We have been dropping people because they use now dead ORBZ:
Rejected - see http://orbz.org/
The problem with these DNS-RBL things is that they are subject to
all kinds of external pressures, and apparently ORBZ has followed
ORBS in this manner.
/Matti Aarnio
Matti Aarnio writes:
> We have been dropping people because they use now dead ORBZ:
>
> Rejected - see http://orbz.org/
>
> The problem with these DNS-RBL things is that they are subject to
> all kinds of external pressures, and apparently ORBZ has followed
> ORBS in this manner.
Interesting. When I try to lookup hosts using orbz.org, I just get
Non-existent host/domain results (thus mail shouldn't bounce). Why are
some people bouncing email?
Regards,
Richard....
Permanent: [email protected]
Current: [email protected]
On Fri, Mar 22, 2002 at 01:45:36PM -0700, Richard Gooch wrote:
> Matti Aarnio writes:
> > We have been dropping people because they use now dead ORBZ:
> >
> > Rejected - see http://orbz.org/
> >
> > The problem with these DNS-RBL things is that they are subject to
> > all kinds of external pressures, and apparently ORBZ has followed
> > ORBS in this manner.
>
> Interesting. When I try to lookup hosts using orbz.org, I just get
> Non-existent host/domain results (thus mail shouldn't bounce). Why are
> some people bouncing email?
I see both DNS lookup timeouts, and SERVFAIL returns.
In my books neither should lead to rejection, but
a) others may have better wisdom that I have,
b) some popular software are known to be unable to
separate any sort of temporary failures (timeouts
at DNS lookup) from real things (actual DNS-RBL)
> Regards,
> Richard....
> Permanent: [email protected]
> Current: [email protected]
/Matti Aarnio
On Fri, 22 Mar 2002, Matti Aarnio wrote:
> On Fri, Mar 22, 2002 at 01:45:36PM -0700, Richard Gooch wrote:
> > Matti Aarnio writes:
> > > We have been dropping people because they use now dead ORBZ:
> > >
> > > Rejected - see http://orbz.org/
> > >
> > > The problem with these DNS-RBL things is that they are subject to
> > > all kinds of external pressures, and apparently ORBZ has followed
> > > ORBS in this manner.
> >
> > Interesting. When I try to lookup hosts using orbz.org, I just get
> > Non-existent host/domain results (thus mail shouldn't bounce). Why are
> > some people bouncing email?
>
> I see both DNS lookup timeouts, and SERVFAIL returns.
> In my books neither should lead to rejection, but
> a) others may have better wisdom that I have,
> b) some popular software are known to be unable to
> separate any sort of temporary failures (timeouts
> at DNS lookup) from real things (actual DNS-RBL)
Only positive lookups should lead to rejection, IMHO. Timeouts & Co.
should default to acception.
- Davide
On Fri, Mar 22, 2002 at 01:05:39PM -0800, Davide Libenzi wrote:
> On Fri, 22 Mar 2002, Matti Aarnio wrote:
....
> > I see both DNS lookup timeouts, and SERVFAIL returns.
> > In my books neither should lead to rejection, but
> > a) others may have better wisdom that I have,
> > b) some popular software are known to be unable to
> > separate any sort of temporary failures (timeouts
> > at DNS lookup) from real things (actual DNS-RBL)
>
> Only positive lookups should lead to rejection, IMHO. Timeouts & Co.
> should default to acception.
Teach sendmail to differentiate the cases...
(and qmail, and ...)
> - Davide
/Matti Aarnio
John Jasen writes:
> On Fri, 22 Mar 2002, Richard Gooch wrote:
>
> > Interesting. When I try to lookup hosts using orbz.org, I just get
> > Non-existent host/domain results (thus mail shouldn't bounce). Why are
> > some people bouncing email?
>
> Some people set their systems to reject mail from unresolveable
> hosts or domains?
No, this is different. The way these DNS-based blacklists work is that
if the sending IP is listed in the database (because it's a known
spammer/open relay) then DNS lookups succeeds, so the MTA will reject
the mail. If the DNS lookup fails, it implies that the IP address is
*not* in the database, and thus the email is accepted.
Maybe some broken MTA's will reject the message on DNS *transaction
failure* (due to an intermittent network fault or DNS server failure),
but that's not the same as a lookup failure (host not found, but DNS
server responded).
All this is separate from normal reverse DNS lookups of the sending
IP (where many MTA's are configured to reject mail from hosts which
don't resolve).
Regards,
Richard....
Permanent: [email protected]
Current: [email protected]
On Fri, 22 Mar 2002, Richard Gooch wrote:
> Interesting. When I try to lookup hosts using orbz.org, I just get
> Non-existent host/domain results (thus mail shouldn't bounce). Why are
> some people bouncing email?
Some people set their systems to reject mail from unresolveable hosts or
domains?
--
-- John E. Jasen ([email protected])
-- User Error #2361: Please insert coffee and try again.
On Fri, 22 Mar 2002, Matti Aarnio wrote:
> Teach sendmail to differentiate the cases...
> (and qmail, and ...)
qmail has no native RBL support, that's instead provided by third-party
software (and that software is broken by design in that it rejects the
connection, without letting postmaster complaints through...)
--
Matthias Andree