Home > Microsoft Exchange Tips > Exchange Server Administration Tips > Use ORDB to fight spam
Exchange Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

EXCHANGE SERVER ADMINISTRATION TIPS

Use ORDB to fight spam


Serdar Yegulalp
07.08.2002
Rating: --- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


The Open Relay Database is a non-profit organization that maintains an ongoing list of sites that have been verified as open SMTP relays. An open SMTP relay is one of the most common ways a spammer is able to broadcast his spam. By using someone else's mail server, he can "hit and run;" spammers who use open relays are often hard to shut down.

ORDB does not itself block email. It simply keeps track of which servers have been confirmed to be open relays. You can supply the name or IP address of a server you suspect of being an open relay -- or, if you've recently discovered you were an open relay, you can submit your mail server's address to ORDB for clearing. The clearing process is automatic, but may take a few days to kick in.

Many anti-spam products use the ORDB as a blacklist for incoming emails. Incoming mails have their source headers matched against what's currently in the ORDB, and anything that appears to match is blocked or flagged.

Exchange doesn't have a built-in mechanism for using ORDB as a way to block unwanted email, but there are a few third-party ways to do this. The first, and simplest, is a script written by Siegfried Weber and the folks at CDOLive.net that works in Exchange 2000; it's a SMTP Transport Event Sink that will work with ORDB or any other DNS RBL provider. The script can be found here:

www.cdolive.net/download/SMTPTransportEvent-RBLBlocking.zip

To use it, unzip it to a directory and read the comments in the RBLBLOCKING.VBS file -- you need to obtain a free DNS lookup component to make the script work -- and then specify your SMTP domain in ADDSCRIPTSINK.CMD. Run ADDSCRIPTSINK.CMD to start ORDB blocking. All of the data about what to block is taken directly from ORDB, so there's no need to download or update anything.

Another option is to use a commercial product such as Praetor Main, which features a 21-day downloadable evaluation version and also integrates with ORDB to block mail from possible open relays. VamSoft also has an Exchange plug-in for using ORDB and other ORDB-type resources.

Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter.

Rate this Tip
To rate tips, you must be a member of SearchExchange.com.
Register now to start rating these tips. Log in if you are already a member.


Submit a Tip




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Exchange Server Administration Tips
Remove Exchange 2003 objects from AD to install Exchange 2010
Is your Exchange 2007 hub transport server healthy?
Avoid Outlook 2007 performance issues during repairs
Developing an Exchange 2007 server role DR plan
How DSAccess service improves Exchange Server 2007 reliability
An introduction to the Exchange Remote Connectivity Analyzer tool
Monitor Exchange 2007 with disk- and RPC-related counters
DPM 2007 replica inconsistencies in Exchange databases
Track Exchange 2007 mailbox server health using database counters
Digging deeper into Exchange Server 2010

Spam and virus protection
Controlling spam in Exchange 2007 at the edge transport server level
How file-level antivirus software can harm your Exchange Server
Problems with email spoofing on SBS 2003
Exchange Insider e-zine
Securing your Exchange Server 2007 journaling archives
Troubleshooting Outlook Web Access issues on a 64-bit system
Microsoft Exchange Server security dos and don'ts
Troubleshooting Microsoft Exchange Server Event ID error 6009
How effective is tracking the IP address of an email hacker?
How can I configure Exchange IMF to allow an IP address or DNS?
Spam and virus protection Research

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
greylist  (SearchExchange.com)
hash buster  (SearchExchange.com)
image spam  (SearchExchange.com)
KnujOn  (SearchExchange.com)
Sender ID  (SearchExchange.com)
spam confidence level  (SearchExchange.com)
spamblock  (SearchExchange.com)
spim  (SearchExchange.com)
tarpitting  (SearchExchange.com)
teergrube  (SearchExchange.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Email Server Solutions: Exchange 2007, Exchange 2003, Exchange 2000, SharePoint
HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersIT Downloads
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2004 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts