Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Spam

Overcoming MAPS Reverse-Lookup Oppression? 97

Posted by Cliff
from the all-servers-do-not-have-proper-reverse-lookups dept.
ArghBlarg asks: "Imagine the following scenario: you're the volunteer admin for a small, non-profit site for a few local artists and musicians. You run your web site and SMTP server out of your laundry room, via cable broadband. The broadband provider doesn't mind, as you only get a few hits a day; you keep your system secure and were only rooted once, over 4 years ago (hey, it happens). Your site has never, ever (to your knowledge) relayed spam. On the whole you've been an exemplary netizen. One day, some email you send bounces because your ISP's entire netblock has been placed on the MAPS DUL. True, your server's IP isn't technically static (though it hasn't changed in 12 months); because your domain is embedded within the broadband provider's larger IP block, reverse lookups don't give your domain name, rather that of the provider (with a huge number prefixed as the hostname). Hence you're considered a rogue SMTP node and blocked by MAPS. I've emailed MAPS but they won't agree to whitelist me. I have a proper MX record for my SMTP server, under my domain name. What can I do? Is there any way to make my legitimate domain take precedence in reverse-lookups, so I don't show up as being part of a spam-friendly network?"
"Please don't bother suggesting that I ask my provider to give me a static IP outside the affected block -- they won't, not without upgrading to a MUCH more expensive package which gives me no benefit for a small-traffic server like this.

What have you done to get your domain, running on a pseudo-static IP, out from under the thumb of the spam block lists? While I wholeheartedly support the efforts of the MAPS people and others like them to stamp out the vermin that are spammers, our domain has become collateral damage in the war!"
This discussion has been archived. No new comments can be posted.

Overcoming MAPS Reverse-Lookup Oppression?

Comments Filter:
  • Relay through ISP (Score:5, Informative)

    by crow (16139) on Wednesday June 02, 2004 @11:49AM (#9316111) Homepage Journal
    You should configure your SMTP server to relay all mail through the ISP's SMTP server. Then people will receive the mail from the ISP, not from you, and presumably they won't be blacklisting the official SMTP server for the ISP (or else you have a bigger problem).
    • Re:Relay through ISP (Score:4, Informative)

      by Saganaga (167162) on Wednesday June 02, 2004 @12:08PM (#9316406) Homepage
      I second this recommendation. This is exactly what I do for my home email server (on Roadrunner cable) and my church's email server (on Onvoy DSL). Both email servers are using QMail.

      The only possible negative I see to relaying through your ISP's SMTP server is that it introduces another possible point of failure, but that seems to be an acceptable tradeoff.
      • Re:Relay through ISP (Score:3, Interesting)

        by Fweeky (41046)
        Plus you tend to loose things like TLS, and of course being a single node for all mail for an ISP can make them a little slow and unreliable.

        The best solution is probably to get your own server on a static IP and smarthost through that; since it's entirely under your control you know it's not going to get some handy config change which breaks your mail, nor is it likely to go away for hours on end while it's broken/fixed/upgraded without warning.
    • Re:Relay through ISP (Score:3, Informative)

      by jc42 (318812)
      It won't work. Around here, we get cable service through rcn.com, and my wife and I have email accounts with them. I don't use it much except for testing, but she uses it a lot. She uses her Mac Mail program, and it is configured to relay through smtp.rcn.com. Some weeks back, she found that email to aol.com addresses were bouncing. I found the raw source message, and it contained an explicit statement that all messages from rcn.com addresses were being rejected as spam.

      AOL has done this in the past,
      • I use RCN also, but haven't had problems sending to friends on AOL. I checked http://www.openrbl.org/ and found out that smtp.rcn.com is only on one block list, which is in australia. I suspect AOL just doesn't like RCN because they are a competing ISP, otherwise they would whitelist their mail server. Complain to AOL.


    • Doesn't always work. Some ISPs will not accept email from one domain routed through another domain's SMTP server... :(

      • Add all the MX records of your ISP's domain to your own MX records, but put them all at a much lower priority. I assume...

