Jump to content
Sign in to follow this  
Followers 0
chris

Global Mailhosts: An User Review & Call For Change

By chris, in Mailhost Configuration of your Reporting Account

Recommended Posts

chris    0

chris
Posted

After struggling for 3 (!) weeks with the Beta Mailhosts System I must say that the idea is great, but the concept translated into practice needs some fine-tuning…

First, I would like to say: I’m not as System Administrator! I’m just and (advanced) end-user who came to SC because he was looking for a way to auto-report received spam’s to ISP’s.

Unfortunately I quickly found out that auto-reporting was a big no-go around here…but luckily there was this new way of reporting spam’s. So I subscribed and tried to set-up my mailhosts what failed BIG time. Not due to SC, but due to the fact my mail was traveling 3 (!) ISP’s with numerous localhost mail servers. My fault, so this should not influence my opinion…

But after I’ve completely re-routed my mail I tried to re-apply, what off course still didn’t work out directly as my mail was still traveling two mail server. But requesting a waiver should not be a problem (for anybody).

But what the problem is that mailhosts are only GLOBAL and one of the two mailhosts I now need is full of junk due to my numerous try-outs; by myself of by deputies in the time my mail was traveling multiple servers… So therefore I’m getting more and more annoyed that – 3 weeks later – I still didn’t manage to have things set-up stable. Because even if it all works now the hosts and IP’s mentioned in my two mailhosts are not correct.

So why can’t I delete/edit wrong mailhosts entries or request to have some entries from mailhost deleted/editted. Why is this? I have no idea… Wouldn’t it be much simpler and just as safe to have people – if they like – to set-up their own PERSONAL mailhost? Mailhost that aren’t global and therefore not subject to change!

I understand the idea behind the global mailhost, but I would like to suggest to offer global and personal mailhosts: global for the normal users (easy to set-up and auto-updated); personal mailhost for the more advanced configurations where the more advanced users can set-up their own configuration.

Because even if I now manage to have SC add one hostname to a mailhost, and delete 3 hostnames and 2 IP’s from another mailhost (= correcting the error’s made till now) there will be always a change that the mailhosts change. I.e. that my auto-reporting doesn’t work anymore and I would be forced re-configure things…

(Because if in the process of setting up my mailhosts SP system managed to add wrong and internal hosts to my ISP’s hostname, I assume others will be able to do the same. – on purpose or not; that doesn’t matter.)

So I’m wondering what other people think of this idea and the new beta mailhosts system in general? Let us know…

Best Regards,

Chris

Share this post

Link to post
Share on other sites

StevenUnderwood    0

StevenUnderwood
Posted
So I’m wondering what other people think of this idea and the new beta mailhosts system in general? Let us know…

I think people are worrying way too much about what is in the mailhost config. Not just you but many other people as well.

My spamcop config is:

Hosts/Domains: mx2.cesmail.net blade3.cesmail.net blade4.cesmail.net blade2.cesmail.net blade6.cesmail.net blade1.cesmail.net cesmail.net mailgate.cesmail.net spamcop.net c60.cesmail.net main.ermann.org bulkmx2.spamcop.net node-423a221a.ewr.onnet.us.uu.net mx.cesmail.net

Relaying IPs: 206.14.107.118 216.154.195.44 216.154.195.50 216.154.195.49

Sure there are a some hosts in there that probably should not be (ermann.org and uu.net), but the only way this could cause a problem is if I receive an email that comes through one of those hosts AND the received header prior to that host were forged well enough to be believed by the parser. Compared to the current system,

If the host is the actual injection point, it should report a problem and not send any report.

Share this post

Link to post
Share on other sites

Wazoo    0

Wazoo
Posted
I quickly found out that auto-reporting was a big no-go around here…but luckily there was this new way of reporting spam’s.

Yes, auto-reporting is just to easy for folks to allow mistakes to happen. But, the mail-hosts is not a "new way to report" ... it's just an additional refinement and a datum set that has the goal of handling some forgeries and hopefully a side result of stopping the clueless from reporting themselves. The actual "reporting methods" havem't changed.

my mail was traveling 3 (!) ISP’s with numerous localhost mail servers ..... I’ve completely re-routed my mail ..... mail was still traveling two mail server ...... I’m not as System Administrator!

Not a Deputy, not involved in setting anything up, but I will tell you, there's no way in the world anyone can help you with so little data to look at anything. And if you're continuing to change things (even though you're not a SA?), I'm not sure what you'd expect to be happening.

requesting a waiver should not be a problem (for anybody).

and did you? Was it accomplished?

So why can’t I delete/edit wrong mailhosts entries or request to have some entries from mailhost deleted/editted. Why is this? I have no idea

For the same folks that can't seem to handle the 'simple' copy and paste to submit a spam for reporting purposes? The same folks that can't get the response to an e-mail verification e-mail'd back to the SpamCop system? These 'simple' tasks gather so much confusion but you'd suggest allowing these same folks to actually edit some database content? Please ....

global for the normal users (easy to set-up and auto-updated); personal mailhost for the more advanced configurations where the more advanced users can set-up their own configuration

Why? A single database of "known good" seems to make a bit more sense for the parsing tool set as compared to how many datasets to handle global, personal, special, different, and just frigging screwed up ...

