[hashcash] Re: blacklist to Brown list conversion
- From: Simon Bohlin <sesam@xxxxxxxxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Mon, 15 Jan 2007 09:56:52 +0100
Hi!
The topic is interesting, although I'm sure you could get better answers
elsewhere.
Mis-configured mail servers is a big problem, and might stay so. Leaving
the software wrongly configured shouldn't be an option.
In this case their mail server vendor quite easily could, but didn't,
supply them with enough incentives to configure the mail server correctly.
Getting punished (blacklisted) for ignorance without any hint beforehand
is mean. Let's add hints.
Suggestions for incentives:
each outgoing email adds a bottom line, saying: This email was sent
using (mailserver name)
--> free advertising, accepted by MSN/Yahoo users so nobody will get
shocked, and and incentive to look into the configuration.
When the user does a search for "This email" or other suitable
substring, they arrive at the setting for "custom bottom line". Next
step here is to make a guided tour from that setting (which is actually
a "custom bottom line") to make sure you take care of the other
settings. The last setting in this tour might be a well-hidden setting
which gives the choice of "bottom-lines", so you can use the default
software version text, no bottom line, or the custom bottom line.
Maybe some of this is useful for twopenny blue, if it comes
non-configured after a "standard install"?
/Simon Bohlin
Eric S. Johansson wrote:
one features that put into twopenny blue is a way of by passing
blacklists. The reason this is important is because of what happened
to a customer of mine.
A few days ago, they were put on the CBL blacklist. I help them with
all the usual things in terms of checking for Trojans etc.. I put
rules in the firewall to prevent anything except the mail servers from
sending SMTP traffic outbound. But still, the problem persisted and
they couldn't get unlisted until about an hour ago. In the meantime,
they were severely hampered because they couldn't send e-mail to their
customers.
What triggered this was a dedicated server for tracking produce
orders. One of the vendor administrators blasted off about 20 or 30
test messages to his gmail account. Unfortunately, the MTA was
configured to send localhost.localdomain as part of the helo sequence
and, you guessed it, it triggered automatic blacklisting. We are
burning the net in order to save it.
So, how can we prevent this kind of damage. How can one continue to
operate while one is trying to stop the erroneous blacklist? there is
a Brown list feature in twopenny blue but I would like to hear if
folks have an idea for how to handle blacklist bypasses automatically
without forcing folks to replace entire chunks of their infrastructure.
---eric
Other related posts:
