// you’re reading...

Email Industry

How Not to Run a Network

By MickC November 2, 2007 Email This Post Email This Post Print This Post Print This Post Post a comment

So, today I’m going through the motions of work. A lot of what I do, of course, is quite mindless. There’s some evaluation and some discretion involved, but really, it all starts to look the same after a while.

Then, I come across something new. It’s something that seems to say that we’ve been listed by Spamhaus! Seriously! Horrors! There will rioting in the streets. Dogs and cats will be sleeping together. That kind of thing. Only, not so much. Turns out that what I’ve found is a stupid recipient administrator.

Here’s the error message:

(Host blacklisted – Found on Realtime Black List server blocklist.address.is.wrong.spamhaus.org )

So, a quick search confirms my suspicion. This is a mail administrator who should have his or her license revoked.

Spamhaus used to get a ton of bad queries to things like ‘rbl.’, ‘bl.’, ’spl.’, so this is what they do:

;; QUESTION SECTION:
;1.2.3.4.rbl.spamhaus.org. IN A

;; ANSWER SECTION:
1.2.3.4.rbl.spamhaus.org. 172786 IN CNAME blocklist.address.is.wrong.spamhaus.org.
blocklist.address.is.wrong.spamhaus.org. 160960 IN A 127.0.0.2

;; QUESTION SECTION:
;1.2.3.4.rbl.spamhaus.org. IN TXT

;; ANSWER SECTION:
1.2.3.4.rbl.spamhaus.org. 172800 IN CNAME blocklist.address.is.wrong.spamhaus.org.
blocklist.address.is.wrong.spamhaus.org. 172800 IN TXT “SPAMHAUS BLOCKLIST ADDRESS IS WRONG MUST FIX”

Now, of course, this admin didn’t care to return the TXT record — they just wanted us to see that we were listed.

Ladies and gentlemen, this is NOT how you run a network. It only takes about a minute to discover zen.spamhaus.org. That’s a properly working zone that returns actual, good data.

And, while we’re on the subject, here’s another sign that you shouldn’t be running a network:

5.2.1 Mail from 10.0.0.3 refused: spam site

Since we’re not routing mail from reserved networks directly out to the Internet, you won’t see that IP address coming from our mail. That means that you are most likely blocking all mail coming from some server (probably your spam filter server) on your own network.

Dude, don’t block that. Fix it.

—————-
Now playing: The Fray – How to Save a Life
via FoxyTunes

Discussion

One comment for “How Not to Run a Network”

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

  1. And to think that some of us can’t fine work because we do theings the old way.

    Posted by Larry Sheldon | November 2, 2007, 9:47 pm
    Reply to this comment

Post a comment

Shameless Self-Promotion

Hire Me

Tag Cloud

Twitter Stream...

  • There are too many DNSBLs in the world. Headache inducing. 1 day ago
  • When naming new DNSBLs, please be considerate enough to see if the acronym is already in use. 1 day ago
  • Anyone know how many domains you would have to have to break even signing up for opensrs? 1 day ago
  • More updates...

Posting tweet...

Powered by Twitter Tools

In the Past…

Visitor Map

Get Adobe Flash playerPlugin by wpburn.com wordpress themes