Jump to content

Open Relay source in Technical Report


McMichaeli
 Share

Recommended Posts

I'm interested to know how the open relay testing works when I submit some spam for testing? Since the retirement of list.dsbl.org I've obviously had to remove this from my postfix server's list of RBLs. I've tried using relays.dnsbl.sorbs.net instead but have yet to have any hits with that.

So if I submit a message for testing and receive output similar to:

88.247.xxx.82 not listed in dnsbl.njabl.org

88.247.xxx.82 not listed in dnsbl.njabl.org

88.247.xxx.82 not listed in cbl.abuseat.org

88.247.xxx.82 is an open proxy

88.247.xxx.82 not listed in accredit.habeas.com

88.247.xxx.82 not listed in plus.bondedsender.org

88.247.xxx.82 not listed in iadb.isipp.com

Where is the open proxy listing coming from? I know it's not SORBS but it would be good to add the same source to my mail server to help prevent these type of message even being delivered in the first place.

Any insight would be much appreciated.

Ian.

Link to comment
Share on other sites

Hi, Ian,

...Near the top of nearly any (possibly all) SpamCop Forum pages, there is a white button labeled "Search for -->" and a blue button labeled "GO." Between these buttons, there's a text entry field. If I enter "open proxy" into that field and press one of the buttons, I see a number (491 at this moment) of links returned. Please check these out and see if any answers (or a combination answer) your question to your satisfaction. If not, and/ or you still have questions, please post them here as a "reply."

Link to comment
Share on other sites

Hi turetzsr,

Thanks for your quick reply. I'd already had a pretty good search around using the keywords "open relay testing" but I've now reviewed the forums using "open proxy", as suggested. The closest I can come to an answer is:

What happens AFTER I submit a spam message?

However like a lot of the related topics it is getting a bit old now and refers to ORBD, which died long before

DSBL. I think it confirms that the open proxy result won't be rolled into bl.spamcop.net. If this is still true over 4 years later, it certainly explains why messages aren't being blocked at source.

So, I think my question still stands. Which list does Spamcop use to determine open proxies during testing and is that available for DNS use on a mail server to block messages?

Thanks again,

Ian.

Link to comment
Share on other sites

So if I submit a message for testing and receive output similar to:

88.247.xxx.82 not listed in cbl.abuseat.org

88.247.xxx.82 is an open proxy

Where is the open proxy listing coming from? I know it's not SORBS but it would be good to add the same source to my mail server to help prevent these type of message even being delivered in the first place.

If you have an example with every line saying "not listed " but also saying open proxy, please post a tracker.

I have only seen open proxy with preceding result codes like

125.34.144.209 listed in cbl.abuseat.org ( 127.0.0.2 )

125.34.144.209 is an open proxy

218.59.29.39 listed in dnsbl.njabl.org ( 127.0.0.9 )

218.59.29.39 is an open proxy

And I was told in the newsgroup that that was the method used to generate the "is an open proxy" line

Link to comment
Share on other sites

If you have an example with every line saying "not listed " but also saying open proxy, please post a tracker.

I have only seen open proxy with preceding result codes like

125.34.144.209 listed in cbl.abuseat.org ( 127.0.0.2 )

125.34.144.209 is an open proxy

218.59.29.39 listed in dnsbl.njabl.org ( 127.0.0.9 )

218.59.29.39 is an open proxy

And I was told in the newsgroup that that was the method used to generate the "is an open proxy" line

Seems a good answer unless a 'non-paired' open proxy result can be demonstrated. This would also resolve http://forum.spamcop.net/forums/index.php?showtopic=7654 and maybe others as well.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...