[hashcash] Re: blacklist to Brown list conversion

Hi!
The topic is interesting, although I'm sure you could get better answers elsewhere. Mis-configured mail servers is a big problem, and might stay so. Leaving the software wrongly configured shouldn't be an option. In this case their mail server vendor quite easily could, but didn't, supply them with enough incentives to configure the mail server correctly. Getting punished (blacklisted) for ignorance without any hint beforehand is mean. Let's add hints. 

Suggestions for incentives:
each outgoing email adds a bottom line, saying: This email was sent using (mailserver name) --> free advertising, accepted by MSN/Yahoo users so nobody will get shocked, and and incentive to look into the configuration. When the user does a search for "This email" or other suitable substring, they arrive at the setting for "custom bottom line". Next step here is to make a guided tour from that setting (which is actually a "custom bottom line") to make sure you take care of the other settings. The last setting in this tour might be a well-hidden setting which gives the choice of "bottom-lines", so you can use the default software version text, no bottom line, or the custom bottom line.
Maybe some of this is useful for twopenny blue, if it comes non-configured after a "standard install"? 

/Simon Bohlin


Eric S. Johansson wrote:
one features that put into twopenny blue is a way of by passing blacklists. The reason this is important is because of what happened to a customer of mine.
A few days ago, they were put on the CBL blacklist. I help them with all the usual things in terms of checking for Trojans etc.. I put rules in the firewall to prevent anything except the mail servers from sending SMTP traffic outbound. But still, the problem persisted and they couldn't get unlisted until about an hour ago. In the meantime, they were severely hampered because they couldn't send e-mail to their customers.
What triggered this was a dedicated server for tracking produce orders. One of the vendor administrators blasted off about 20 or 30 test messages to his gmail account. Unfortunately, the MTA was configured to send localhost.localdomain as part of the helo sequence and, you guessed it, it triggered automatic blacklisting. We are burning the net in order to save it.
So, how can we prevent this kind of damage. How can one continue to operate while one is trying to stop the erroneous blacklist? there is a Brown list feature in twopenny blue but I would like to hear if folks have an idea for how to handle blacklist bypasses automatically without forcing folks to replace entire chunks of their infrastructure. 

---eric

Other related posts: