> On 6. Aug 2017, at 19:45, Walter Alejandro Iglesias <w...@roquesor.com> wrote:
> Hi Niels,
>> On Sun, Aug 06, 2017 at 07:19:04PM +0200, Niels Kobschätzki wrote:
>>>> On 6. Aug 2017, at 18:40, Walter Alejandro Iglesias <w...@roquesor.com> 
>>>> wrote:
>>>> On Sun, Aug 06, 2017 at 06:02:25PM +0200, Jesper Wallin wrote:
>>>> Like Martijn pointed out, you're sending mail from a IP which is not
>>>> intended for mail-servers.
>>> This was my main question.  What is an "IP intended for mail-servers"?
>> The question should be "what are IPs **not** intended for mail-servers?"
>> The ranges of ISPs for home-users and the dsl-, cable-, whatever-connection 
>> are well-known and pretty much on all of the blacklists since the only thing 
>> you can usually expect from them is spam from botnets. Legitimate mails are 
>> rather rare from those ranges, thus they get blocked. 
> I cannot tell what happens in pratice, I've never run a big mail server.
> But the reasons that come to my mind someone wants to run their own
> server (at home or at a small enterprise) are opposed to what you state.
> Why would you want to send spam from the fixed IP you're paying for (in
> my case 5 euros mouth)?

I run a mail server-setup with an upper five-digit number of accounts. So it is 
not huge but quite some users and I have to deal with a lot of spam (incoming 
and outgoing from phished accounts for example). The thing is that I do not 
know which IPs an ISP dedicates for fixed IPs and which IPs are legitimately 
sent from mail servers and have probably responsible admins behind them. But I 
subscribe to blacklists that have for example the whole IP-range of Vodafone 
home-user IPs. And as I have written before: the chance is really low that from 
those ranges a legitimate mail is sent. It's more like 99% are sent via botnets 
from enslaved computers from those ranges. Thus "we" prefer to overblock in 
that case. 

> The question is still unanswered.  What determines those "ranges", who
> regulates that?

Blacklist-providers and Google and co have properly their own and the bigger 
setups rely on them. If I wouldn't have a blacklist for those IP-ranges, I 
would build such a list for myself because it cuts down spam a lot. Luckily 
other people did that already.  

>> To not get blocked by google and hotmail you need an IP from some
>> hosting-provider, university or something like this;
> Which is the procedure followed by those entities to get an IP in what
> you called the "authorized range"?  Authorized by who?

Get an ASN and ask the IANA, RIPE to provide you an IP. Or you get your server 
placed in a colocation who can you provide with an IP or rent a server or VPN 
from a hoster. 

>> and at least an SPF-, even better a DKIM-record.
> I had these at first and removed them after seeing they don't help.

Even if you have a "proper" IP you need an SPF-record for Google and hotmail. 
Otherwise you will run into problems (I am speaking from experience). 

>> And if you
>> ever send out mail, you maybe want a secondary IP for temporary
>> failover-cases if you land  temporarily on a black list.
> I have just two personal addresses.  I don't need that complication.  :-)

Yeah, most smaller mail servers don't need that. I do unfortunately :(


Reply via email to