Sites that block dynamic/dialups

People who run small sites such as my own may notice that some commercial
sites are now blocking SMTP connections from dynamic IP addresses. It is
for this reason that I am publishing a list of domains that require mail
delivery through ISPs. These sites have decided that they will only
accept mail from commercial IP addresses and not from 'consumer-class'
addresses. That's their decision to make, though I think it's a misguided
one that will further divide Internet among commercial lines.

The following domains do not accept mail transactions from dynamic IPs:
http://www.pc9.org/antidyn

You can use this list with postfix to generate an /etc/postfix/transport
file. This will allow you to continue direct mail delivery to all
domains, except for the ones indicated. For those domains mail can be
relayed through your ISP's server - smtp.example.com

In main.cf:
-----------
transport_maps = hash:/etc/postfix/transport

Load list:
----------
cat antidyn | sed 's/$/\t\tsmtp:[smtp.example.com]/' > transport
postmap /etc/postfix/transport

Enable:
-------
postfix reload


Feel free to send me more domains if you know that they refuse mail from
dynamic IPs. I'm sure I'll get lots of replies telling me "I should use
my ISP's mail server for all mail". This is more convenient (faster, more
reliable, efficient) so I will deliver mail myself thank you.

Others will point out that dynamic IPs are blocked because of spam/worms.
While it's true that much spam comes from dynamic IPs, there are even
better ways to block such abuse. If your goal is to block dynamic IPs,
then you use a dynamic blocklist. If your goal is to block spam/viruses,
use a DNSBL designed for that. They're in no short supply:

+ blackholes.easynet.nl
+ psbl.surriel.com
+ cbl.abuseat.org
+ relays.ordb.org
+ list.dsbl.org
+ sbl.spamhaus.org

--
Jem Berkes
http://www.sysdesign.ca/

On 17 Nov 2003 20:01:01 GMT, Jem Berkes <(E-Mail Removed)9__org> wrote:
>
>
> People who run small sites such as my own may notice that some commercial
> sites are now blocking SMTP connections from dynamic IP addresses. It is
> for this reason that I am publishing a list of domains that require mail

Good of you to do this, Jem.

But why do you have a problem with it? Won't this cut down on the
spam?

--
Alan C this post ends with w
q

Jem Berkes wrote:

> People who run small sites such as my own may notice that some commercial
> sites are now blocking SMTP connections from dynamic IP addresses.

How does it know if its dynamic or not? What about small sites on static
Ip's? Just that...

> The following domains do not accept mail transactions from dynamic IPs:
> http://www.pc9.org/antidyn

aol.com?

Just that... I've not noticed a problem sending mail to aol.com before.
And I last sent something a couple days ago.

Cya
Simon

In message <5iaub.4882$(E-Mail Removed). net>, Alan
Connor wrote:

> On 17 Nov 2003 20:01:01 GMT, Jem Berkes <(E-Mail Removed)9__org> wrote:
>>
>>
>> People who run small sites such as my own may notice that some commercial
>> sites are now blocking SMTP connections from dynamic IP addresses. It is
>> for this reason that I am publishing a list of domains that require mail
>
> Good of you to do this, Jem.
>
> But why do you have a problem with it? Won't this cut down on the
> spam?
>
Not by much and it will cause much inconvenience to those who prefer to run
their own dial-ups.

Or put it another way, one idiot spammer using my ISP's smart mailer causes
that mailer to get blocked for a short time by various trigger-happy RBL
sites and poorly configures sites that rely on them which causes large
numbers of people to be inconvenienced by one spammer. I run my own smtp
client and I take great pains to keep it free of mail relay problems and so
I can bypass these outages by just sending mail direct. I also know that
it's arrived whereas the ISP smarthost isn't always prompt.

Dave
--
mail: da (E-Mail Removed) (without the space)
http://www.llondel.org/
So many gadgets, so little time...

On Mon, 17 Nov 2003 22:21:15 +0000, Dave {Reply Address in.sig} <noone$$@llondel.org> wrote:
>
>
> In message <5iaub.4882$(E-Mail Removed). net>, Alan
> Connor wrote:
>
>> On 17 Nov 2003 20:01:01 GMT, Jem Berkes <(E-Mail Removed)9__org> wrote:
>>>
>>>
>>> People who run small sites such as my own may notice that some commercial
>>> sites are now blocking SMTP connections from dynamic IP addresses. It is
>>> for this reason that I am publishing a list of domains that require mail
>>
>> Good of you to do this, Jem.
>>
>> But why do you have a problem with it? Won't this cut down on the
>> spam?
>>
> Not by much and it will cause much inconvenience to those who prefer to run
> their own dial-ups.
>
> Or put it another way, one idiot spammer using my ISP's smart mailer causes
> that mailer to get blocked for a short time by various trigger-happy RBL
> sites and poorly configures sites that rely on them which causes large
> numbers of people to be inconvenienced by one spammer. I run my own smtp
> client and I take great pains to keep it free of mail relay problems and so
> I can bypass these outages by just sending mail direct. I also know that
> it's arrived whereas the ISP smarthost isn't always prompt.

