ORDB 異常退信問題,請儘快將ordb移除RBL參考的List
Posted On 2008年3月26日 星期三 at 於 下午3:59 by Laniordb.org was shut down on December 18, 2006. Please remove from your mailserver
今天早上用戶反應ORDB問題,原來是該網域出現異常,
原本ORDB網域即已停止服務,今天突然查詢的IP都被列入其RBL,
請有架Mail Server的管理者,請儘快將ordb移除RBL參考的List,
否則寄往您主機的信件,將被您主機reject掉。
測試結果:
測試一:
#dig 1.2.3.4.relays.ordb.org
; <<>> DiG 9.3.3 <<>> 1.2.3.4.relays.ordb.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46963
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1.2.3.4.relays.ordb.org. IN A
;; ANSWER SECTION:
1.2.3.4.relays.ordb.org. 604800 IN A 127.0.0.2 異常的結果
;; Query time: 309 msec
;; SERVER: 139.175.55.244#53(139.175.55.244)
;; WHEN: Wed Mar 26 16:03:30 2008
;; MSG SIZE rcvd: 57
測試二:
#dig a.b.c.d.relays.ordb.org
; <<>> DiG 9.3.3 <<>> a.b.c.d.relays.ordb.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25413
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;a.b.c.d.relays.ordb.org. IN A
;; ANSWER SECTION:
a.b.c.d.relays.ordb.org. 604800 IN A 127.0.0.2 異常的結果
;; Query time: 926 msec
;; SERVER: 139.175.55.244#53(139.175.55.244)
;; WHEN: Wed Mar 26 16:04:15 2008
;; MSG SIZE rcvd: 57
測試三:
dig txt ordb.org
; <<>> DiG 9.3.3 <<>> txt ordb.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22109
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ordb.org. IN TXT
;; ANSWER SECTION:
ordb.org. 604800 IN TXT "ordb.org was shut down on December 18, 2006. Please remove from your mailserver." <==其說明
;; Query time: 309 msec
;; SERVER: 139.175.55.244#53(139.175.55.244)
;; WHEN: Fri Mar 28 09:30:59 2008
;; MSG SIZE rcvd: 119
ORDB 已關站許久,請記得更新~
Posted On at 於 上午11:24 by Lani近日有人反應主機退信,被ORDB列入RBL,想說這網站不是已提止提供服務,為了証明此點,上網收集一下其網站先前的公告,並請對方主機管理者,請更新一下RBL List。
官方公告在此:
http://www.ordb.org/news/?id=38
由於 2006年12月31日後,它整個網站就會關閉,所以,我把公告的內容複製下來。
公告內容:
We regret to inform you that ORDB.org, at the ripe age of five and a
half, is shutting down. It's been a case of a long goodbye as very
little work has gone into maintaining ORDB for a while. Our volunteer
staff has been pre-occupied with other aspects of their lives. In
addition, the general consensus within the team is that open relay RBLs
are no longer the most effective way of preventing spam from entering
your network as spammers have changed tactics in recent years, as have
the anti-spam community.
We encourage system owners to remove ORDB checks from their mailers
immediately and start investigating alternative methods of spam
filtering. We recommend a combination involving greylisting and
content-based analysis (such as the dspam project, bmf or Spam Assassin).
DNS and the mailing lists will vanish today, December 18, 2006.
This website will vanish by December 31, 2006.
資料引用:還好有人留下紀錄
FreeBSD CARP ( Common Access Redundancy Protocol ) 設定與測試方法
Posted On 2008年3月20日 星期四 at 於 中午12:15 by Lani測試前說明:
使用三台主機作測試,兩台Server,一台Client,
dk.oio.idv.tw 192.168.78.1
dk1.oio.idv.tw 192.168.78.2
dk2.oio.idv.tw 192.168.78.3
dk3.oio.idv.tw client
1、先將兩台Server,於kernel中,增加一個device carp,再重新編譯kernel。
device carp
2、於dk1、dk2,執行以下步驟:
a、device使用carp portocol
#sysctl net.inet.carp.allow=1
執行後:
net.inet.carp.allow: 0 -> 1
b、建立一個carp5的interface
#ifconfig carp5 create
執行後:
carp5: flags=8
c、設定carp5 VHID IP Netmask,** VHID是重點:這會影嚮carp5 mac address
#ifconfig carp5 vhid 5 192.168.78.1 255.255.240.0
dk1 查視 carp5 interface
#ifconfig carp5
carp5: flags=49
inet 192.168.78.1 netmask 0xffffff00
carp: MASTER vhid 5 advbase 1 advskew 0
/var/log/message
dk1 kernel: em0: promiscuous mode enabled
dk2 查視 carp5 interface
#ifconfig carp5
carp5: flags=49
inet 192.168.78.1 netmask 0xffffff00
carp: BACKUP vhid 5 advbase 1 advskew 0
/var/log/message
dk2 kernel: em0: promiscuous mode enabled
dk3 client ping dk.oio.idv.tw 測試封包不中斷。
dk1
#ifconfig carp5 down
carp5: flags=8
inet 192.168.78.1 netmask 0xffffff00
carp: INIT vhid 5 advbase 1 advskew 0
dk2
1、/var/log/message 會先收到
dk2 kernel: arp_rtrequest: bad gateway 192.168.78.241 (!AF_LINK)
2、會自動變成Master
carp5: flags=49
inet 192.168.78.1 netmask 0xffffff00
carp: MASTER vhid 5 advbase 1 advskew 0
3、會自動接起 dk.oio.idv.tw,文件說1/256 sec
自動接下送往192.168.78.1封包
--- dk.oio.idv.tw ping statistics ---
509 packets transmitted, 509 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.100/0.222/0.424/0.051 ms
dk1 重啟後,並不會自動轉為Master
#ifconfig carp5 up
/var/log/message 會收到
dk1 kernel: arp_rtrequest: bad gateway 192.168.78.241 (!AF_LINK)
#ifconfig carp5
carp5: flags=49
inet 192.168.78.241 netmask 0xffffff00
carp: BACKUP vhid 5 advbase 1 advskew 0
如希望dk1,恢復後可以自動轉為Master,則須在dk1、dk2執行以下指令
#sysctl net.inet.carp.preempt=1
引用資料:http://www.openbsd.org/faq/pf/carp.html#carpconfig
