Subject: | |
From: | |
Reply To: | |
Date: | Tue, 31 Oct 2000 11:21:11 +1100 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
> The mail is not being delivered because the mailserver for
> the domain
> MITVMA.MIT.EDU (pacific-carrier-annex.mit.edu) is in the ORBS
> database as being an open relay and therefore is not allowed
> to send mail
> to the Qwest.net domain.
> Please refer to www.orbs.org for information on what ORBS is and
> what you can do to get the mailserver (ip address 18.69.0.28) out of
> the listing.
> In the meantime, you may want to open a free webbased email account
> for the purpose of exchanging mail with MIT.
> -------
>
> First of all, can someone explain to me in English what in
> the world they are
> talking about.
ORBS is a self-appointed cyber-police organisation who actively sniff out
any domains with open relays (a mail server that will receive and forward on
email from anyone, even outside of its own domain) on the Internet and then
publicly report them. They also send out a list of these domains to
subscribers of their "service". This is supposedly so organisations can
intelligently use the information to monitor traffic from these domains and
prevent Spam attacks. Unfortunately, ORBS forgot that spammers also have
web access and can also subscribe to the ORBS service. It's a goldmine of
information for a good spammer (are there any "good" spammers?).
> Second, does anyone have a solution besides
> the obvious.
About the only thing you can do is get in touch with ORBS, tell them you've
closed the open relay (which you should do anyway) and hopefully your domain
will be removed from the list. My organisation has only recently gone
through this same process. ORBS found an open relay in a Sendmail
installation on our Linux proxy machine (which we didn't even use as we have
a dedicated mail server). Two days after appearing on the ORBS list the
proxy was going nuts with traffic as every spammer in the Asia/Pacific
region was hitting it. A quick kill job and an uninstall of Sendmail fixed
the problem.
This illustrates how vitally important it is to ensure that your mail server
security is top-notch. Hackers and spammers will take advantage of every
available opportunity, however small it may be. Companies like L-Soft can
make excellent software that will go to great lengths to stop unauthorised
access but they can't be 100% secure if the system itself isn't secured
properly.
I hope this helps.
Chazzozz!!
Michael Shannon
Webmaster
[log in to unmask]
"Before you can grow old and wise you must first survive being young and
stupid." - Ancient Proverb
Note: Views expressed on this list are my own and do not reflect the views,
opinions or position of my employer.
|
|
|