Security Basics mailing list archives
RE: [ISW] AOL mail issues
From: "Steve Fletcher" <safletcher () insightbb com>
Date: Sun, 22 May 2005 01:38:59 -0500
I have experienced this exact issue myself. In attempt to reduce the amount of spam they receive, AOL and others have made life difficult for everyone else by blocking a number of valid emails just because of where they are coming from. Essentially, here is what is happening. AOL is set up to block incoming messages if the mail server sending the message does not have a proper reverse DNS entry. For example, say your server has a host name of mail.mydomain.com and an IP address of 12.34.56.78. Of course, you already have a DNS record for mail.mydomain.com that points to the proper IP address. However, if you enter the IP address you will likely get something like adsl-12-34-56-78.dsl.cityst.myisp.net. Since the do not match, AOL does not allow the message to go through. To make matters worse, most companies do not have any control over these reverse DNS (PTR) records. There is a solution, however. Look into Sender Policy Framework (SPF). Essentially, you create a TXT record in DNS that lists what servers are allowed to send email for your domain. Details can be found at http://spf.pobox.com, including the format for the TXT records. Or, you can try contacting your ISP to see if they can set up the PTR record for your IP address. Hope this helps, Steve Fletcher MCSE (NT4/Win2k), MCSE: Security (Win2k), HP Master ASE, CCNA, Security+ safletcher () insightbb com -----Original Message----- From: GuidoZ [mailto:uberguidoz () gmail com] Sent: Sunday, May 15, 2005 2:28 PM To: Security-Basics Subject: Re: [ISW] AOL mail issues Hey X. I've had the same problem many times over. Besides this Gmail account, I also have my own mail server running at home (home office actually). It's used by all systems locally, and usually works like a charm. I've received the EXACT same problem when trying to email clients that use AOL - emails bounce back to me since the mail server shares my Comcast BUSINESS account IP#. (Comcast insists I pay for a business account since I have a home office. It's basically a way to charge me twice what I would normally pay for the same speed.) I've yet to find a way around AOL's "solution" for halting open relay's beyond changing the mail server to Comcast when I need to email someone at an AOL email address. Top that off with I can even use any of the three domain name accounts I own since they are on a shared server which made its way onto a blacklist from some idiot spamming who knows when. (I've tried to have it removed only to get automated replies and crap back. I've given up.) If you happen to find a way around this, I'd be most appreciative for an answer. It hurts business productivity having to stop everything I'm doing just to change a mail server to please one ISP. One options I've thought of - if you want a simple solution, host your own "website". There are plenty of simple tools out there so even someone who hasn't a clue about how to setup DNS, HTTP, SMTP, etc could still pull it off. Google programs like "Simple DNS", "Free SMTP Server", "Simple Server WWW". While it certainly wouldn't be the most secure setup, it can be done. Isolating the machine on the network that is hosting everything would suffice for most. Just a thought. -- Peace. ~G On 5/15/05, xyberpix <xyberpix () xyberpix com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi All, Has anyone else experienced this, and if there's anyone from AOL on here, please contact me off list, from a non AOL e-mail addy(you'll see why in a bit). I'm running my own mail server at home, it's not an open relay, it is however running TLS, and various other security bolt on's. I also have an ADSL connection with a static IP assigned. Now believe it or not, this means that I can't send directly to anyone with an AOL e-mail addy, as all my messages get bounced, with the error below:<anyname () aol com>: host mailin-03.mx.aol.com[64.12.137.249] refused to talk to me: 554- (RTR:BB) http://postmaster.info.aol.com/errors/554rtrbb.html 554- AOL does not accept e-mail transactions from dynamic or residential 554- IP addresses. 554 Connecting IP: 83.104.33.136 Reporting-MTA: dns; ack.xyberpix.com X-Postfix-Queue-ID: BBF6C2EDB0BNow in an odd sort of way, I can kind of see their logic behind doing this, as most Open Relays will be trojans on someone's compromised home machine. But this really is a crap way to go about it, and consequently, I can't even mail postmaster () aol com to complain, as my mail to that addy bounces with the same error. I have sent 3 mail to support () aol com and postmaster () aol com from a separate account and have had no joy as of yet , and would really like to know if anyone else has experienced this and found a way around it at all. Also, would this be worth actually writing a story about and posting it to a news site. As this irritates the hell out of me, I've never heard a good thing about AOL, and I guess this is just fuel for the fire. This wouldn't usually bug me, but 3 of my friends have AOL addy's because it's cheap, and I can't ask them to change their addys. Thoughts, idea's, AOL people??? TIA xyberpix For Security And Open Source News And Info Visit: http://www.xyberpix.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Darwin) iD8DBQFChxbNcRMkOnlkwMERAoaTAJ98LJar0OwWToupiNMj85E57x1BIgCeN+Hb H7UK6x0Y+pxt0zZdr3Uwv+c= =GRjy -----END PGP SIGNATURE-----
Current thread:
- Re: [ISW] AOL mail issues GuidoZ (May 16)
- RE: [ISW] AOL mail issues Steve Fletcher (May 23)
- Re: [ISW] AOL mail issues Shawn Duffy (May 24)
- RE: [ISW] AOL mail issues Steve Fletcher (May 23)