Because even if I now manage to have SC add one hostname to a mailhost, and delete 3 hostnames and 2 IP’s from another mailhost (= correcting the error’s made till now) there will be always a change that the mailhosts change.

huh?

that my auto-reporting doesn’t work anymore and I would be forced re-configure things

auto-reporting was already addressed as a bad thing, yet your complaint is based on any changes impacting your auto-reporting, which is exactly why auto-reporting is seen as a bad thing. ???? Obviously, I'm not following your logic, or you're hell-bent on circumventing the checks and balances put into place to ensure proper reporting.

Share this post

Link to post
Share on other sites

chris    0

chris
Posted (edited)

Thanks for your opinion is this matter. Hereby my reply’s…

Sure there are a some hosts in there that probably should not be (ermann.org and uu.net), but the only way this could cause a problem is if I receive an email that comes through one of those hosts AND the received header prior to that host were forged well enough to be believed by the parser.

…what is exactly my problem as the host prior to my registered mailhosts could (happened before) be the hostnames/ IP’s that should not be in my list.

Yes, auto-reporting is just to easy for folks to allow mistakes to happen. But, the mail-hosts is not a "new way to report" ... it's just an additional refinement and a datum set that has the goal of handling some forgeries and hopefully a side result of stopping the clueless from reporting themselves. The actual "reporting methods" havem't changed.

auto-reporting was already addressed as a bad thing, yet your complaint is based on any changes impacting your auto-reporting, which is exactly why auto-reporting is seen as a bad thing. ???? Obviously, I'm not following your logic, or you're hell-bent on circumventing the checks and balances put into place to ensure proper reporting.

I know that the actual reporting methods are not changed, that is not the point. But due to this new way it’s possible to set-up auto-reporting. I.e. set things up, start reporting (properly and 100% accurate), and worrying about other things in life…

Not a Deputy, not involved in setting anything up, but I will tell you, there's no way in the world anyone can help you with so little data to look at anything. And if you're continuing to change things (even though you're not a SA?), I'm not sure what you'd expect to be happening.

I don't understand what you are trying to say... and besides that: you turned my words/sentences..

and did you? Was it accomplished?

Yes (waiver was given) and No (see below)

For the same folks that can't seem to handle the 'simple' copy and paste to submit a spam for reporting purposes? The same folks that can't get the response to an e-mail verification e-mail'd back to the SpamCop system? These 'simple' tasks gather so much confusion but you'd suggest allowing these same folks to actually edit some database content? Please ....

huh?

You definitely have a good point... but you understand it's also at least strange that I don't have my mailhosts set-up correctly (!!) after 3 weeks, while I can exactly let how the mailhosts should look like. BUT neither me or the deputies can edit my mailhosts... At least till now! Why?

I just need one hostname added to my first mailhost, and have all the wrong (false) hostnames/IP’s deleted from my second mailhost… That's what I was trying to say in my first post...

But even IF this is done there will always be a chance that the mailhosts ‘change’. I.e. don’t reflect the reality anymore due to wrongly added hostnames/IP’s…. what could result in false/wrong reports! How about that?!

Best Regards,

Chris

Edited by chris

Share this post

Link to post
Share on other sites

StevenUnderwood    0

StevenUnderwood
Posted
what is exactly my problem as the host prior to my registered mailhosts could (happened before) be the hostnames/ IP’s that should not be in my list.

So was the header prior to the one "incorrectly" on your list a good enough forgery to send the report to an incorrect ISP? Did the parse simply fail because it did not know where this host received the message? Did you report this failure to the duputies with enough supporting data to show the error? That is one of the reasons for this beta test.

But due to this new way it’s possible to set-up auto-reporting. I.e. set things up, start reporting (properly and 100% accurate), and worrying about other things in life…

You could set up auto-reporting before just like now. It is not and will not be 100% accurate. You are still supposed to be checking that reports are going to the proper places, not just that they are not going to your ISP. Auto-reporting is still not going to be supported and will be discouraged at every step. Quality over quantity has been a mantra around here for the last year or so. If you don't have time to report, DON'T. If you only have time for a few, do that, but do them correctly.

You definitely have a good point... but you understand it's also at least strange that I don't have my mailhosts set-up correctly (!!) after 3 weeks, while I can exactly let how the mailhosts should look like. BUT neither me or the deputies can edit my mailhosts... At least till now! Why?

If you individually submitted and completed each email account in the correct order, receiving waivers when necessary, then your mailhost are configured correctly. See example at the bottom if this is your question, I don't think so, however.

I don't think your mailhosts are setup incorrectly. I think you don't like the extra entries in the mailhost configs you are a part of. This is where the lack of data comes in.

