Bug 26744
| Summary: | Unable to send mail to FreeBSD.org from home and from work | ||
|---|---|---|---|
| Product: | Base System | Reporter: | Riccardo Torrini <riccardo> |
| Component: | misc | Assignee: | freebsd-advocacy (Nobody) <advocacy> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | 5.0-CURRENT | ||
| Hardware: | Any | ||
| OS: | Any | ||
|
Description
Riccardo Torrini
2001-04-21 13:20:01 UTC
State Changed From-To: open->closed This is an anti-spam measure which is in common use -- use your ISP's outbound mail server instead of sending mail directly. You will have problems with many other sites on the internet unless you do. Here's another question for the FAQ: HELP! I can't send e-mail from my newly installed FreeBSD system (AKA I can't send mail to freebsd.org) [Preamble] Note that this is NOT the RECIPIENT'S problem, this is a SENDER'S problem - ie: YOU. A cardinal rule on the Internet is that any mailserver is permitted to _not_ accept any mail for any reason whatsover. YOU do NOT have a right to TRANSMIT mail to anyone you choose. However, the RECIPIENT _always_ has the right to REJECT any mail they want to. Now that we got that straight, here's how YOU can fix YOUR server. [explanation] Unfortunately, the increased amount of spamming done on the Internet has forced most administrators running mailservers to take action to block spam, or mail messages that have a high probability of being spam. As a result of this, today most mailservers require ONE of the following at minimum to accept an incoming E-mail message: 1) The mail message must be originating from an IP number that is an "allowed set" of IP numbers. 2) The mail message must be originating from an IP number that is both forward and reverse resolvable in the DNS, and in addition those resolutions must be symmectrical. For example, a user has a FreeBSD system that is named "freebsd.example.org" and that is dialed into a dialup ISP using PPP. The FreeBSD system has an IP number assigned by the ISP of 155.4.3.5. For any arbitrary mailserver on the Internet to accept mail from the user's FreeBSD system, any Internet user MUST be able to issue the command "nslookup 155.4.3.5" and get the name "freebsd.example.org" and must ALSO be able to issue the command "nslookup freebsd.example.org" and get a response of the IP number 155.4.3.5 If they cannot do this, or if the first nslookup gets a name like "dialup-pool-5.myisp.example.org" and the second nslookup gets a response like "host not found", then you while you will be able to SEND mail, very few mailservers on the Internet will permit RECEPTION of your mail message. [answer] To get around this, assuming that your ISP's master mailserver is named "mail-myisp.example.org" what you need to do is modify the file /etc/mail/sendmail.cf and find the line: # "Smart" relay host (may be null) DS and modify the DS line as such: DSmail-myisp.example.org then force sendmail to reread it's config file with the command: kill -HUP `head -1 /etc/mail/sendmail.pid` This makes your mailserver spool all outgoing e-mail through your ISP's mailserver, which presumably will accept mail from you by use of rule #1 detailed above. (allowed IP numbers) If your ISP's mailserver is screwed for some reason, then find what is known as a "promiscious open relay" mailserver on the Internet and use that. (it's a poor substitute, since those systems generally get black-holed very quickly by ORBS and MAPS) Or, better yet, complain to your ISP, this is what your paying them for. Note that the FreeBSD mailserver that the freebsd-questions mailing list is running on is one of those Internet mailservers that follows the above rules. Modify http://www.freebsd.org/support.html as to the following: In the section mailing list archives at <A HREF="http://www.FreeBSD.org/">www.FreeBSD.org.</A></P> <P>The <A HREF="./conspectus/index.html">FreeBSD Conspectus</A> is a make the following addition mailing list archives at <A HREF="http://www.FreeBSD.org/">www.FreeBSD.org.</A></P> <P>NOTE that the mailing list listserver on freebsd.org has spamfilters applied, and you can NOT subscribe to it from an e-mail address that is on a mailserver that doesen't carry a proper reverse address record (PTR record) in the DNS. If your in this boat you have 4 choices. You may fix the DNS for your mailserver, you may reconfigure your mailserver to spool through your ISP's mailserver (which presumably has a proper reverse address record), you may subscribe to an account on Hotmail or other on-line mailservice, or you can change ISPs.