Slashdot Mirror

← Back to Stories (view on slashdot.org)

Overcoming MAPS Reverse-Lookup Oppression?

Posted by Cliff on from the all-servers-do-not-have-proper-reverse-lookups dept.

ArghBlarg asks: "Imagine the following scenario: you're the volunteer admin for a small, non-profit site for a few local artists and musicians. You run your web site and SMTP server out of your laundry room, via cable broadband. The broadband provider doesn't mind, as you only get a few hits a day; you keep your system secure and were only rooted once, over 4 years ago (hey, it happens). Your site has never, ever (to your knowledge) relayed spam. On the whole you've been an exemplary netizen. One day, some email you send bounces because your ISP's entire netblock has been placed on the MAPS DUL. True, your server's IP isn't technically static (though it hasn't changed in 12 months); because your domain is embedded within the broadband provider's larger IP block, reverse lookups don't give your domain name, rather that of the provider (with a huge number prefixed as the hostname). Hence you're considered a rogue SMTP node and blocked by MAPS. I've emailed MAPS but they won't agree to whitelist me. I have a proper MX record for my SMTP server, under my domain name. What can I do? Is there any way to make my legitimate domain take precedence in reverse-lookups, so I don't show up as being part of a spam-friendly network?" "Please don't bother suggesting that I ask my provider to give me a static IP outside the affected block -- they won't, not without upgrading to a MUCH more expensive package which gives me no benefit for a small-traffic server like this.

What have you done to get your domain, running on a pseudo-static IP, out from under the thumb of the spam block lists? While I wholeheartedly support the efforts of the MAPS people and others like them to stamp out the vermin that are spammers, our domain has become collateral damage in the war!"

10 of 97 comments (clear)

  1. Well by The-Bus · · Score: 3, Insightful

    Why not run email and webhosting separately? Email could always be run through a provider (Flames Burn seems to be focusing on helping independent musicians). Yes, you're small and non-profit but I'm sure your time could be better used than dealing with hassles like these. Pay for the hosting, then spend your time on other stuff for this organization. From the looks of it, and the needs you have, this may be a simpler solution. Of course, I'm not supremely technically versed, and it sort of goes against the hacker mentality leaving this problem unsolved...

    That's my EUR 0.016414 anyways.

    --

    Small potatoes make the steak look bigger.

  2. Well DUH... by stienman · · Score: 3, Insightful

    Please don't bother suggesting that I ask my provider to give me a static IP outside the affected block -- they won't, not without upgrading to a MUCH more expensive package which gives me no benefit for a small-traffic server like this.

    Then you are stuck between a rock and a hard place. You are using a residential class line for business class use. MAPS is right to block residential lines because of all the zombie relay servers that virus writers are including in their payloads now.

    Either pay for a business class connection, or use the SMTP server your provider gives you.

    It's not the "open internet" that you'd like to see. Live within the limitations this simple, dumb network provides.

    Besides, do you honestly expect MAPS to whitelist a dynamic IP? MAPS is not the problem, PEBKAC.

    -Adam

    1. Re:Well DUH... by drsmithy · · Score: 4, Insightful
      The first is that this method of "spam prevention" provides pretty much no spam prevention whatsoever. Insofar as it provides any protection, it's from a small minority of unsecured open relays present in older operating systems, which happens to be an extremely specific bug and a very easy issue to deal with.

      It's not just open relays, it's also all those machines that have been taken over by trojans with built-in SMTP engines.

  3. These "services" suck by duffbeer703 · · Score: 4, Insightful

    I had to waste alot of time with ORBS because my company's upstream provider had a larger netblock that we were a part of blacklisted. The people I emailed were quite obnoxious and rude, despite the fact that our servers were secure and never relayed a thing.

    And for what? I still see a ton of spam, despite the fact that my ISP uses MAPS.

    --
    Conformity is the jailer of freedom and enemy of growth. -JFK
  4. cheap webspace host by TheSHAD0W · · Score: 2, Insightful

    Go sign up for an account with one of the inexpensive web hosts out there. For a few dollars per month you can point your web site's MX record thataway and run your email through their SMTP.

