[Novalug] Tangent - Re: Aggressive Spam Rejection with Postfix

David A. Cafaro dac@cafaro.net
Mon Mar 3 15:44:29 EST 2008


Actually, I have had similar experience in the past.

Though I have my own colocated server, the IP address I was given  
happened to once belong to a known spammer (who thankfully went out  
of business because of being blocked and loosing lawsuits).  Anyways,  
in the process of transitioning the IP address to a new owner it was  
necessary to briefly turn on the old email/dns servers of the spammer  
to allow an IANA confirmation email to go through to complete the  
sale.  Spamhaus detected those servers being on and immediately  
listed the entire IP range, without a single spam having been sent.   
To make this more fun I happened to be on vacation and this happened  
on a Friday afternoon (the listing going into effect).

Spamhaus has a habit of shoot first ask questions later.  And often  
the questions aren't asked till MUCH later (even after repeated  
emails).  Needless to say they eventually responded and by the  
beginning of the next week the IPs were off the list.  To deal with  
the delay my ISP was nice enough to issue me another temp IP address  
to move my mail service to while we waited for Spamhaus to get back  
from their weekend break.

Now, do I still use Spamhuas to block spam on my own server?  Yes.   
Why after that experience would I? 'cause if I don't it's a lot LOT  
worse.  It's a necessary evil.  Your screwed if you do and more  
screwed if you don't.  Most of the time I have not had problems, and  
none of my clients have complained about bounced emails not being  
delivered to them (most of them have multiple email accounts for  
their clients to contact them, just because their email junkies).

So, Roger is right, be careful and be forewarned.

-David


On Mar 3, 2008, at 3:27 PM, rogerb@bronord.com wrote:

> Spamhaus - All the talk about spam fighting bring me to this: many  
> major
> domains for my email correspondents appear to have blocked email  
> originating
> from the smtp server that is used by the webmail interface that I  
> am using at
> this very moment - maintained by servage.net. Curiously, the server  
> for my
> pop3 account is not blocked.
>
> Reviews of Spamhaus black lists, bounce messages, and  
> correspondence with my
> provider indicated that there may have been a spammer(s?) using the  
> server.
> The result of this is emails to friends at Eartlink, Verizon,  
> Comcast, at&t
> net, are bounced.
>
> My service provider claims they have corresponded with Spamhaus to  
> no avail, I
> tried myself and got no repsponse from Spamhaus. This makes me  
> doubt the
> goodness of their lists.
>
> The reason you are not getting spam may be that the dragnet is  
> overly tight
> and you might miss valid incoming email too. That's speculation on  
> my part.
>
> In my case, I'm locked into a contract and not about to move  
> because of this
> problem - at least not until the contract is up.
>
> I wonder if anyone has better info / insight into this.
>
> -- 
> Roger W. Broseus
>   Email: RogerB@bronord.com
>   Web Site: www.bronord.com
>
> _______________________________________________
> Novalug mailing list
> Novalug@calypso.tux.org
> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug

David A. Cafaro <dac@cafaro.net>
Cafaro's Ramblings:  www.cafaro.net






More information about the Novalug mailing list