From nobody@FreeBSD.org  Sat Apr 21 05:11:38 2001
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id AE31137B422
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 21 Apr 2001 05:11:36 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f3LCBaE21100;
	Sat, 21 Apr 2001 05:11:36 -0700 (PDT)
	(envelope-from nobody)
Message-Id: <200104211211.f3LCBaE21100@freefall.freebsd.org>
Date: Sat, 21 Apr 2001 05:11:36 -0700 (PDT)
From: riccardo@torrini.org
To: freebsd-gnats-submit@FreeBSD.org
Subject: Unable to send mail to FreeBSD.org from home and from work
X-Send-Pr-Version: www-1.0

>Number:         26744
>Category:       misc
>Synopsis:       Unable to send mail to FreeBSD.org from home and from work
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-advocacy
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Apr 21 05:20:01 PDT 2001
>Closed-Date:    Sat Apr 21 21:07:40 PDT 2001
>Last-Modified:  Sun Apr 22 04:50:02 PDT 2001
>Originator:     Riccardo Torrini
>Release:        5.0-CURRENT (Apr 18, 2001)
>Organization:
>Environment:
FreeBSD trudy.home.torrini.org 5.0-CURRENT FreeBSD 5.0-CURRENT #10: Wed Apr 18 10:28:23 CEST 2001     root@trudy.home.torrini.org:/usr/obj/usr/src/sys/TRUDY  i386
>Description:
I have static IP address at home (ADSL) and static IP at work (HDSL) but
neither from home nor from work I am able to sent mail to FreeBSD.org to
submit PR or to write to mailing list.  I am currently subscribed only
to freebsd-current, but I can only read messages, write fail with:
<<< 450 Client host rejected: cannot find your hostname
<freebsd-current@FreeBSD.ORG>... Deferred: 450 Client host rejected: cannot find your hostname

>How-To-Repeat:
Send mail to FreeBSD.org from a static IP without reverse entry in DNS.
>Fix:
Remove sendmail paranoid.  A static IP w/out reverse must be enabled.
Is more secure than a dynamic IP (dial-up) with reverse (IMHO).
If my ISP is unable to fix is not a my fault.  Also my ISP doesn't have
reverse on his IP so I cannot send mail using his smtp gateway  :-(
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: kris 
State-Changed-When: Sat Apr 21 21:07:40 PDT 2001 
State-Changed-Why:  
This is an anti-spam measure which is in common use -- 
use your ISP's outbound mail server instead of sending mail 
directly.  You will have problems with many other sites on 
the internet unless you do. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=26744 

From: "Ted Mittelstaedt" <tedm@toybox.placo.com>
To: <freebsd-gnats-submit@FreeBSD.org>, <riccardo@torrini.org>
Cc:  
Subject: Re: misc/26744: Unable to send mail to FreeBSD.org from home and from work
Date: Sun, 22 Apr 2001 01:25:09 -0700

 Here's another question for the FAQ:
 
 HELP!  I can't send e-mail from my newly installed FreeBSD system
 (AKA I can't send mail to freebsd.org)
 
 
 [Preamble]
 Note that this is NOT the RECIPIENT'S problem, this is a SENDER'S
 problem - ie: YOU.  A cardinal rule on the Internet is that any
 mailserver is permitted to _not_ accept any mail for any reason whatsover.
 YOU do NOT have a right to TRANSMIT mail to anyone you choose.  However,
 the RECIPIENT _always_ has the right to REJECT any mail they want to.
 Now that we got that straight, here's how YOU can fix YOUR server.
 
 [explanation]
 Unfortunately, the increased amount of spamming done on the Internet
 has forced most administrators running mailservers to take action to
 block spam, or mail messages that have a high probability of being spam.
 
 As a result of this, today most mailservers require ONE of the following
 at minimum to accept an incoming E-mail message:
 
 1) The mail message must be originating from an IP number that is
 an "allowed set" of IP numbers.
 
