[linux-elitists] AOL says goodbye to AT&T/Comcast and residential mail spools

Andy Bastien lists+linux-elitists@yuggoth.net
Fri Apr 11 09:53:30 PDT 2003


We have reason to believe that on Thu Apr 10 Aaron Sherman wrote:
>
> AOL has instituted a new policy: TCP sessions established on port 25 to
> any of their MX hosts from systems that obtain their IP addresses
> dynamically (their term, I don't know exactly how they define it, since
> I'm not on any reputable, public dynip BLs that I can find) will be

Perhaps they are going to use the PDL? ( http://www.pan-am.ca/pdl ).
I believe a number of ISPs use it.  I know Earthlink does.  I use it
on my mail server through spfilter.  If you have a dynamic IP address,
use your ISP's mail server.  If you're not willing to do that, then
fork over a few dollars/month to get a static address.  If you have a
static address that is listed on the PDL, tell your ISP to complain
about it.

...
> I say "resemble" because the SMTP RFC is clear on their options at this
> point in a session (e.g. after the transport session has first been
> established):
> 
>    The SMTP protocol allows a server to formally reject a transaction
>    while still allowing the initial connection as follows: a 554
>    response MAY be given in the initial connection opening message
>    instead of the 220.  A server taking this approach MUST still wait
>    for the client to send a QUIT (see section 4.1.1.10) before closing
>    the connection and SHOULD respond to any intervening commands with

This is where the RFC breaks down.  Even if you aren't going to accept
the spam, the server may still be forced to receive the whole thing
because there are bulk mailers that ignore errors and just continue
sending.  The real problem is that there's an assumption in the RFC
that the server is talking to a client that also respects the RFC, and
spammers don't.  On the other end of the RFC abuse, there are many
spammers that do not issue a quit command after receiving an error,
but just drop the connection.  In either case, the spammers are the
ones at fault.  The collateral damage done to RFCs is unfortunate, but
if it weren't for the spammers it wouldn't be a problem.



More information about the linux-elitists mailing list