AOL strikes again
AOL strikes again but they won’t be the last. If you host your own domain on a server somewhere and it is a shared server you need to know about something that’s coming down the pike. This will be even more important if you run a hosting business yourself and putting your customers on shared servers.
AOL is starting to stop servers that do not have matching reverse DNS (rDNS), DNS that matches domains and helo strings (look in your email headers), from sending e-mail to their customers. What that means to you on a shared server is that you will no longer be able to email anyone with an AOL address if you are using your domain’s SMTP server. This is because on a shared server one, or two, IP addresses are shared by all the domains on that server and if the server’s host has set up rDNS it will be just for your host’s domain not for his customers’ domains. If you regularly email AOL addresses and you find they start getting bounced the easiest solution is for you to stop using your own domain’s SMTP (Simple Mail Transfer Protocol) server and to start using your internet connection ISP’s SMTP server. For the most part this is starting to be forced on you anyway as ISPs have started to block access to any port 25 (SMTP) that is not their own mail server. So if, like me, your ISP is Telus the only SMTP server I can use to send mail from this computer is mail.telus.net . I can not use mail.thealders.net to send like I used to. All of this is, in part, to block spammers from using hijacked computers (please tell me you didn’t open that email promising you the attachment showed clips of a naked Paris Hilton etc) to install their own hidden SMTP server on the hijacked computer and then use that to send out spam by the millions. Because most major ISPs have, or are planning to implement, throttles on how much email you can send over a given period of time it won’t do the spammers any good to suss out your ISP from your mail client(s) and then use it. That’s the theory at least. One thing is for certain spammers are every bit as smart as the techs at the ISPs and telcos and this is not the end of the war by any means.
Related posts
« Dear Dad
Munchies »
Comments
Comment from Doug Alder
Time: 12/11/2004, 9:25 am
That’s interesting Ken. SPF(Sender Policy Framework) is part of SenderID. There’s a FAQ on it over at pobox.com who were the initial group to propose it and a good tutorial on how to initiate it over at Zytrax.
Where I work we don’t host our users DNS instead they create their own DNS servers so that means each and every one of our customers is going to have to go in and modify their DNS servers for each and every one of their customers (we are a wholesaale hosting provider/data centers). That could get ugly. While it is the reseller’s responsibility to maintain their own DNS properly I just know that if SenderID takes off they are going to be hounding our support staff to do it for them and that’s just not practical; not to mention the cost of tying up a techs time to go into well over a 1,000 servers and who knows how many hundred thousand domains. This is not a happy thought. I will have to get the relevent info from the links above added to our own FAQ and send our customers there.
Comment from Ken Camp
Time: 12/11/2004, 9:48 am
You’re right Doug. it could get very ugly. In my case, the DNS tech for the state works for me. So I’m involved multiple DNS issues for a variety of TLDs. And we manage all the DNS. We were going over what a pain SPF is going to be the other day. If you do a DIG on AOLs domains you’ll see their SPF entries are huge.
Comment from Ken Camp
Time: 12/11/2004, 8:27 am
I think AOL plans to do like many other ISPs (including AOL) and check the SPF record in the DNS entry for specific IP addresses of legitimate mail servers. Even that’s not a standard, but AOL has been the proponent of that approach for a long time. It’s a 60 second fix to update a DNS record in most cases. One of my staff guys is already doing it across the 5000+ domains hosted in our DNS servers.