blacklist user beware

[Roy Bixler <rcb@ucp.uchicago.edu>]

This weekend when setting up Z-Mailer on a new NetBSD installation, I
discovered an interesting little catch.  I use the ORDB list of open
relays in an attempt to reduce spam intake.  I soon found that the
SMTP server rejected mail from everywhere.  I removed the ORDB usage
from smtp-policy.src, re-ran policy-builder.sh and then SMTP server
started accepting mail again.  Strange ...  I thought there is a
problem with ORDB and I wrote to them about this.

It turns out that, instead of the usual DNS requests of the form
d.c.b.a.relays.ordb.org, the SMTP server was actually requesting
d.c.b.a.relays.ordb.org.org.  Whoever is in charge of the org.org
domain has some kind of wildcard DNS record set up and their default
is to return a 127.0.0.1 (i.e. an ORDB reject) for all requests not
otherwise in their database.  So my resolution of the problem was to
put the following rule in smtp-policy.src:

_rbl0          test-dns-rbl      blocklista:blocklistb:relays.ordb.org.
_rbl1          # Nothing at late phase

Note the dot at the end of the line.  By the way, I also found out
from the ORDB people that anyone using the relays.ordb.COM zone will
have the same trouble as above.

In hopes this might save someone some trouble-ly yours,
R.
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi