[Mailman-Users] Re-enabling users who exceed the bouncethreshold
Brad Knowles
brad at stop.mail-abuse.org
Thu Oct 5 09:18:05 CEST 2006
At 9:05 AM -0700 10/4/06, Mark Sapiro wrote:
> Now this may well be a coincidence, but it is also possible that
> att.net had a DNS reverse lookup error at the beginning and blocked
> the IP. Then each subsequent mail found a 'cached' block and was
> itself blocked and also updated the cache expiration. When I stopped
> sending for over a week, the cached entry finally expired. This is
> conjecture and may not be correct, but I think it is not necessarily a
> good idea to keep reenabling bounces like this.
There are plenty of places out there that run seriously screwed-up
nameservers, and cache data in direct violation of the TTLs specified
on the records, or do various other strange things.
It's also possible that you were running afoul of a firewall/network
abuse rule, and by continually re-enabling those users you kept
tripping that rule -- and resetting whatever auto-timeout they may
have put on it. By letting those users sit for a while, the rule
ended up getting dropped and then when you re-enabled them later, you
no longer had this problem. I've seen automated network intrusion
detection systems do this sort of thing.
One thing in common with both of these explanations is that the
larger the recipient site, the more likely they are to be doing
strange and bizarre things behind the scenes in order to deal with a
wide variety of problems that you will probably never even have heard
of, and when they do those kinds of things they are much more likely
to have strange and bizarre side-effects -- which they frequently
won't even know about themselves, and even if they do know about them
they will almost certainly never discuss them with any outside party.
Cisco PIX firewalls used to break the SMTP protocol by default, when
you enabled their SMTP proxy implementation. People would do this to
try to gain a measure of security-through-obscurity, but all that
would really do is tell the whole world that their clueless
mail/firewall administrators don't care about breaking SMTP e-mail to
the world, and that they're using piss-poor Cisco PIX firewall crap
to do it. But they would never admit anything about what they were
doing, and would violently refuse to accept any blame for any mail
breakage problems that they caused.
Strangely enough, once someone pointed them at the specific piece of
the Cisco documentation that showed precisely what they were doing
wrong with precisely which stupid piece of equipment and then how to
fix that damn configuration problem, things would mysteriously start
working again -- but again without any kind of acknowledgement as to
what idiot had broken the thing or why it had taken them so long to
fix the thing that we all knew that they had broken (and how they had
broken it).
Cisco PIX firewalls can still break SMTP e-mail in this way, but at
least they're not configured to do so by default, out-of-the-box.
And you still get plenty of idiots in this world that set things up
and then refuse to accept blame or even acknowledge that they could
possibly have caused any portion of the problem they are experiencing.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
Founding Individual Sponsor of LOPSA. See <http://www.lopsa.org/>.
More information about the Mailman-Users
mailing list