Well this is a barrel of laughs...
"The problem is that the ORDB blacklist (which was decommissioned on Dec 18 2006) has been reactivated, but in such a way that it returns a positive match for every query. The operators have done this in order to prompt people who were still using the list to remove it from their configuration."
Source: http://forums.whirlpool.net.au/forum-replies-archive.cfm/944800.html
At the moment this is effecting our exchange servers, and it's unclear if this is a legacy smtp event or part of the anti spam software...
Everything is being bounced, needless to say I can tell you working for a company that has over a million emails a day this is NOT GOOD!
If your clients are receiving bounce backs I suggest you contact them immediately, and inform them of the situation.
ORDB SORT YOUR ACT OUT!
I will update as I find a workaround!
UPDATE!!!!
For exchnage 2003 use the following article as a guide (Thanks KERM!):
http://www.msexchange.org/tutorials/Blacklist_Support_Exchange_2003.html
Remove ORDB! (see below)
(UPDATE: OR remove wirehub: see new post)
Entries (RSS)
http://www.nabble.com/Re%3A-relays.ordb.org-returning-positive-for-everything–p16286535.html
Another reference source
Thank you for this entry. Your instructions allowed me to solve the problem for our firm.
No problem Holly, glad I could help!
We dont have any entries here and still have this issue with all anti-spam disabled =(
Hi ascii, I would email you about this but you didn’t put your email in, (it’s never displayed on the site only to me via the admin panel).
As stated ORDB returns a false “POSITIVE” regardless of whether you are listed or not.
I realy need more information if you want help with this. Post back with a useable email address.
Cheers
UPDATE:
I had a thought
1) Are you receiving the notifications of being blocked by ORDB when you email someone?
OR
2) Are you receiving the notifications of being blocked by ORDB when someone emails you?
if 1) It’s the destination mail server that needs to be reconfigured not your own, I suggest giving them a phone call.
other wise 2) I need more information before I can help further.
Let me know either way.
Thank you for the reply.
Send/receive internal email – ok
Sending to external – ok
Receiving to internal -sender receives a message similar to;
“Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 15): 501 ordb.org was shut down on December 18, 2006. Please remove from your mailserver.; (1)”
We manage our own exchange 2003 server; no settings have been changed by us recently. MX records are fine, ORDB isn’t in message delivery properties, as shown in your post, we’ve disabled our anti-spam solution and port 25 is open.
Any suggestions are very much appreciated.
Also even if I was to put my email in I wouldn’t be able to receive it, my apologies.
Hello again. We have resolved the issue. It turns out the problem was with the deeper in firewall. After contacting the company who update the block lists they informed us that they had another customer with the same issue and where able to assist us right away. Many thanks again.
Hi Ascii,
glad you got it sorted, sounds like your ISP is using the firewall with an SMTP relay.
Anyway glad it’s sorted
Hi All
please help!!!!
I am receiving this message
Reporting-MTA: dns;bay0-omc1-s27.bay0.hotmail.com
Received-From-MTA: dns;BAY102-W17
Arrival-Date: Sun, 30 Mar 2008 06:08:37 -0700
Final-Recipient: rfc822;benjie@**REMOVED**.com
Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;550 5.7.1 Rejected: 65.54.246.99 listed at relays.ordb.org
i tried looking at my exchange server 2003 as mentioned above, in connection filtering there is no such ordb rule, nothing is in there.
please reply.
thanks in advance!
Hi Benjie,
I edited your comment slighty as it contained an email address in the body, (this site is indexed by search engines quite heavily).
Do you use any anti spam software such as maildefender? (maildefender.net)
What is your current setup?
Is your exchange server directly routed to the internet or do you use an smtp relay?
[MSEX03] —> [INTERNET]
or
[MSEX03] —> [RELAY] —> [INTERNET]
Cheers
Buzz
Hi Thanks for the reply, were having our own dns and mailserver is routed to that server, but good news though i manage to fix the problem. i removed the relays.ordb.org from parameters in the dns server and it worked.
now i want to know if it is safe permanently removing that relays.ordb.org, i think we need to replace this with something else? any recommendation?
by the way here is the settings in my dns server
# DNS based IP address spam list relays.ordb.org
R$* $: $#R$-.$-.$-.$- $: $(dnsbl $4.$3.$2.$1.relays.ordb.org. $: OK $)
ROK $: OKSOFAR
R$+ $: TMPOK
#R$+ $#error $@ 5.7.1 $: “550 Rejected: ” $” listed at relays.ordb.org”
Thanks in advance!
Hi Benjie,
I have been recomended http://www.spamhaus.org/ by several people so far, not realy had a chance to play with it much though.
Let me know what you think.
Cheers
Hi this is to test if the blocking is working, so i tried this
when send mail to nels...@crynwr.com , I got this reply
Testing your PBL block. See http://www.crynwr.com/spam/ for more info.
Please note that this test will not tell you if your server is open for relaying. Instead, it tests to see if your server blocks email from IP addresses listed in various blocking lists; in this case, the PBL list.
Could not connect to 62.149.***.***: Connection refused Attempting to run traceroute. If the traceroute fails persistently, then it’s likely that the ISP where it fails is subscribed to the BGP3 version of the RBL, and is blocking RBL’ed hosts at the IP level. You should ask if that is indeed what they are doing. If so, then you do not need to use DNS blocking of the RBL.