 2) The mail message must be originating from an IP number that is both
 forward and reverse resolvable in the DNS, and in addition those resolutions
 must be symmectrical.
 
 For example, a user has a FreeBSD system that is named "freebsd.example.org"
 and that is dialed into a dialup ISP
 using PPP.  The FreeBSD system has an IP number assigned by the ISP of
 155.4.3.5.  For any arbitrary mailserver on the Internet to accept mail
 from the user's FreeBSD system, any Internet user MUST be able to issue the
 command "nslookup 155.4.3.5" and get the name "freebsd.example.org" and must
 ALSO be
 able to issue the command "nslookup freebsd.example.org" and get a response
 of
 the IP number 155.4.3.5
 
 If they cannot do this, or if the first nslookup gets a name like
 "dialup-pool-5.myisp.example.org" and the second nslookup gets a response
 like "host not found", then you while you will be able to SEND mail, very
 few mailservers on the Internet will permit RECEPTION of your mail message.
 
 [answer]
 To get around this, assuming that your ISP's master mailserver is named
 "mail-myisp.example.org" what you need to do is modify the file
 /etc/mail/sendmail.cf and find the line:
 
 # "Smart" relay host (may be null)
 DS
 
 and modify the DS line as such:
 
 DSmail-myisp.example.org
 
 then force sendmail to reread it's config file with the command:
 
 kill -HUP `head -1 /etc/mail/sendmail.pid`
 
 This makes your mailserver spool all outgoing e-mail through your ISP's
 mailserver,
 which presumably will accept mail from you by use of rule #1 detailed above.
 (allowed IP numbers)
 
 If your ISP's mailserver is screwed for some reason, then find what is known
 as
 a "promiscious open relay" mailserver on the Internet and use that.  (it's a
 poor substitute, since those systems generally get black-holed very quickly
 by
 ORBS and MAPS)  Or, better yet, complain to your ISP, this is what your
 paying them
 for.
 
 Note that the FreeBSD mailserver that the freebsd-questions mailing list
 is running on is one of those Internet mailservers that follows the above
 rules.
 

From: "Ted Mittelstaedt" <tedm@toybox.placo.com>
To: <freebsd-gnats-submit@FreeBSD.org>, <riccardo@torrini.org>
Cc:  
Subject: Re: misc/26744: Unable to send mail to FreeBSD.org from home and from work
Date: Sun, 22 Apr 2001 01:36:15 -0700

 Modify http://www.freebsd.org/support.html as to the following:
 
 In the section
 
    mailing list archives at <A
 HREF="http://www.FreeBSD.org/">www.FreeBSD.org.</A></P>
 
     <P>The <A HREF="./conspectus/index.html">FreeBSD Conspectus</A> is a
 
 make the following addition
 
 
 
    mailing list archives at <A
 HREF="http://www.FreeBSD.org/">www.FreeBSD.org.</A></P>
 
   <P>NOTE that the mailing list listserver on freebsd.org has spamfilters
 applied,
 and you can NOT subscribe to it from an e-mail address that is on a
 mailserver that
 doesen't carry a proper reverse address record (PTR record) in the DNS.  If
 your in
 this boat you have 4 choices.  You may fix the DNS for your mailserver, you
 may reconfigure
 your mailserver to spool through your ISP's mailserver (which presumably has
 a proper
 reverse address record), you may subscribe to an account on Hotmail or other
 on-line
 mailservice, or you can change ISPs.</P>
 
     <P>The <A HREF="./conspectus/index.html">FreeBSD Conspectus</A> is a
 
 

From: Szilveszter Adam <sziszi@petra.hos.u-szeged.hu>
To: Ted Mittelstaedt <tedm@toybox.placo.com>,
	freebsd-gnats-submit@freebsd.org
Cc:  
Subject: Re: misc/26744: Unable to send mail to FreeBSD.org from home and from work
Date: Sun, 22 Apr 2001 11:03:10 +0200