        • Add all the MX records of your ISP's domain to your own MX records, but put them all at a much lower priority. I assume...
          I would not recommend that. If your mail server goes down for any reason, your ISP's mail servers will begin receiving mail destined for your domain... and of course, bouncing them.
    • The problem is that it will not work if you use ant-spam software like milter-sender which connects to remote mail servers to make sure the email addresses are valid. In that situation you still have to be able to connect directly to the remote mail servers and not get denied because of MAPS DUN. I do not get quite a few email from some ISPs because they deny my connection to check the sender's address(because my roadrunner IP is listed in DUNS). of this issue but would never disable milter-sender becaus
    • A lot of times the ISP's SMTP server is configured to reject mails with return paths that don't match any of the ISP's served domains.

      And if your domain isn't the ISP's domain, you get a 5xx error when you do the MAIL FROM:youremailaddr

      If you change that email addr, you don't get the bounces.

      If you change your email address to one of the ISPs then you don't get to use your domain for email.

  • Move to a service provider who takes action against open relay SMTPs. Once enough people move from that provider they will eliminate their spam problem.
    • Some of the most anti-spam ISP's submitted their own dynamic ranges to the old MAPS DUL. Inclusion on dynamic or dial-up lists is only a sign that the ISP uses DHCP for it's customers. It is certainly not a sign that the ISP supports spammers.
  • I have had this happen on more than one occasion. I have *5* static IPs on a co-located server. Each time, I contact the ISP and they see to the removal of the netblock(s) that are listed on the MAPS lists.

    If your ISP is unwilling to have their own netblocks removed from MAPS lists, then you need to consider a new ISP.
    • Nah MAPs and other RBLs just suck. They don't really help reduce spam for the amount of false positives they generate.

      But if anybody really wants to use the black lists they should use them as _part_ of the antispam process. If a sending IP is on the list, you ALLOW the connection, but you weight the message on the more spammy side. That way if the message is not spam it still has a chance to vindicate itself.

      The popular method of 100% blocks is plain stupid and outdated.
  • Use SmartHost (Score:5, Informative)

    by FattMattP (86246) on Wednesday June 02, 2004 @11:58AM (#9316251) Homepage
    What can I do?
    Easy. You just need to configure your MTA to relay your outgoing mail through your ISPs SMTP server. In Sendmail this would look like the following in sendmail.mc

    define(`SMART_HOST',`smtp.myisp.com')dnl

    of course it'll be different if you're using another MTA. MAPS DUL (dialup up list) is doing what it's supposed to do. It's listing dynamic address ranges such as cable modems, DSL lines, and dialup numbers. A lot of spam can come from these so people choose to use them to block email that isn't coming from the ISPs mail servers.

    • But then how the hell are hobbyists supposed to survive next to large commercial entities?

      Oh, wait. I forgot. The Internet died a long time ago.

      *sigh*
      • Re:Use SmartHost (Score:3, Insightful)

        by Otto (17870)
        But then how the hell are hobbyists supposed to survive next to large commercial entities?

        The MAPS DUL is a list of IP's that are not supposed to be running mail servers, usually according to the people who actually own those IP addresses. Most dynamic IP's should be on it, as would any static IP's whose owners (the ISP who gives you your IP) told MAPS that yes, they are not supposed to run servers.

        Don't like it? Exercise your free market rights and buy your service from somebody else.

        In this life, if y
    • Re:Use SmartHost (Score:2, Informative)

      by pbrammer (526214)
      I second this motion. Cox even started blocking outbound port 25 traffic, so this is the only way my servers can send mail to the outside world. Works great.

      Postfix can be setup similarly in the postfix/transport file:
      my.domain :
      .my.domain :
      * smtp:outbound-relay.isp.domain
      The null entries for my.domain are so that internal mail doesn't go to outbound-relay.isp.domain.

      Phil
      • If your internal mail is handled by the same system, then you don't need a special transport for that. mydestination defaults to local(8).
        Use relayhost for the mail relaying part.

        This is a cleaner solution than the one you have right now
    • My business DSL from AT&T was getting selectively blocked, so I had to do the same thing.

