Is Open RBL a crock or is my DNS set up wrongly

| 4 Comments

One of the people I email's corporate mailer has started to bounce my mail with the following message:

mx.example.com[xxx.xxx.xxx.xxx] said: 554 You have been blocked
by a DNS blacklist, please see:- http://www.openrbl.org/ (in reply to MAIL
FROM command)

So I wander over to www.openrbl.org and type in my domain name and it tells me REJECT: invalid ip-address or non-resolvable hostname: jetbyte.com...

Now, it's true that jetbyte.com doesn't have an ip address, but it has a perfectly valid MX record... Shouldn't OpenRBL be checking that the MX record is valid rather than checking that the domain has an ip?

4 Comments

This is completely valid, see http://www.exim.org/pipermail/exim-users/Week-of-Mon-20031117/thread.html#62744

However that isn't what openrbl tests for. An RBL, is a Relay Blocking List ... so that I get mail from the machine relay.example.com and so I lookup the ip 127.0.0.1 in the RBL which will tell me if I shouldn't accept mail from that host because it's an open relay. So the test on openrbl.com tests for the sending machine, and you are giving it the receiving domain.

James,

I'm still confused.

I always connect to the same smtp server to send mail. I can send mail from some of my domains to this address without bounces. I cant send mails from my jetbyte.com domain. The domains that I can send from have A records as well as MX records...

Thanks for the help by the way :)

It's ok, I should have read the error message better. So it says...

mx.example.com[xxx.xxx.xxx.xxx] said:
554 You have been blocked by a DNS blacklist, please see:- http://www.openrbl.org/ (in reply to MAIL FROM command)

...emphasis added. Which suggests to me that they are doing openrbl lookups on the ip the connection is comming from (good) but also from the domain in the FROM command (bad). AFAIK nothing sane should do that ... and I can't see how it would do anything useful (for instance putting 127.0.0.1 as an A RR should get you an OK from openrbl.org -- although I guess they might also reject if the fwd and rev don't match, but that's going to get a lot of legitimate email IMO).

You could try compaining to postmaster@ and see if they fix it.

James,

Thanks for that. I've sent a mail to the postmaster but that ended up bouncing as the name that it was aliased to is no longer valid... I've simply switched to one of my accounts that works when sending to them. My friend confirms that it's bouncing a lot of legitimate mail, I'll pass this info on and perhaps he can get it fixed.

Len

Leave a comment