Mark Martinec wrote:
Look at grey-listing as well. It should be useful if it can distinguish
between the user's MUA (or private MTA) and a bot.
MUAs generally don't cope well with greylisting, as they lack good
mechanisms for automatic retries - so I'm not sure that's a good advice.
greylist-milter exempts auth-smtp senders, obviously this is a Sendmail
thing, I don't know about other greylisting programs.
Why on earth not? You control T&C for your ISP and can change them. If
necessary you can keep existing charges for authenticated connections
and raise them for those who don't convert.
My english is not good enough to understand this sorry :p
T&C = terms and conditions. It's your call to set rules of the game.
Tell the clients that for a little effort on their part turning on
the SASL authentication and submitting through standard mail submission
ports, they will be gaining a better service with more reliable
acceptance rate by their recipients.
Here is another good incentive to use a mail submission service of
a domain matching their From address: they gain a valid DKIM signature
on their outgoing mail. For example: when using a gmail From address
it pays off to submit mail to google on port 587 - the message gains
a gmail signature. Sending directly from a home or small office machine
and using a gmail or yahoo From address is likely to be treated as
second-class mail by recipients (not trustworthy, likely to gain
some spam score points). The same (but in reverse) applies to outgoing
mail using your ISP's domain: it pays off to submit it to ISP's
mail submission service, this is the only way to gain its DKIM signature.
Increasing number of domains (like yahoo) treat mail with a valid
DKIM signature favourably.
Just keep in mind that he's in a guns-or-butter problem.
He's making guns now (network wide open, causing customer problems,
the upside is client configuration is simple) and he wants to make
butter (network tight, no customer problems, at the cost of increased
client configuration complexity)
During the time that he's transitioning from the guns to the butter
his network is doing both things - and so it has all of the bad
problems of the gunmaking, (spammers) plus all of the downsides of the
butter making (basically increased work to configure mail clients) yet
he is getting none of the benefits of either the gunmaking (he's no
longer getting easy client configuration) or the buttermaking (a
tight network)
It takes someone very strongly focused on the end result, who
believes in what they are doing, and who has the support of their
owners/upper managers, to make it through such a transition. And
there will be scars. They WILL lose customers. Of course, doing
nothing they lose customers too - but since the customer loss isn't
coming as a result of anyone doing anything, (but rather of people
failing to do something) it's hard for upper managers of the
pointy-haired type to levy blame, so people in those situations
tend to not get fired.
Sometimes companies will hire "sacrificial lambs" This is common
in government. For example a few years ago our local school district
needed to close some schools (political suicide for anyone) due
to declining enrollment, so they hired some $200K+ Harvard-educated,
resume-as-long-as-my-dick type to come
in and kick ass - and kick ass she did. She closed at least a
dozen schools down before the losers managed to band together and
toss her out. Of course, now the school district had the perfect
excuse to NOT reopen the schools (too expensive to restart them
because they had been closed for too long) and after the obligatory
public chest-beating and wailing about how we are so sorry that your kid
can't go to the school you went to 30 years ago when you were knee-high
to a grasshopper, a few years later the losing parents had completed
cycling their kids through the school system, and nowadays no parent
with kids in the system even remembers the names of any of the
closed schools, let alone where they were located.
If his management won't let him do what it takes, he might need
to hire a "sacrificial lamb" consulting firm, too.
Ted
