--On 1 April 2008 13:15:42 -0400 Dale Newfield <Dale@Newfield.org> wrote:
Ian Eiloart wrote:
Actually, I'm veering towards the notion that we should be creating a climate where the only sensible way to avoid collateral spam is to publish SPF records.
That's not always trivial. I get plenty of back scatter, and I've tried to do this to reduce that, but I've been unable. My domain is for my family, so each person is in a different part of the country using numerous paths to send out mail (local ISP, gmail, web-mail through my server, a roaming SMTP service, various cell phones, blackberries, etc.), so I've not been able to come up with a complete list of what machines can send valid mail from my domain.
-Dale
The long and the short of it is this: as long as you permit email with return-paths in your domain to be injected into the mail system without authentication and authorisation, then you'll suffer backscatter, blacklisting, content scanning and all sorts of other problems.
Ultimately, you'll HAVE to find a way that your domain users can submit messages through a server (or virtual server) that YOU manage. Your family's ISPs might be able to authenticate their customers, but they probably can't know that your family members are authorised to use your email domain.
I had a similar problem with my private domain: eiloart.com
First, I rented a virtual server. That turned out to have a pretty cruddy qmail installation (which would lose mail if it ran out of RAM during delivery!), so I got the domain's email service provided by Google apps. <http://www.google.com/a/help/intl/en/index.html> It provides authenticated SMTP submission, including on port 587, POP and IMAP. Works nicely on my iPhone, with Apple Mail, etc. One issue: I don't seem to be able to use both my personal accounts at the same time on my iPhone, but it's OK with Apple Mail.
Sorry, this is only vaguely on topic. Mailman doesn't really suffer the message submission problem in a big way.
-- Ian Eiloart IT Services, University of Sussex x3148