• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Mail server on separate box

Tracy Perry

Well-known member
#21
I don't mind doing it at all. Since blocking OVH, ColoCrossing, and several others, the loads on my servers have literally been cut in half. Spam has dropped to almost 0. Well worth it, IMO.
Well, I really hope none of your clients are set up with their own mail servers... if so, they would appear to be in violation of RFC 2142. I'd think there are better solutions than a shotgun approach.
 
#22
I used to run my own iredmail server on Digitalocean, the free version:

http://www.iredmail.org

To me, email is not an "inspiring" experience, but this product did make it a lot of fun. Over a few months I was able to obtain a lot of statistics and gain a better understanding of my email traffic.

However, after a while the inspiration wore off and I signed up on Rackspace Cloud Email service:

https://www.rackspace.com/email-hosting

I have my XF site configured to send all outbound emails (notifications and etc) through this service using IMAP/SSL. If you don't have a few email addresses to work with, it may not be worthwhile, but going this route wiped away all remaining challenges with email. Works very well with my mobile devices. Their instructions are simple, but follow them carefully.

I also use OVH, but not for email. If you can't separate your email from your site carefully consider hosting with them.

Hope this helps,
 

WSWD

Well-known member
#23
if so, they would appear to be in violation of RFC 2142.
A violation of what, exactly? You do understand that RFC = Request For Comment, yes? They are simply guidelines or suggestions. There is absolutely no force of law behind those stupid RFCs, and I could honestly care less. It's a small price to pay for blocking a boatload of spam and abuse.

Here in the United States, where my corporation and servers are located, I don't recall seeing RFC 2142 written as law anywhere. Perhaps you can enlighten me on where I might find this in US Law?
 

Tracy Perry

Well-known member
#24
A violation of what, exactly? You do understand that RFC = Request For Comment, yes? They are simply guidelines or suggestions. There is absolutely no force of law behind those stupid RFCs, and I could honestly care less. It's a small price to pay for blocking a boatload of spam and abuse.

Here in the United States, where my corporation and servers are located, I don't recall seeing RFC 2142 written as law anywhere. Perhaps you can enlighten me on where I might find this in US Law?
Of course you are free to do as you wish. I know that I would not chose a hosting provider that blocks entire CIDR's in a shotgun approach.
So, if you have a server in your range that is abusing another server that happens to be on OVH, your system will not accept reports from them - correct?
And there are things that are called technical standards. If you want to get *******y about it - none of the requirements are codified into US Law.
 

WSWD

Well-known member
#25
So, if you have a server in your range that is abusing another server that happens to be on OVH, your system will not accept reports from them - correct?
They can contact us at our domain or contact the datacenters, who will in turn pass the abuse info on to us. We actually police our network and care about abuse and spam, unlike OVH, so OVH would not be receiving any abuse from us in the first place. ;) Any attempt at abuse is shut down darn near immediately. You certainly will not be catching us on the Spamhaus list anytime soon.
 

WSWD

Well-known member
#27
Normally I contact the domain owner first... and then a second time if required. If that doesn't do any good then I escalate. :p
Which is how it should be done really. And hopefully it eventually gets solved. With us it would.

But speaking of RFC 2142, our Top 5 for abuse were ColoCrossing, OVH, Digital Ocean, Vulture, ServerMania/B2 Net, in that order. They are all in compliance with RFC 2142 last I checked. Out of the hundreds of abuse reports we sent to those five RFC 2142 compliant hosts, how many do you think were addressed or even answered between them? I'll give you a hint. It's less than 1. ;) I didn't just wake up one day and decide to block entire ASNs. These folks refuse to fix the issues on their networks, some (CC, for example) has actually been caught simply relocating known ROKSO spammers from one IP block to another, over and over and over again.

These people just don't care. Because of that, they are blocked. Now if OVH, for example, would actually address abuse complaints and start policing their network, I would be the first person to remove the blocks. But they just don't give a damn. It's unfortunate.