You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Chris D <un...@hotmail.com> on 2002/07/30 16:42:09 UTC
Minimizing mail rejections
Hello all,
I am looking for some advice on customizing James to minimize rejected
messages to other mail hosts. The scenario is as follows:
- We host "opt-in" newsletters for several organizations.
- We send out the newsletters from the venngo.com mail host, but the "FROM"
address in each message is that of the partner organization.
As I understand things, some mail hosts filter out email messages that have
a from domain name that does not match the domain name of the sending mail
host.
So, my question is this. Since in some cases, my organization hosts a
domain for email purposes for the partner organizations, is it possible to
customize James so that it appears as a different mail host to the
destination SMTP server, depending on the "FROM" address of an email message
(for the domains we host)?
Or, if my logic is flawed somewhere, please let me know. I am still trying
to grasp the complexities of Internet email.
Thanks,
Chris
_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Minimizing mail rejections
Posted by "Steven J. Owens" <pu...@darksleep.com>.
On Fri, Aug 02, 2002 at 09:24:45AM +0100, Danny Angus wrote:
> No offence mate, but this..
None taken at your comments, but I do wish you'd have read my
message.
> > Despite that, I have much the same concerns as Chris; I don't
> > want to ask my (potential) users to move their site hosting over to my
> > box, but I know I'm going to have to handle sending mail from my box
> > as if it were coming from the user's site domain.
>
> Does suggest that there are certain fundamentals about email that
> perhaps you ought to learn before entering the shark infested waters
> of spam.
There are plenty of fundamentals about email that I know, and
more yet that I don't. That's why I posted.
> 1/ website and email don't have to be on the same machine for the same
> domain, how do you think people like Yahoo would survive if they did?
> 2/ Mail destination is controled by a DNS record called MX.
Yes, I know domains and I know about MX records. The problem is
not merely my taking over responsibility for all the mail for the
domains in question. That would be straightforward enough. I don't
*want* responsibility for all the mail for the domains in question, I
just want responsibility for a subset of the mail with a minimum of
hassle and arguing with organization's service providers.
One solution is to set up a subdomain of my domain (let's fall it
foo.com), so northcarolinaphotogs.org comes to me and opens up an
account with my service, and I set up a northcarolinaphotogs.foo.com.
Not bad, as such things go, but not good either.
Another solution is to use their ISP's mail server and arrange
with their ISP to have my server be authorized to relay through them,
and then just set the various headers in the outgoing messages to have
northcarolinaphotogs.org. I believe this is generally referred to as
"forging" the headers and is regarded with suspicion. However, more
importantly, there are serious limitations with this approach - bounce
messages end up in the inbox for northcarolinaphotogs.org, not in my
inbox.
Another solution is to take over all of the given domain's mail
concerns, via an MX record, and then just provide all of their mail
needs through my server. As I type this, I'm actually beginning to
reconsider dismissing this, because it doesn't seem like really that
much. I'll have to give it some serious thought. Nevertheless, I'd
prefer not to, and this approach has the same problems I outlined in
my previous message, i.e. hassles with the ISP who hosts that domain
to get them to set up the MX record.
Antoher solution is to set up a subdoman, say
announce.northcarolinaphotogs.org, and have that domain pointed at my
box. I like this because it cleanly separates my responsibilities
from the other mail needs of the domain owner. It also provides a
distinct identity. Yet it maintains continuity with the original
domain. And it gives the domain owner maximum safety - if there's
ever any sort of disagreement with my service, they can simply take
their subdomain back. I can't hold it hostage.
Steven J. Owens
puff@darksleep.com
"I'm going to make broad, sweeping generalizations and strong,
declarative statements, because otherwise I'll be here all night and
this document will be four times longer and much less fun to read.
Take it all with a grain of salt." - Me
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Minimizing mail rejections
Posted by Danny Angus <da...@apache.org>.
No offence mate, but this..
> Despite that, I have much the same concerns as Chris; I don't
> want to ask my (potential) users to move their site hosting over to my
> box, but I know I'm going to have to handle sending mail from my box
> as if it were coming from the user's site domain.
Does suggest that there are certain fundamentals about email that perhaps
you ought to learn before entering the shark infested waters of spam.
