- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- RLB problem?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-23-2003 06:41 AM
09-23-2003 06:41 AM
I have to define my SMTP server as relay host since local PC's will send mail through it to any place on the internet; however, non-local SMTP servers are only allowed to send mail to my domain - unless they are know spammers. I use RLB lists for that, at least, I want to do that.
To test it, I logged in on a login server at my ISP and start a telnet session to my (external) address, port 25 (Firewall will forward to VMS machine). But it fails from the beginning:
$ telnet aaa.bbb.ccc.ddd 25
Trying aaa.bbb.ccc.ddd...
Connected to aaa.bbb.ccc.ddd.
Escape character is '^]'.
550 I Spotted you in an RBL. SPAMBREATH!
Connection closed by foreign host.
$
but I'm quite sure that this is NOT true.
When I take out the RLB list, it seems Ok. Unknown/bogus addresses, not translatable addresses and known bad domains will be rejected, and known good domains won't be able to send outside my own domain - i checked that the same way.
However, I would like to use RBL's, since it takes quite a lot of maintenance off my back. How to get that working?
I must admit I have no MX record yet pointing to my 'own' mail address. Could that be the case? (point is, that before I have my ISP setting an MX record for my domain, I want to be sure it all works as I want, and open relay is NOT permitted (obviously))
I added the relevant part of smtp.config (but obscured my location for obvious reasons ;-) (Not that I don't trust you, just to be sure)
OpenVMS Developer & System Manager
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-23-2003 09:16 AM
09-23-2003 09:16 AM
Re: RLB problem?
When you connect with RBLs disabled, what address do you come in on?
Have you tried setting your RBL list to ONE source at a time? Perhaps only one of them is failing? Perhaps your ISP really is a source of SPAM?
There are web pages that let you check your IP address against RBLs. For example: http://mail-abuse.org/cgi-bin/lookup (though this one probably isn't relevant for the default set of RBLs in SMTP.CONFIG)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-23-2003 05:46 PM
09-23-2003 05:46 PM
Re: RLB problem?
With or without RBL, I use the same machine (at ISP), same login (my own on that machine), same destination (my SMTP server at aaa.bbb.ccc.ddd). I checked the ISP machine against RBL's (via mail-abuse.org, indeed) but none found that (ISP) address to be a bad one, so I wonder why this happened.
I'll add RBL's one at a time, then, in case one is failing....
OpenVMS Developer & System Manager
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-24-2003 02:08 AM
09-24-2003 02:08 AM
SolutionSame problem over here. My server at home came under siege by Spammers yesterday, so I had plenty of opportunity to experiment :-(
Disallowing non-translatable addresses cuts a good part of the spammers, but unfortunatly not enough. As soon as I uncomment the RBLs in smtp.config all incoming/relay traffic is bounced as being from a SPAM site. I did check this by explicitly sending mail from some systems I have access to to my home system.
So, right now I am back to norelay, which is good for the internet at large, but bad for me.
This looks like a problem in TCP/IP (Config: OpenVMS Alpha 7.3-1, TCP/IP 5.3 ECO 2)
P.S. Not Willems problem, but one I ran into yesterday - smtp.config needs to be W:RE to be used at all
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-26-2003 09:38 AM
09-26-2003 09:38 AM
Re: RLB problem?
Martin, I guess you have a support contract so would you issue an SPR for this. I could make one but since I have no support contract I can't leave it somewhere (as a small user, support is far too expensive and _so_ I'll never have a problem?)
OpenVMS Developer & System Manager
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-27-2003 05:27 AM
09-27-2003 05:27 AM
Re: RLB problem?
every addres I tried as a SPAM originator.
Either just drop it from the list or replace it
e.g. with bl.spamcop.net.
I have not yet activated this on my server since I do want to monitor this closely and right now do not have the time to do so.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-28-2003 06:06 AM
09-28-2003 06:06 AM
Re: RLB problem?
this
RBLs: rbl.maps.vix.com, dul.maps.vix.com, relays.orbs.org, bl.spamcop.net
and the operator log shows the RBL in action:
--> This is a spammer
%%%%%%%%%%% OPCOM 28-SEP-2003 12:19:32.85 %%%%%%%%%%%
Message from user INTERnet on KORONA
INTERnet ACP SMTP Accept Request from Host: 219.80.7.126 Port: 3603
$
%%%%%%%%%%% OPCOM 28-SEP-2003 12:19:35.48 %%%%%%%%%%%
Message from user TCPIP$SMTP on KORONA
TCPIP-W-SMTP_CLNTINRBL, client IP address 219.80.7.126 matched RBL list
---> Legitimate external host
%%%%%%%%%%% OPCOM 28-SEP-2003 12:20:09.34 %%%%%%%%%%%
Message from user INTERnet on KORONA
INTERnet ACP SMTP Accept Request from Host: 149.68.45.24 Port: 3717
---> Legitimate internal Relay host
%%%%%%%%%%% OPCOM 28-SEP-2003 12:29:27.92 %%%%%%%%%%%
Message from user INTERnet on KORONA
INTERnet ACP SMTP Accept Request from Host: 10.0.0.7 Port: 39134
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-28-2003 03:43 PM
09-28-2003 03:43 PM
Re: RLB problem?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-28-2003 08:29 PM
09-28-2003 08:29 PM
Re: RLB problem?
Am I right then, that if a RBL goes offline, accessing it will result in blocking *@* - (anyone from anywhere) virtually everything?
I couldn't find anything on the vix.com site, I wonder if the RBL still exists over there. Is there a way to check the validity of an RBL-list? It would be better if you explicitly had a way to do so. A wiser approach then just stating "Block all" if a RBL goes offline...
Anyway, I did what Martin did - but domains that can not be translated into an IP-address, still seem to be Ok. But that could be because the source is the same network as my external address.
OpenVMS Developer & System Manager
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-29-2003 03:26 AM
09-29-2003 03:26 AM
Re: RLB problem?
the way an RBL works is that essentially they do run a DNS server with entries for each address on the blacklist, i.e. to find out if ip address 1.2.3.4 is a spammer you do a
e.g. tcpip show host 1.2.3.4.bl.spamcop.net
if you get an error here the address is clean and not on the list. If the name is resolved it is a spammer
So easy test: Write a DCL to do this with each of your RBL servers. Use your own ip address as
the one to check. If this gets resolved either the RBL has a problem or you have a problem ;-) In any case it is time to investigate then.
Greetings, Martin