OT: spammers are using my domain again
trevor at haligonian.com
Fri Oct 8 18:45:38 UTC 2004
On October 8, 2004 10:28 am, Thomas Zehetbauer wrote:
> If I understand this correctly you have a domain and your web hoster
> runs a smtp relay. That's fine, just list your hoster's smtp in the SPF
OK, I don't understand how to implement your suggestions so I'll first just
verify that I have been clear about my situation.
My domain, haligonian.com, is likely what is called a "vanity domain". It was
originally a business domain name but I do little business these days. I am
the only user with any access to email addresses at haligonian.com. I do not
host the domain; I pay a small company in Quebec, Canada to host it. They
provide for me mail and web servers.
My ISP is a local company, Aliant, which is the telco in Nova Scotia, New
Brunswick, PEI and Newfoundland, Canada. They are a large-ish company. They
are the people that connect me to the Internet at home. When I'm at home, and
I try to send mail through my haligonian.com smtp server (hosted in Quebec,
remember), I can not succeed (can't recall the error and I'm not home now).
The only mail server I can get through to is Aliant's.
When I'm at school, my "ISP" is the university I attend (Dalhousie). When
there, I can send through my haligonian.com smtp server.
So, if I understand SPF correctly (and I may not), the procedure is to list
the (IP) addresses of machines that may be running SMTP servers through which
I may ever legitimately send an email. These include "my own" server (which I
use when I'm at school) -- no problem there since my mail/web hosting
provider certainly knows and can keep track of the address of the smtp server
it runs for me -- AND any and all SMTP servers that my telco (when I'm at
home) might run and allow me to use. Now, I have no idea how many of those
servers there are or what their addresses are. Certainly I have no hope of
getting the telco to report that information whenever it might change to
either me or my web/mail hosting company so that my web/mail hosting company
can update their SPF records accordingly.
I don't see how the SPF process could work for me, unless I misunderstand the
process which, again, is admittedly possible.
UNLESS -- SPF only needs simple records (not IP addresses) like:
which may change over time, but not often and since there are only 2, I could
manage the reporting of such changes to my hosting provider (assuming I
convinced them to set up SPF).
So I guess my question is, which scenario is it? Should I pester my hoster or
not? And what about the reports that Microsoft's patents (pending) make the
whole system suspect?
Trevor Smith // trevor at haligonian.com
More information about the users