1/ website and email don't have to be on the same machine for the same
domain, how do you think people like Yahoo would survive if they did?
2/ Mail destination is controled by a DNS record called MX.
d.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Minimizing mail rejections
Posted by "Noel J. Bergman" <no...@devtech.com>.
If you visit NANAE, check out the recent thread entitled "SPEWS: Request for
Removal - Record Number: S658". You should find the conversation
instructive.
I understand about the need for mailing lists. After all, THIS IS one.
Also, I am the immediate past President of the Carolinas Nature
Photographers Association, and current President of a regional photographic
group. We all use the Internet to reach our members. In the case of my
groups, we'll be using use James to setup mailing lists. Initially we'll
seed the mailing lists from our hardcopy forms, where we received written
and signed permission to send e-mail to our members. Then we'll add support
for members to be able to opt-in / opt-out via the web-site, and to update
their membership information. No one will be on our mailing list who isn't
a paid-up member of the organization.
James still needs mailets for properly managing mailing lists. Most of the
active developers seem to have plenty on their plates, but we'd love to see
some new and active faces who want to pick up on outstanding projects.
--- Noel
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Minimizing mail rejections
Posted by "Steven J. Owens" <pu...@darksleep.com>.
Noel,
On Tue, Jul 30, 2002 at 04:04:25PM -0400, Noel J. Bergman wrote:
> This isn't really James specific, and you should probably raise your
> questions on NANAE (http://www.nanae.org/).
Your comments are sufficiently interesting to pique my interest.
Thanks.
> Judging from past experience lurking on NANAE, anyone who claims to
> "host 'opt-in' newsletters for several organizations" is going to
I also host an opt-in newsletter for an organization, and I'm
considering doing so for several other organizations.
> Basically, no one will believe you, and you'll be challenged to
> prove the opt-in nature of your lists.
To be specific, I'm on the board of a small local art non-profit
(www.suncrumbs.org - and don't blame me for the flash-heavy site, I
wasn't involved in that design process; at least they made sure to
keep a text-only version).
How do I know the list is opt-in and non-spam? Because I handle
the announcement list sign-up sheet at the performances and art
openings. I add the addresses to the mailman server we use to manage
the list. I vet, and often proofread and copyedit for clarity, the
messages before they get sent out.
I'm here, btw, because I've been thinking about the inadequacies
of using a mailing list manager like Mailman for this purpose. As
nice as Mailman is in other ways, it's not appropriate for what I'm
doing. I've been meaning to learn Python, but I don't think tackling
customizing mailman is a good way to start :-). Since I'm fairly
handy with java...
> Sending SPAM because someone else is dishonest isn't a defense;
This is one of my greatest concerns.
I've been talking with folks at other non-profits and hearing
about a lot of need for the kind of thing I'm planning to write
(basically something that's geared more towards scheduled mailings,
maintaining the information necessary to generate the mailings, and
automated gathering of feedback and responses to mailings). So much
so that I'm seriously thinking of doing it myself as a side business
venture (wouldn't let me retire, but it might make my hosting pay for
itself). Designing a system that *can't* be abused for spamming (or
at least resists being twisted to such ends) is a high priority.
One idea I've been giving serious thought to is approaching
somebody like the ACLU/EFF to ask for help in writing an acceptable
use policy (and, while they're at it, a privacy policy for list
subscriber info). Maybe I should look into whether NANAE already has
such a beast...
Despite that, I have much the same concerns as Chris; I don't
want to ask my (potential) users to move their site hosting over to my
box, but I know I'm going to have to handle sending mail from my box
as if it were coming from the user's site domain.
The best solution I can think of is to set up a subdomain of the
user's site domain (e.g. mail.foo.com, or possibly even
announcements.foo.com) pointing to my server. I suspect that I will
run into problems convincing ISP netadmins to register the subdomain
without trying to charge some sort of exorbitant fee (anybody remember
the good old days when getting webhosting with a domain name bumped
you up into the "gold" level and added $100 to the price? :-( ) but
it's better than nothing.
> Many hosts use a mail server in a different domain. It is common
> for co-located servers to use a mail server provided by the server
> farm, virtual hosts to use a common mail server, and individuals to
> use a mail server provided by their ISP.
