On 2003.08.27, Mark Aufflick <[EMAIL PROTECTED]> wrote: > of course such a solution would can emails from people who use a > sendmail queue on their local linux or NT box for outbound, but have > their mail (and thus MX records) hosted elsewhere.
YES! Those damned people should be relaying their mail through a proper smarthost, damnit. They can have a local MTA running that relays through a smarthost (whose MX records point to) and that mailhost actually delivers mail to the outside world. Obviously, this would mean that the smarthost when receiving mail would need a whitelist of IPs to accept mail from (even if the From: address domain's MX records don't include the IP), just the same way as having a whitelist of IPs to allow mail relaying for (otherwise, you've created an open relay). > my home office is setup like that, and i'm sure a lot of small > businesses are... Whoever is providing you your bandwidth ought to be providing you a mailhost to relay through. Relay through them. Presumably, they also are the MX for your domain, so when your mail goes out to the rest of the world, your ISPs mailhost IP will match the MX for your domain in your From: header. > so as you point out, spammers could circumvent this, while it would be > affecting small users who aren't in a position to have M records > pointing at their changing cable ip addresses. MX records should point to real mail servers, not some whacked setup on someone's cable-modem connected machine. I'd much rather see all those small users be forced to do things The Right Way(tm) and TOTALLY eliminate spam the way I'm suggesting, rather than to continue to allow noobs to set up their own little MTA (probably as wide-open spam relays until they get spanked by someone for misconfiguring their MTA the first time out). The whole reason why spam is so damned pervasive today is because just about anyone can set up a mail server and deliver mail to anyone else without any kind of sanitation or control. It's the September that never ended. God damnit. Sorry for the angry and bitter tone, but I've had the argument of "whine whine, you're going to inconvenience all the little guys, wah wah wah" too many times now. The fact is, people should be pressuring ISPs to be more than bandwidth providers. Back when *I* was a kid, I had to walk uphill to school both ways in the snow with no shoes, and ISPs had to not only deliver a circuit that was up 24x7x365 but ALSO provide mail, USENET and other value-add services! Since when are we into paying more and getting less? I sure ain't. -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70) -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
