Do I even bother trying to save the world?


In one of my other posts, I lamented that some of our outbound mail from customers was being sent by some people who put non-resolveable domains as the envelope sender.  As a result, an ISP (among others) was throttling our mail because the sender's domain had no A-record.

Stuff like this is difficult to take action on.  On the one hand, we could work with the ISP to get an understanding like the following: "Look, this one of your customers who is using us as their work account to forward to their home account.  Stop throttling us... and them."  We could call them up, explain the situation, work out a deal and the problem goes away.

But then it comes back up.  Because eventually somebody else starts blocking our email because of the same thing.  So, we call up those guys and cut a similar deal.  And the problem goes away... for a while.  And then the same thing happens again and again.  In other words, no matter how many times we work out a deal with someone, another case arises.

It's not just outbound mail.  Many customers or customer senders have broken SPF records.  Do we reach them all and try to fix those, too?  What about the ones who have broken HTML links, broken senders, broken mailers that look like spammers, and so forth?  My point is that no matter how many broken things we fix, there will always be more.  I'm not sure that it's worthwhile saving the world because it's an uphill battle.

At least, not compared to the alternative.  Saving the world is one thing, but what if we accepted that people have broken mailers and just live with it?  We don't have to score SPF records super-high in the content filter, nor auto-reject on broken headers, nor reject mail on no A-records in the sender's domain, and so forth.  In other words, we can mitigate almost everything by being a little conservative in our spam scoring engine while allowing most of the legitimate mail to get through.  While it is true that we are not getting people to fix stuff that's broken, at the same time, we are causing fewer headaches for ourselves.

Saving the world is one thing, but it's very time consuming.  And, we have other fish to fry.

Comments (5)

  1. Dave says:

    What on earth are you on about?!?!?!?

    The glass is half full not empty!

    Get a grip and love thy customers, no matter how foolish or misguided they are sometimes, just reach out and help them all and they will thank you for it by renewing.

    Customer service is always worth the effort.

    Customer & ISP education is too.

    Thank god the other teams don’t take the "why do I bother" attitude.

  2. Steve Freegard says:

    Terry – can you be a bit more specific about what you mean about ‘domain has no A record’ – do you mean that the sender domain has no MX records and no implicit MX record as their domain has no A record??

    If you accept and relay mail with a sending domain whereby a reply is impossible (e.g. no MX record and no A record), then I have no sympathy at all – you shouldn’t be emitting this stuff in the first place.  Allowing the customer to send mail from a domain so severely broken that a reply to the message is impossible hurts both the sender and receiver, so it’s better to prevent this stuff at the source and work with your customer.

    If you mean that the sender’s domain did have an MX and the destination server throttled you because the domain had no A record; then I agree with you – throttling or rejecting mail from a domain because it has no A record is stupid.  The receiver can reply to the message and there is nothing in any RFC that states that an A record for a domain is required unless there are no MX records for the domain.

  3. Anthony Howe says:

    I’m a strong supporter of standards like the RFCs and develop anti-spam filtering solutions using those standards as starting point. I think your looking at the problem from the wrong end.

    I’ve worked in three small ISPs and have tried to educate other ISPs concerning the broken behaviour of their out or in bound mail systems. I always think it is worth while to educate people in standards they should be aware of and following. That is part of what system administration is about. However, there comes a point where it becomes a huge draining effort trying to educate everyone. You have to pick your battles.

    From what I understand in your article, which is rather unclear in places, the problem appears to be with your customers outbound mail practices being broken and that the ISPs are correctly blocking them because they are broken. Fixing the customer would be far easier, than fixing all the worlds ISPs to accept broken mail. Make every effort to ensure your outbound mail systems and the messages they emit adhere to the community agreed on standards, because those are what the rest of us will use as the minimum bar of acceptance on the receiving end.

  4. tzink says:

    Steve,

    >>> Terry – can you be a bit more specific about what you mean about ‘domain has no A record’ – do you mean that the sender domain has no MX records and no implicit MX record as their domain has no A record?? <<<

    Yes, that is what I mean, but probably not in the way that you are thinking.

    Suppose that we have a customer called Doodads and Widgets and they send mail from doodadsAndWidgets.com.  Suppose some coder or programmer sends a report from a domain root@icdtr.doodadsAndWidgets.com to another recipient of theirs.  That’s an automated report and it collects statistics or something or other.

    The point is that while doodadsAndWidgets.com is a valid, resolveable domain, icdtr.doodadsAndWidgets.com is not.  It’s a non-resolveable "subdomain" or the actual domain.  There are plenty of reasons why people might do this, unfortunately, some recipients will block on stuff like that.

Skip to main content