Tweet
Part of my job is moderating our customer email listserv. It is hosted at a third party non-for-profit free service. I'll call them Host.
A few months ago one of my long-standing subscribers, Jane, who works at a school system in Ontario, had some trouble posting emails to the list, yet she was still receiving emails. I checked for the most common cause and sure enough, her school had changed everyone's email address by two letters, then their network admin set it up so messages sent to the old address were automatically forwarded to the new one.
She was getting messages at the new address because they were bering forwarded. But couldn't post because our list is closed and the list software didn't recognize her new address. It's not a huge deal. I just unsubbed Jane's old address and subbed the new one for her.
Then a few weeks ago Jane tried to post a message and couldn't. She asked me to check again to make sure the correct address was subbed. It was. She tried again, still no dice. She mentioned a bounce message so I asked her to expand the headers and send it to me.
I'm not a network admin and I don't pretend to be. So took the bounce message down to our network admin so he could look at it. The bounce message came from Host and explained that her email was rejected because a mismatch was found between the server name and the IP address after a DNS lookup.
In non-technical terms, the school's outgoing email is configured with a spoofed IP address. Since there's no LEGITIMATE reason to spoof where your email comes from, Host's filters are rejecting her email as spam.
I assumed their network administrator wasn't aware they had that problem. So I was happy to pass along the diagnosis and tell her that the problem would be fixed once they had reconfigured their email server to stop acting like a spam server.
Ha! She had been previously doing this by email, but that prompted a phone call. She wasn't nasty or anything but she filled me in on several things:
1. Bob, her network admin, had set that up deliberately as security measure. He's hiding their real IP address as a security measure.
2. Bob, her network admin, INSISTS that this is a normal setup for "big" organizations" like the school system and that everyone else does it the same way.
3. Bob, her network admin, has heard complaints from his users about the fact that they can't send emails to half the planet. He solidly places responsibility for that failure on the recipients' shoulders. All they need to do is add his spoofed IP address to their white list.
I'm not a network admin and I don't pretend to be one, but even I can see the obvious logic flaws.
I didn't argue point 1. People are free to use whatever weird ass setup they want. It's not my job to tell them how to configure their mail server.
I did argue point 2. We have many susbcribers to our list from instititutions of varying sizes. NONE of them spoof IP addresses. The only people who do, in my experience, are people who are up to no good: spammers and scammers. I didn't get anywhere because I was talking with the user not the network admin. She was choosing to take Bob's word as gospel, but otherwise she was just a frustrated person caught in the middle. It wasn't her fault and she had no control over the situation. I stated my arguments quickly in the hope that she might talk sense into her network admin, but I dropped it when she resisted.
Point 3 was interesting. It technically would work provided that the recipient maintained an IP address white list AND was willing to add a deliberately spoofed IP address to their white list. I doubt very much that any organization, not to mention a free service, would want to expend resources adding spoofed IP adresses to their white list. It's completely asinine to expect the rest of the freaking world to do that just so they can have the "privilege" of getting emails from that one school system.
Nevertheless, Jane had been trying to contact Host to ask them to do this, but, of course, her emails were bouncing back to her.
So Jane begged me to ask Host to whitelist her spoofed IP address on her behalf. Since the request itself was harmless enough, I agreed.
Of course I didn't want to look like an idiot, so I merely passed along her email and explained that it came from a subscriber who was having trouble emailing and asked me to pass it along for her. There was no further comment.
I honestly didn't expect a response so quickly. As a FREE not-for-profit service, Host is staffed by volunteers and they respond only when absolutely necessary. Hey, if we don't like it, we can get a refund, right?
Apparently they found it too ridiclous to let it go without a response. The stated point blank that the mail server would need to be reconfigured or they wouldn't accept emails from it. The best line was:
"RFC requires proper DNS records on all internet-facing IPs, let alone those which claim to be legitimate mail servers."
[Note: RFC refers to internet standards]
I emailed Jane with slightly different wording and let her know that she would either have to convince Bob to follow internet standards or she could subscribe from another email address that followed them. I have not heard back from her.
I emailed Host back to let them know I agreed with them and thank them for their response. I couldn't, however, resist letting them know their Jane's network admin had set it up that way on purpose and wouldn't change it.
I got another awesome response:
It started with, "Wow" and ended with "This guy sounds like someone who sets up Exchange and thinks he knows what a mail server is.
