Re: Does someone knows what is this about?

[OK 2 NET - Andr� Paulsberg]

>> What a mail admin chooses to do with is ORBS information is up to him,
>> and he may ignore some or all listings ORBS give out for "admin refused".
>
> How can I set up my filters to just use "really open relay" info from
> ORBS and throw away "admin refused" unknows?

You have seen the other zone that ORBS has made,
but you can get the more information from the main ORBS zone.

When ORBS lists a server it makes an A and a TXT record in the zonefile 
relays.orbs.org.
This is made using the reversed IP address (didn't find a better word) so checking
the IP a.b.c.d  you must check the d.c.b.a.relays.orbs.org.  A and TXT record.

above.net who is blocking ORBS, will give you a 127.0.0.4 as its A record:
mail:~ # host -t a 1.1.200.216.relays.orbs.org.
1.1.200.216.relays.orbs.org has address 127.0.0.4
mail:~ # host -t txt 1.1.200.216.relays.orbs.org.
1.1.200.216.relays.orbs.org descriptive text
"above.net has multiple open relays and has blocked the ORBS tester."

A manually entered / selective relay, will give you a 127.0.0.3 as its A record:
mail:~ # host -t a 175.64.71.212.relays.orbs.org.
175.64.71.212.relays.orbs.org has address 127.0.0.3
mail:~ # host -t txt 175.64.71.212.relays.orbs.org.
175.64.71.212.relays.orbs.org descriptive text
"Selectively open relay - see http://www.orbs.org/verify.php3?address=212.71.64.175"

A "normal" Open Relay input/output, will give you a 127.0.0.2 as its A record:
mail:~ # host -t a 174.53.239.209.relays.orbs.org.
174.53.239.209.relays.orbs.org has address 127.0.0.2
mail:~ # host -t txt 174.53.239.209.relays.orbs.org.
174.53.239.209.relays.orbs.org descriptive text
"Open relay - see http://www.orbs.org/verify.php3?address=209.239.53.174"

Making a short script utilizing these different values should be no problem,
and those who don't bother or can't should use rblsmtpd with outputs.orbs.org.
We have just started "tag & delay" of all ORBS servers using a couple of short script,
as for now it give the same two messages back to the sender and recipient.

(all records where randomly choosen, except 212.71.64.175 which is our ORBS test IP.)


>>> - ORBS does not notify blocked sites about the blockage
>>
>> This is not my personal experience nor their written rule,
>> as they send E-Mail to either postmaster @ RDNS or IP.
>
> Ah. Since when is a mailserver requires to accept e-mails at its
> reverse DNS name or IP? That's the problem; I have spoken to
> people who never saw to e-mail; why? They don't accept at their
> RDNS or IP.

AFAIK all mailserver are required to have an A record,
they are also required to have an RDNS matching "this" A record.
This A record then becomes one of the possible domains to reach the mailserver,
which RFC 822 requires to have a postmaster@domain (domain being RDNS).

RFC 822
-------
     6.3.  RESERVED ADDRESS

          It often is necessary to send mail to a site, without  know-
     ing  any  of its valid addresses.  For example, there may be mail
     system dysfunctions, or a user may wish to find  out  a  person's
     correct address, at that site.

          This standard specifies a single, reserved  mailbox  address
     (local-part)  which  is  to  be valid at each site.  Mail sent to
     that address is to be routed to  a  person  responsible  for  the
     site's mail system or to a person with responsibility for general
     site operation.  The name of the reserved local-part address is:

                                Postmaster

     so that "Postmaster@domain" is required to be valid.

     Note:  This reserved local-part must be  matched  without  sensi-
            tivity to alphabetic case, so that "POSTMASTER", "postmas-
            ter", and even "poStmASteR" is to be accepted.
-----


There are surely more ways to get mail to these admins / postmasters,
but telnet to port 25 and manually dropping a "rcpt to: <postmaster>"
is far to much to ask from a normal person trying to contact a postmaster.


Regards Andr� Paulsberg