</P> <P>The <A HREF="./conspectus/index.html">FreeBSD Conspectus</A> is a Hello, On Sun, Apr 22, 2001 at 01:30:02AM -0700, Ted Mittelstaedt wrote: > Here's another question for the FAQ: > > HELP! I can't send e-mail from my newly installed FreeBSD system > (AKA I can't send mail to freebsd.org) > > > [Preamble] > Note that this is NOT the RECIPIENT'S problem, this is a SENDER'S > problem - ie: YOU. A cardinal rule on the Internet is that any > mailserver is permitted to _not_ accept any mail for any reason whatsover. > YOU do NOT have a right to TRANSMIT mail to anyone you choose. However, > the RECIPIENT _always_ has the right to REJECT any mail they want to. > Now that we got that straight, here's how YOU can fix YOUR server. Ted, please. Don't shout. You are writing a FAQ entry right? You are trying to explain things to somebody who already has taken the trouble to check the FAQ, although nobody could possibly have told him that on any FreeBSD list, since his mails would never get through, not even to -questions, which is plain stupid BTW. How are you supposed to DTRT and ask if your mail is rejected? But this is another topic. Additionally, I really would like to see this preamble go. It simply smacks of "I have my gun and I own this house and I can do whatever the hell I want in it." This my be a popular line in some peoples' minds, but I would certainly not like it to see propagate and spread as something that should be followed. While it may be argued that you can do things to your machine, but a machine that hosts mailing lists, esp one for an OpenSource project that (notwithstanding Wes's comments to the contrary and his appreciation for the "Line up or Get lost!" approach taken by OpenBSD) actually cares about acceptance and is dependent on the people outta there, is not entirely yours and yours only anymore. You have volunteered to open it up, this brings responsibilities with it. This is not to make you happy, but to make the others happy. Sorry, that's the way it is. It especially resonates funny with the "The Power to Serve" slogen of the whole project. Who on earth are we serving then? This has nothing to do with blocking spam, this is just a general remark. Just as an aside, this alleged spam protection does not help much: The most spam I receive comes through the FreeBSD lists. And this, although my real email address is available in many public list archives on the web... it seems that spammers do have enough open relays at their disposal that match all of your criteria. Sigh. > [explanation] > Unfortunately, the increased amount of spamming done on the Internet > has forced most administrators running mailservers to take action to > block spam, or mail messages that have a high probability of being spam. Much better. <...snip...> > If your ISP's mailserver is screwed for some reason, then find what is known > as > a "promiscious open relay" mailserver on the Internet and use that. (it's a > poor substitute, since those systems generally get black-holed very quickly > by > ORBS and MAPS) Or, better yet, complain to your ISP, this is what your > paying them > for. Yeah. And if you are not paying them (like most university students here) and they have a stupid policy of not allowing relaying from all the machines but just a couple, than you are SOL. This means in my case no send-pr from my machine. (since I am of course not on the allowed list) and you cannot even do a whole lot. Because they are also people who believe that they are not here to serve others but to do whatever the hell they want... sad. > Note that the FreeBSD mailserver that the freebsd-questions mailing list > is running on is one of those Internet mailservers that follows the above > rules. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-advocacy" in the body of the message -- Regards: Szilveszter ADAM Szeged University Szeged Hungary Thanks to all who take time to answer my PR. The only thing I don't understand is: why you think is more important (to try to) block spam instead of solve my (and not only my) problems? I send a lot of PR and I hope they may help all of us, but this was the one with the faster feedback. Bad :( > ...both forward and reverse resolvable in the DNS, and > in addition those resolutions must be symmectrical... Yeah. Great idea. So I can send trash mail to any mail server if I use a dialup line and configure my machine as "dialup-foo-bar-42.myisp.example.org" (the same as the reverse) and cannot send mail from the _STATIC_ _IP_ (was a cost option to me) that Italian RIPE never reverse? Asked for this problem RIPE told me that reverse with be removed within some years ahead. :-? Or because my work ISP (the biggest here in Italy) is badly configured and has different IP from forward to reverse in his DNS? And in your opinion why I'd continue to send-pr? > ...assuming that your ISP's master mailserver is named... Try the real thing: my ISP has his mailserver open to my static range of IP from work. Using /etc/mail/mailertable I forced mail for FreeBSD.org to him but failed again. And now I know why: it break the 2nd rule (symmectrical). # host mail.cs.interbusiness.it mail.cs.interbusiness.it has address 151.99.250.122 # host 151.99.250.122 