      I run Exchange, so it was a little more work then your single line sendmail config :-)

      Here's a write up [christopherlewis.com].
      • Yes, MS Exchange is fun, isn't it. I had lots of fun getting Exchange 2000's Outlook Webaccess working with an Apache reverse proxy. I didn't want the hassle of trying to run an Exchange 'Front End' server in the DMZ, and trying to figure out which ports Exchange and Windows are going to demand to be able to communicate with, I decided I was just going to do a simple reverse proxy. With Exchange 5.5, this is no problem. Exchange 2000, on the other hand, wants to write or rewrite the FQDN into the reques
  • Well (Score:4, Insightful)

    by The-Bus (138060) on Wednesday June 02, 2004 @11:58AM (#9316266)
    Why not run email and webhosting separately? Email could always be run through a provider (Flames Burn [flamesburn.com] seems to be focusing on helping independent musicians). Yes, you're small and non-profit but I'm sure your time could be better used than dealing with hassles like these. Pay for the hosting, then spend your time on other stuff for this organization. From the looks of it, and the needs you have, this may be a simpler solution. Of course, I'm not supremely technically versed, and it sort of goes against the hacker mentality leaving this problem unsolved...

    That's my EUR 0.016414 anyways.
    • by Scaba (183684)

      On a similar note, you could get an inexpensive VDS. I use JVDS.net, whom I consider excellent, but there are others. My unaffiliated endorsement: With JVDS, $15 or $20 (FreeBSD or Linux - your choice) monthly gets you get root access, 3 GB disk and 64 Mb RAM, which will easily handle your web and mail server.

  • given that it's the ISP, or perhaps their upstream provider that owns the rights to those IP blocks, there's little to nothing that you yourself can do, other than complain to your ISP to get things done. As prevoius posters stated, perhaps you should find a more friendly ISP that cares about it's customers.
  • Life is full of disappointments. "End to end" is dead. You're going to have to suck it up and pay for commercial Internet connectivity in order to get out of the ghetto. Where I live, business-class cable connections start at around USD 175 per month. If you're lucky, your commercial ISP might even let you update the reverse DNS entries for your IP allocations.

    • $175 USD per month? Wow! I had heard that the U.S. was more expensive than Canada, I had no idea how much more expensive. We are about to move over to commercial ADSL which gives us a couple of static IPs, permission to run servers, etc. and will be paying much less than $60 Canadian (so $40 - $50 U.S. per month). We can get a similar package with cable modems, though it may be as much as $80. There are higher-end packages, of course, but even they top out around $150 per month for ADSL or cable. Of c
  • Well DUH... (Score:4, Insightful)

    by stienman (51024) <adavis AT ubasics DOT com> on Wednesday June 02, 2004 @11:59AM (#9316283) Homepage Journal
    Please don't bother suggesting that I ask my provider to give me a static IP outside the affected block -- they won't, not without upgrading to a MUCH more expensive package which gives me no benefit for a small-traffic server like this.

    Then you are stuck between a rock and a hard place. You are using a residential class line for business class use. MAPS is right to block residential lines because of all the zombie relay servers that virus writers are including in their payloads now.

    Either pay for a business class connection, or use the SMTP server your provider gives you.

    It's not the "open internet" that you'd like to see. Live within the limitations this simple, dumb network provides.

    Besides, do you honestly expect MAPS to whitelist a dynamic IP? MAPS is not the problem, PEBKAC.

    -Adam
    • MAPS does block my static IP from Earthlink, I don't think they care much which it is as long as the somewhat arbitrary "business line vs residential line" distinction you make (because, as we all know, only businesses send email) is upheld.

      Personally, my advice to the guy would be to ignore the issue. If people ask why there's a problem sending some email, tell them that some ISPs use a list to block incoming email from certain IP addresses that match certain criteria, and that unfortunately your IP addr

      • The real problem is that the email system was designed so completely open that spam cannot be stopped.

        You may have an earthlink static IP, but it's still within the earthlink netblock, and since the vast majority of earthlink users use the earthlink SMTP server, and do not keep their own PCs clean of zombie relays, then it is perfectly reasonable to block smtp transactions from that netblock.

