When Good RBLs Go Bad
We've received many support calls this week from customers claiming that our Anti-Spam software was blocking all of their e-mail. Turns out to be true. GWAVA, Guinevere and GWAVIX were blocking all e-mail in certain cases, but there was no bug. They were working perfectly.
The problem was a long dead RBL server called RELAYS.ORDB.ORG. The popular RBL server went offline in late 2006. Basically, the RBL server remained operational, but stopped being maintain or updated. I guess most of us didn't hear the announcement, because thousands of Anti-Spam servers continued to hit RELAYS.ORDB.ORG for RBL information. I assume that's because most admins didn't know that ORDB went offline and/or setup their RBL look ups long ago and simply forgot to check them regularly.
So when faced with the daily onslaught on their bandwidth from those thousands of Anti-Spam servers still pinging their very out-of-date RBL, the good folks from ORDB decided to "deter" those servers by configuring their RBL to respond "Yes" to any inquiry. In this case, "Yes" meant that any RBL query came back as spam, which meant that anyone still using RELAYS.ORDB.ORG would start blocking ALL of their incoming e-mail as spam! That'll get your attention pretty quick. By now, anyone that was still using ORDB has probably stopped doing so.
"All of this has happened before and all of it will happen again"
Besides outing myself as a viewer of Battlestar Galactica or a proponent of Eternal Recurrence Philosophy... who also happens to watch Battlestar Galactica, I chose this quote to point out that ORDB didn't invent the idea of flagging all RBL queries as spam, and they won't be the last dying RBL to use this method of deterrence. You might recall another RBL called Osirusoft pulling the same stunt a few years ago with similar results. It's important to learn from these mistakes and take steps to insure that you do not get burned again. I recommend you conduct a quick RBL review at least twice per year. Just visit the web sites of the RBL servers you are using to make sure that they are still alive and well.
And for your convenience, here's a list of dead RBLs that may one day copy ORDB and Osirusoft. If you are still using them, it's best to remove them immediately. Be sure that you check your GWIA settings too, just in case you configured your GWIA to perform RBL lookups:
rbl.spamhaus.org (sbl, xbl and pbl all still work fine)
completewhois.com
dnsbl.tqmcube.com
blacklist.spambag.org
rbl.maps.vix.com
dynablock.njabl.org
dnsbl.radparker.com
relays.radparker.com
relays.visi.com
opm.blitzed.org
block.blars.org
relays.orbs.org
Charles Taite
CEO/CTO GWAVA
www.GWAVA.com
Search
Syndicate
User login
Navigation
Who's online
Highest Users
| User | Points |
|---|
Poll
Active forum topics
Popular content
Recent blog posts
- 2008 Year End Customer Satisfaction Survey
- Are you ready for the new ambulance chaser?
- Secure your GroupWise WebAccess with WASP2
- Charles Taite thread on Stubbing in GroupWise - Content from the NGWList
- GWAVACon Success with GroupWise means it costs this year to attend
- Microsoft and GWAVA agree - Stubbing to be approached with caution
- What You Don't Have Can Hurt You.
- "iPhone: More Fun Than Phone"
- The Greatest Meeting Place for GroupWise Experts
- Too Wipe or not to Wipe? You don't want to get caught with your pants down!
Recent comments
1 year 40 weeks ago
1 year 51 weeks ago
2 years 18 weeks ago
2 years 23 weeks ago
2 years 24 weeks ago
2 years 30 weeks ago
2 years 30 weeks ago
2 years 30 weeks ago
2 years 30 weeks ago
2 years 31 weeks ago