Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91674 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

ORDB.org blacklisting all IP addresses


  • Please log in to reply
1 reply to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 26 March 2008 - 02:47 PM

FYI...

- http://isc.sans.org/...ml?storyid=4198
Last Updated: 2008-03-26 17:22:35 UTC - "Since yesterday, March 25 (I started to see it around 8:00am EST), ORDB.org - one of the old SPAM blacklist databases - started to blacklist (or block) all IP addresses. As a result, all mail servers using an SPAM filtering solution that still references ORDB (relays.ordb.org) started to immediately block all incoming e-mails. I got some reports into my personal e-mail yesterday, that finally got fixed by my provider today. Although ORDB.org was shut down on December 18, 2006, yesterday they changed their behaviour, and instead of timing out, they are blocking all IP addresses, that is, every e-mail server queried is being reported as an open relay. If your mail infrastructure uses ORDB, the sender will get a message like this one (this is an example blacklisting the Gmail servers):

Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 13): 550-Message rejected because ag-out-0708.google.com [72.14.246.240]:20081 is
550-blacklisted at relays.ordb.org see ordb.org was shut down on December 18,
550 2006. Please remove from your mailserver.
E-mail administrators (if you have not been notified yet by users not getting a single e-mail during the last 24 hours), please, check that your SPAM filtering solution is not querying ORDB!

(...and there are lots of them using ORDB by default)
The real reason behind this active behaviour change is not clear yet."

:pullhair:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 26 March 2008 - 04:44 PM

FYI...

- http://it.slashdot.o...5/2124224.shtml
March 25, 2008 - "At noon today (Eastern Standard Time), the long dead ORDB spam identification system began returning false positives as a way to get sleeping users to remove the ORDB query from their spam filters. The net effect: all mail is blocked on servers still configured to use the ORDB service, which was taken out of commission in December of 2006*. So if you're not getting any mail, check your spam filter configuration!"
* http://it.slashdot.o...9.shtml?tid=230

:ph34r:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users