        Or are you saying that the 0.1% of internet users who want (not need or require, but want) to send email from t
        • Re:Well DUH... (Score:5, Interesting)

          by squiggleslash (241428) on Wednesday June 02, 2004 @03:52PM (#9319035) Homepage Journal
          The "you must use the ISP's smarthost" thing has a number of consequences which you happily ignore by using the tired and frequently abused "It's only a small minority" argument.

          The first is that this method of "spam prevention" provides pretty much no spam prevention whatsoever. Insofar as it provides any protection, it's from a small minority of unsecured open relays present in older operating systems, which happens to be an extremely specific bug and a very easy issue to deal with.

          The second is that this method makes configurationless email impossible. You HAVE to configure your MTA to point at a specific smarthost. You HAVE to change this if you use a different ISP. And if you regularly use more than one ISP, then you have to reconfigure every time you connect.

          The third is that the "small minority" argument is bogus to begin with. Point at any activity on the Internet and you can claim it's a small minority. Slashdot, for instance, regularly causes problems for websites by linking to them. Only a "small minority" read Slashdot. Therefore it is legitimate to block Slashdot. You can work on it to any degree. The World Wide Web would never have gotten off the ground if the "small minority" people had decided to block it as a bandwidth waster from the beginning.

          The fourth is that hacks like this undermine the integrity of the email infrastructure. By frequently imposing arbitrary rules, you guarantee the failure of legitimate email. You force system administrators and end users to frequently make minor and unnecessary changes to the configuration of their systems.

          The fifth is that better anti-spam systems exist, but ISPs lack the will and desire to operate them. Blacklists are an easy way out, their proven ineffectiveness is testament to the stubborness and power-tripping of the groups that operate and subscribe to them. We have more spam on our systems now than ever before.

          Yes, SMTP email wasn't designed to cope with the spam phenominem, but this isn't helping. Solutions need to be sane, they need to block spam or spammers, and not block on an arbitrary "well, a spammer might use this" basis. There's been far too much support for things that do not work, it's time to switch to things that do.

          Oh, and I'm an expert. I do know what I'm talking about. I operate my own SMTP servers, wouldn't touch an ISP that doesn't let me, and thanks to that pretty much never receive spam (perhaps once per organization I've done business with at most.) We could eliminate spam tomorrow if ISPs had the guts to implement the systems needed. Unfortunately, they don't.

          • Re:Well DUH... (Score:5, Insightful)

            by drsmithy (35869) <drsmithy@gmailSLACKWARE.com minus distro> on Wednesday June 02, 2004 @10:42PM (#9322218)
            The first is that this method of "spam prevention" provides pretty much no spam prevention whatsoever. Insofar as it provides any protection, it's from a small minority of unsecured open relays present in older operating systems, which happens to be an extremely specific bug and a very easy issue to deal with.

            It's not just open relays, it's also all those machines that have been taken over by trojans with built-in SMTP engines.

          • If you use your own SMTP server, you get rational standard 3-digit error responses when (eg) the recipient's email is invalid, mailbox full, whatever.

            If you use a smarthost, the error response is wrapped up in a verbose email, so you have to implement automated handling, parsing, error code extraction, working out which email address it refer to, and all the rest.
          • The second is that this method makes configurationless email impossible. You HAVE to configure your MTA to point at a specific smarthost. You HAVE to change this if you use a different ISP. And if you regularly use more than one ISP, then you have to reconfigure every time you connect.

            If you're regularly connecting to different ISPs as often as that then the internet is apparently worth something to you. Which means that you should step up to the plate and either:

            1. Use a mail-provider service like Fu
      • by Anonymous Coward

        tell them that some ISPs use a list to block incoming email from certain IP addresses that match certain criteria, and that unfortunately your IP address matches that criteria. That puts the onus on the receiver of the email to either figure out a solution, or lose the customer who wanted to receive the email.

        Lemme get this straight. They're supposed to complain each time they don't receive an email. And they would know when this is happening exactly how?

        That's like taking class attendence by asking

        • Are you aware that there are methods of communication other than email?

