Technology news and Jobs 
Information Technology News Spam blocker rises from the dead to bite lax email administrators
Information Technology News Spam blocker rises from the dead to bite lax email administrators | Spam blocker rises from the dead to bite lax email administrators |
|
|
| by Stuart Corner | |
| Wednesday, 26 March 2008 | |
|
In an email to customers, Melbourne based email and web filtering service, Mailguard, said: "It has come to our attention that several customers have been continuing to query the ORDB blacklist for their incoming mail, and this morning have begun rejecting this incoming mail believing that MailGuard's servers were blacklisted." The email warned customers that: "it is likely that some of your outgoing email will be rejected by mail servers on the greater Internet which still refer to the ORDB blacklist. If this happens, you will receive an non-delivery report (possibly from MailGuard's servers) which states something along the lines of the following: 'This server does not accept messages from known blacklisted site. Your host was found in the DNS Blacklist at relays.ordb.org' or 'Service unavailable; Client host blocked using relays.ordb.org'." ORDB was maintained by a group of volunteers in Denmark and operated for over five years. According to a report on The Register at the time of its closure "a notice was posted on the site saying: 'It's been a case of a long goodbye as very little work has gone into maintaining ORDB for a while. Our volunteer staff has been pre-occupied with other aspects of their lives. In addition, the general consensus within the team is that open relay RBLs are no longer the most effective way of preventing spam from entering your network as spammers have changed tactics in recent years, as have the anti-spam community." The ORB website's URLs (http://www.ordb.org and http://ordb.org) are no longer active (ORDB said they would shut down on 18 December 2006) so there is no indication of who is responsible for the re-activation of the 'service'. However one post on Slashdot stated, without any confirmation it had been done "as a way to get sleeping users to remove the ORDB query from their spam filters."
Get stories like this delivered daily - FREE - subscribe now
When you subscribe get a 12 months license for LiveProject Valued at $99 USD Comments (16)
  written by Peg, March 27, 2008
Anyone else getting these blacklisted blocks and don't even HAVE ORDB.org in their blacklist servers queue? Anyone know which of the other blacklists are using ORDB so we can remove their server from our list??
written by mrP, March 27, 2008
There must have been a better way to inform us.
I have spend all morning running around removing ORDB from Exchange Servers because most email where getting bounced, effecting peoples businesses. The thing is we have not added it to the list in the first place. So does Microsoft add this to exchange? Anyhow problem sorted. No thanks to ? written by JKnox, March 27, 2008
The problem is still ongoing for a lot of people world wide, it appears some solutions such as symantec firewalls use this service as standard, so it is worth checking everything from your gateway, firewall to your internal mail server to see it anything's running it.
written by Zeus, March 27, 2008
How can we go about finding out what is using ordb? Would it be our ISP (Roadrunner) or would it be our Email Provider (MailMac by Smartmax)? Our would it have to do with our computers? Mac & PC. Please help, not sure where to start to get this resolved, 20 email accounts are down here. We are able to send and when logging in online via webmail we are able to receive messages, but nothing coming in via Outlook/ Mac Mail.
written by Peter5, March 27, 2008
I use Exchange 2003 and GFI, checked that ordb was removed then stopped all GFI services but the problem percist, I.m cunfused like ewerybody else here.
written by Ivor Durham, March 27, 2008
After some hours of head scratching because the Exchange server did not have any reference to relays.ordb.org I found it in the Symantec Mail Security for Microsoft Exchange configuration in the list of Anti-spam blacklist servers. Clearing it from the list and deploying the changes fixed the problem.
I remain puzzled because the DNS entry for relays.ordb.org has gone away so I'm not sure how Symantec was finding the service in the first place. written by Who is Irresponsible?, March 27, 2008
So...if the DNS entry was gone (which it was), what harm, exactly was being done by the systems that were attempting to continue to query it? They certainly weren't 'pounding on their servers,' because, well, THE FREAKING DNS ENTRY WAS GONE! How does that justify unilaterally deciding to break every email server on the planet that happened to still be pointed at their database?
written by Jeff45, March 27, 2008
We removed relays.ordb.org immediately after reading this article but still could not receive mail from the outside. After messing around with it for a little while we gave up and removed all blocklists from the config. This resolved the issue but I don't know which list was referencing this one.
