Overcoming MAPS Reverse-Lookup Oppression? 97
ArghBlarg asks: "Imagine the following scenario: you're the volunteer admin for a small, non-profit site for a few local artists and musicians. You run your web site and SMTP server out of your laundry room, via cable broadband. The broadband provider doesn't mind, as you only get a few hits a day; you keep your system secure and were only rooted once, over 4 years ago (hey, it happens). Your site has never, ever (to your knowledge) relayed spam. On the whole you've been an exemplary netizen. One day, some email you send bounces because your ISP's entire netblock has been placed on the MAPS DUL. True, your server's IP isn't technically static (though it hasn't changed in 12 months); because your domain is embedded within the broadband provider's larger IP block, reverse lookups don't give your domain name, rather that of the provider (with a huge number prefixed as the hostname). Hence you're considered a rogue SMTP node and blocked by MAPS. I've emailed MAPS but they won't agree to whitelist me. I have a proper MX record for my SMTP server, under my domain name. What can I do? Is there any way to make my legitimate domain take precedence in reverse-lookups, so I don't show up as being part of a spam-friendly network?"
"Please don't bother suggesting that I ask my provider to give me a static IP outside the affected block -- they won't, not without upgrading to a MUCH more expensive package which gives me no benefit for a small-traffic server like this.
What have you done to get your domain, running on a pseudo-static IP, out from under the thumb of the spam block lists? While I wholeheartedly support the efforts of the MAPS people and others like them to stamp out the vermin that are spammers, our domain has become collateral damage in the war!"
Talk to your provider.... (Score:2, Interesting)
If your ISP is unwilling to have their own netblocks removed from MAPS lists, then you need to consider a new ISP.
You have a few options (Score:3, Interesting)
2. Convince the people you wish to exchange mail with (who presumably want your mail) to either
a. Stop using MAPS
b. Stop using the DUL
c. Add your server to a local whitelist
Note that gaining control over your reverse DNS listing will not help; DUL is based on netblocks.
3. Get a better ISP. There are options out there that will do what you want, and not all are prohibitively expensive. If you ISP's options are, switch. I've been very happy with speakeasy. They are available to most of the US. If you get one of their very reasonably priced (multiple) static IP packages, you will not be on the DUL. What's better, they will set your reverse DNS to whatever you wish so long as you own the domain in question. Their TOS are also very nice, explicitly permitting you to run your own servers so long as you don't disrupt the network. (They do permit running spam, porn, and irc if it's part of a public irc network, as those tend to disrupt service more often than they don't.) Speakeasy is not the only option... there are other similar ones, but I haven't tried any of them.
4. (As others have said) Use a smarthost for your mail. Receive incoming mail on your own server but configure your outgoing mail to relay through your ISP's gateway. This is trivial with most MTAs. See your documentation for details.
5. Complain to your ISP, and tell them that you're willing to switch if they can't get you onto a netblock that isn't blacklisted. It might work. Their cost to acquire a new customer is relatively high, so they should be interested in accomodating you. Don't just go based on their written policy, though. Talk to a real person, preferably one who would feel the pain of lost revenue.
Re:Relay through ISP (Score:3, Interesting)
The best solution is probably to get your own server on a static IP and smarthost through that; since it's entirely under your control you know it's not going to get some handy config change which breaks your mail, nor is it likely to go away for hours on end while it's broken/fixed/upgraded without warning.
Comment removed (Score:5, Interesting)
Re:Well DUH... (Score:1, Interesting)
Or is this a "well, we sometimes get email from dynamic IP addresses that's spam therefore it's legitimate" argument? In which case, why are you bothering to receive SMTP at all? After all, 100% of emailed spam is sent via SMTP!
It's idiots like you that are breaking the Internet. Use systems that identify spam, not systems that are implemented for the sake of it.