 Hello,
 
 On Sun, Apr 22, 2001 at 01:30:02AM -0700, Ted Mittelstaedt wrote:
 >  Here's another question for the FAQ:
 >  
 >  HELP!  I can't send e-mail from my newly installed FreeBSD system
 >  (AKA I can't send mail to freebsd.org)
 >  
 >  
 >  [Preamble]
 >  Note that this is NOT the RECIPIENT'S problem, this is a SENDER'S
 >  problem - ie: YOU.  A cardinal rule on the Internet is that any
 >  mailserver is permitted to _not_ accept any mail for any reason whatsover.
 >  YOU do NOT have a right to TRANSMIT mail to anyone you choose.  However,
 >  the RECIPIENT _always_ has the right to REJECT any mail they want to.
 >  Now that we got that straight, here's how YOU can fix YOUR server.
 
 Ted, please. Don't shout. You are writing a FAQ entry right? You are trying
 to explain things to somebody who already has taken the trouble to check
 the FAQ, although nobody could possibly have told him that on any FreeBSD
 list, since his mails would never get through, not even to -questions,
 which is plain stupid BTW. How are you supposed to DTRT and ask if your
 mail is rejected? But this is another topic. 
 
 Additionally, I really would
 like to see this preamble go. It simply smacks of "I have my gun and I own
 this house and I can do whatever the hell I want in it." This my be a
 popular line in some peoples' minds, but I would certainly not like it to
 see propagate and spread as something that should be followed. While it may
 be argued that you can do things to your machine, but a machine that hosts
 mailing lists, esp one for an OpenSource project that (notwithstanding Wes's
 comments to the contrary and his appreciation for the "Line up or Get lost!"
 approach taken by OpenBSD) actually cares about acceptance and is dependent
 on the people outta there, is not entirely yours and yours only anymore. You
 have volunteered to open it up, this brings responsibilities with it. This
 is not to make you happy, but to make the others happy. Sorry, that's the
 way it is. It especially resonates funny with the "The Power to Serve"
 slogen of the whole project. Who on earth are we serving then? 
 
 This has nothing to do with blocking spam, this is just a
 general remark.
  
 Just as an aside, this alleged spam protection does not help much: The most
 spam I receive comes through the FreeBSD lists. And this, although my real 
 email
 address is available in many public list archives on the web... it seems
 that spammers do have enough open relays at their disposal that match all of
 your criteria. Sigh.
 
 >  [explanation]
 >  Unfortunately, the increased amount of spamming done on the Internet
 >  has forced most administrators running mailservers to take action to
 >  block spam, or mail messages that have a high probability of being spam.
 
 Much better. 
 
 <...snip...>
 >  If your ISP's mailserver is screwed for some reason, then find what is known
 >  as
 >  a "promiscious open relay" mailserver on the Internet and use that.  (it's a
 >  poor substitute, since those systems generally get black-holed very quickly
 >  by
 >  ORBS and MAPS)  Or, better yet, complain to your ISP, this is what your
 >  paying them
 >  for.
 
 Yeah. And if you are not paying them (like most university students here)
 and they have a stupid policy of not allowing relaying from all the
 machines but just a couple, than you are SOL. This means in my case no
 send-pr from my machine. (since I am of course not on the allowed list) and
 you cannot even do a whole lot. Because they are also people who believe
 that they are not here to serve others but to do whatever the hell they
 want... sad.
  
 >  Note that the FreeBSD mailserver that the freebsd-questions mailing list
 >  is running on is one of those Internet mailservers that follows the above
 >  rules.
 >  
 > 
 > To Unsubscribe: send mail to majordomo@FreeBSD.org
 > with "unsubscribe freebsd-advocacy" in the body of the message
 
 -- 
 Regards:
 
 Szilveszter ADAM
 Szeged University
 Szeged Hungary

From: Riccardo Torrini <riccardo@torrini.org>
To: freebsd-gnats-submit@FreeBSD.org
Cc: Ted Mittelstaedt <tedm@toybox.placo.com>,
	Kris Kennaway <kris@obsecurity.org>,
	Szilveszter Adam <sziszi@petra.hos.u-szeged.hu>
Subject: Re: misc/26744: Unable to send mail to FreeBSD.org from home and from work
Date: Sun, 22 Apr 2001 12:47:22 +0200 (CEST)

 Thanks to all who take time to answer my PR.
 The only thing I don't understand is: why you think is
 more important (to try to) block spam instead of solve
 my (and not only my) problems?
 