          God help people today. The worst thing is, I bet half the people reading this are going "Well, duh! Of course! There's always text messaging!"

          • If you have to call to verify that somebody received an e-mail, then what is the point of e-mail? I don't have to call to verify that somebody received my postal mail, because postal mail is so close to 100% reliable that I can't even tell the difference. If I have to use another method of communication to verify e-mail, then I may as well just use that method of communication for the original message as well.
            • You don't call to verify if someone received an email. You call them when it's bounced back with "Email undeliverable: An over-enthusastic idiot configured the destination server". They then contact their ISP with words to the effect of "I can't receive this perfectly valid email because your idiot admin subscribed to a blacklist which, actually, isn't a black and white way of telling spam from non-spam and which simply relies upon lazy programming. Either stop using it, or unblock the people trying to emai
        • "They're supposed to complain...". Not bothered who complains. The receipients are just expected to lose business. If they don't notice they're losing business then good for them.

          Their competitors just get more customers if their competitors don't use ISPs which incorrectly use MAPS.

          At my office we have an antispam software that uses something like a MAPS list, and it blocks mail from DULs. I checked today and there were a few genuine requests for quotations and other important emails.

          Now that really suc
    • So are you saying that only businesses should be allowed to exchange email?

      I mean, presumably every casual internet user connects to the internet via some business, but still...
      • Or perhaps they are saying they should relay through the isp's smtp server. This is the best solution for this question, and thankfully is what appears to be a fp, and rated high.
        • Hmm.. are there any circumstances where the ISP wouldn't allow forwarding through their mail servers, though?

          Some of the suckier ISPs out there probably don't allow it... (except for a Sender matching the account's username@isp.com exactly, you know)
          • Apple's .Mac mail system will only allow messages with a .mac email address to send out. I would imagine that others are doing this as well.
      • So are you saying that only businesses should be allowed to exchange email?

        No, I'm saying that only business class internet connections are expected to be fully open and unblocked. Residential customers get what they pay for.

        When I wanted to overcome a similar problem myself (my ISP was free, but wouldn't forward email which had my domain's address instead of the ISPs) I simply made a port forwarder on my work machine which allowed me to use my work's SMTP server - the connection appeared to come fr
        • meh. fuck the audience.

          i was hoping for more of a "sad, but not entirely true! there's still hope! order now for your swedish internet enlarger! just visit www.undergroundinternet.com.biz.ecommerce for your trial subscription to the NEW INTERNET!" or something. you know.

          unfortunately, "realist" attitudes are strikingly popular nowadays. i am still fully tongue-in-cheek, and awaiting for my style of half-seriousness, half-mockery to come back in style. but, you're right, there are always a plethora of
    • I have a static IP from Demon intenet who have always permitted folk to run their own mail servers, which I do; and I have the same problem for some mail recipients.

      Business-class-service NOTHING!; its morons who use dont understand the stupid filtering they use and then can't get emails. So I don't buy ebay from them next time.

      I'm thinking of poor road runner users here who only have once choice of ISP; shame they are half cut off from the internet by their cheap-skate ISP.

      Demon internet give me a full
    • It's not the "open internet" that you'd like to see. Live within the limitations this simple, dumb network provides.
      Anyone else remember the days 20 years ago when it was considered rude to not allow relay through your SMTP server in case someone needed to bounce mail from your network.

      God I hate spammers

  • by darksmurf (190761) <smurf@liquidaffinity.com> on Wednesday June 02, 2004 @12:08PM (#9316404) Homepage
    You being on the DUL is a good thing. It means less spam from your entire netblock.

    This is where you learn to relay your outgoing mail through your upstream provider. You should of course continue to be the MX for your domain for all other purposes.

    I know other people have mentioned this, but seriously... No cable or DSL clients should be pretending to be a full-on mail hub. Just use the smtp resources of your upstream provider.
    • Is that what the Internet has become? Forget free speech and the ability to be an independant voice? It's not like that would even make an impact on spam, since most of it comes from China anyway. What exactly constitutes a "full on mail hub" and someone "pretending to be a full on mail hub", and who are you to make that distinction?
      • Look at it this way:

        * You route your outgoing IP traffic through your upstream provider.