  5. Well, it looks like the consensus is... by rusty0101 · · Score: 5, Insightful

    ... that only large businesses should be allowed to run mail servers that can send e-mail.

    Glad to see so many people here who are interested in maintaining a free system.

    -Rusty

    --
    You never know...
  6. Re:Only corps should be free to run their own mail by SuiteSisterMary · · Score: 3, Insightful
    but I just feel that responsible people should be allowed to run whatever servers they want to.

    Absolutely NOBODY is preventing this guy from running whatever server he wants to.

    Some people are, however, exercising their own rights to refuse to accept communications from him, for a reason that may or may not be reasonable, valid, or useful.

    --
    Vintage computer games and RPG books available. Email me if you're interested.
  7. Re:Use SmartHost by Otto · · Score: 2, Insightful

    But then how the hell are hobbyists supposed to survive next to large commercial entities?

    The MAPS DUL is a list of IP's that are not supposed to be running mail servers, usually according to the people who actually own those IP addresses. Most dynamic IP's should be on it, as would any static IP's whose owners (the ISP who gives you your IP) told MAPS that yes, they are not supposed to run servers.

    Don't like it? Exercise your free market rights and buy your service from somebody else.

    In this life, if you want a thing, you pay for that thing. TANSTAAFL. There are providers who'll gladly sell you service and let you run mail servers all you like. And those won't be listed on the MAPS DUL because the ISP is who confirms which of their netblocks should go on the DUL.

    If you're running a mailserver on a connection that you have a contract that says you cannot do that, then I don't see that you have cause for bitching here.

    Oh, wait. I forgot. The Internet died a long time ago.

    The Internet did not die. It just ceased to be the sole domain of hobbyists and tinkerers and a bunch of bastards (spammers/scammers/other people in general) moved in. This is the expected reaction to those bastards.

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
  8. A full on mail hub is... by Otto · · Score: 2, Insightful

    What exactly constitutes a "full on mail hub" and someone "pretending to be a full on mail hub", and who are you to make that distinction?

    A full on mail hub is somebody running a mail server on a connection where they are contractually allowed to run a mail server on that connection.

    Nobody gets onto the MAPS DUL (dial up list) that easily. You have to be a netblock that has dynamic IP's (meaning that you can't receive mail anyway, as your IP could change) or has static IP's but has had your ISP confirm to MAPS that yes, your block is not allowed to run a mail server.

    You pay for what you get. If you pay for a service that says "no mail servers" and then go an run a mail server, well, you get your ass blocked. You're operating outside your contract already, you're got no real right to bitch about this one.

    Want to run a mail server? Buy your connection from someone that allows you to do so.

    The internet ain't free, bub. You pay for your connection. In many cases, you can pay less if you use that connection for less. This is standard market economics at work. Most people don't use their connections for everything they can squeeze out of them, and so they get a bargain from their supplier. By trying to get that bargain while exceeding those limitations (in this case, not running a mail server is likely *explicitly* stated in your contract with the ISP), you're essentially being a jackass.

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
    1. Re:A full on mail hub is... by ArghBlarg · · Score: 2, Insightful
      The internet ain't free, bub. You pay for your connection.


      With respect, I highly resent the above quip. I do pay for my connection -- up to 10MBps, no bandwidth limit. That was what I signed up for and I pay my bill faithfully.

      While I am running a mail server, I can guarantee you I use *far* less bandwidth than any of my neighbours who download pr0n and have their PCs infected with the worm-de-jour. We serve mostly static web pages, some MP3s of a few local indie bands and email for 5-6 accounts, each of which sends less than 10 messages per day. Surely that isn't more than I've paid for.

      Yes, it is in the newer contracts that you aren't supposed to run servers, but I was in fact never presented with a contract and have never been asked to sign one subsequently. One party cannot unilaterally change the terms of a contract. They are free to disconnect me if they have been, at any time, unhappy with what servers I run. No complaints from them so far (four years and running).



      --
      ERROR 144 - REBOOT ?