Host not found. # host 151.99.250.6 6.250.99.151.IN-ADDR.ARPA domain name pointer mail.cs.interbusiness.it > spool all outgoing e-mail through your ISP's mailserver And loose all my mail in a black hole? Why? No, thanks. > "I have my gun and I own this house and I can do whatever the > hell I want in it." Not whatever, only avoid badly configured ISP, like mine. > "Line up or Get lost!" approach taken by OpenBSD. You lost. Lost my help. Sorry, but I have only a few free time and cannot loose it with web interface. > Just as an aside, this alleged spam protection does not help much: > The most spam I receive comes through the FreeBSD lists. Sigh. Not the most. The first spam I received was from freebsd-current. > This means in my case no send-pr from my machine. And the web interface cost me a lot of work because I cannot pre-configure any of the field of the form, for example. Best regards, Riccardo. /------------------------+---------------------------------------\ | Riccardo "VIC" Torrini | W.W.W.: www.torrini.org // | | Via Montebello, 64 | e-mail : riccardo@torrini.org // | | 50123 Firenze (I) +--------------------------------\\//---| | phone: +39-055-286.574 | This space for rent :-) | \------------------------+---------------------------------------/ >-----Original Message----- >From: Riccardo Torrini [mailto:riccardo@torrini.org] >Sent: Sunday, April 22, 2001 3:47 AM >To: freebsd-gnats-submit@FreeBSD.org >Cc: Ted Mittelstaedt; Kris Kennaway; Szilveszter Adam >Subject: Re: misc/26744: Unable to send mail to FreeBSD.org from home >and from work > > >Thanks to all who take time to answer my PR. >The only thing I don't understand is: why you think is >more important (to try to) block spam instead of solve >my (and not only my) problems? > Because a lot of people on this list are admins at commercial locations and are in charge of mailservers. Once you take a few calls from people like the 45-year-old, fundamentalist Christian, home-schooler, stay-at-home mother of three who's 13 year old son is showing her how to read e-mail and she clicks on a message which opens to show Luscious Lucy with her feet up in the air and spread wide, well you might get a sense of how much of a problem that spam causes for us. >I send a lot of PR and I hope they may help all of us, >but this was the one with the faster feedback. Bad :( > Yes, it's very bad that people exist in the world who think it's their God-given right to stuff our e-mail mailboxes with all manner of baldness cure advertisements, or penile enlarger advertisements. > >> ...both forward and reverse resolvable in the DNS, and >> in addition those resolutions must be symmectrical... > >Yeah. Great idea. So I can send trash mail to any mail >server if I use a dialup line and configure my machine as >"dialup-foo-bar-42.myisp.example.org" (the same as the >reverse) and cannot send mail from the _STATIC_ _IP_ (was >a cost option to me) that Italian RIPE never reverse? That is correct - however keep in mind that MAPS has a Dial Up User List in place and the entire subnet that your ISP is using for dialup _may_ already be listed in there - which will make the change-my-hostname-to-the-dynamic-one trick not work. >Asked for this problem RIPE told me that reverse with be >removed within some years ahead. :-? > Then it's pretty clear who you should be arguing with, and it isn't us. >Or because my work ISP (the biggest here in Italy) is badly >configured and has different IP from forward to reverse in >his DNS? And in your opinion why I'd continue to send-pr? > And in my opinion why would your work continue to pay money for service from an ISP that was that technically daft? > >> ...assuming that your ISP's master mailserver is named... > >Try the real thing: my ISP has his mailserver open to my >static range of IP from work. Using /etc/mail/mailertable >I forced mail for FreeBSD.org to him but failed again. >And now I know why: it break the 2nd rule (symmectrical). > ># host mail.cs.interbusiness.it >mail.cs.interbusiness.it has address 151.99.250.122 > ># host 151.99.250.122 >Host not found. > ># host 151.99.250.6 >6.250.99.151.IN-ADDR.ARPA domain name pointer mail.cs.interbusiness.it > > >> spool all outgoing e-mail through your ISP's mailserver > >And loose all my mail in a black hole? Why? No, thanks. > Then find a beter mailserver out there and spool through that one. There's plenty of them. > >> "I have my gun and I own this house and I can do whatever the >> hell I want in it." > >Not whatever, only avoid badly configured ISP, like mine. > step #1 - don't pay for service from an ISP like that. > >> "Line up or Get lost!" approach taken by OpenBSD. > >You lost. Lost my help. Sorry, but I have only a few free >time and cannot loose it with web interface. > Then pay for a shell account on an ISP and do mailing from it. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com |
