I’ve noticed several times in the last week a server of mine that is using postfix has rejected messages due to a failure in the lookup at relays.ordb.org. At first, I thought this was just a false positive in the database at ordb… but this morning I finally “caught it” while it was happening and went to pull up the ordb.org web page. It took…. 30-45 seconds and then proceeding to do a search on the rejected IP took another stretch. In looking at the logs it appears that there may be blanket rejections if the ordb.org check times out.
Here’s the postfix config setting….
smtpd_client_restrictions = permit_mynetworks,reject_rbl_client relays.ordb.org
I’ve tried to look for information, the ordb.org web page doesn’t have any news more current than 2004-05-01…
I’ve got to say the behaviour looks as though they’re just under heavy traffic, but in recent days I’ve seen several cases where the ordb.org check bounced every message for an hour or so (I’m assuming due to connectivity issues.)
Are they under attack? Overloaded?
Is there any way postfix might check the accessibility of a rbl before it tries to make use of it. (i.e. if ordb.org is unreachable skip that test.)
Unfortunately it looks like I’ll have to disable it for a time (and let in the ~400 more junk messages a day….)
As of today there is an announcement on the ordb.org site that the Open Relay Database is shutting down. Message here – it does say to expect the site to shut down by the end of this year… so, here is the text….
ORDB.org is shutting down
We regret to inform you that ORDB.org, at the ripe age of five and a
half, is shutting down. It’s been a case of a long goodbye as very
little work has gone into maintaining ORDB for a while. Our volunteer
staff has been pre-occupied with other aspects of their lives. In
addition, the general consensus within the team is that open relay RBLs
are no longer the most effective way of preventing spam from entering
your network as spammers have changed tactics in recent years, as have
the anti-spam community.
We encourage system owners to remove ORDB checks from their mailers
immediately and start investigating alternative methods of spam
filtering. We recommend a combination involving greylisting and
content-based analysis (such as the dspam project, bmf or Spam Assassin).
DNS and the mailing lists will vanish today, December 18, 2006.
This website will vanish by December 31, 2006.
Related PostsRelated Posts
- Network Security - how should an open wireless access point be run beside a safe network? So, let's say we want to have an open wireless access point for some reason. (Maybe offering it to guests if you're a business?) There are certainly a lot of BAD ways to give open wireless access. As we've seen in this series so far, it could be quite easy......
- More postfix spam blocking.... Postfix has a NUMBER of tools for rejecting unwanted messages before they get in the door and waste your CPU time on deciding "hey this mail is spam". Up until recently I've mostly used the relays.ordb.org check (which in the last couple months has now gone defunct.) When we started......
- Network Security - Arp spoofing So.... what is arp spoofing (poisoning).... and what are it's implications? ARP spoofing involves tricking a machine into thinking that you're machine is, yet another. Let's put this in IP address terms. Let's say that 192.168.0.1 is the default gatway on the network and 192.168.0.150 is our target. We are......
- Boulder Creek Golf Course, Boulder Creek, CA Boulder Creek Golf Course is located in Boulder Creek, CA Phone: (831) 338-2121 Website: http://www.bouldercreekgolf.com/golf/proto/bouldercreekgolf/ Course History: This incredibly beautiful course is located in a very remote area (we've included directions below) but it is well worth the trip. The course is challenging enough for a pro while not......
- Passive Income For October 2008: A New Record! I've been busy with Business School and it's been an insanely hectic month. Forget about writing posts, I haven't even had much time to sleep! I just ran the totals for passive income for October and I found out I've broken my previous record for monthly passive income that I......
- Mail Server Rejecting all Messages – Check your Blacklists relays.ordb.org is listing the WORLD
- More postfix spam blocking….
- Sendmail mail queue backed up
- More postfix spam blocking and Whitelisting….
- Bellsouth/ AT&T mail problems