"Problem located (not the 127.0.0.1 issue) and is being resolved. More of an
update when we locate the originating cause, but it appears the migration from
SORBS1 to SORBS2 was to blame for the actual listing problems."
"Problem located. Historical entries were migrated as current (historical is
not identical to 'previously delisted' but the effect is the same.)"
Looks like some tweeking to have a weighting on RBL rather than relying on a
single RBL, but then the there may be trade off for effectiveness?
Interesting vector for a denial of service though :)
From: Jasper Bryant-Greene <jasper(a)metaname.co.nz>
To: Andre Van Niekerk <theflat1(a)xtra.co.nz>
Sent: Fri, 8 October, 2010 10:24:13 AM
Subject: Re: [nznog] SORBS had loopback listed in dnsbl?
On 8/10/2010, at 9:53 AM, Andre Van Niekerk wrote:
Anyone have an issue yesterday with mail being
categorized as spam due to SORBS
listing 127.0.0.1 in their DNS BL DB?
Had a few complaints from internal customers that mail was not getting through,
and a cursory inspection of the logs shows SORBS reporting this address as an
open relay (I'm not sure if this a common occurence??).
127.0.0.1 has been listed in SORBS since 2008, according to their database
lookup tool, although I can't seem to verify that with a DNS lookup.
I guess it maybe makes some sense since if your frontend MTAs (the ones which
should be checking incoming connections against DNSBLs) are getting mail from
127.0.0.1 you might want to know about it? I use Spamhaus who seem to have more
rigorous policies around what leads to IPs being listed.
Also, I'd suggest that if 127.0.0.1 being listed in SORBS can break your mail
system, it might be worth tweaking the configuration so that doesn't happen. In
particular, connections from localhost probably shouldn't be subjected to a