On a related note, our outgoing mail is scanned with SpamAssassin which was also apparently referencing relays.ordb.org and so all our outgoing mail was quarantined and had to be released manually. To avoid future denials of service that public blocklists can apparently cause, we will no longer use them as part of our anti-spam regime. I appreciate this article, because it pointed us in the right direction. However I strongly object to the use of the word "lax" in the title. As the chain of comments shows, being lax or negligent had nothing to do with this. Even systems that did not reference relays.ordb.org directly but used reputable products like Symantec Mail Security were affected. I would urge ITWire editors to remove the word lax from the title of this message. We are catching enough grief from our businesses already without them reading online that we were lax in our system administration practices. written by Pete, March 27, 2008
I Use Ex 2003. GFI, checked that realys.ordb.org was not in the GFI config.
Stopped all GFI services, Uninstalled GFI, checked all registry for realys.ordb.org. Nothing works. Desperate too written by Pete, March 27, 2008
Problem solved, in Exchange. Global settings and properties on Message delivery there are several filterings, take away all relay.ordb.org and others. Defauslt is empty so we can not blame Ms.
written by nicks, March 27, 2008
Hi all,
Both GFI MailEssentials and Microsoft Exchange 2003 provide the functionality to perform queries to DNS Blacklists when filtering emails for spam. For GFI MailEssentials, you can check the DNS Blacklists which are enabled from the GFI MailEssentials configuration -> Anti-Spam -> DNS Blacklists. You may have configured Exchange 2003 to check emails with DNS Blacklists. This can be configured from Exchange System Manager -> Global Settings -> Message Delivery properties -> Connection Filtering tab. More information can be found at http://www.msexchange.org/tuto..._2003.html Hope this helps. Nicholas Sciberras GFI Software - www.gfi.com Messaging, Content Security & Network Security Software written by leole, March 27, 2008
Well look like a lot of internet providers in europe are in trouble with this problem .We are getting complaints from people using the belgacom Skynet relay in belgium to send mails out and and in france orange reject mail send to some ips we handle :(
They dont find the problem and they will most probably never do anything to have this issue resolved :( Oliver http://www.mycyberhosting.com written by Noah, March 28, 2008
Anyone have exchange 5.5 and got this problem fixed i am baffled on how to do it i am not familiar with exchange servers but got suckered into fixing this problem can anyone help me out if so emai me at
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
that would help greatly thanks!
written by Tom43, March 29, 2008
Using squirrel mail on linux server, can see spamassain folder, is this the only fix? Removing the code relays.ordb.org
written by gustavo, March 29, 2008
aff total subiram este servidor e meu ip se ecnontra listado como faço para remoção ?
written by dddd, April 16, 2008
wow power leveling
wow power leveling wow power leveling wow power leveling wow power leveling wow power leveling wow powerleveling wow powerleveling wow powerleveling wow powerleveling wow gold wow gold world of warcraft power leveling world of warcraft power leveling wow power level wow power level power leveling wow power leveling wow power leveling wow powerleveling wow powerleveling wow cheap wow power leveling Maple Story mesos MapleStory mesos ms mesos mesos SilkRoad Gold SRO Gold SilkRoad Online Gold eq2 plat eq2 gold eq2 Platinum EverQuest 2 Platinum EverQuest 2 gold EverQuest 2 plat lotro gold lotr gold Lord of the Rings online Gold Rolex Replica Replica Rolex Tell us what you think! better to paste your comment - this page will refresh every 15 minutes
|
Tags
Subscribe to this comment's feed
| < Next story in category | Previous story in the category > |
|---|
