ORDB.org blacklisting all IP addresses

In the last 48-72 hours, we have had several clients report problems sending e-mail to several large e-mail providers, such as Yahoo, Hotmail, SBC, Prodigy, Earthlink, etc.

We have spent a considerable amount of time investigating the issue and would like to let you know what we’ve done, what we’ve found, and what the expected resolution will be.

First off: This is not a problem with Tech Experts or our e-mail systems. It is a problem with the services that you are attempting to send mail to.

In order to better understand the problem, it is helpful to know a little bit about how mail servers fight spam.

One of the ways to fight spam is to use something called a realtime blocking list, or RBL for short. There are dozens of companies that provide RBL services to companies like us (and Yahoo, Hotmail, etc.) to help us make smart decisions about e-mail coming into our servers. Some of these RBL services are free, and others we pay to access.

Basically, these RBL services tell us whether or not an e-mail or IP address is a known spam source. They’re generally very reliable, and in the average day, RBLs help us block around 10,000-20,000 junk e-mails.

About two years ago, there was an RBL service called ORDB. It went out of business in December of 2006.

Unfortunately, many different large e-mail companies, again such as Yahoo, Hotmail, etc. never took that system out of their servers, and were still trying to get data from the system. This resulted in huge amounts of Internet traffic to ORDB that was pointless because ORDB was no long offering the service.

At noon on Tuesday, March 25, the people that ran the ORDB servers turned the servers back on, and basically started saying EVERYTHING was spam. They set up their old systems to return these false positives as a way to get all of these companies that were using their service before, and never disabled it, to stop trying to use them.

The net effect: all mail is blocked on servers still configured to use the ORDB service, which was taken out of commission in December of 2006.

In addition it appears that the configurations of some major anti-spam services, such as Symantec Brightmail, are also still misconfigured. We know for a fact that the servers at Detroit Edison (dteenergy.com) are also blocking e-mails.

If you’re interested in the more technical details of this problem, check out this link:

http://it.slashdot.org/article.pl?sid=08/03/25/2124224

So, to summarize: Slowly the large companies out there are fixing their systems, and eventually, these problems will go away. Rest assured, we have opened tickets with the large companies, and are working on the manual removal process with them. It takes time, and in the end, it will get fixed by these larger companies correcting their entries.

We know it is frustrating and that you just want your e-mail to be delivered, and we understand that. We’re doing everything that we can to get this resolved. The point of this e-mail is to let you know, definitively, that this is *not* a problem with our e-mail service, but with the servers you are sending mail to.

If you have any questions, or would like to provide some specific examples of problems you’re having that you think we should know about, please send an e-mail to support@expertsmi.com. Thanks for your continued business, we appreciate it!