I just need one hostname added to my first mailhost

If the hostname domain is already listed, this does not seem to be necessary. I have a domain A and 2 mail servers b.A and c.A. c.A was not actively accepting outside messages (it is the backup) when I first configured mailhosts. so only domain A and host b.A are listed. I tried reconfiguring so c.A was accepting messages and resubmitting a mailhost but c.A was not added. However, it does not affect the parsing as it sees the A domain and accepts it.

and have all the wrong (false) hostnames/IP’s deleted from my second mailhost

Then you would be messing up someone elses mailhost configuration. Again, as long as there is not a believable forgery prior to the incorrect mailhost on a spam message, it makes no difference.

due to wrongly added hostnames/IP’s…. what could result in false/wrong reports! How about that?!

The only way a false report would be sent is if there was a believable forgery directly prior to the incorrect entry.

I still say, if you see email parsing through a host you don't think should be in your mailhost configuration, you should contact the deputies with the tracking URL and explain the problem. I have not seen that yet.

Example:

You have 1 account (a[at]A) that forwards to another account (b[at]B) that forwards to a third account (c[at]C). To confuse things, the b[at]B account uses a "complex configuration" and will require a waiver.

Per the directions, you register the c[at]C account first and the probe will go directly to that account. Then register the b[at]B account and the probe will go to the b[at]B address and forward to c[at]C. Follow the directions to request the waiver and wait to receive that. Then you register the a[at]A account and the probe will follow your entire path. Your mailhost configuration is complete and correct.

Share this post

Link to post
Share on other sites

chris    0

chris
Posted (edited)

In reply to your reaction:

If you individually submitted and completed each email account in the correct order, receiving waivers when necessary, then your mailhost are configured correctly.

No, not always.... as SC - in my case - has been adding hosts/ip's to 'my mailhost' with each waiver I requested. The mailhosts themselves are not wrong, they are just on the wrong place now.

Then you would be messing up someone elses mailhost configuration. Again, as long as there is not a believable forgery prior to the incorrect mailhost on a spam message, it makes no difference.

No, not in my case.... as SC has been adding these hostnames to 'my mailhost' due to waivers I requested. If they would have just provided an field to explain the waiver-request they would not have been adding the hostnames to this mailhost but one maybe called mycompany.com. Now SC even added one of my internal hostnames to the mailhost of my ISP. So this hostname now contains more wrong information then correct information. (5 wrong entries; 1 correct one)

You have 1 account (a[at]A) that forwards to another account (b[at] that forwards to a third account (c[at]C). To confuse things, the b[at]B account uses a "complex configuration" and will require a waiver.

Per the directions, you register the c[at]C account first and the probe will go directly to that account. Then register the b[at]B account and the probe will go to the b[at]B address and forward to c[at]C. Follow the directions to request the waiver and wait to receive that. Then you register the a[at]A account and the probe will follow your entire path. Your mailhost configuration is complete and correct.

I understand... but in my case the mail is not forwarded from one account to another. It's fixed routed by DNS. I.e. I cannot mail the account seperate !!

This is my configuration now:

0 - our internal mailserver

1 - ourisp's mailserver (mailhost A)

2 - our anti-virus-providers mailserver (mailhost B)

Notes / My problems:

- Mailhost B is still missing an hostname.

- Mailhost A is containing different hostnames/IP's as SC is thinking these are hostnames/IP's of my ISP. But there not...

But back to the subject: why not a more flexible but still robust system? Because I started this discussion for that; not for solving my problem. Solving the problem I tried to do by mailing the deputies....

Best Regards,

Chris

Edited by chris

Share this post

Link to post
Share on other sites

StevenUnderwood    0

StevenUnderwood
Posted (edited)
I understand... but in my case the mail is not forwarded from one account to another. It's fixed routed by DNS. I.e. I cannot mail the account seperate !!

OK, so it is all handled by a single MX record. Then there should be 3 mailhost entries for each of the steps you mention. The only one that won't be shared is your internal mail server.

Notes / My problems:

- Mailhost B is still missing an hostname.

- Mailhost A is containing different hostnames/IP's as SC is thinking these are hostnames/IP's of my ISP. But there not...

And neither of these are major problems, unless they are the mailhost of a spamsource or an open relay or are causing an incorrect parse for some reason. All of these things should be brought to the attention of the deputies.

Edited by StevenUnderwood

Share this post

Link to post
Share on other sites

chris    0

chris
Posted
And neither of these are major problems, unless they are the mailhost of a spamsource or an open relay or are causing an incorrect parse for some reason. All of these things should be brought to the attention of the deputies.

Just to let you know: possible open relays (dsl-range), what has been mailed to the deputies.

Share this post

Link to post
Share on other sites

chris    0

chris
Posted

Like I said before:

But back to the subject: why not a more flexible but still robust system? Because I started this discussion for that; not for solving my problem. Solving the problem I tried to do by mailing the deputies....

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Mailhost Configuration of your Reporting Account
×