Mail

     Last night I became aware that our outbound mail server mail.eskimo.com had been added to the SORBS real time black hole list.

     I received no warnings or notifications or spam complaints prior so I had no reason to believe we had an active spammer.

     Afterwards, I was able to locate enough information in their database to identify the sender and to determine his machine was infected rather than a case of compromised password.  I have disabled the account pending some confirmation that the customers machine has been cleaned.

     Two carriers I am aware of rely solely on SORBS for spam filtering (an extremely bad practice), those are Yahoo.com and Cox.com.  As a consequence of being on SORBS, more than 7000 messages backed in queue to these two domains.

     In an effort to try to force some of the backlog out I reduced the timeouts so that cox and yahoo were more appropriately hammered, but was unaware there were limits to the allowed parameters (they were NOT documented in the Postfix documentation AND postfix check which is supposed to check for a valid configuration did not complain) but it ended up breaking the outgoing server after I went to bed which by this time was about 6AM.

     I finally figured out there was a problem around 11AM and fixed it.

     I applied to be delisted at SORBS but being a volunteer run organization it does not happen fast and so we are still listed today and Yahoo and Cox are still refusing our e-mail.

     Please understand I have no control over the poor policies at Cox or Yahoo, please contact their support staff regarding your mail not going through to these sites.

Leave a Reply