Am 21.10.2022 um 13:28 schrieb Gellner, Oliver via mailop:
On 21.10.22 08:03, Johannes Posel via mailop wrote:
Am 21.10.2022 um 04:01 schrieb Kai 'wusel' Siering via mailop
<mailto:mailop@mailop.org>:
I dont't talk about Reply-To; it's an irrelevant twist. The real world szenario is that
mailto:some...@t-online.de mails to mailto:i...@verein.de ("verein" means
association, club, …), verein.de does run it's own mailserver as it's cheaper than using
some SP for it. verein.de runs basically default settings – which usually are good –,
thus *not* blocking mails from @t-online.de, hence mailto:i...@verein.de receives the
mail and reponds to it. *BÄM* 554.
It would most probably not be a problem with verein.de, which most probably
runs a website, and thus already has an imprint stating their board, their
register number and court in addition to address and mail or telephone — as
they are required by law. That is the trouble with examples.
Verein would still be impacted because having an imprint alone doesn't help. A
mail operator of verein.de would still have to manually contact t-online.de to
have their MTA IP addresses added to their whitelist. A distributed system like
email does not work if everyone has to contact the operators of other MTAs over
an out of band channel first before being able to send a message.
Exactly... If there would be hundreds of big mailserver operators which
do it like Deutsche Telekom, email would be a big mess and nearly unusable.
They seem to have a big IP whitelist. They write on their postmaster
page that they don't do greylisting, SPF or DKIM.... That's why they
(currently) totally rely on IP whitelisting.
I had exactly this problem a few weeks ago.
Here is my story:
I moved my server to Hetzner, let the Hetzner Support open port 25 after
paying the invoice, and then I couldn't sent to t-online.de. I saw this
5 days later when an email bounced to the sender. Luckily this was not
an important email with a deadline or similar...
Because I knew they have a big IP whitelist, I contacted them with my
usual "begging-email", which contained my domains, old IP, new IP, my
name and so on.
Of cause I have proper reverse-DNS, abuse@ and postmaster@ are
monitored, SPF, DKIM and DMARC is working, outbound spam protection,
rate-limiting (in case an account gets hacked), everything perfect from
my side. I'm running my own private mailserver since >15 years.
They responded:
--------------------
Nachdem wir nur nachvollziehbar kommerziellen und vergleichbaren
Betreibern erlauben, sich mit unseren Mailservern zu verbinden,
verwenden Sie als/für Privatnutzer bitte ein SMTP-Relay bzw. Mailgateway
des Hosters oder ISPs, um E-Mails im Rahmen der vertraglichen Leistungen
vom Mailserver über dessen offizielles Mailgateway zu senden. Der
dortige Support ist Ihnen bei der Konfiguration sicherlich gerne
behilflich.
--------------------
Translated:
--------------------
Since we only allow comprehensible commercial and comparable
operators to connect to our mail servers,
as/for private users, please use an SMTP relay or mail gateway
of the hoster or ISP to receive e-mails within the scope of the
contractual services
from the mail server via its official mail gateway. The
support will certainly be happy to help you with the configuration.
help you with the configuration.
--------------------
I asked them a few questions, for example what "comprehensible
commercial and comparable operators" means. And that I will not use my
hosters relay, because a) Hetzner has no relay as far as I know, b) I
don't want to give my email content (and emails of my friends and
family) to Hetzner if I don't have to. GDPR+privacy and so on.
Answer from Telekom:
--------------------
eine kommerzielle oder vergleichbare Nutzung ist nicht erkennbar und
liegt laut Ihrer Beschreibung auch nicht vor. Vergleichbar wäre es erst
dann, wenn eine Konfiguration vorliegt, die sich nach den in unserer
"Postmaster-FAQ"(*) beschrieben Punkten richtet. Für
"(http(s)://)(mx1.)XXdomainXX.de" ist dies bisher noch nicht gegeben.
--------------------
Translated:
--------------------
A commercial or comparable use is not recognisable and does not
exist according to your description. It would only be comparable
if there was a configuration that followed the points described
in our "Postmaster-FAQ"(*). This is not yet the case for
"(http(s)://)(mx1.)XXdomainXX.de".
--------------------
An answer which didn't help at all, because I already had a small
imprint-website (just for Deutsche Telekom since a few years, without
them I wouldn't have a website on that domain) showing my name and email
address as a method to contact me. That was enough during the last 15 years.
I still didn't know what to do, so I asked again for details.
Two emails later they still didn't tell me what the exact problem was,
so I put my postal address on the website, maybe that helps. It didn't,
but I got this answer:
--------------------
Die Forderung einer Anbieterkennzeichnung impliziert eine kommerzielle
oder vergleichbare Nutzung. Sie müssten hierfür unter "XXdomainXX"
noch Kontaktdaten zur "schnellen" elektronischen Kontaktaufnahme(*)
hinzufügen.
(*) Das kann entweder eine telefonische Rufnummer oder alternativ
ein Kontaktformular sein, sofern die Reaktionszeit kurz sein sollte.
--------------------
Translated:
--------------------
The requirement of a provider identification implies a commercial
or comparable use. For this, you would have to provide under
"XXdomainXX" you would have to add contact details for "quick"
electronic contact(*) add.
(*) This can either be a telephone number or, alternatively a
contact form, if the response time should be short.
--------------------
Which means: I should put my private mobile phone number on that
website, or a contact form with short reaction time... WTF... Do they
measure the response time of a contact form?? How should I put a contact
form on a plain HTML webspace without activating and using PHP or
similar? What a hassle...
Because my limit was reached here, I wrote a last email to them,
summarizing my point of view, question their behaviour, and again
politely asked for whitelisting my IP address. Without a whitelist I
will of cause also block emails from t-online.de to my servers.
Without any more discussion another support guy whitelisted my IP.
Very strange...
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
