Christopher X. Candreva [1/17/2004 5:02 AM] :
On Fri, 16 Jan 2004, Ajai Khattri wrote:
I have several users who connect to our mail server from an IP in the *.ipt.aol.com namespace. All are complaining about intermittent SMTP problems. I see that outbound SMTP traffic is proxied through AOL servers to our mail servers. Has there been a change recently causing this to not work?
We had users who SMTP AUTH relay through us from AOL dsl lines suddenly have problems this week. Switching them to the submission port (587) has solved things so far.
You just noticed this now? AOL has, since the past several months (over a year I think) set up their dynamic IP pool *.ipt.aol.com to hijack port 25 outbound requests and reroute it through a set of their own mailservers, that do some elementary rate limiting and filtering. http://postmaster.info.aol.com/info/servers.html says these are the servers: rly-ip0[3-5].mx.aol.com IP Address Server 64.12.138.7 rly-ip03.mx.aol.com 64.12.138.8 rly-ip04.mx.aol.com 64.12.138.9 rly-ip05.mx.aol.com As Chris Candreva said, have your users use the MSA port 587 to submit their email. And blocking the rly-ipXX.mx.aol.com servers might be a good idea, depending on your situation. My experience has been that you'll see a lot more intercepted direct to MX spam attempts and virus payloads than you'll see mail from road warriors dialing into AOL and trying to smarthost through their ISP / corporate smtp servers. srs -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations