What is the deal with companies hiring incompetent mail administrators these days?
On August 28th, 2007, I posted about how ServePath sent me a very important account notification, but that it was marked as SPAM. The reason it had been marked as spam was that somebody at ServePath decided to send the email from SalesForce.com but failed to update their SPF record before doing so. As such, my mail system flagged the email as SPAM, since according to ServePath's own SPF record, mail from gw2-sjl.salesforce.com (204.14.234.14) was not legitimate email. It appears that ServePath has since updated their SPF record to include servers owned by SalesForce.com, but unfortunately, they are still having a few issues with it.
Last month, while reviewing my email server configuration, I noticed that I was rejecting email from oaklandlibrary.org. I asked Christine if she was expecting email from them, and she said that she was, so I looked into the issue further. The problem was that the server was identifying itself as millennium.oaklandlibrary.org, but there there was no DNS entry for that host name. Since I live in Oakland, and my wife uses the services of this library, I thought it was a good idea to let them know about this issue. It should come as no surprise that my email to postmaster@oaklandlibrary.org bounced, as did my later email to abuse@oaklandlibrary.org. I finally located an address that did not bounce, oplweb@oaklandlibrary.org, but there has been no response.
Just a few days later I noticed that I was rejecting email from Twitter.com. The reason this time was that the Twitter mail server that was connecting to mine had an IP address (128.121.145.168) that resolved to mail.twitter.com. Unfortunately, mail.twitter.com does not resolve to 128.121.145.168) but instead resolves to 207.7.108.85. Anyone can set up an IP address so that it resolves to any domain they want, but in order to be legitimate, it needs to resolve in both directions. 128.121.145.168 fails that test, and as such my mail server rejects, as it should, all notifications from Twitter. Just like with the Oakland Library, I tried to let them know, but email to postmaster@twitter.com, and abuse@twitter.com bounced with messages such as: "<postmaster@twttr.com> (expanded from <postmaster@twitter.com>): User unknown in virtual alias table".
A few weeks ago I tried to sign up for an account at DoubleTwist, but again due to their DNS issues, my mail server is rejecting their email. They are sending mail from 74.86.83.218, which resolves to doubletwist.com, but doubletwist.com resolves to 67.228.121.123 not 67.228.121.123. At least mail to their postmaster address has not bounced, it has simply been ignored.
I could go on and on about companies that are experiencing DNS issues. And no, I will not modify my mail server settings so that I can accept email from mis-configured mail servers. I will not open the door to all that SPAM. Why should I accept email from people who have already demonstrated their incompetence?
I suspect that part of the problem is that there is no such position as "Mail Administrator" at most startups. Email is just an afterthought lumped in with other IT duties which are also an after thought. Even though email can be critical to the success of a new company, it is never given the attention nor respect that it rightfully deserves.
Who is running your email server, and how do you know it is configured correctly?
Edit (2008-04-04): Twitter has since fixed their DNS. It appears that the issue with Twitter was related to their move away from Joyent. Someone just forgot to update their DNS in the process.
Edit (2008-04-06): DoubleTwist has since fixed their DNS.
Tags: administrators, dns, email, it, mail, postfix, sendmail, spam, spf
Current Location: Oakland, CA
Listening to: Cali Lewis - GBTV #0333
![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}