Hi Benjie,
Without knowing more on your setup I would suggest you follow the advice you have been given and get in contact with your ISP, forwarding the information you have provided above is adviseable.
Also be carefull when posting IP addresses, as I have mentioned this site is quite heaviliy indexed by search engines, and comments are publicly available to be read, the last thing you want is the IP address being found by a bot as a potential spam target.
I have edited your post to remove the last 2 blocks of your IP.
i have this issue with ORDB too… it only happends when i send to a certain domain…. i can send regular text e mails BUT when i send e mails with attachments i get the following error..The following recipient(s) could not be reached:
jdijkstra@**********.com on 5/13/2008 8:58 AM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
Below is the internet header from that e mail……
Microsoft Mail Internet Headers Version 2.0
From: postmaster@**********.com
To: mmeza@**********.com
Date: Tue, 13 May 2008 08:57:37 -0700
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary=”9B095B5ADSN=_01C8B47840EA2402000002E0spectrumex.spect”
X-DSNContext: 7ce717b1 – 1194 – 00000002 – 00000000
Message-ID:
Subject: Delivery Status Notification (Failure)
–9B095B5ADSN=_01C8B47840EA2402000002E0spectrumex.spect
Content-Type: text/plain; charset=unicode-1-1-utf-7
–9B095B5ADSN=_01C8B47840EA2402000002E0spectrumex.spect
Content-Type: message/delivery-status
–9B095B5ADSN=_01C8B47840EA2402000002E0spectrumex.spect
Content-Type: message/rfc822
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=”—-_=_NextPart_001_01C8B511.D4CB5C89″
Subject: RE: e mail issue
Date: Tue, 13 May 2008 08:55:56 -0700
Message-ID:
In-Reply-To:
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
Thread-Topic: e mail issue
Thread-Index: AciyC+pzOqdXh0m1RhWLgly7FYI00wAAKNJwAL7UUIAAAnvxkA==
From: “Marcos Meza”
To: “J. Dijkstra”
——_=_NextPart_001_01C8B511.D4CB5C89
Content-Type: multipart/related;
boundary=”—-_=_NextPart_002_01C8B511.D4CB5C89″;
type=”multipart/alternative”
——_=_NextPart_002_01C8B511.D4CB5C89
Content-Type: multipart/alternative;
boundary=”—-_=_NextPart_003_01C8B511.D4CB5C89″
——_=_NextPart_003_01C8B511.D4CB5C89
Content-Type: text/plain;
charset=”US-ASCII”
Content-Transfer-Encoding: quoted-printable
——_=_NextPart_003_01C8B511.D4CB5C89
Content-Type: text/html;
charset=”US-ASCII”
Content-Transfer-Encoding: quoted-printable
——_=_NextPart_003_01C8B511.D4CB5C89–
——_=_NextPart_002_01C8B511.D4CB5C89
Content-Type: image/jpeg;
name=”image001.jpg”
Content-Transfer-Encoding: base64
Content-ID:
Content-Description: image001.jpg
Content-Location: image001.jpg
——_=_NextPart_002_01C8B511.D4CB5C89–
——_=_NextPart_001_01C8B511.D4CB5C89
Content-Type: application/octet-stream;
name=”Administaff-Questionnaire.pdf”
Content-Transfer-Encoding: base64
Content-Description: Administaff-Questionnaire.pdf
Content-Disposition: attachment;
filename=”Administaff-Questionnaire.pdf”
——_=_NextPart_001_01C8B511.D4CB5C89–
–9B095B5ADSN=_01C8B47840EA2402000002E0spectrumex
Hi Marcos,
First of all I have edited your comment to mask out the email addresses, this site is quite heavily search engine indexed, the last thing you need is more spam to the address if a bot finds it!.
Anyway onto your problem …
Nothing from the email headers you have provided suggests this is an ORDB problem, being as you can send email without attachments I am going to _guess_ this is a restriction at your exchange server preventing you from sending attachments over a certain size …
“X-MimeOLE: Produced By Microsoft Exchange V6.5″ Unfortunatly I can’t with any certainty tell you where the settings are on Exchange 6.5 … The only installations I have at the moment are 2003 and 2007.
At any rate I would get your systems administrator to check the attachment settings.
Let me know how you get on.
[...] pingback [...]
I searched for \’Blocking Phone Calls\’ at google and found this your post (\’by ORDB | Saiweb\’) in search results. Not very relevant result, but still interesting to read.
I’m trying to send an email to the support of fizteh.ru and I get an Undeliverable message error. If this is related to the above problem, what can I do to fix it. Who is at fault here? Thank you in advance.
Your message was not delivered to the following recipients:
xxxx...@xxxxxx.ru: 550 5.7.1 Rejected – see http://ordb.org/
Reporting-MTA: dns;mta-w3.tc.umn.edu
Original-Recipient: rfc822;HIDDEN EMAIL
Final-Recipient: rfc822;HIDDEN EMAIL
Action: failed
Status: 5.1.1
Remote-MTA: dns;mail.fizteh.ru
Diagnostic-Code: smtp;550 5.7.1 Rejected – see http://ordb.org/
HI there Ivan,
if your mail is being rejected by the fizteh.ru server, then it is fizteh.ru who are at fault.
They will need to remove ORDB from their RBL lists.
Cheers
Buzz
[...] against blacklist.spambag.org are returning as a ‘false positive’, (similar to the ORDB [...]