On 25/06/2010, at 12:47 PM, Nathan Ward wrote:
Of course, you should probably not be using port 25
for submission, or if your mail provider has RBLs running on their submission port then
something isn't quite right.
In this case it was 587, authenticated over SSL. See below as to why the RBLs.
Also, surely RBLs should be consulted to decide
whether to accept mail from an unauthenticated client, as opposed to you, who is
presumably an authenticated client.
Not sure I agree. Infected + authorised is a deadly combination if you assume the
authorisation always confers legitimacy. That would mean that a compromised host can send
with impunity one it authorises. It seems quite sensible for an email provider to protect
their systems from being abused by the compromised PCs of customers.
Not saying that AirNZ are doing it right, just saying
that your mail provider could likely be doing it better :-)
Though, to be honest, I'd be surprised if a more or less public connection like that
isn't listed in the XBL, given the number of random hosts that must come through it
spewing out garbage. Being able to rely on your end-user Internet connection not being in
a popular RBL is a thing of the past I think.
If the public connection is not actively managed, including receiving and responding to
notifications then yes I imagine it will quickly be listed. But if someone there is
paying attention then they should be able to pick on any listing and sort it out.
I've done that many times in the past and it is not complicated.
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 931 6977
mobile: +64 21 678840