        * You should also route your outgoing SNMP traffic through your upstream provider.

        Free Speech? You have *got* to be kidding me ;-)

        You don't think sending your outgoing traffic upstream negates your ability to be an independant voice, do you? This isn't about running your own mail or being an independant voice, it's about routing traffic. *routing traffic*

        This is basic networking-made-simple here.

        By "full on mail
      • by Otto (17870)
        What exactly constitutes a "full on mail hub" and someone "pretending to be a full on mail hub", and who are you to make that distinction?

        A full on mail hub is somebody running a mail server on a connection where they are contractually allowed to run a mail server on that connection.

        Nobody gets onto the MAPS DUL (dial up list) that easily. You have to be a netblock that has dynamic IP's (meaning that you can't receive mail anyway, as your IP could change) or has static IP's but has had your ISP confirm t
        • The internet ain't free, bub. You pay for your connection.

          With respect, I highly resent the above quip. I do pay for my connection -- up to 10MBps, no bandwidth limit. That was what I signed up for and I pay my bill faithfully.

          While I am running a mail server, I can guarantee you I use *far* less bandwidth than any of my neighbours who download pr0n and have their PCs infected with the worm-de-jour. We serve mostly static web pages, some MP3s of a few local indie bands and email for 5-6 accounts, each

          • Yes, it is in the newer contracts that you aren't supposed to run servers, but I was in fact never presented with a contract and have never been asked to sign one subsequently. One party cannot unilaterally change the terms of a contract. They are free to disconnect me if they have been, at any time, unhappy with what servers I run. No complaints from them so far (four years and running).

            Well, if they didn't tell you that you can't run servers, then you should be able to. So if your IP is on the MAPS DUL,
  • by duffbeer703 (177751) on Wednesday June 02, 2004 @12:16PM (#9316508)
    I had to waste alot of time with ORBS because my company's upstream provider had a larger netblock that we were a part of blacklisted. The people I emailed were quite obnoxious and rude, despite the fact that our servers were secure and never relayed a thing.

    And for what? I still see a ton of spam, despite the fact that my ISP uses MAPS.
    • I get 600 spams a month blocked by MAPS and ORBS. That's for what.
      • How did you know they're spam?

        Did you actually test MAPS/ORBS to see how accurate they are? Is your mailserver configured to do further processing on mails from IPs listed on MAPS/ORBS?

        At home I regularly get 100-200+ spams a day. Spambayes screens most of them with minimal false positives (there were a few false positives during the initial training period, zero since then - I'm still testing it ). Even my personal naive keyword filtering screened out plenty of spam with very minimal false positives.

        Dis
  • by TheSHAD0W (258774) on Wednesday June 02, 2004 @12:40PM (#9316842) Homepage
    Go sign up for an account with one of the inexpensive web hosts out there. For a few dollars per month you can point your web site's MX record thataway and run your email through their SMTP.
  • by dpilot (134227) on Wednesday June 02, 2004 @12:49PM (#9316953) Homepage Journal
    For a small (volume-dependent) fee DynDNS.org will relay outbound mail for you with the 'MailHop Outbound' service. They will also relay inbound mail to your server (on a high port, if need be because of your ISP) with 'MailHop Relay'.

    At this point, you'd probably want your DNS hosted through them, as well. On the plus side, this would give your domain a complete and consistent appearance, IP-wise. I believe at this point, you may even be able to add SPF records to your DNS entry as well. (Though I'm not sure if they do the correct thing outbound for SPF.)

    The whole shebang would probably still come to less than $100/yr.
    • by Morgon (27979)
      I use Dynu's Email Store/Forward [dynu.com] service for $20 a year.

      My ISP used to block incoming 25, and Dynu was my primary MX that could use ETRN to send to "alternate" ports, much like DynDNS.

      Now that my ISP has come to their senses and has allowed me to run a mail server, it makes a great inexpensive failsafe in case of routing or power outages.

      This is MUCH less than $100/yr :)
      • I was thinking of the $100/yr range for a complete, consistent Internet presence, not for the one service. I see Dynu charges $60/yr for a complete email presence.

