On 08/06/13 16:47, Martin Jansen wrote:
The mail server for ellisons.org.uk has been blacklisted by several
sites recently:
http://multirbl.valli.org/dnsbl-lookup/79.170.44.47.html. There is not
much we can do about that.
Martin, many thanks for this this feedback and link. Very informative
and I will take this issue up with my Hosting Provider separately.
However, out of curiosity I did the same query on my Google gmail server
(74.125.83.47) and got a similar number of hits (7 out of 30 instead of
10 out of 230). (I also checked a friend's hotmail account and its
server also had 10 out of 230 blacklistings). Since the php.net servers
aren't blacklisting gmail mailboxes, this would suggest to me that the
criteria "server X has been blacklisted by several sites recently" isn't
a sufficient explanation in its own right.
The problem that all such mail hosting services face is that there is
nothing to stop unscrupulous users registering for a mail account and
then breaching the T&Cs laid down by the hosting provider. Even if they
take remedial action and stop the problem, you point out there are 230
listing services, and some either don't accept unblock requests or
charge an unblock fee, so I can understand why . There are also two
quite separate issues:
(i) Has a mail hosting service been used to send spam? And in this
case all unauthenticated emails from that host should be suspect.
(ii) Has a given user mail domain been used to send (authenticated) spam?
So yes both mail47.extendcp.co.uk and mail-ee0-f47.google.com have been
used to send spam. But (to my knowledge) neither
[email protected] or terry at ellisons dot org do uk have been
compromised to the extent that php.net -- or any other site -- have
received authenticated email spam from either of these domains. Yet if
I or any other poster uses ellisons dot org do uk in the mail headers or
body, your current configuration rejects the email.
I can understand that the mail service might reject unauthenticated
emails from a suspect service. But why apply this to authenticated
emails, or to historic posts that pre-date the block?
I also realise that SPF-based authentication is weak, and that
DKIM-based authentication is strong. But if this is the case then we
should be transparent in our criteria and publish suitable guidelines on
the website, so that users can make informed choices.
Let's hope php.net doesn't start blacklisting gmail.com accounts
otherwise I and a lot of other contributors are going to have give up
contributing or move or mail accounts.
Regards
Terry