"
A few months ago one of my long-standing subscribers, Jane, who works at a school system in Ontario, had some trouble posting emails to the list, yet she was still receiving emails. I checked for the most common cause and sure enough, her school had changed everyone's email address by two letters, then their network admin set it up so messages sent to the old address were automatically forwarded to the new one.
She was getting messages at the new address because they were bering forwarded. But couldn't post because our list is closed and the list software didn't recognize her new address. It's not a huge deal. I just unsubbed Jane's old address and subbed the new one for her.
Then a few weeks ago Jane tried to post a message and couldn't. She asked me to check again to make sure the correct address was subbed. It was. She tried again, still no dice. She mentioned a bounce message so I asked her to expand the headers and send it to me.
I'm not a network admin and I don't pretend to be. So took the bounce message down to our network admin so he could look at it. The bounce message came from Host and explained that her email was rejected because a mismatch was found between the server name and the IP address after a DNS lookup.
In non-technical terms, the school's outgoing email is configured with a spoofed IP address. Since there's no LEGITIMATE reason to spoof where your email comes from, Host's filters are rejecting her email as spam.
I assumed their network administrator wasn't aware they had that problem. So I was happy to pass along the diagnosis and tell her that the problem would be fixed once they had reconfigured their email server to stop acting like a spam server.
Ha! She had been previously doing this by email, but that prompted a phone call. She wasn't nasty or anything but she filled me in on several things:
1. Bob, her network admin, had set that up deliberately as security measure. He's hiding their real IP address as a security measure.
2. Bob, her network admin, INSISTS that this is a normal setup for "big" organizations" like the school system and that everyone else does it the same way.
3. Bob, her network admin, has heard complaints from his users about the fact that they can't send emails to half the planet. He solidly places responsibility for that failure on the recipients' shoulders. All they need to do is add his spoofed IP address to their white list.
I'm not a network admin and I don't pretend to be one, but even I can see the obvious logic flaws.
I didn't argue point 1. People are free to use whatever weird ass setup they want. It's not my job to tell them how to configure their mail server.
I did argue point 2. We have many susbcribers to our list from instititutions of varying sizes. NONE of them spoof IP addresses. The only people who do, in my experience, are people who are up to no good: spammers and scammers. I didn't get anywhere because I was talking with the user not the network admin. She was choosing to take Bob's word as gospel, but otherwise she was just a frustrated person caught in the middle. It wasn't her fault and she had no control over the situation. I stated my arguments quickly in the hope that she might talk sense into her network admin, but I dropped it when she resisted.
Point 3 was interesting. It technically would work provided that the recipient maintained an IP address white list AND was willing to add a deliberately spoofed IP address to their white list. I doubt very much that any organization, not to mention a free service, would want to expend resources adding spoofed IP adresses to their white list. It's completely asinine to expect the rest of the freaking world to do that just so they can have the "privilege" of getting emails from that one school system.
Nevertheless, Jane had been trying to contact Host to ask them to do this, but, of course, her emails were bouncing back to her.
So Jane begged me to ask Host to whitelist her spoofed IP address on her behalf. Since the request itself was harmless enough, I agreed.
Of course I didn't want to look like an idiot, so I merely passed along her email and explained that it came from a subscriber who was having trouble emailing and asked me to pass it along for her. There was no further comment.
I honestly didn't expect a response so quickly. As a FREE not-for-profit service, Host is staffed by volunteers and they respond only when absolutely necessary. Hey, if we don't like it, we can get a refund, right?
Apparently they found it too ridiclous to let it go without a response. The stated point blank that the mail server would need to be reconfigured or they wouldn't accept emails from it. The best line was:
"RFC requires proper DNS records on all internet-facing IPs, let alone those which claim to be legitimate mail servers."
[Note: RFC refers to internet standards]I emailed Jane with slightly different wording and let her know that she would either have to convince Bob to follow internet standards or she could subscribe from another email address that followed them. I have not heard back from her.
I emailed Host back to let them know I agreed with them and thank them for their response. I couldn't, however, resist letting them know their Jane's network admin had set it up that way on purpose and wouldn't change it.
I got another awesome response:
It started with, "Wow" and ended with "This guy sounds like someone who sets up Exchange and thinks he knows what a mail server is.
"
I AM the evil bastard!
Comment