|
|
|
|
Proper configuration of an e-mail server? What's this page for? Arguably the most important part of the Internet - certainly the part most people consider ultra-critical - is e-mail. From its inception, the Internet was designed to make it easy and reliable to send messages from one person to another. Unfortunately, it is that ease and reliability that has made "spam" such a problem today. One of the basic tenets of the Internet is "be liberal in what you accept, be conservative in what you send". This means follow the rules yourself - but still try to communicate with others who don't. This leaves us open to malicious attackers who exploit our good nature. We've had enough. There is a wide array of anti-spam software available today - and we use some of it ourselves at AMFES. But all anti-spam software operates on the same basic premise - read the mail, look for something "spammy", and do something with it. This can be very resource-consuming on our servers - and still requires us to go through a quantity of e-mail and file it appropriately. There is an alternative - and we're using it. There are rules for Internet e-mail servers - as well as some "merely" good practices. We now insist that these rules be followed by every computer that sends e-mail to us. You may have been directed to this page by a rejection message from our servers - hopefully you can find enough tips in the information below to reconfigure your servers and allow us to communicate. We must be clear - we're not asking you to make a special change just for us - we're asking you to conform to the published standards for Internet communications. The fact that others don't, or that your system has been working for years with no complaints except from us, doesn't change the fact that your system is misconfigured. Fixing this will not cause you or your business any harm - and may help you communicate with others. And don't feel like we're picking on you - since instituting this policy we have found a shocking number of botched e-mail servers, some of them from the largest technology companies in business! First of all, e-mail must come from a valid Internet server. One of the most common spam methods is to use dynamic IP addresses from DSL or Cable providers. These locations are temporary, and cannot be replied-to from our servers. If our server can't determine your server's location and receive a valid response - we reject your mail. Next, we examine the name your server uses when it "introduces" itself to our server - its HELO name. If, for example, you have a server that provides e-mail for your LAN, and that server is also connected to the Internet, then your server may have its HELO name set to something valid for your LAN - and not the Internet. Our servers check to see that your HELO name is a valid Internet name. This is typically the case when you have a single e-mail server for both your LAN and Internet mail - something most e-mail experts consider bad, bad, horribly wrong, lousy, immoral, and probably fattening. If your HELO is incorrect - we reject your mail. Your DNS must also be setup properly. This includes a valid A record for your mailserver, a valid MX record for your mailserver, and a valid PTR record for your mailserver's address - and the entry for the PTR record must be a valid A record. If your DNS setup is incorrect - we reject your mail. If - your DNS is correct, your HELO is valid, your server responds to our attempts to connect to it - and you haven't been blacklisted by our anti-spam lists - we WILL receive your mail! No additional configuration, no explicit entries for our systems, no special treatment - just following the rules. Perhaps this seems harsh. We consider it only courtesy - after all, if you were sending a snail-mail (United States Postal Service) letter to us, you have to address the envelope properly. You have to apply the correct postage. You have to use an approved envelope. Perhaps the USPS doesn't insist on a return address to attempt delivery - but you probably do the same thing with junk mail we do. Feel free to contact us for any assistance in configuring your mailserver. We don't claim to be e-mail experts - but we have enough tools and experience to solve most problems on most of the software used today. |
|
Please see the contact page if you have questions or comments about this web site.
|
