Apologies but...Verizon Postmaster?
spork at inch.com
Fri Nov 21 22:32:31 UTC 2003
On Fri, 21 Nov 2003, Jay Hennigan wrote:
> In our case it's at the IP level. Our mailserver gets "connection refused"
> from their "business" mail servers at "bizmailsrvcs.net". We got someone
> on the phone who was supposed to look into it a week or so ago.
Have a look at the logs on your primary MX. Part of their "anti-spam"
solution seems to be a connection back to your primary MXer to check if
the envelope from is valid or not. If you don't reply in the (very short)
timeout period, the mail is rejected with a *permanent* failure.
> > VZ was unable to tell me why we were initially blocked, but we were for a
> > number of days. Not at the IP level, but at the envelope level; meaning
> > that if you issued a "mail from:" with the domain in question, you'd get
> > the "550 You are not allowed to send mail:sc004pub.verizon.net" message.
> They couldn't tell us either.
It's a horrible design. It's useless for them on MTAs that just accept
everything into the queue and work it from there (qmail, ?) and a pain to
the sender if you happen to have your primary mx swamped in a spam attack
when they try to query it. From what I can see, the timeout is *very*
short and they do not try anything other than the primary mxer.
There also does not seem to be a whitelist for problem sites (which we
apparently are) so the problem never really goes away, it just gets better
and worse as a direct parallel to your mxers load... They also block mail
to their postmaster and abuse addresses, so you have to do some work to
get in touch with someone there.
> Jay Hennigan - CCIE #7880 - Network Administration - jay at west.net
> WestNet: Connecting you to the planet. 805 884-6323 WB6RDV
> NetLojix Communications, Inc. - http://www.netlojix.com/
More information about the NANOG