Archives

Categories

Gmail and Anti-Spam

I have just received an email with a question about SE Linux that was re-sent due to the first attempt being blocked by my anti-spam measures. I use the rfc-ignorant.org DNSBL services to stop some of the spam that is sent to me.

The purpose of rfc-ignorant.org is to list systems that are run by people who don’t know how to set up mail servers correctly. But the majority of mail that is blocked when using them comes from large servers owned by companies large enough that they almost certainly employ people who know the RFCs (and who could for a trivial fraction of their budget hire such people). So it seems more about deliberately violating the standards than ignorance.

The person who sent me the email in question said “hopefully, Google knows how to make their MTA compliant with RFC 2142“, such hope is misplaced as a search for gmail.com in the rfc-ignorant.org database shows that it is listed for not having a valid postmaster address [1]. A quick test revealed that two of the Gmail SMTP servers support the postmaster account (or at least it doesn’t give an error response to the RCPT TO command that is referenced in the complaint). However Gmail administrators have not responded to the auto-removal requests, which suggests that postmaster@gmail.com is a /dev/null address.

However that is not a reason to avoid using Gmail. Some time ago Gmail took over the role of “mail server of last resort” from Hotmail. If you have trouble sending email to someone then using a free Gmail account seems to be the standard second option. Because so many people use Gmail and such a quantity of important mail is sent through that service (in my case mail from clients and prospective clients) it is not feasible to block Gmail. I have whitelisted Gmail for the rfc-ignorant.org tests and if Gmail starts failing other tests then I will consider additional white-lists for them.

Gmail essentially has a monopoly of a segment of the market (that of free webmail systems). They don’t have 100%, but they have enough market share that it’s possible to ignore their competitors (in my experience). When configuring mail servers for clients I make sure that whatever anti-spam measures they request don’t block Gmail. As a rule of thumb, when running a corporate mail server you have to set up anti-spam measures to not block the main ISPs in the country (this means not blocking Optus or Telstra BigPond for Australian companies) and not block Gmail. Not blocking Yahoo (for “Yahoo Groups”) is also a good thing, but I have had a client specifically request that I block Yahoo Groups in the past – so obviously there is a range of opinions about the value of Yahoo.

Someone contacted Biella regarding an email that they couldn’t send to me [2]. I have sent an email to Biella’s Gmail account from my Gmail account – that should avoid all possibility of blocking. If the person who contacted Biella also has a Gmail account then they can use that to send me email to my Gmail account (in the event that my own mail server rejects it – I have not whitelisted Gmail for all my anti-spam measures and it is quite possible for SpamAssassin to block mail from Gmail).

It turns out that the person in question used an account on Verizon’s server, according to rfc-ignorant.org Verizon have an unusually broken mail server [3].

If your ISP is Optus, BigPond, Verizon, or something similarly broken and you want to send mail to people in other countries (where your ISP is just another annoyance on the net and not a significant entity that gets special treatment) then I suggest that you consider using Gmail. If nothing else then your Gmail account will still work even after your sub-standard ISP “teaches you a lesson” [4].

4 comments to Gmail and Anti-Spam

  • Sven

    Sorry Russel but using rfc-ignorant.org for anything more than a little bit of scoring is insane. I don’t know which r-o.o lists you use, and in which way, but e.g. the whois zone lists .de and some others completly. Sure that’s ok with the listing policy defined but that makes it rather useless using it for rejects in this case it’s even useless for scoring if you expect to receive a lot of mail from listed domains.
    Other r-o.o lists are more usefull but using them for rejects is IMHO a great way to get yourself disconnect from the email using world. Suggesting to use one (web)mail provider as a workaround seems broken to me aswell. I don’t think that email should work this way, even today with all its problems.

  • Helmut

    Maybe you should rethink your usage scenario: Mail is to be used to communicate, not to punish people that are unable to set up a mail server. It sounds more like your mailbox is heavily broken, because your mx is not rfc-compliant (by rejecting mail based on invalid criteria). This is like privately punishing illegal activities with illegal activities: Don’t do that. Sorry, but r-o.o is crap.

  • It would amaze me if any large organization read postmaster mail in any way that would lead them to respond to random complaints sent there in some kind of reliable fashion. I don’t know if you’ve ever read postmaster for a large site. If you haven’t, it’s hard to explain the sheer staggering quantity of crap that you’d have to sort through in order to find any sort of signal (and the most effective tools for personal e-mail, such as Bayesian filtering, are going to toss the reports of spam along with the spam since they, well, contain spam).

    You’re talking about trying to find someone to sort through literally hundreds of thousands of messages a day, 99.99% of which are spam or junk from misconfigured mail systems.

    There are two types of people handling postmaster mail for large sites: the people who ignore it, and the people who ignore it but haven’t admitted so yet. I at least *look* at it daily, but I’m sure that I miss all kinds of things that people think I should have seen and I don’t have time or resources to respond to the occasional random questions sent there.

  • etbe

    Sven: I don’t use the whois list because last time I checked it listed all of Australia.

    Helmut: Currently more than half the email that arrives in my inbox is spam. So the communication problem is related to my filters not being strict enough if anything. There is no law against incompetence (otherwise most of the population would be locked up) and there is no law against declining email during the SMTP protocol. So it’s not an issue of punishing illegal actions with illegal actions, it’s more an issue of shunning incompetent people who do annoying things and get in the way.

    Russ: I once worked for an ISP that had two employees dedicated to managing such email. I think that they had ~300,000 customers. In terms of resources devoted to this task you might consider it $1 per customer per year. A very small portion of the cable Internet fees.