[nSLUG] smtp relay through eastlink and ESET Nod32 tagline = disappearing email
George N. White III
gnwiii at gmail.com
Fri Oct 30 13:14:59 ADT 2009
On Fri, Oct 30, 2009 at 11:00 AM, D G Teed <donald.teed at gmail.com> wrote:
> On Fri, Oct 30, 2009 at 9:20 AM, George N. White III <gnwiii at gmail.com>
>> Several weeks ago my wife's Eastlink mail was not being
>> delivered to a friend using Sympatico. Sympatico support
>> blamed the friend's use of Thunderbird, but after being told
>> that was nonsense they admitted that Eastlink was blacklisted.
>> I suspect this was an example of the blackholes.us problem:
> Probably not the same problem, but I'm curious what they do.
> Was the mail bounced or trounced (i.e. lost)?
> At my work, we bounce - reject - email which fails reputation look ups,
> RDNS, etc.
> Spam is simply tagged for recipients to filter. Only viruses are not
> delivered nor bounced. Even with viruses, the recipient gets an email
> that an email was going to be delivered to them and is now quarantined.
At times, I have had 1000's of virus-related mails an hour on my
chebucto address. Many of those were bounces. In such cases trounce
is the only option. The real issue is that a big mail server requires 7/24
attention to adjust to circumstances. If you use blacklists you need ways
to check that they are being maintained in a sensible fashion. Do you keep
stats on the numbers of bounced/trounced emails per hour? I suppose it
would be good to break down the stats into groupings, e.g., a few server
addresses that are responsible for a bulk of the mails plus "the others".
If you are suddenly bouncing or trouncing an abnormal volume of mail in a
grouping then you need to take action -- either one of you filters is broken
or you are seeing the start of a major virus outbreak, DOS attack, etc.
> nSLUG mailing list
> nSLUG at nslug.ns.ca
George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia
More information about the nSLUG