[RndTbl] blocklists (was: Grey-listing in effect on MUUG server)

Fri Nov 17 16:11:55 CST 2006

On 17 Nov, Tim Lavoie wrote:
> 
> Second defense: Outbound SMTP has to go through their server, not
> direct from random, unpatched Windows boxes which are always
> on-line.

And not direct from random fully secured linux firewall boxes I manage
which are not infected, never have been, and probably never will.

They could make a case for blocking OUTBOUND SMTP, but why on earth do
they need to block INBOUND SMTP!!!  That has nothing to do with spam.
That is a simple cash grab and screw-the-little-guy ploy to make someone
running a tiny super low-volume micro-business server pay the
exhorbitant static-IP address fees that, strangely, don't have SMTP
blocked at all.  Does that mean that people who have the dough to buy
static IP's are any better at admin'ing their systems and not becoming
bot zombies?

The more important point is: today they block outbound SMTP.  Then they
block inbound SMTP.  Tomorrow they block, what?  HTTP?  SSH?  P2P?  FTP?
VNC?  I don't know about you, but I don't want my ISP controlling what
traffic I can send.  Sure, penalize or drop me if I go over the
prescribed GB/month limits, but don't censor me.

Sure, you may love them blocking SMTP to limit the spam you get, but
what happens when they block a port that is important to you?  And I
called them on it and made a formal complaint and they didn't give a
rats ass.  The best they could do is suggest I spoof incoming SMTP by
using port 26 and a mail forwarder (which I had already done, but what a
pain).

> The end result of this multi-level defense is that an entire ISP has
> reduced the chance that its IP range is going to be clobbered by
> blocklists. 

It's like government.  Most functions should be pushed out to as low on
the chain as possible.  Aggregating functions up to the higher/highest
level is usually counterproductive and inefficient in the end.  In that
sense it is my firm belief it is the individual mail server admins, or
better yet the end users, who should have control over their anti-spam.

> reasonably assured that my out-bound email won't be blocked, or if

And you can be reasonably assured that their overloaded mail servers
will sometimes take hours to get your time-sensitive email out the
queue.  Shawmail often takes 12 hours+ to get mail through the
smarthost.  I'd much rather run my own mailserver, thank you.