        My other factor was that I just got burned with my old email forwarding provider, and wanted:
        1 - Someone more high-profile, less likely to go away or act weird. DynDNS.org has been around a LONG time.
        2 - My own domain, even if it's more expensive. Even if DynDNS.org were to go away or act weird, with a bit of effort I should be able to regain con
  • by petard (117521) * on Wednesday June 02, 2004 @12:53PM (#9317015) Homepage
    1. (You sound like you tried this one) Convince MAPS not to blacklist you. This is unlikely to happen if you're only in the DUL.

    2. Convince the people you wish to exchange mail with (who presumably want your mail) to either
    a. Stop using MAPS
    b. Stop using the DUL
    c. Add your server to a local whitelist

    Note that gaining control over your reverse DNS listing will not help; DUL is based on netblocks.

    3. Get a better ISP. There are options out there that will do what you want, and not all are prohibitively expensive. If you ISP's options are, switch. I've been very happy with speakeasy. They are available to most of the US. If you get one of their very reasonably priced (multiple) static IP packages, you will not be on the DUL. What's better, they will set your reverse DNS to whatever you wish so long as you own the domain in question. Their TOS are also very nice, explicitly permitting you to run your own servers so long as you don't disrupt the network. (They do permit running spam, porn, and irc if it's part of a public irc network, as those tend to disrupt service more often than they don't.) Speakeasy is not the only option... there are other similar ones, but I haven't tried any of them.

    4. (As others have said) Use a smarthost for your mail. Receive incoming mail on your own server but configure your outgoing mail to relay through your ISP's gateway. This is trivial with most MTAs. See your documentation for details.

    5. Complain to your ISP, and tell them that you're willing to switch if they can't get you onto a netblock that isn't blacklisted. It might work. Their cost to acquire a new customer is relatively high, so they should be interested in accomodating you. Don't just go based on their written policy, though. Talk to a real person, preferably one who would feel the pain of lost revenue.
  • by rusty0101 (565565) on Wednesday June 02, 2004 @12:56PM (#9317058) Homepage Journal
    ... that only large businesses should be allowed to run mail servers that can send e-mail.

    Glad to see so many people here who are interested in maintaining a free system.

    -Rusty
  • Even though it wouldn't work today, I'd recommend publishing the IP addresses that are allowed to send email for your domain with a SPF record see http://spf.pobox.com [pobox.com]. That will give email receivers enough information to override the blacklisting and effectively whitelist your domain.

    I don't use MAPS, but do blacklist residental Internet connections, so when people in your situation send me email (as the postmaster for a domain diluged with spam), I offer to whitelist them until I get SPF-based whitelis

  • by Passman (6129) on Wednesday June 02, 2004 @01:03PM (#9317138) Homepage Journal

    I can see you have been told the politically correct answer to this situation: "Suck it up, do it for the common good."

    But if you are a true American, one question has not yet been answered. What's in it for me? How can I get rich off of this? How do I make them pay?

    The answer is simple. Sue Em!

    Chances are if you are posting this, you reside within the United States. This makes things more difficult, but not impossible, we just have to be more clever. Our first direction we must look toward in this time of opportunity is toward The Courts. Unfortunately this course will not serve us well. Nothing MAPS does is inherently illegal. Even worse, they have developed a significant volume of caselog to show your average judge that they have a right to do what they do and you have no right to complain. So unless you happen to have a friendly state law or lawmaker in you back pocket (not likely for an indie band) the courts will not likely be of use to you.

    Luckily here in the grand old USA, the Courts aren't the only places to extract money from people you don't like. Are you or any of the band members from Canada or Mexico? Can your latino drummer fake a mexican accent? If so then you can demand compensation under Section 7 of the NAFTA Treaty, the expatriation clause. While normally this clause only applies to government regulation, there have been complaints brought forth against psudo-governmental entities (such as industry trade groups and sanctioning bodies) which you could argue the MAPS organization is one of. From there, it's up to them to prove the rules don't apply to them or else you get money. Nothing could be simpler.

