Re: RBL report..
On Sun, 26 Mar 2000, Michael Neuffer wrote:
> * Jason Gunthorpe (jgg@ualberta.ca) [000326 08:45]:
> >[...]
> > ORBS - 314
> > Comparing connections it is found that 3970 out of 40236 connection
> > attempts would have been blocked. This can be roughly considered to be
> > 3970 emails blocked.
> >[...]
> > ORBS deserves special mention because of their insane hit count, I don't
> > know what that is about but ORBS would block 10% of the mails we get. I
> > think it is without question that the majority of those blocks are
> > legitimate mails. ORBS is also almost completely inclusive of the RSS and
> > RBL.
>
> ORBS has a slightly different (broader and maybe better) goal then the
> the others. It actively scans the net for open mail relays,
This is misleading. What ORBS does is *test* mail servers to ensure that
it *is* an open relay, before adding the relay's address to the list.
They do NOT (according to the web page) "scan the net" for open relays.
Rather, the list is generated solely from reports (via web or email) from
folks that have been spammed.
> warns
> the operators of these machines multiple times with exact descriptions
> of what they are doing, trying to accomplish (ie closing open mail relays)
> which problems have been found, how to fix them (plus necessary pointers
> to other sites) and how to get of the list. Only then the machine is added
> to the list.
However, if a relay remains in their list for some time (I forget how
long, but it's on the order of a month or two), the address is moved on to
a public list of open relays. Presumably, the spammers know about this
list, so the probability of being used as a spam relay increases immensely
as time goes on.
-Steve
Reply to: