Mailing List SIMS@mail.stalker.com Message #15189
From: Bill Cole <listbill@scconsult.com>
Subject: Re: Host Channel Limit
Date: Tue, 28 Feb 2006 12:00:21 -0500
To: SIMS Discussions <SIMS@mail.stalker.com>
At 2:44 PM -0600 2/27/06, billc_lists@greenbuilder.com  imposed structure on a stream of electrons, yielding:
At 2:20 PM -0500 2/27/06, Paul Galati wrote:
It is great to see that SIMS is still working well being what it is.  It
is a shame that it is not being developed any longer, in favor of
Communigate Pro.  How much life do you feel SIMS has left in it?
Anyways...

Since SIMS doesn't support SPF (and never will), I suspect that SIMS will pretty much be dead in the water once SPF becomes mandatory.


Which will never happen.

I will ignore the absurdity of the word 'mandatory' in an email context and translate it into "required by enough receivers to make it useful"...

SPF has already peaked in popularity. It breaks too much non-spam mail when used in a strong way, and does nothing useful otherwise. Except for a handful of people with limited sanity (<raises hand>) trying to make a point, no one looks at an SPF result and does much of anything with it. On a system where I manage the SpamAssassin weights, I gave a hard failure enough weight to take anything smelling vaguely spammy across the line, and found that over 10% of the mail stopped by that was probably not spam at all, but rather was sent by people who set up hard-fail SPF records incorrectly. Some was quite definitely  in that category, as I had to have long pathetic discussions with the senders and their inadequate technical staff about what their records really meant.

Case in point (not someone I've spoken to, yet... ) Chase Bank. Right now, their customer alerts for credit card accounts are sent in conflict with their SPF record, which has a hard failure default.

Even when it is done correctly, SPF breaks classical forwarding. Mail sent to an address that is forwarded usually (i.e. with Sendmail, Postfix, and I believe SIMS and CGP as well) is passed along with the same envelope sender (aka 'return path') that it arrived with. This is where SPF gets a domain to check, but forwarding assures that the mail is not coming from where it originally came from. There is a model called SRS proposed as part of the SPF scheme to have forwarders rewrite the envelope sender into their own domain, but that mechanism has not been adopted by much of anyone.

 That's why I have begun migrating off.  SIMS in conjunction with ASSP make a pretty strong anti-spam team.  You might try it. (assp.sourceforge.net)

As much as I have liked SIMS as a mail server, I don't see it as having a future at all in most places.


I don't get a ton a good mail but get plenty of blacklisted attempts.  I
still use the Communigate Client EVERY day to monitor our mail traffic.  I
notice that spammers sometimes try to contact me from the same mail server
multiple times simultaneously.  I had my Host Channel Limit set to 3 so
they wouldn't tie up all the connections.  This seems to work OK.  I tried
an experiment and changed the Host Channel Limit to 1.  Everything seemed
fine but one thing I am noticing.  It appears that some mail servers want
to "call" me to verify that I am "calling" them from the same IP.  If the
Host Channel Limit is set to 1, my sending attempt qualifies as that 1, so
the receiving mail server that is "calling" me back for verification of
legit IP is not being served.  I noticed this because mail to a specific
domain started to pile up.  Once I changed the Limit to 2 or more, the
mail was delivered successfully on the next retry.

I can only assume this is a spam junk security measure to weed out the
zombies and such.

Does this sound like a possible scenario ?

Possible.

Live callback has been in place at Verizon for well over a year. It seems to be a part of a grand strategy to make their mail systems so broken that they drive all of their users to alternative paths for mail before they pull the plug on the whole thing and become a link-only ISP.

Unfortunately, it is more than just VZ playing that stupid game, and support for the trick exists in Postfix and Exim. A lousy concept which is usually badly executed, but one which stops as lot of today's spam (and will keep doing so until all the spammers wise up and start using valid full addresses instead of just random addresses in valid domains.)

I'd keep more than one channel open anyway, but that's me...

Limiting to one channel is a sure way to have chronic problems.
--
Bill Cole                                  bill@scconsult.com

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster