CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 26th, 2008

ORDB.org Blacklisted All IP Addresses

Since March 25, one of the old SPAM blacklist databases, ORDB.org, blacklisted all IP addresses. As a result, all mail servers using an SPAM filtering solution that still references ORDB (relays.ordb.org) started to immediately block all incoming e-mails.

ORDB.org was shut down in December 18, 2006, but yesterday they changed their behaviour. Instead of timing out, they are blocking all IP addresses, which means every e-mail server queried is being reported as an open relay. If your mail service or infrastructure uses ORDB database, the sender will get the following failure message:

Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 13): 550-Message rejected because some-host.com [123.345.789.000]:20081 is
550-blacklisted at relays.ordb.org see ordb.org was shut down on December 18,
550 2006. Please remove from your mailserver.

E-mail administrators should make sure that SPAM filtering solution in use is not querying ORDB.

There are lots of mail services using ORDB by default and the real reason behind this behaviour change is not clear yet.

Share this item with others:

More on CyberInsecure:
  • Hijacked High-Ranked Sites Serve Malicious, Illegal Content, Blacklisted By Google
  • 3$ for breaking the CAPTCHA
  • iPhone Feature Discovered By Hacker Allows Apple To Remotely Disable Unwanted Apps
  • Pushdo Spam Botnet Pierces Microsoft Live Through Audio CAPTCHA
  • Skype File URI Security Bypass Code Execution Vulnerability

    • Posted in Spam | Print This Post Print This Post

    This entry was posted on Wednesday, March 26th, 2008 at 12:13 pm and is filed under Spam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: ORDB.org Blacklisted All IP Addresses

    2 Responses to “ORDB.org Blacklisted All IP Addresses”

    1. Mike Waters Says:
      March 28th, 2008 at 7:01 pm

      This cost us real money and angry customers. Although we’re not going to make a federal case out of this ourselves, I certainly think that somebody’s going to get sued over this. Certainly, this was widespread. Seems like it shut down Google Mail.

      This even affected MailWasher on my PC, causing many messages to get automatically deleted and their domains blacklisted.

    2. Semmo Says:
      March 29th, 2008 at 5:45 pm

      Mike Waters:
      Well too bad, ORDB.org is closed for a year and a half now, and they reported every possible place that they`re going to shut down.

      After so much time it’s down, some users and system administrators should learn it the hard way it seems.

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »