Hi,
I know there are a _bunch_ of mail administrators out there on this list, and
we have worked very hard to create secure installations of qmail so that our
machines will not be abused for spamming. By blocking a mail server based on a
flawed test mail.com poses a threat to the Internet and (eventually) to MY mail
server. I propose that we lobby them to change their policy.
If YOU are concerned about this, I propose that you read the following form
letter and if you agree, cut-and-paste it into your favorite e-mail client and
send it off to mail.com. Or, write your own letter if you like.
If we can make them realize that people care about this problem, then we have a
good change of getting it fixed.
###
to: "mail.com abuse helpdesk" <[EMAIL PROTECTED]>
cc: "mail.com corporate address" <[EMAIL PROTECTED]>
>From reading the qmail discussion list ([EMAIL PROTECTED]) I have heard that
you blocked the 206.246.140.165 mail server from sending mail to your system
and explained the blocking in the following manner:
> From: "Mail.com Abuse" <[EMAIL PROTECTED]>
> Date: Tue, 31 Aug 1999 22:09:54 -0400
> To: Justin Bell <[EMAIL PROTECTED]>
> Subject: Re: blacklisted?
>
> Justin
>
> On Thu Jul 15, we received a high volume of traffic from 206.246.140.165
> (iq-ss5.iquest.net). Specifically, we got 472 messages in an hour. If you
> check http://maps.vix.com/tsi/new-rlytest.cgi?ADDR=iq-ss5.iquest.net you
> will see that this machine is an open relay. We therefore blocked it. If
> you secure this machine, we will be glad to unblock it.
I don't have any relation to this particular mail server or its administrator,
but I do have a problem with your policy. You have blocked this mail server
because you claim that it is an open relay when if fact it is not.
Test number seven on the http://maps.vix.com/tsi/new-rlytest.cgi (which you
cite as your reason for blocking this mail server) is fatally flawed. It only
tests to see if the test message to <relaytest%mail-abuse.org@[x.x.x.x]> is
accepted by the mail server. However, mail servers which have separate SMTP
listening processes such as Qmail and Postfix will accept e-mails of this sort
and bounce them once the delivery process starts delivering the mail.
The language of the warning even admits this where it says: "Uh oh, host
appeared to accept a message for relay. The host may reject this message
internally, however".
I have an interest in this matter because I have worked hard to secure my mail
server from unauthorized relaying in an effort to be a good steward on the
Internet and protect my machine from abuse. Companies like yours that
incorrectly assume a mail server is insecure based on a flawed test and block
access pose a threat to my business and the internet as a whole. I ask that you
review your open-relay evaluation policy and un-block any mail servers that you
have incorrectly blocked.
YOUR NAME HERE
###
- David Harris
Principal Engineer, DRH Internet Services
