[milters] Archive

Lists Index Date Thread Search

Article: 116
From: Sascha Vogt
Date: 2004-09-30 18:31:31 -0400
Subject: How to cope with big big big but braindead ISPs

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Hi Folks!

One of the biggest (aprox. 40% marketshare) ISPs in Austria is the Austrian 
Telekom.

Now this ISP, lets call them AON from now on, uses 12 dedicated 
SMTP-Servers to deliver mail of their dialup and DSL-customers. They are 
called email01... to email12.aon.at. Dont ask me why but if you dig for one 
of these hosts in DNS you will learn they are using RFC 1918 addresses for 
them and have no MX-Records defined.

For incoming traffic they have another one, called email.aon.at with a real 
IP-Address and of course the MX-Record of aon.at is pointing to that host.

So of course milter-sender refuses to accept mail from these 12 servers and 
gives them a nice errormessage explaining that they are violating RFC 3330 
and some other and therefore are f*cking loosers.

Wonderfull, really nice :-)

But...

40% Marketshare, are FOURTY PERCENT! Thousands of employes... A call-center 
with at least three levels to filter callers before they might get in touch 
with a person who might have heard something like RFCs exists...

And of course nobody would expect somebody to read the log-files of those 
12 servers...

And my users are moaning for mail of their beloved ones...

But being a real fan of Marks milters I wouldn't open some those options in 
milter-sender or generally white-list aon.at-users. Here's my way to handle 
such a braindead ISP.

Make entries for those hosts with RFC-1918 addresses in your local hosts 
file. Give them the IP of the inbound Server (email.aon.at)

195.3.96.71 email01.aon.at
.
.
195.3.96.71 email12.aon.at

Create /etc/mail/mailertable entries for each of them to...

email01.aon.at	esmtp:email.aon.at
.
.
email12.aon.at	esmtp:email.aon.at

Works!

Milter-Sender see's a valid IP for those hosts now and doesn't claim 
RFC-3330 violations any more and he asks email.aon.at to verify the 
senders. AND none of the filter-mechanisms had to be disabled for the rest 
of the world.

Great :-)

Sascha

Lists Index Date Thread Search