What's a "smart mailer/host" ?

What's an "RBL site" ?

--
Alan C this post ends with w
q

On Mon, 17 Nov 2003 22:12:53 +0000, Simon Dean <(E-Mail Removed)> wrote:
> Jem Berkes wrote:
>
>> People who run small sites such as my own may notice that some commercial
>> sites are now blocking SMTP connections from dynamic IP addresses.
>
> How does it know if its dynamic or not? What about small sites on static
> Ip's? Just that...

Some misguided individual or group actually has a block list that includes
any IPs that they think reverse resolve to dsl or cable as "dialup
equivalent", without any verification from the ISP. This could
inadvertently block small businesses on dsl even if they have static IPs,
but nothing to squelch the flood of spam from nameless IPs.

The fact that my ISP (Ameritech end of SBC Yahoo) blocks "direct" mail
from their own dynamic users, prompted me to learn how to have sendmail
or postfix work as SMTP AUTH clients. But I use mailertable or transport
to only relay if the destination requires it.

--
David Efflandt - All spam ignored http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/

Jem Berkes wrote:
> People who run small sites such as my own may notice that some commercial
> sites are now blocking SMTP connections from dynamic IP addresses. It is
> for this reason that I am publishing a list of domains that require mail
> delivery through ISPs. These sites have decided that they will only
> accept mail from commercial IP addresses and not from 'consumer-class'
> addresses. That's their decision to make, though I think it's a misguided
> one that will further divide Internet among commercial lines.

[rant deleted]

> Others will point out that dynamic IPs are blocked because of spam/worms.
> While it's true that much spam comes from dynamic IPs, there are even
> better ways to block such abuse. If your goal is to block dynamic IPs,
> then you use a dynamic blocklist. If your goal is to block spam/viruses,
> use a DNSBL designed for that. They're in no short supply:

Please grow up. Spam/worms usually originate from individual users,
either directly or through infected machines. If a mail server is
blocked, it is normally the ISPs server, not the dynamic ip user! If you
ever should be responsible for an ISPs mailserver, you would know :-)

> Please grow up. Spam/worms usually originate from individual users,
> either directly or through infected machines. If a mail server is
> blocked, it is normally the ISPs server, not the dynamic ip user! If
> you ever should be responsible for an ISPs mailserver, you would know
> :-)

Have you seen the new spam/worms? There is one that even popups up a dialog
box and asks the user to enter their ISP's mail server address. And people
do it. Now the virus is coming through mail.isp.com.

Do you also realize how much spam comes from commercial connections? Take a
look at SPEWS.ORG and SPAMHAUS.ORG. These sites list huge commercial
netblocks that are known sources of spam.

Dynamic IP != spammer

You're going to find out very soon that the new strain of viruses are
coming through the ISP's 'legit' mail server. I keep getting swen worms
that are coming through ISPs' SMTP servers.

--
Jem Berkes
http://www.sysdesign.ca/

> The fact that my ISP (Ameritech end of SBC Yahoo) blocks "direct" mail
> from their own dynamic users, prompted me to learn how to have
> sendmail or postfix work as SMTP AUTH clients. But I use mailertable
> or transport to only relay if the destination requires it.

What's the domain involved? I can add it to my list.

--
Jem Berkes
http://www.sysdesign.ca/

On 18 Nov 2003 03:45:31 GMT, Jem Berkes <(E-Mail Removed)9__org> wrote:
>> The fact that my ISP (Ameritech end of SBC Yahoo) blocks "direct" mail
>> from their own dynamic users, prompted me to learn how to have
>> sendmail or postfix work as SMTP AUTH clients. But I use mailertable
>> or transport to only relay if the destination requires it.
>
> What's the domain involved? I can add it to my list.

Ameritech.net MX blocks direct mail from ameritech.net dynamic IPs (to
stop worms from spredding from within I guess), but they do not
necessarily block non-ameritech dynamic IPs (as evidenced by volume of my
Bulk mail folder). Not sure if that is just an ameritech thing or if it
is SBC wide.

> --
> Jem Berkes
> http://www.sysdesign.ca/

--
David Efflandt - All spam ignored http://www.de-srv.com/