On Thu, May 23, 2013 at 6:24 PM, Kristian Duus Østergaard <krist...@duus.com
> wrote:
> Hi,
>
Hi there!
I'll just start with noting that I come from a different school of MTA
administration than Matus Uhlar, so I've learned things differently.
>
> My smtp server is currently using identlookup and I think it is one
> reason that
> I don't receive a ton of Spam.
>
> Unfortunately some of my users receive mails from a domain that has a very
> short
> timeout and drops identlookups at the firewall, instead of rejecting them.
> This
> results in no mails coming through to my users from the domain in question
> and
> me getting asked how many other domains does this happen from. My own
> approximate count indicates that only 1.6% of the failing connections are
> from
> legit servers.
>
> So my questions are really :
> What is your experience with identlookups ?
>
Ident lookups have historically been associated with spamming, as a more or
less efficient way of identifying which addresses are valid and therefore
okay to send spam to. It has also been associated with targeted attacks
against specific accounts across protocols, e.g. for FTP, SSH etc.
Relying on ident lookups therefore is to rely on that most MTA admins open
up for ident lookups, such as Matus Uhlar obviously is doing. In my
experience, this is futile. Many legitimate email providers block ident
lookups.
> Should I stop using it on my server and risk more Spam ?
>
Those are two questions.
In my opinion, you should stop using it. This is not likely to be the last
time you experience problems with legitimate email related to
blocked/blackholed ident lookups. But only you can really answer which
balance of spam blocked vs. legitimate email received is best for your
service.
It would also depend a bit on volume, a high volume may result in a high
rate of ident lookups, which may be considered bad.
Whether you actually risk more spam by disabling this feature is an
unresolved question, as far as I can tell there are mostly opinions around;
I'm not aware of any thorough research on this in particular, but I could
of course be wrong. I often am.
> When you discover a problem with a server what do you do ?
>
That depends on whose server it is. If it is one of the big freemail
providers with no functional technical contact points (certain companies
whose names begin with G, M, and Y come to mind), then I typically will
inform the user that they're using such a dysfunctional service, and that
they must expect a certain degree of problems. If it is someone using a
certain firewall product with the initial 'B', likewise.
Otherwise, I may provide a slightly more technical explanation that can be
forwarded to the sending party's email administrator. This works in an
astonishing amount of cases, but still too few to make a real difference.
> Do any of you have automated scripts to inform the postmaster in the
> other
> end that you do have a server and it actually can respond ?
>
Nopes, automation for "information" to third parties in cases like these
may stand at risk for unnecessary backscattering, all depending on how well
the script catches the conceivable use cases.
> Does courier have any filtering function for this very special
> scenario ?
>
I don't.
>
> Sorry for the long rant..
>
That was not a rant. :)
--
Jan
------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
