Kevin, you're probably using your ISP's DNS servers to do the RBL lookups for you. Either your operating system is configured with Covad's DNS servers, or you have your own DNS server configured to do "DNS forwarding".
What you want to do is run your own DNS server, and NOT have it configured for "DNS forwarding". In this way, you won't abuse Covad's name servers. Andrew 8) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Thursday, March 31, 2005 2:03 PM To: [email protected] Subject: [Declude.Virus] Covad has a problem with our RBL I received the following email today from Covad - our access provider. It looks like they have a problem with Declude checking inbound emails against a realtime blackhole list. (The problem could also be several emails we've received lately with hundreds of recipients, many of which were invalid - so it could be the NDR problem mentioned). Does anyone know if Declude, setup normally without much modification, is using more than 1 RBL, or, irregardless of how many it uses, would it be checking the RBL 12000 times an hour for a mail server that delivers about 6000 messages a day? Or do you think this most likely has to do with the too-many-invalid-recipients problem? Thanks. Kevin MESSAGE FOLLOWS ------------------------------- Dear Covad Customer, Our records indicate that your computer has made 12497 requests during the hour we monitored it which accounted for 5.13% of the total traffic to the Covad nameservers in your region. The high volume of requests made by your computer to our nameservers causes a degradation of service for other Covad customers. The IP address implicated is: XX.XXX.XXX.XXX Possible causes for this excessive activity includes, but not limited to the following reasons: -Virus infected computer(s) sending infected emails which causes Covad servers to receive MX queries for every infected message. -Computer hosting an open proxy or relay that is being abused by a spammer. Each outbound email will generate a DNS request. -Mail server configured to check every inbound email on a realtime blackhole list (RBL). This could oppose a problem if there are more than two lists being queried. -Mail server configured to send a non delivery receipt (NDR) for every email received at an invalid email address. NDR messages cause Covad servers to receive DNS requests as well as generate unnecessary traffic on a customer's network. NDR messages is also a way for spammers to confirm valid email addresses which could cause mail servers to receive even more spammed emails. --- [This E-mail was scanned for viruses.] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
