setup some type of DNS delegate structure to allow it to work. Got nasty.
Let's get back to the email server conversation.
Your's connects to the other one. Him: Who are you? You: mail.whatever.net Him: (does reverse DNS) - Liar! <breaks connection>
This is a perfectly reasonable response.
|
Post #245,413
2/19/06 4:32:21 PM
|
Well - that's the way I understood warhead to work
Who's name DOES show up when you do a reverse?
The address that's returned is: dsl027-160-095.atl1.dsl.speakeasy.net. In an experiment, I set the MX for imrics.net to point to it (after setting sendmail to accept mail for it), so that's what's in the MX record right now. Once upon a time, though, I used to point it at imrics.net. I left the dsl027* address in place because it seemed more logical to me. Either way seemed to be effective.
And - thanks if you can give me any insight (or help in connecting to warhead) - as you know, I don't claim any big expertise in this stuff... All I have is my own experience to go by - and I don't do this stuff professionally.
Imric's Tips for Living
- Paranoia Is a Survival Trait
- Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
- Even though everyone is out to get you, it doesn't matter unless you let them win.
|
Nothing is as simple as it seems in the beginning, As hopeless as it seems in the middle, Or as finished as it seems in the end.
|
|
Post #245,415
2/19/06 4:46:11 PM
|
Is this a personal or business account?
And is the address a static or DHCP one?
|
Post #245,416
2/19/06 4:49:04 PM
|
Personal -
Though one of the forwarders is professional. Speakeasy doesn't care, as long as you're not spamming or doing anything illegal. The address is static...
Imric's Tips for Living
- Paranoia Is a Survival Trait
- Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
- Even though everyone is out to get you, it doesn't matter unless you let them win.
|
Nothing is as simple as it seems in the beginning, As hopeless as it seems in the middle, Or as finished as it seems in the end.
|
|
Post #245,418
2/19/06 5:02:39 PM
|
You need to pay speakeasy more money to make it work.
I've got a business account with them. One if the features of a business account is DNS setup.
Without the DNS setup, you CANNOT get a reverse DNS to work since no matter what you say at register.com, if the ISP does not delegate the addresses it is not the authoratative name server, which means no one knows to go to it for the address.
Bottom line: You work by accident. No matter how well, it is still an accident.
But: You may be able to kludge it. Some more.
Change your system name to match the reverse DNS entry. Give it a shot.
|
Post #245,421
2/19/06 5:43:12 PM
|
No surprises.
I understand that a reverse isn't going to work. I don't think it COULD work for my setup. That's why I don't understand how it can be a common check for mailservers though. It isn't logical (to me anyway) that I can have no trouble with virtually all mailservers when reverse DNS won't work for me, if even a sizable percentage were using it.
Interesting idea about the system name though. Gonna try it.
Imric's Tips for Living
- Paranoia Is a Survival Trait
- Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
- Even though everyone is out to get you, it doesn't matter unless you let them win.
|
Nothing is as simple as it seems in the beginning, As hopeless as it seems in the middle, Or as finished as it seems in the end.
|
|