Re: ORBZ shut down

[<jlewis () lewis org>]

On Wed, 20 Mar 2002, David Ulevitch wrote:

>   I'm sending this forward to incidents for two reasons.
>
>   1) The reason ORBZ appears to have been shut down is because of the
>   problem with Lotus Domino servers crashing/hanging when receiving
>   bounces with null envelope senders.(check archives for exact issue)

Does anyone have a complete list of any other from addresses/formats that
will cause load issues on Domino.  I know from Ian's bugtraq post that
anything@[127.0.0.1] will do it.  What about anything@localhost,
anything@[servers-IP], etc.?  Has Lotus fixed this in any Domino release,
or are they all brain damaged.

>   2) A lot of mail servers will HANG or be EXTREMELY slow if they are
>   setup to check against ORBZ name service for spamboxes.

Just like when MAPS surprised everyone with no more free service.

>   A good solution is to switch to using something like ORDB
>   (www.ordb.org)

Or any number of other dnsbl's.

-- 
----------------------------------------------------------------------
 Jon Lewis *jlewis () lewis org*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com