At 17:27 -0800 2004-02-05, tedcrum@socrates.Berkeley.EDU wrote:
>Has anyone else had their email bounced by SORBS compliant mail servers?
>One of our users on Socrates is having bounces which are SORBS related.
At 11:32 -0800 2004-02-06, tedcrum@socrates.Berkeley.EDU wrote:
>Rob Chevalier of Socrates Consulting has answered the question I posted
>here about SORBS problems with mail sent to wayne.edu and other hosts.
>...
>> From consult@socrates.Berkeley.EDU Fri Feb 6 09:35:30 2004
>> Date: Fri, 6 Feb 2004 09:35:29 -0800 (PST)
>> Subject: Re: re sending an email message (fwd)
> >
>> Ted,
> >
>> Yes, we've been receiving numerous complaints from users affected by the
>> fact that SORBS has blocked socrates. Apparently, they (SORBS) do not
> > like the fact that socrates has ftp servers running on non-standard ports.
You can view this by going to the SORBS lookup page
<http://www.dnsbl.au.sorbs.net/cgi-bin/lookup?js&IP=> and entering
Socrates' IP address, 128.32.25.13, into the "Database Entry Check"
on that page.
Even according to SORBS, Socrates doesn't offer any open mail
relays, open proxies, or any other common methods through which spam
might be "laundered" through other hosts, and hasn't actually been
used to send any spam. The only reason Socrates appears in SORBS'
database is because the folks there, having apparently done an
unauthorized port scan, mechanistically determined that Socrates' FTP
servers listening on four high-numbered ports might possibly signify
a "vulnerable/hacked web server":
>[128.32.25.13] Vulnerability Found [Suspect host (High port FTP
>server - Hacked?) Port: {port number appears here - Aron}] [Active]
Ironically, the FTP server listening on one of those high-numbered
ports (821) only accepts CalNet Kerberos-authenticated connections,
and is thus far more secure than the vast majority of FTP servers
throughout the Internet on the IANA-registered FTP port, port 21.
As a result, presumably legitimate email sent by Socrates users to
users of some mail servers which rely -- perhaps blindly -- on the
entries in the SORBS database has been refused by those servers.
Aron Roberts
Workstation Software Support Group
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Fri Feb 6 13:13:05 2004
This archive was generated by hypermail 2.1.8 : Fri Feb 06 2004 - 13:13:05 PST