 I send a lot of PR and I hope they may help all of us,
 but this was the one with the faster feedback.  Bad :(
 
 
 > ...both forward and reverse resolvable in the DNS, and
 > in addition those resolutions must be symmectrical...
 
 Yeah.  Great idea.  So I can send trash mail to any mail
 server if I use a dialup line and configure my machine as
 "dialup-foo-bar-42.myisp.example.org" (the same as the
 reverse) and cannot send mail from the _STATIC_ _IP_ (was
 a cost option to me) that Italian RIPE never reverse?
 Asked for this problem RIPE told me that reverse with be
 removed within some years ahead.  :-?
 
 Or because my work ISP (the biggest here in Italy) is badly
 configured and has different IP from forward to reverse in
 his DNS?  And in your opinion why I'd continue to send-pr?
 
 
 > ...assuming that your ISP's master mailserver is named...
 
 Try the real thing: my ISP has his mailserver open to my
 static range of IP from work.  Using /etc/mail/mailertable
 I forced mail for FreeBSD.org to him but failed again.
 And now I know why: it break the 2nd rule (symmectrical).
 
 # host mail.cs.interbusiness.it
 mail.cs.interbusiness.it has address 151.99.250.122
 
 # host 151.99.250.122
 Host not found.
 
 # host 151.99.250.6
 6.250.99.151.IN-ADDR.ARPA domain name pointer mail.cs.interbusiness.it
 
 
 > spool all outgoing e-mail through your ISP's mailserver
 
 And loose all my mail in a black hole?  Why?  No, thanks.
 
 
 > "I have my gun and I own this house and I can do whatever the
 > hell I want in it."
 
 Not whatever, only avoid badly configured ISP, like mine.
 
 
 > "Line up or Get lost!" approach taken by OpenBSD.
 
 You lost.  Lost my help.  Sorry, but I have only a few free
 time and cannot loose it with web interface.
 
 
 > Just as an aside, this alleged spam protection does not help much:
 > The most spam I receive comes through the FreeBSD lists.  Sigh.
 
 Not the most.  The first spam I received was from freebsd-current.
 
 
 > This means in my case no send-pr from my machine.
 
 And the web interface cost me a lot of work because I cannot
 pre-configure any of the field of the form, for example.
 
 
 Best regards,
 Riccardo.
 /------------------------+---------------------------------------\
 | Riccardo "VIC" Torrini | W.W.W.: www.torrini.org            // |
 |   Via Montebello, 64   | e-mail : riccardo@torrini.org     //  |
 |   50123 Firenze  (I)   +--------------------------------\\//---|
 | phone: +39-055-286.574 |        This space for rent :-)        |
 \------------------------+---------------------------------------/

From: "Ted Mittelstaedt" <tedm@toybox.placo.com>
To: "Riccardo Torrini" <riccardo@torrini.org>,
	<freebsd-gnats-submit@FreeBSD.org>
Cc: "Kris Kennaway" <kris@obsecurity.org>,
	"Szilveszter Adam" <sziszi@petra.hos.u-szeged.hu>
Subject: RE: misc/26744: Unable to send mail to FreeBSD.org from home and from work
Date: Sun, 22 Apr 2001 04:44:48 -0700

