// you’re reading...

Email Industry

How Not to Run a Network

By November 2, 2007
copyright
 Email This Post Email This Post Print This Post Print This Post Post a comment

So, today I’m going through the motions of work. A lot of what I do, of course, is quite mindless. There’s some evaluation and some discretion involved, but really, it all starts to look the same after a while.

Then, I come across something new. It’s something that seems to say that we’ve been listed by Spamhaus! Seriously! Horrors! There will rioting in the streets. Dogs and cats will be sleeping together. That kind of thing. Only, not so much. Turns out that what I’ve found is a stupid recipient administrator.

Here’s the error message:

(Host blacklisted – Found on Realtime Black List server blocklist.address.is.wrong.spamhaus.org )

So, a quick search confirms my suspicion. This is a mail administrator who should have his or her license revoked.

Spamhaus used to get a ton of bad queries to things like ‘rbl.’, ‘bl.’, ‘spl.’, so this is what they do:

;; QUESTION SECTION:
;1.2.3.4.rbl.spamhaus.org. IN A

;; ANSWER SECTION:
1.2.3.4.rbl.spamhaus.org. 172786 IN CNAME blocklist.address.is.wrong.spamhaus.org.
blocklist.address.is.wrong.spamhaus.org. 160960 IN A 127.0.0.2

;; QUESTION SECTION:
;1.2.3.4.rbl.spamhaus.org. IN TXT

;; ANSWER SECTION:
1.2.3.4.rbl.spamhaus.org. 172800 IN CNAME blocklist.address.is.wrong.spamhaus.org.
blocklist.address.is.wrong.spamhaus.org. 172800 IN TXT “SPAMHAUS BLOCKLIST ADDRESS IS WRONG MUST FIX”

Now, of course, this admin didn’t care to return the TXT record — they just wanted us to see that we were listed.

Ladies and gentlemen, this is NOT how you run a network. It only takes about a minute to discover zen.spamhaus.org. That’s a properly working zone that returns actual, good data.

And, while we’re on the subject, here’s another sign that you shouldn’t be running a network:

5.2.1 Mail from 10.0.0.3 refused: spam site

Since we’re not routing mail from reserved networks directly out to the Internet, you won’t see that IP address coming from our mail. That means that you are most likely blocking all mail coming from some server (probably your spam filter server) on your own network.

Dude, don’t block that. Fix it.

—————-
Now playing: The Fray – How to Save a Life
via FoxyTunes

participate

Discussion

One comment for “How Not to Run a Network”

  1. And to think that some of us can’t fine work because we do theings the old way.

    Posted by Larry Sheldon | November 2, 2007, 9:47 pm
    Reply to this comment

Post a comment

podcast
advertise content

Tag Cloud

Twitter Stream...

  • Yesterday got 5 "notices" from @uscert_gov about "phish" identified by @apwg. Pretty sure that wouldn't come from servers in Europe, though. 3 weeks ago
  • When I say the message is deferred and is still in the queue, I don't mean that it's bounced and I just don't want to give you the error. 3 weeks ago
  • New blog post: 2012: The Year You Have To Grow Up http://t.co/xMzAAxjw 2012-01-05
  • Why do people unfriend on Facebook? #3 "Trying to sell me something", #5 "Lack of interaction" http://t.co/gUnmEQDh 2011-12-20
  • .@andrewkordek Big part of it is scheduled patients with "Oh, while I'm here let me ask you about this other thing"-itis. 2011-12-19
  • More updates...

Posting tweet...

Powered by Twitter Tools

In the Past…

Visitor Map

Get Adobe Flash playerPlugin by wpburn.com wordpress themes