ofFullDisclosure, I work at what was formerly known as BigFish, then
Frontbridge, but is now Forefront Online for Office, in the capacity of
Knowledge Engineer (Spam Analysis), and among other things help out with abuse
and deliverability issues.
And also... this discussion really doesn't seem apropos to the Postfix mailing
list, so this will probably be my only post on the subject.
And no, I don't have any input into anything to do with Exchange, etc. I'm here
simply because I use Postfix on my home server, at least in part because that
is what we used at Previous Employ.
That having been said....
On Nov 26, 2010, at 1:36 PM, Terry Gilsenan wrote:
> Hello,
> In my experience....:
Ok, granted.
> Microsoft's b0rged hosted exchange and frontbridge system is very broken.
So ... the mail doesn't work at all, or it doesn't work the way you expect it
to?
If our customers have problems getting their mail delivered, we work with
whomever to get the issue resolved.
We doesn't seem to have too many issues getting its customers' mail delivered.
And yes, I'd be in a position to know.
> Firstly from an MX (inward smtp) point of view, they smell very spammy, rDNS
> in one domain, helo in another, and envelope sender from yet another.
You mean that from the point of view of you being the MX and receiving traffic
from them?
Envelope sender will always be unpredictable for a filtering service with many,
many customer domains behind it, that's a given.
And for rDNS and HELO ... there are many reasons why the rDNS and the HELO
might disagree, especially if load balancers are involved, which they are.
> Added to this sender verification does not work, ...
From who's point of view?
Are we still talking MX?
This ... seems to be your primary beef.
> and if you are using greylisting, the chances are very good that the triplet
> will never be seen again, which means a delivery failure for their customers.
Unless emergency situations so dictate, if a triplet comes at you from one IP
address and you greylist it, it's going to be coming back at you from that same
IP address when it retries. If situations DO so dictate, the message might be
moved to another server, but this is by no means common.
> I have had to poke a lot of holes into our system to cope with frontbridge
> customers.
What kinds of holes?
> This has meant that all the spammers ...
Others SEEM to be of the opinion that our outbounds are rather clean,
considering.
This is the first one I checked:
<https://www.senderscore.org/lookup.php?lookup=65.55.88.11&ipLookup.x=25&ipLookup.y=9>
> that relay through microsofts customers, ...
If they try, they don't relay for long.
> or even via Microsoft hosted exchange directly, get delivery to our system.
Do you offer a feedback loop? :)
> The amount of spam in our mailboxes has trippled since i removed sender
> verification for frontbridge.com ...
All from Frontbridge?
To what domain?
And when you say, "Sender Verification", I'm not sure what you mean.
Are you trying to make sure that the sender address exists?
That's not always going to work, since some of our customers (despite begging
and pleading) do not share with us their user data... so that can make us
knowing if they have defined a given username difficult at times. We have a
very heterogenous customer-base.
But abuse is not allowed, and is dealt with rather rapidly.
> and bigfish.com (yep that is the Helo domain - and probably demonstrated
> Microsofts view of themselves.)
Bigfish.com was the original domain name of the service about ... I think it
was a decade or so ago.
Microsoft acquired it about 5 years ago.
So the domain name has nothing to do with Microsoft's opinion of itself.
> Microsoft pay no heed to standards, ...
Microsoft pays heed to standards, or a lot of the Internet just wouldn't work.
> they are a marketing machine.
That, plus a lot of other things as well. We've been known to write the odd
piece of software.
> Open Source, and RFC's are unlikely to bring in the buck$ for them, so
> instead they invent their own.
Open Source and RFCs as such don't bring in bucks at all, by definition.
Aloha,
Michael.
--
"Please have your Internet License http://kapu.net/~mjwise/
and Usenet Registration handy..."