 >-----Original Message-----
 >From: Riccardo Torrini [mailto:riccardo@torrini.org]
 >Sent: Sunday, April 22, 2001 3:47 AM
 >To: freebsd-gnats-submit@FreeBSD.org
 >Cc: Ted Mittelstaedt; Kris Kennaway; Szilveszter Adam
 >Subject: Re: misc/26744: Unable to send mail to FreeBSD.org from home
 >and from work
 >
 >
 >Thanks to all who take time to answer my PR.
 >The only thing I don't understand is: why you think is
 >more important (to try to) block spam instead of solve
 >my (and not only my) problems?
 >
 
 Because a lot of people on this list are admins at commercial
 locations and are in charge of mailservers.  Once you take a
 few calls from people like the 45-year-old, fundamentalist
 Christian, home-schooler, stay-at-home mother of three who's
 13 year old son is showing her how to read e-mail and she
 clicks on a message which opens to show Luscious Lucy with
 her feet up in the air and spread wide, well you might get a
 sense of how much of a problem that spam causes for us.
 
 >I send a lot of PR and I hope they may help all of us,
 >but this was the one with the faster feedback.  Bad :(
 >
 
 Yes, it's very bad that people exist in the world who think it's
 their God-given right to stuff our e-mail mailboxes with all manner
 of baldness cure advertisements, or penile enlarger advertisements.
 
 >
 >> ...both forward and reverse resolvable in the DNS, and
 >> in addition those resolutions must be symmectrical...
 >
 >Yeah.  Great idea.  So I can send trash mail to any mail
 >server if I use a dialup line and configure my machine as
 >"dialup-foo-bar-42.myisp.example.org" (the same as the
 >reverse) and cannot send mail from the _STATIC_ _IP_ (was
 >a cost option to me) that Italian RIPE never reverse?
 
 That is correct - however keep in mind that MAPS has a 
 Dial Up User List in place and the entire subnet that your
 ISP is using for dialup _may_ already be listed in there - which
 will make the change-my-hostname-to-the-dynamic-one trick
 not work.
 
 >Asked for this problem RIPE told me that reverse with be
 >removed within some years ahead.  :-?
 >
 
 Then it's pretty clear who you should be arguing with, and it
 isn't us.
 
 >Or because my work ISP (the biggest here in Italy) is badly
 >configured and has different IP from forward to reverse in
 >his DNS?  And in your opinion why I'd continue to send-pr?
 >
 
 And in my opinion why would your work continue to pay money
 for service from an ISP that was that technically daft?
 
 >
 >> ...assuming that your ISP's master mailserver is named...
 >
 >Try the real thing: my ISP has his mailserver open to my
 >static range of IP from work.  Using /etc/mail/mailertable
 >I forced mail for FreeBSD.org to him but failed again.
 >And now I know why: it break the 2nd rule (symmectrical).
 >
 ># host mail.cs.interbusiness.it
 >mail.cs.interbusiness.it has address 151.99.250.122
 >
 ># host 151.99.250.122
 >Host not found.
 >
 ># host 151.99.250.6
 >6.250.99.151.IN-ADDR.ARPA domain name pointer mail.cs.interbusiness.it
 >
 >
 >> spool all outgoing e-mail through your ISP's mailserver
 >
 >And loose all my mail in a black hole?  Why?  No, thanks.
 >
 
 Then find a beter mailserver out there and spool through that one.
 There's plenty of them.
 
 >
 >> "I have my gun and I own this house and I can do whatever the
 >> hell I want in it."
 >
 >Not whatever, only avoid badly configured ISP, like mine.
 >
 
 step #1 - don't pay for service from an ISP like that.
 
 >
 >> "Line up or Get lost!" approach taken by OpenBSD.
 >
 >You lost.  Lost my help.  Sorry, but I have only a few free
 >time and cannot loose it with web interface.
 >
 
 Then pay for a shell account on an ISP and do mailing from it.
 
 
 Ted Mittelstaedt                      tedm@toybox.placo.com
 Author of:          The FreeBSD Corporate Networker's Guide
 Book website:         http://www.freebsd-corp-net-guide.com
 
 
>Unformatted:
