Just spoke today with some salesman that was at Fastweb (one of the largest Italian MAN providers that also gives NATed access to Internet) to offer some software solutions. Skipping over the jokes and technical staff, here is the sentence important in this context:
And then I say:
– Yes, of course, but you see, this is the newest technology on the market, bleeding edge, one of a kind!
And then he goes:
– But we at fastweb, we don’t need any bleeding edge stuff, it all works for us as it is now.
And tonight a client contacts me to complain that he had to receive some important mails and he didn’t. Well, I take these things seriously, email should work (unless the client messes it up :), checking the logs and see this:
DEFANGING MAIL: WARNING: contains virus INetMsg.SpamDomain-2w.fastwebnet_it.UNOFFICIAL
Oh gosh, a really good spam domains database has included all the fastwebnet.it as spam origin!
So, quickly, removing the pattern from database (thank you clam av team for sticking to plain text!), scripting a junk mail mover back to inbox and contacting the database maintainer.
In a couple of minutes he replied that he has whitelisted the fastweb domains. Thanks Bill Landry for what you do!
The conclusion? Well, an Email services provider that accepts email from “authorized” networks, that doesn’t monitor the blacklist ( sanesecurity is a pretty popular service ), that doesn’t authenticate and doesn’t sign, doesn’t SPF … It is sooo 2002 … it doesn’t work like this today and it means you don’t care about your clients email. At all.
Though, I don’t blame anyone here, the larger network (organisation) is the less flexible it becomes but some of these are not capable of being challenged and should disappear with time.