Email Policy
(Rev: 01/04/2025)
Sending Email to a network other than your own is considered a privilege, not a god given right!
Sending to us? Expect the following checks...
- Authorised Senders
-
Checks included are
SPF,
DKIM, and
DMARC.
These tests are based on DNS resource records that the sending networks specify as to who is allowed to
send Email using their domain, and tell us how we should deal with unauthorised connections, such as
hard-fail (reject), soft-fail (pass this test but mark as spam)
- IP Anti-Spoofing
-
-
Testing to make sure the presented IP address and Hostname are not spoofed or forged.
- Valid Addresses
-
You need to use a valid Email Address when sending Email.
- DNS Blacklist Checks
-
This uses the Domain Name System to test if the connecting host has been
known to spam, operates an open, and/or exploitable proxy, is an open mail relay,
contains abusive or problematic hosts.
Sometimes, when many hosts in the same address space have offended on a large scale, it is possible that
a large proportion of, or the entire IP range belonging to the registrant is blocked.
We make use of several DNSBLs, as well as our own.
NOTE: There are some "paid for" whitelist/reputation services, honestly, save
your money, very few in reality actually use them, they are in our opinion nothing more than a scam to make
money themselves, and they have been abused with whitelisted senders sending spam.
Trust is earned, not bought!
- RFC1912 Enforcement
-
Connecting Email Servers must have both a forward and matching reverse DNS record.
The rule and enforcement applies to both IPv4 and IPv6.
RFC 1912, Section 2.1, para 1 and 2
states "Every Internet-reachable host should have a name" ("A" record) and "Make sure your PTR and
A records match" and "For every IP address, there should be a matching PTR record in the in-addr.arpa
domain".
Although this document makes no direct mention of IPv6, it has long been widely accepted as implied,
so it is important that you allocate a static IP address to all of your mail servers, and ensure they have
an A (IPv4) and AAAA (IPv6) hostname (forward) record, and that they have a matching PTR (reverse) record.
You can perform some checks on your domain using https://zonecheck.org
to assist you and your provider in resolving any issues.
In rare instances, there may have been a problem with our DNS servers getting a timely answer from your
DNS servers, if the above checks verify your DNS is configured correctly, we suggest waiting a few minutes
and retrying.
- Residential IP Checks.
-
This checks via DNS to see if the connecting host is in a known "home user" (the old Dial Up) Listing.
In addition, there are checks on your hostname for such things that infer it is a home user, such as
but not limited to, terms like cable, DSL, ppp, dial or DHCP etc,
In most cases, there is little need for a home user to send Email directly, by using your ISP's
SMTP server you can greatly reduce the risk of your mail being blocked.
99% of spam is sent by spam bots, which are mostly comprised of compromised Microsoft Windows PC's,
this type of blocking eliminates the vast majority of spam entering the network.
We refined these rules over many years, but like everything in the anti-spam world, nothing is perfect,
our rules may falsly trigger, a DNSBL entry may be outdated if your ISP has moved the IP range from residential
to business, the reject message should indicate who you need to talk with in such cases.
For Home users, this can be overcome by configuring your SMTP server's setting for smarthost/relayhost
to that of your ISP's SMTP server, some examples of doing this are -
Smart Host Examples...
Sendmail, add to /etc/mail/sendmail.mc - then remake sendmail.cf define(`SMART_HOST',`smtp.your.isp')dnl
Postfix, add to /etc/postfix/main.cf - then run postfix reload relayhost = smtp.your.isp
Microsoft Exchange, in exchange system manager, connectors add new, SMTP-Connector add your smtp.your.isp
For Business users on a static IP running your own mail server, ensuree your ISP has moved you out of the
residential IP pool and change your rDNS to reflect your own domain.
- Generic IP Checks
-
Mail servers tend to have specific names, that's if their admins are competent and not lazy, eg: mail.example.com
or somename.example.com, etc.
Using generic DNS, such as 1-1-12-123.example.com is very rare for a real mail server, it makes you appear to
the rest of the world as a home user and you will be treated as such.
If you are unable to have your ISP fix this, firstly consider changing to an ISP that gives a damn, or,
if that's not practicable, follow the advice above to resolve.
- Bad MX Checks
-
Tests for illegal content in DNS MX resource records.
- Bad HELO/EHLO
-
- Senders of Backscatter
-
This occurs when you send an Email to a network where the address actually does not exist, but the receiving network accepts the Email and then when
the two mail servers finish communicating, checks to see if the user exists, and upon finding no user, then generates a brand new reject message back to
the sender saying so.
This is very wrong, the rejection should be done at the initial connection to the recipients server from the senders server,
rejecting at the "Mail From" stage where the look up is done (on compliant mail servers) and does not have to generate a brand new DSN (Delivery Status
Notification) message to the sender with a bounce message.
