[Fwd: Re: [Techtalk] sendmail/RBL question (linuxchix)]
Linda Laubenheimer
ljl at rahul.net
Thu Mar 28 20:44:21 EST 2002
In case this hasn't made it through the moderator(s)...
-------- Original Message --------
Subject: Re: [Techtalk] sendmail/RBL question (linuxchix)
Date: Thu, 28 Mar 2002 15:31:23 -0800
From: Paul Vixie <paul at vix.com>
To: Linda Laubenheimer <ljl at rahul.net>
CC: newchix at linuxchix.org, techtalk at linuxchix.org
> Since my response to this email concerns Paul Vixie, I have CC'd him
> on this email. It's only fair. I hope he actually joins this list
> and responds himself. He is, after all, an advocate and sponsor of
> Open Source software.
thanks for inviting me to this thread.
> > I'm on a couple of email discussion lists, and on one, spam
> > occasionally gets through the owner's filters and blocks. Someone on
> > the list has taken it upon himself to complain to the "spam police",
> > which has created lots of problems for the list owner. In short, now
> > many legitimate messages get bounced because of what he's done to try
> > to eliminate spam, and getting RBL'ed (Real Time Blacklisted, in case
> > anyone doesn't know).
>
> It seems like the list owner has more problems than just being unable
> to stop spammers to the list. He may be running an open relay. As I
> recall, only open relays end up RBL's, and the MAPS people actually
> test to see if the mail relay is actually open.
i'm not directly associated with MAPS any more, but i helped found it
and i am a strong proponent of what they are doing. they do in fact
list hosts for reasons other than being open relays. see
http://mail-abuse.org/rbl/candidacy.html
and
http://mail-abuse.org/standard.html
so the question above concerns collateral damage. the fact is, there is
some. but it's always "indirectly passive" in the sense that the mail
that won't get through was (by definition) destined for some network or
host whose owner _decided_ to subscribe to the RBL. in a very real
sense,
the damage is caused by that decision to subscribe, and your beef, if
any,
is with that subscriber. all MAPS does is make statements of fact --
you
can challenge the factualness of those statements and there is a process
for that. but maps isn't blocking e-mail, it's just publishing a list.
the people who do the blocking know that they will be rejecting some
good
mail with the bad. if they choose to subscribe anyway, then frankly
that's
their right and their decision because it'll be their hosts or networks
whose configurations are affected.
> > I've been doing some researching on this, and found one site that makes
> > a claim that the sendmail program has RBL stuff built in. Here's the
> > text from the page, http://www.ifn.net/rblstory.htm:
>
> "Story" is right... This is the most inflammatory piece of propaganda
> I've read in a long time. Even Hollings and Disney don't lay it on
> quite as thick. The only thing missing is a reference to Hitler. As it
> is, they reference McVeigh, and "Sherman's march to the sea".
you think that's something? try www.dotcomeon.com for some real
flavour.
> The sendmail.org's web site has this line: "The past support of Paul
> Vixie and the Internet Software Consortium is gratefully appreciated."
> Believe me, if I had a site hosted in Vixie's area for cheap or free
> (I'm not sure how much he charges), I would be damn grateful too. One
> of the biggest expenses for open source can be server space and
> bandwidth. Also, I believe Paul maintains one of the major
> authoritative name servers on the west coast of the US - out of ISC's
> pocket, which is mostly his own.
as it happens, ISC is a not-for-profit, and while it charges some
membership
fees it cannot (by charter) charge for things like hosting.
sendmail.org
got a free ride for as long as they needed/wanted it, and would be
welcome
back today. we also host xfree86.org, an opencvs mirror, and the ftp
and
www servers of netbsd.org. and lynx.org. and crypto-publish.org. any
open
software project is welcome here, free of charge, for as long as we
exist.
it can be a provided host that we make space and power and bandwidth
for,
or it can ride on one of our hosts where we'll make "developer
accounts."
> ...Finally, don't believe everything you read on the web, especially when
> it is couched in inflammatory rhetoric.
i agree with this. read everything that's available and make up your
own mind, realizing that more than half of what you read will be opinion
couched as fact and that making up your mind is an exercise of critical
judgement.
> > Assuming those answers are yes... Is there any way to avoid using
> > sendmail? Or can one disable the RBL capability of sendmail?
>
> To the best of my knowledge, sendmail does *not* have RBL enabled by
> default. The article was FUD from people who are probably paid by,
> or profit from, spammers. To install RBL in any mailer I know of,
> you have to deliberately put it there.
that's my understanding also, though some of sendmail's redistributors
(notably some versions of freebsd) included configs that had the MAPS
RBL
subscribed-to by default. this is no longer possible, since MAPS's RBL
is
only available by subscription (for a fee, which is small, and can be
waived
for open source project servers and other not-for-profit uses.)
> ...See also the Vixie Enterprises page, http://www.vix.com/
thank you for your kind words. i'm happy to talk further with anyone
who'd like answers about anything else i'm accused of having done.
More information about the Techtalk
mailing list