On 25/06/2010, at 12:47 PM, Nathan Ward wrote:
Of course, you should probably not be using port 25 for submission, or if your mail provider has RBLs running on their submission port then something isn't quite right.
In this case it was 587, authenticated over SSL. See below as to why the RBLs.
Also, surely RBLs should be consulted to decide whether to accept mail from an unauthenticated client, as opposed to you, who is presumably an authenticated client.
Not sure I agree. Infected + authorised is a deadly combination if you assume the authorisation always confers legitimacy. That would mean that a compromised host can send with impunity one it authorises. It seems quite sensible for an email provider to protect their systems from being abused by the compromised PCs of customers.
Not saying that AirNZ are doing it right, just saying that your mail provider could likely be doing it better :-) Though, to be honest, I'd be surprised if a more or less public connection like that isn't listed in the XBL, given the number of random hosts that must come through it spewing out garbage. Being able to rely on your end-user Internet connection not being in a popular RBL is a thing of the past I think.
If the public connection is not actively managed, including receiving and responding to notifications then yes I imagine it will quickly be listed. But if someone there is paying attention then they should be able to pick on any listing and sort it out. I've done that many times in the past and it is not complicated. cheers Jay -- Jay Daley Chief Executive .nz Registry Services (New Zealand Domain Name Registry Limited) desk: +64 4 931 6977 mobile: +64 21 678840