This is a serious problem when addresses are forged and is exploited by spammers all of the time. Networks generating useless bounce/DSN messages,
such as Google Groups, and ill-configured Qmail and Microsoft Mail Servers are very typical of this problem, there are also some ill-configured anti-virus
and anti-spam systems that do the same, those should be avoided at all costs!
- Internal Blacklist (non-DNSBL)
-
The blocking of IP's, hosts, domains, and in some cases full netblocks, and in rare cases entire TLD's and
associated netblocks may occur if-
Multiple hack/script attacks are attempted to be carried out against this network.
Multiple hosts/IP's are found to be source of phishing scams.
We deem traffic from a host/IP should never be accepted for activities being detrimental to our network or
users.
We do not provide a public list of permanently blocked hosts or IP's, but local users may request
information of if a specific blocking is in place.
- Mailing/Mail-out lists
-
Lists that are not fully "opt-in" will be blocked when brought to our attention for abuses, regardless
of if they have a working opt-out or not.
Lists that were opt-in but do not honor or offer unsubscribe options will also be blocked if brought to our
attention by our members.
- Virus Scanning
-
- Anti-Spam Checks
-
All messages are checked by our Anti-Spam Scanners.
Mail exempt under the Australian Spam Act, such as political or religious advertising and market research,
is not exempt from our spam policies, this ridiculous exemption only means the ACMA can't prosecute you,
it does not mean we can't block you, it does not give you carte blanche rights to spam or harras, nor does it
provide immunity from your organisation being put onto global blacklists.
Simply put, if one did not directly and manually opt-in to receive your messages, then it is spam,
and it will be treated accordingly.
We use thousands of header and body checking rules, as well as URIBL's to detect, score, and reject junk.
Low scored, or suspected spam, has the Subject modified to [**SPAM**] with the original message
attached to a warning notice. This means the recipient usually must take extra steps to view the
suspect message, before opening them, they should read the spam warning in detail for information as to why
it was classified as spam. Click here for an example.
They also have hidden headers added to the message which includes an overall spam score, the matched
rules and their individual scores, one of the headers added a X-Spam flag which allows you to set up your personal junk
mail filter in your local mail client if you so wish. IMAP and Webmail users already have this configured.
Example...
X-Spam-Flag: YES
X-Spam-Score: 5.4
X-Spam-Level: ******
X-Spam-Status: Yes, score=5.4
High Scored spam is silently discarded. This will certainly be spam or malware. Messages are outright
deleted with not even a notification to the recipients.
Australians should be mindful we have The Spam Act 2003 (cth), actively enforced by the ACMA.
We have a zero tolerance with spam, we may forward all Australian based or related spammers on to the
automated ACMA submission system for investigation and prosecution.
International senders of spam should be mindful that now days many countries also now have anti-spam laws
and we may forward to your ISP and if applicable, your local Spam enforcement agency.
As we touched on above, some countries anti-spam laws may exclude certain types of messages based on the
organisations type (charity, political, religious, etc) from being labeled as spam, you are not
afforded that legal protection here, you will be blacklisted.
- Newly Registered Domains
-
Newly registered domains will automatically have a higher than normal spam score set which reduces over time
eventually becoming neutral after a period of time. The reason for this is often spammers register a domain,
spam everyone a few days later, and are gone after a week or so. We are aware not all vermin act this way, some
buy cheap-deal first twelve month domains, then use them only days before they expire, these vermin are mostly
still caught by our usual multitude of anti-spam rules.
- Phishing Checks
-
These checks attempt to determine if a link in an Email is genuine or fraudulent by looking at the actual URL
and comparing it to the presented visible URL name for any differences. Phishing is a very real risk
for those targeted in identity theft and financial, and business scams.
This test also checks against several databases of known phishing site URLs.
Because false positives are possible, the messages are typically treated as spam, rather than blocked, so
it is important to always read the warning notices if your message is tagged as spam, remember and apply
the old food saying - if in doubt, chuck it out!
- Email Bad File Type Checks
-
Checks attachments against a list of administratively prohibited file types.
These tests are not based on the filename, but unix file, which examines a file and will determine what
it really is, for example, trojan.dll may be called readme.txt, the unix file wont be fooled and will see
it as a .dll file and report this back to our anti-virus program which will reject the entire message.
Important: You should never solely rely on any Email Provider to protect you
from spam, fraudulent phishing scams, malware, viruses, or other malicious content.
You also must take all necessary steps and precautions to protect yourself, although our anti-virus
definitions are updated hourly, in most cases, it is near impossible to defend against what is known as 0
day (just released) viruses and malware.
Members who believe their senders are consistently being incorrectly tagged as spam, should contact support.
|