Comcast and SORBS

[mailings02 at ttlexceeded.com (Bob George)]

Rich Braun wrote:
> I've had a Linux-based home SMTP server since, well, I first 
> discovered Linux in 1992.  All of a sudden I'm having trouble getting
>  messages sent out; about a third of them are getting bounced by spam
>  filters.

I went through the same thing with Cox in Phoenix a couple of years
back. In the case of Cox, they began blocking outbound SMTP traffic at
the port level after coming under intense pressure from the Internet
community to control a rampant subscriber base.

> Turns out the good folks at SORBS, a service used by all the Big 
> Corporate Giants in the email business, decided to add the netblock 
> 66.31.0.0/16 to their SMTP blacklist.  The database entry was created
>  5 days ago.

They're not doing this for arbitrary reasons...

> For now what I've been doing is adding Big Corporate Giant domains 
> (and various smaller entities that use SORBS) one-by-one into my 
> /etc/mail/mailertable file--forcing outbound email for those specific
>  sites to relay through Comcast's SMTP server.

While I was initially annoyed, I can well understand *why* it's being
done. While I do miss the capability to a certain extent, I realize I
was violating the ToS by running my own server in the first place.

> This is obviously not a reliable long-term solution, and over time is
>  eroding my privacy rights as more companies tighten their rules 
> against private SMTP servers.

These days, and given the lamentable spam/virus situation, I'd expect to
be squeezed from both the ISP *and* recipient side. Even if SORBS and
others don't block your message, the same characteristics are likely to
result in your messages being flagged "spammy" by SpamAssassin and
others. That alone will hopefully not cause it to be dumped, but then
again, you may never know. (Send me a message off-list if you'd like to
see how SA scores it using the current set of network checks.)

Nobody's "eroding your privacy rights" (IMHO, IANAL) but you may have to
PAY to exercise those rights...

> What's a cost-effective way around this?  Dump Comcast for an 
> un-blocked service?

Again, you may still be tagged "spammy" by other means.

> Buy a static IP from Comcast (I can't even figure out how, their 
> marketing website is useless)?

 From what you've described, I'd expect that to be overly expensive.

> Buy service at a web-hosting company somewhere?

You might want to check out a virtual hosting outfit. A buddy of mine
pays ~$20/mo. for a UML host running RedHat, which gives him full root
access to do as he wishes.

> Throw in the towel and relay all my email through Comcast, where it 
> can be readily monitored by nefarious corporate and/or government 
> entities who do NOT have consumer privacy-interests in mind?

That's the easiest. And quite frankly, while I enjoyed running my own
server for many years, I've found that it probably took more time than
it was really worth.

If I'm *truly* concerned about privacy, I use other means (i.e. PGP and
the like). I've not used them myself, but mixmaster anonymous remailers
might be another option... though again, not necessarily one that keeps
your messages from being flagged.

> Or should we start a letter-writing campaign to SORBS and other 
> blacklist providers to come up with an alternative spam-blocking 
> solution that doesn't drop a sledgehammer on all those of us who 
> prefer to run home-based SMTP servers to transmit a handful of emails
>  per day?

You're welcome to try of course, but I wouldn't expect it to matter a
whit to them, or any other organization dealing with trying to get spam
under control. The relatively small numbers of legitimate home-based
SMTP servers are surely dwarfed by the numbers of trojaned and
intentionally configured home-based servers spewing spam. In the battle
to control an outrageous spam overload, a nice "traditional" Internet
capability is being pushed aside, right along with friendly open relays, 
anonymous FTP and the like. The spam fighters are as adamant about 
controlling spam as you are about protecting your privacy!

I agree with your basic concerns, but while I lament the current state
of things, I fully understand why it has come to pass. You do have
options, just not necessarily inexpensive ones.

On this list, the BigBLU thread petered out owing (it seems) to the 
power, space and operational concerns of running a full beowulf cluster. 
I suggested a "gmail alternative" on the WLUG list, but was roundly 
boo'ed off the idea. I do think that a feature-ful, open-source based 
"legitimate" community mail server would make a great LUG project. While 
it would still be subject to the same legal constraints as an ISP, a 
number of user-controlled features could be added to protect privacy. It 
would probably NOT be free, but not overly expensive either.

- Bob