I personally think this is a broken response to a broken
situation. Better than nothing, but... I'd rather focus on fixing the
cause than the symptom. That's the reason I originally started
thinking about these topics in general; the mailing list idea came later.
I started trying to think about how to solve usenet spam (in
1996). I was, alas, woefully underinformed and underskilled for the
task then (and not much better now). The thought I had, which I'd
still like to pursue, is something on the order of cancelmoose, only
turned inside out (i.e. approving messages). Various efforts along
these lines have since been tried. I'm not aware of any with a great
degree of success. One nuance I wanted to add was letting *anybody*
issue an "opinion" on a given message, and having powerful tools to
multiplex together opinions, to avoid a centralized gatekeeper.
> The most common mechanism for blocking e-mail is based upon the originating
> IP address. Once mail server sends out SPAM, you'll be added to the
> blackhole lists, mail servers will lookup your IP address using a DNS
> lookup, your e-mails will be rejected (and lart'ed), and you'll be posting
> on NANAE to protest your innocence.
This is a better response, IMHO. Though there are problems, it's
fundamentally the right approach - create mechanisms to empower
people, much like an automated boycott. In this case, the people it
empowers are those who are running the SMTP servers, who decide to
subscribe to the various relay blocking lists. This was at its most
"ideal" when it was solely about blocking open (hijackable) relays,
but more powerful as it grew into a more general mechanism (forcing
service providers to clean house). However, I'd like to see this
approach become less centralized and less susceptible to politics.
Either net-clique politics (not that I am accusing anyone of such) or
real-world politics - the smaller the group, the easier it is for them
to be targeted by lawsuits or dysfunctional regulatory efforts.
> > I am still trying to grasp the complexities of Internet email.
>
> And you're running "opt-in" mailing lists for other people? Man, are you in
> for a rough ride! I really urge you to get into NANAE, and save yourself a
> world of trouble.
...and on the technical side, I can't highly enough recommend
David Woods' _Programming Internet Email_, published by O'Reilly.
You might also want to check out some of Lawrence Lessig's
writing.
Steven J. Owens
puff@darksleep.com
"I'm going to make broad, sweeping generalizations and strong,
declarative statements, because otherwise I'll be here all night and
this document will be four times longer and much less fun to read.
Take it all with a grain of salt." - Me
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Minimizing mail rejections
Posted by "Noel J. Bergman" <no...@devtech.com>.
Chris,
This isn't really James specific, and you should probably raise your
questions on NANAE (http://www.nanae.org/).
Judging from past experience lurking on NANAE, anyone who claims to "host
'opt-in' newsletters for several organizations" is going to get a very hard
welcome. Basically, no one will believe you, and you'll be challenged to
prove the opt-in nature of your lists. You can expect to be given lectures
on exactly what "opt-in" means, and how it must be implemented. Then, since
you claim to host these newsletters for several organizations, they'll want
to know how you vetted the mailing lists. Sending SPAM because someone else
is dishonest isn't a defense; your mail server will get banned regardless of
why you're spamming the Internet. And the fact that you send your e-mail
from an ad hoc Hotmail account won't give anyone a world of confidence in
who you are.
> The "FROM" address in each message is that of the partner organization.
As it should be.
> some mail hosts filter out email messages that have
> a from domain name that does not match the domain
> name of the sending mail host.
Many hosts use a mail server in a different domain. It is common for
co-located servers to use a mail server provided by the server farm, virtual
hosts to use a common mail server, and individuals to use a mail server
provided by their ISP.
> is it possible to customize James so that it appears as a different mail
host
> if my logic is flawed somewhere, please let me know.
The most common mechanism for blocking e-mail is based upon the originating
IP address. Once mail server sends out SPAM, you'll be added to the
blackhole lists, mail servers will lookup your IP address using a DNS
lookup, your e-mails will be rejected (and lart'ed), and you'll be posting
on NANAE to protest your innocence.
> I am still trying to grasp the complexities of Internet email.
And you're running "opt-in" mailing lists for other people? Man, are you in
for a rough ride! I really urge you to get into NANAE, and save yourself a
world of trouble.
--- Noel
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>