WinGate Forums

[andyv12]

Hi all,

I am running Wingate 5.0.2 on a dual-homed Windows 2000 Server and am using it as a proxy server and e-mail (POP3 & SMTP) server.

I have the Wingate e-mail server configured to not allow the relaying of email from either trusted or untrusted senders. I am also using Open Mail Relay detection.

Problem is that somehow OUR server has landed on the Ordb.org blacklist and they tell me that the server is an Open relay. We can't send to certain customers now that also use Open relay detection using Ordb.org as their blacklist.

How can this be?

What should I do about it?

Here's the header from the message ordb.org sent via our e-mail server that the server relayed despite the settings I have established to not relay email messages:

Return-Path: <postmaster@gwinc.com>
X-Original-To: marvin@marvin.ordb.org
Delivered-To: marvin@bockscar.ordb.org
Received: from mail3.primary.net (mail3.primary.net [216.87.38.220])
by bockscar.ordb.org (Postfix) with ESMTP id 892B254CC
for <marvin@marvin.ordb.org>; Wed, 31 Mar 2004 20:11:49 +0000 (GMT)
Received: from gwinc.com (gwinc.com [208.16.28.218])
by mail3.primary.net (8.12.2/8.12.8) with SMTP id i2VKBmFN032407
for <marvin@marvin.ordb.org>; Wed, 31 Mar 2004 14:11:48 -0600
Date: Wed, 31 Mar 2004 14:11:48 -0600
Message-Id: <200403312011.i2VKBmFN032407@mail3.primary.net>
Received: From localhost.localdomain (unverified [62.242.0.190]) by SMTP Server [208.16.28.218]
(WinGate SMTP Receiver v5.0g) with SMTP id <0000656067@gwinc.com>;
Wed, 31 Mar 2004 14:06:42 -0600
From: postmaster@gwinc.com
To: marvin@marvin.ordb.org
X-ORDB-Envelope-From: postmaster@gwinc.com
X-ORDB-Envelope-To: marvin@marvin.ordb.org
Subject: ORDB.org check (0.1597420494972040.5766611503) ip=208.16.28.218

Please help!

Thanks.

[labull]

Andy,

This is what I got when I tried a simple relay off your server:

helo bubba.bubba.com
250 Requested mail action okay, completed
mail from: bubba@bubba.com
250 Requested mail action okay, completed
rcpt to: bubba@bigbubba.com
550 relaying denied

Sure looks secure.

Is there another service such as a reverse WWW proxy that they may be exploiting?

Larry

[Warren]

Hi Andy,

Go take a look at the posting shown below. Particularly my reply- last posting. If you need any further input, let me know.

Also, go beatup you ISP and tell them to find who is using your shared Internet Connection with an open relay. I'm sure that this is where your problems lie. If they can't or don't want to do something about it quickly, then ask or better still, tell them, to switch you to another connection address. They probably have several address' available and can generally switch you in 24 hours.

I just checked your address at "ordb.org" and I see that they still have you trapped in their Black Hole.

Good Luck, Warren

http://forums.qbik.com/viewtopic.php?p= ... ight=#5528