IETF Logo Mail Archive

Re: How I deal with (false positive) IP-address blacklists...

SM <sm@resistor.net> Tue, 09 December 2008 13:48 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8F10128C12C; Tue, 9 Dec 2008 05:48:17 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8EBC628C13A for <ietf@core3.amsl.com>; Tue, 9 Dec 2008 05:48:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uf-B8rmbrKRh for <ietf@core3.amsl.com>; Tue, 9 Dec 2008 05:48:15 -0800 (PST)
Received: from ns1.qubic.net (ns1.qubic.net [208.69.177.116]) by core3.amsl.com (Postfix) with ESMTP id 9BC5428C12C for <ietf@ietf.org>; Tue, 9 Dec 2008 05:48:15 -0800 (PST)
Received: from subman.resistor.net ([10.0.0.1]) (authenticated bits=0) by ns1.qubic.net (8.14.3/8.14.3) with ESMTP id mB9DlwQ3007807 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 9 Dec 2008 05:48:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1228830488; x=1228916888; bh=y+MfTLLpEDfN7H4x2pyaKdssq0LLFzoseGfWrdIt7Qg=; h=Message-Id:Date:To:From:Subject:Cc:In-Reply-To:References: Mime-Version:Content-Type; b=1Im8GLPtKaq8dGsvKJLbe0eKUekgwIf158wwrV8O+/AT6BfwC09Rvb2mHaX/uAKdV ve2C2cC2xIKboN6UQE7GFB4qBfnbSDi2gACh2U2VP5xikDlHKZ+x0q7pPnTjJ+XFlX Vk8KY7vdjl0eUTn1zccAsu8tkq5hOcwA3XcNH4K4=
DomainKey-Signature: a=rsa-sha1; s=mail; d=resistor.net; c=simple; q=dns; b=UPxmeRPKoxnFnI981+eS3kPNYfwPMJghi3sTDgQNc0zAUcZQc1qfiUPz+gaZ8S75X VIPb3mSFONutRR1IURdp3K7ISa5Ds1WbeFh5B5BiFC9nqi7qx23chA8TVQk4znW5pgF E827SUaCmmFM/sqxw4U8O76aa9Iz5iPrTy2IU2M=
Message-Id: <6.2.5.6.2.20081209040138.02f074a0@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Tue, 09 Dec 2008 05:23:40 -0800
To: Theodore Tso <tytso@MIT.EDU>
From: SM <sm@resistor.net>
Subject: Re: How I deal with (false positive) IP-address blacklists...
In-Reply-To: <20081209075827.GD13153@mit.edu>
References: <20081209070351.GC13153@mit.edu> <200812090724.mB97OBBB047375@drugs.dv.isc.org> <20081209075827.GD13153@mit.edu>
Mime-Version: 1.0
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

At 23:58 08-12-2008, Theodore Tso wrote:
>Well, the intended recipient, is a Linux Kernel Developer.  He posted
>a message on the Linux Kernel Mailing List, about Linux Kernel
>Developement.  I responded, on-topic, with a message that had no
>advertising material, soliticted, or unsolicited.  I think that meets
>the definition of "legitimate e-mail", don't you think?  It seems

By that definition this message would be legitimate 
too.  Fortunately, this message is being sent through a service 
provider that does not add a message footer with advertising material.

>pretty clear the recipient probably wnated to receive it, and in this
>case, an IP address-based blacklist is causing him not to receive the
>e-mail.  It has been made unreliable for him.

The mail server of the recipient rejected the message because the IP 
address of the sender is listed locally in a blacklist.  This doesn't 
seem like a mail rejection solely based on information provided by a 
third-party.

For classification purposes, this is a false positive if the 
recipient wants the message.  Obviously, the recipient must be aware 
that he/she was not able to receive the message for that to happen.

The rejection message contained a phone number.  That can be used to 
contact the postmaster of the site if the rejection was 
incorrect.  That may be adequate for people exchanging mail 
locally.  As you pointed out, it's not a convenient means of 
communication when the sender is in another country and he/she might 
not bother to make a long distance call to resolve the problem.  In 
this case, the message is of little value to the sender; it's the 
recipient that stands to benefit from it.

Sometimes the IP address of the sending mail server is blacklisted 
because it's from a country or a region commonly associated with 
"illegitimate e-mails".  Maybe that's the case here. :-)

Even if the postmaster of the receiving server takes all reasonable 
steps to avoid false positives, it can still happen.  The postmaster 
can either provide an alternative means of communication which is not 
a burden to the sender or else stick to the belief that his/her mail 
filtering is perfect and it's up to the sender to jump through hops 
to get his/her message through.

Regards,
-sm 

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email