Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



Troubleshooting Q&A - December 12, 2005

What to Do When You're Branded as Spam

If you send an e-mail and it bounces back to you with a message that it was blocked by SORBS, the problem lies with your service provider's open relay mail server. Here's what you need to do to resolve the situation.

By Ron Pacchiano

Q.   I've recently started experiencing a rather unusual e-mail problem. I was working out of my home office the other day composing an e-mail. Seconds after hitting the send button, I received an error message indicating that the message had been blocked by something called SORBS. I've never heard of SORBS before this and have no idea how or why it is intercepting my e-mail. The next day at the office I tried resending the e-mail using the same account and it worked just fine. Later that evening, I tired sending another message from my home office and the SORBS message came up again.

At first I thought that this was a problem with the company hosting my e-mail, iPowerWeb, but I have other e-mail accounts hosted with this vendor and those seem to work fine from either location. So if it was a problem with iPowerWeb, then why isn't it affecting my other e-mails accounts that are also hosted by them? I also thought that it might have something to do with my home ISP (EarthLink), but then the same question: Why doesn't this affect my other e-mail accounts?

Bottom line: I don't understand why this is happening. I have been using this e-mail account for several months from both locations, and, until now, I've never had a problem. I'm at a loss to explain this except to think that it might be a virus, but scans have come make clean. I'm not even sure whom I need to contact in order to resolve this problem: iPowerWeb or EarthLink. Do you have any idea what could be causing this problem and what steps do I need to take in order to resolve this situation?

A.   I haven't seen this happen very often, but I do know of clients who have experienced this problem. Ironically, one of them was using iPowerWeb, too. First of all, I think it's safe to say that you don't have a virus. The message you are receiving is being generated by a service called SORBS, which is an acronym for Spam and Open Relay Blocking System.

This service was developed to help limit the proliferation of spam by finding and maintaining a listing of Exploitable Servers. Many ISPs support something known as an open relay. An open relay (sometimes called an insecure relay or a third-party relay) is an SMTP e-mail server that allows the third-party relay of e-mail messages. By processing mail that is neither for nor from a local user, an open relay makes it possible for an unscrupulous sender to route large volumes of spam.

Spammers are able to locate accessible third-party mail relay servers by using automated tools that are readily available on the Internet. By relaying mail through several open relay mail servers at the same time, it is possible to flood the Internet with large amounts of junk mail in a very short period of time before being detected.

This is where SORBS comes in. By maintaining a listing of open relay servers, SORBS can help reduce the proliferation of spam over the Web. More and more ISPs are now checking to see if a server is on the SORBS list as a spam generator before allowing it to relay messages over its network. This theoretically should reduce an ISP's vulnerability to spam. The problem with the SORBS approach is that when it discovers that a server has been used for spamming purposes, they block it. This does prevent that server from delivering anymore spam, but it also blocks the legitimate users on that server as well. Until the ISP can correct the problems that caused that server to be compromised in the first place, the server stays blocks and so does everyone else using it.

So in answer to your question, the reason your mail is being blocked is because, most likely, the server where your e-mail is being hosted has been identified as an exploitable server and as such has been added to the blocked list. This will affect all of the e-mail accounts on that server, not just yours. The reason your other e-mail accounts are still functioning is because they are probably being hosted on a different mail server.

Getting the situation resolved can be kind of tricky, not to mention time-consuming. The delisting of a server is a manual process and can be performed only when the ISP contacts a SORBS admin to request removal. This can take time, so be patient.

I would start by contacting iPowerWeb's tech support people (888-511-HOST) and have them look into it since the problem is coming from one of their hosted e-mail accounts. They might already be aware of the situation (since I'm sure your account isn't the only one being hosted by that server) and have corrective measures in place. Sometimes the ISP will have an alternate trusted relay server that you could use to pass your mail through until the problem can be corrected.

If you don't get anywhere with iPowerWeb, try contacting EarthLink for assistance. As a last-ditch effort, you could attempt to contact SORBS directly here and try to get some help with them. Make sure you send the form to the DUHL queue. Just be prepared for a lot of buck-passing between EarthLink and iPowerWeb. One will undoubtedly blame the other, and I'm sure it will become frustrating, but hang in there. With any luck, someone else has already done all the hard work and the problem will just resolve itself. Either way, it will work out.

Use our feedback form to submit your questions on home or SOHO networking issues. Please be as specific as possible. We cannot guarantee to answer every question we get, but we’ll consider them all.



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums