Use ORDB to fight spam

What it is and how to use it.

The Open Relay Database is a non-profit organization that maintains an ongoing list of sites that have been verified

as open SMTP relays. An open SMTP relay is one of the most common ways a spammer is able to broadcast his spam. By using someone else's mail server, he can "hit and run;" spammers who use open relays are often hard to shut down.

ORDB does not itself block email. It simply keeps track of which servers have been confirmed to be open relays. You can supply the name or IP address of a server you suspect of being an open relay -- or, if you've recently discovered you were an open relay, you can submit your mail server's address to ORDB for clearing. The clearing process is automatic, but may take a few days to kick in.

Many anti-spam products use the ORDB as a blacklist for incoming emails. Incoming mails have their source headers matched against what's currently in the ORDB, and anything that appears to match is blocked or flagged.

Exchange doesn't have a built-in mechanism for using ORDB as a way to block unwanted email, but there are a few third-party ways to do this. The first, and simplest, is a script written by Siegfried Weber and the folks at CDOLive.net that works in Exchange 2000; it's a SMTP Transport Event Sink that will work with ORDB or any other DNS RBL provider. The script can be found here:

www.cdolive.net/download/SMTPTransportEvent-RBLBlocking.zip

To use it, unzip it to a directory and read the comments in the RBLBLOCKING.VBS file -- you need to obtain a free DNS lookup component to make the script work -- and then specify your SMTP domain in ADDSCRIPTSINK.CMD. Run ADDSCRIPTSINK.CMD to start ORDB blocking. All of the data about what to block is taken directly from ORDB, so there's no need to download or update anything.

Another option is to use a commercial product such as Praetor Main, which features a 21-day downloadable evaluation version and also integrates with ORDB to block mail from possible open relays. VamSoft also has an Exchange plug-in for using ORDB and other ORDB-type resources.


Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter.


This was first published in July 2002

Dig deeper on Spam and virus protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchWindowsServer

SearchEnterpriseDesktop

SearchCloudComputing

SearchSQLServer

Close