complaints address
Status: Beta
Brought to you by:
waynemcdougall
Menu
▾
▴
#1 complaints address
Sometimes, a genuine sender gets mail blocked. They
get a message telling them why, but can't do anything
about it. Can an address be nominated that is never
blocked when used so they can complain to the
postmaster? E,g. "If your mail has been wrongfully
blocked, please send mail to
unblockme@mydomain.org to unblock it."
The ASSP perl proxy - also on SourceForge - collects
all addresses emailed by local users and automatically
whitelists them. I think this is a good idea too, as it
means my users can right the problem themselves.
Logged In: YES
user_id=660239
Can you provide more information on why a genuine sender
gets blocked? Was is based on a DNSBL? Which one? If it's
blocking valid senders, you should consider not using it (and
let us know which one it was, and perhaps the IP address it
blocked). You might also consider whitelisting the sender.
Whitelisting senders won't help in itself under the current
system, because DNSBL checks take place, and a decision to
block is made before we even know the sender. So it's a
major rewrite to allow for that.
I'd like to know more about these genuine cases before I
undertake a major rewrite.
The first issue I agree with. Would you envision the sender
being asked to resend the message to a 'safe' email address,
or would you envision them sending a blank email to a safe
address that triggers the unblocking of the email (which we
hold)? I'm strongly opposed to the latter because it means we
have to accept the email (to store it locally), using up
bandwidth and disk space. So I see using a pass-thru email
address sent back as part of the rejection message, rather
than accepting the message but putting it on hold pending an
unblock message.
I'd value your comments on my responses to both of your
requests.
Logged In: NO
wayne-> Can you provide more information on why a genuine
sender
gets blocked? Was is based on a DNSBL? Which one? If it's
blocking valid senders, you should consider not using it (and
let us know which one it was, and perhaps the IP address it
blocked). You might also consider whitelisting the sender.
neilx-> Yes. The only blocking of valid senders is by DNSBL.
Here are some that I have spotted:
2,05-05-03 11:05:50,"Block IP","213.81.152.25","mta-
in1.stonline.sk","blackholes.five-ten-sg.com","127.0.0.5"
2,07-05-03 14:35:42,"Block
IP","209.226.175.56","tomts12.bellnexxia.net","blackholes.five
-ten-sg.com","127.0.0.5"
2,07-05-03 15:26:53,"Block
IP","209.226.175.25","tomts5.bellnexxia.net","blackholes.five-
ten-sg.com","127.0.0.5"
2,07-05-03 15:51:34,"Block
IP","209.226.175.187","tomts24.bellnexxia.net","blackholes.fiv
e-ten-sg.com","127.0.0.5"
2,07-05-03 15:54:10,"Block
IP","209.226.175.35","tomts14.bellnexxia.net","blackholes.five
-ten-sg.com","127.0.0.5"
2,07-05-03 15:58:54,"Block
IP","209.226.175.40","tomts7.bellnexxia.net","blackholes.five-
ten-sg.com","127.0.0.5"
Hmmm. All with blackholes.five-ten-sg.com.
I have no idea whether these should be regarded as safe or
not, but several of our correspondents use them. i have
whitelisted stonline.sk and bellnexia.net
wayne-> Whitelisting senders won't help in itself under the
current
system, because DNSBL checks take place, and a decision
to
block is made before we even know the sender. So it's a
major rewrite to allow for that.
I'd like to know more about these genuine cases before I
undertake a major rewrite.
neilx-> Understood. A thought to ponder is that some people
are so paranoid that they don't want any mail blocked - just in
case. I had to abandon using DNSBL two years ago for this
reason, as well as many of our important clienst - is there
any other sort:-) - were unwittingly using blacklisted servers.
This is less so today, but still happens.
Maybe blocking could be done if more than one DNSBL
server thinks its an open relay? In the above examples, only
one DNSBL returned a dirty report. The others passed.
wayne-> The first issue I agree with. Would you envision the
sender
being asked to resend the message to a 'safe' email address,
or would you envision them sending a blank email to a safe
address that triggers the unblocking of the email (which we
hold)? I'm strongly opposed to the latter because it means we
have to accept the email (to store it locally), using up
bandwidth and disk space. So I see using a pass-thru email
address sent back as part of the rejection message, rather
than accepting the message but putting it on hold pending an
unblock message.
neilx-> Yes. A passthrough email address. I am considering
using a yahoo address for this and simply forwarding any mail
it receives directly to me - assuming Yahoo isn't blocked:-) -
for manual unblocking. This is temporary, of course, as I
would really prefer an address with my domain name.
While I am here, I have noticed that load-balancing of mail by
ISPs can sometimes result in fairly long delays as the same
message may come through on different ip addresses for
each retry. I am not sure how big a problem this is.
