Mail Server Rejecting all Messages – Check your Blacklists is listing the WORLD

It’s unusual for mail servers to suddenly start rejecting messages internally and from external sources. That’s exactly what I saw though over the weekend. A mailserver running mdaemon on Windows 2000 was rejected ALMOST every message that was sent it’s way whether it was an internal mail sender and recipient or external sender to internal recipient. The really interesting things was to see a message sporadically succeed. This problem was with mdaemon, but could have occured with ANY mail server. Here’s why…

It sounds like the problem started March 27th around 5 AM or so, as I was told. I logged in remotely and manually attempted to send a message (telnet) and was immediately told invalid recipient after entering what I knew was a correct email address. I tried a second time and it accepted the recipient. Then, I tested further every further test failed. So, I researched mdaemon, I discovered that it has an adaptive spam filtering which can be enabled that essentially locks out a mail sender after receiving attempts to deliver to 3 non-existent addresses from that sender. (I was further informed that a system had been virus infected which made me suspicious that this could be what happened…)

Anyway, when I actually got to look at the server setup I saw the logging of mail transactions and started looking through. It looked as though there were two blacklists setup, and

Hmmm… I’ve used blacklists before and was thinking I haven’t been using (the open relay database) lately. I wonder why… I can’t recall. So, I googled and discovered that the ordb was shutting down. But that was announced a year or so ago. Why would that start causing trouble now?

I continued my search and found…. from this site

3/26/08 Update: ORDB has “listed the entire world” — returning any query with a “listed” response. The result is that if you still have ORDB in your mail server config files, you’re now blocking 100% of your inbound mail. For anyone still trying to “use” ORDB, you’re not going to receive any inbound mail until you disable queries to it.

Ah! Disabled black list – restarted mail server – mail starts coming in. Now, I remember hurrying to remove it from all the mail servers that I administer when the news first came out. (This is a machine that someone else setup/configured and took care of.)

So, moral of the story to those using blacklists – it is good to stay informed of their current status. The occasional successful mail deliveries appeared to be caused by timeouts in looking up the sender in the database.

   Send article as PDF   

Similar Posts