    There you have it, a simple solution to your problem both short term and long term. Assuming that MAPS survives their major outflow of cash, you will now be able to afford professional internet connectivity free from MAPS blocking. If they don't survive, hey your free to send emails anyway and you get a tidy bundle of cash (a double victory).

    irrespectfully submitted, with tounge firmly in cheek
  • This isn't a DUL problem as such; it's a problem with it's users assuming that, since you're on the DUL, you must be a spammer, instead of just factoring that into some spam filtering heuristic.

    Just set up your MTA to use a smarthost for sites which deny mail from you; whether you do that for all hosts or just those which suck is up to you and the capabilities of your MTA. There's not really a lot more you can do; the DUL is doing precisely what it's designed for -- it's the users which are taking "sendin
  • For instance, FuitadNET offers a $5/mo package that includes DNS hosting, 3GB of Web Space, 25GB of bandwidth, and 100 e-mail addresses. You'll get better uptime than with a cable modem and shouldn't have to worry about MAPS or ORDB or whatever.
    • I have considered using a colo provider, and it will definitely be the next step if our traffic increases or I decide to actually charge money for the service, but for now I actually enjoy the hobby of keeping the system maintained physically in my home. Plus I can upgrade the drives/net card/whatever, whenever I want that way.

      As far as uptime goes, I must say Shaw cable has been incredibly good for the last two years or so (as in, less than a day total down per year). It's good enough for a 'hobby' server
  • So I contacted my ISP's [freedom2surf.net] technical support, and they added reverse lookup support as standard on all their packages. Its nice to know that there are companies that'll go that extra mile. Note that I am a home user on f2s's cheapest subscription, and it took less than 24 hours from my enquiry to full support.
  • Ah well, better to be on DUL blocks than have ISPs block port 25. That's coming next.

    You're just collateral damage in the "War on Spam". I am too. Until people start realizing the amount of false-positives that spam filters catch, the carpet bombing will continue and still catch One company stopped really quickly when they found the spam filtering lost some email orders.

    I'm surprised at how unsophisticated some SMTP servers are. They'll take my mail even when I have the wrong $HOSTNAME set. Yet if I

  • First one is free and isn't likely to happen: ask your ISP to add a reverse DNS record which matches your forward DNS mapping. They'll bitch and whine and say you technically have a dynamic IP and if you want a static to upgrade. Sucks.

    Second option: find out if your ISP will allow you to relay your email out through their mail servers. Many will, some won't.

    Third option costs $15/year but will work in all cases. Go to pobox.com and sign up for one of their life-time emails. Then configure your MTA to
  • If you don't want MAPS to hinder your mailability, well, just ignore them. MAPS is a pain in the ass for anyone with a [too-small-to-bribe-maps-admins]-sized e-business. You get MAPS bounces all the time for no apparent reason, they just hate everyone.

    The main problem is that sometimes, one man's spam is another man's treasure. I don't think it is up to a central authority to tell me what I can and can't read. I much prefer the client-side flavors of spam filtering, such as bayesian filters (of which a
  • by /dev/trash (182850) on Wednesday June 02, 2004 @05:58PM (#9320304) Homepage Journal
    they won't, not without upgrading to a MUCH more expensive package which gives me no benefit for a small-traffic server like this.

    It gives you a big benefit, you get to send email to people.
  • Who would want an address like this:

    joe.user@CPE000d42345c2g-CT014250031146.cpe.net. ca ble.mybroadba ndisp.com

    Short and to the point!

    -Pete
  • spamhaus blocks whole class B's
    This has hassled me to no end.
    They are cavalier about it and will not modify their mechanism to be more specific.

    In short they suck.
  • I'm currently POSTing this from a host whose IP has been banned from /. The only crime I committed was inheriting somebody else's cable modem IP (they're semi-dynamic, just as in the story). Sure, I've emailed banned@slashdot.org, but I can't say I'm surprised that they never replied.

    In the meanwhile, I browse /. through a proxy at my university, just as the submitter is told to relay SMTP. IP addresses are a horrible method of access control that is easily circumventable* and yet leads to false-positives.

Old programmers never die, they just branch to a new address.

Working...