Long reply, but you did ask:-)
Regards
Neil
Logged In: YES
user_id=660239
1. Deciding what DNSBL to use is a matter of tuning, given
your location and correspondents. The sample you gave were
all blackholes.five-ten-sg.com but ALSO all responses of
127.0.0.5. If you check the DNSBL entry for blackholdes.five-
ten-sg.com, you will see that some response codes are
already set to be ignored - I found them to be too broad for
my use. I suggest you add 127.0.0.5 as an ignore code.
2. My thoughts on paranoid people not wanting to use DNSBL.
a) Unlike some systems Fluffy does not bin the message. The
original recipient does receive notice the message is blocked,.
In some ways this is a service: they may be unwarea that
they are listed, that their system has been compromised as
an open relay, that they are associated with a tainted ISP, or
that their email is blocked (without notice) elsewhere.
b) if people are that paranoid, maybe Fluffy is not appropriate.
c) When we add the pass-thru address, there will still be a
way for people to send their email.
But I suspect what you want to say is that you want Fluffy on
guard for some recipients but not others.
One way to achieve that is to turn on the Warn Only advanced
setting. Then the mail comes through but still tagged as Junk
Mail? in the subeject line. Suitable rules in mail software can
then move the messages into a folder, delete them or
whatever, based on user preferences.
The alternative is to allow for different treatment based on
receiver address (and handling the cases when mail is sent to
two recipients - one wants to use DNSBL, one doesn't) and
rewriting Fluffy to accomodate that (since the decision to
block based on DNSBL is made before we received the
intended recipient address. I'd really not go down that line
until people insist. :-)
3. Wanting multiple DNSBL hits isn't desirable. A lot of my
spam is only detected by one site. What would make sense is
to wait each DNSBL, and only block when the score exceeds
1. Then people can adjust their own weightings. But given
thje problem (so far) seems to be a single DNSBL, I'd like to
put this aside until I'm convinced of a genuine need.
What I do want to work on is options for updating the DNSBL
(or comparing to a standard) and discussions on good/bad
DNSBL so we can pool our experiences. That may help and
give direction on where to go. So I'd like to implement that
first.
4. Pass through address will be in version 0.5
5. Load-balancing. Yes I've noticed it. The mail does get
through, but it is an extra delay. What I will do in version 0.5
is improve the memory of connecting sites, so taht frequent
correspondents get a progressively reduced delay (as long as
they stay clean). So after a little learning, sites that regularly
send mail should come straight through.
There are other approaches, but I'd like to implement this
first. Of course, you can wildcard the source domain if you
recognise it and want to deal with it now.
6. Yes a long reply, but I really appreciate it. Your feedback is
extremely helpful.
Logged In: YES
user_id=660239
I've been in email communication with blackholes.five-ten-
sg.com.
They don't run their own open relay testing. They rely on the
results of monkey.com which is notorious for being too broad,
and difficult to get off.
My advice: remove blackholes.five-ten-sg.com from your list
of DNSBL servers
Logged In: YES
user_id=660239
Just to let you know I havwen't forgotten this request.
Fluffy as designed would decide whether to reject an
incoming email based on information when the connection was
first made. If it was to be blocked Fluffy wouldn't even open a
connection to a local SMTP server but just handle teh SMTP
conversation itself, blocking the email. So there was no
provision to decide, based on an email address destination
submitted in the course of the conversation to then connect
to the local SMTP server and deliver the mail.
I am in the process of rewriting Fluffy so this is possible and
verison 0.9 contains half the job. I will continue working on it,
but these features - complaints address and automatic
whitelisting may not be available until version 1.1.
Logged In: YES
user_id=431787
Looking forward to 1.1:-)
In the meantime, I have a yahoo address that I want to use
for complaints. This should get through OK. Is there an easy
place in the code or data files I could add a line to all rejects?
This is probably the last thing I need to have in place before
configuring Fluffy to reject rather than notify. My users will
then have the confidence that if their coresspondent uses a
blacklisted server, then there is a way to get through.
Logged In: YES
user_id=660239
OK, email can be rejected because
a) it is in a DNSBL server - you control the message
b) it triggers the antivirus scanning software
c) it contains a banned attachment type
d) the source IP has sent to a spam trap address
e) it is blacklisted - you control the message
f) it is a message broken into separate parts
Other than a) and e) the code is obvious. Anything
beginnning "550 " or "554 " is a blocking message.
As a quick hack, I'd change the code the formats the SMTP
response so it would read:
Function fmtsmtpresponse(ByVal a As String) As String
Dim code As String, b As String, i As Integer
Const maxlen = 510 ' per rfc 2821, not including crlf
code = Left(a, 3)
a = Trim(Mid(a, 5))
if left(code,1)="5" then a="Please resend your email to
unblockme@yahoo.com if your email has been blocked in
error. Your email was blocked for the following reason: " & a