Quoted below is a message from the RISKS mailing list.
Any comments by SMTP experts on this?
--- ---
Date: Thu, 24 Jan 2002 16:23:17 -0500
From: Jonathan Kamens <jik(_at_)kamens(_dot_)brookline(_dot_)ma(_dot_)us>
Subject: Spam prevention gone too far
I recently attempted to send E-mail to the author of a RISKS submission.
Since my DSL line was down when I sent the E-mail, and since outbound SMTP
connections are blocked from the dial-up accounts provided by my ISP, I had
to send my E-mail through my ISP's mail server. It bounced as follows (the
identify of the intended recipient has been masked):
<RECIPIENT(_at_)RECIPIENT-HOST>:
Connected to RECIPIENT-HOST-IP but sender was rejected.
Remote host said: 571 <jik(_at_)kamens(_dot_)brookline(_dot_)ma(_dot_)us>...
Return address jik(_at_)kamens(_dot_)brookline(_dot_)ma(_dot_)us does not match
sending computer mail11.speakeasy.net -- check your
configuration. http://www.RECIPIENT-HOST/mail/571_2.html
for details.
If you visit the URL referenced above, you discover that this site's system
administrators have decided to block all E-mail for which the host name in
the envelope address can't be matched up obviously (using a simple string
comparison) with the host name of the mail server sending the message. In
other words, if you have your own domain name, but you send E-mail through
your ISP's mail server, you simply can't send E-mail to this site.
Supposedly, they check their logs for such bounces "as we have time" and add
messages that should have gone through to an exception list, but who knows
when/if they'll ever get around to doing that in any particular case.
Furthermore, they provide no mechanism for contacting them by E-mail or Web
to ask to be excepted -- all they give on the Web page is a long-distance
telephone number.
Fortunately for me, or so I thought, I *do* send outbound mail through my
own mail server when my DSL line is up, and it was fixed yesterday, so I
decided to attempt to resend my message. It bounced again, with a different
error:
RECIPIENT(_at_)RECIPIENT-HOST
(reason: 550 We do not accept mail from the
spam-relay machine: jik-0.dsl.speakeasy.net..
http://www.RECIPIENT-HOST/mail/571_1.html for details.)
If you visit *that* URL, you see that they're claiming that my machine is a
spam relayer. It isn't and never has been. I've never sent spam and I
block all third-party relaying through my machine. I can't find an entry
for either my IP address or my subnet in any of the black-lists checked by
<URL:http://relays2.osirusoft.com/cgi-bin/rbcheck.cgi>.
Of course, they don't bother to say *why* they think my machine is a
spam-relay machine, so who knows where they got that charming idea? And, as
mentioned above, they don't provide any way to contact them on-line to
complain about it. For example, many sites which enforce restrictions this
draconian provide an address which is exempt from the restrictions to which
people can complain; the spammers don't ever bother complaining, so it
really isn't particularly burdensome to do this. Unless, of course, you
really don't care if people can't send legitimate E-mail to your site.
I understand the desire to block spam, but there are ways to do it which
don't also block legitimate E-mail, or at the very least which provide an
on-line mechanism people can use for getting themselves unblocked. This is
just really excessive; I would even go so far as to say that I question the
legitimacy of allowing RISKS submissions from people who make it impossible
for people to send them E-mail responses to their submissions.
jik