Realtime Open-Relays Verifying Engine Database List (ORVEDB)
Our Realtime Open-Relays Verifying Engine Database List is one of the three realtime lists that we mantains in ANTISPAM-UFRJ. This list contains the dotted-quad IP numbers of the hosts that our Open-Relays Verifying Engine (ORVE) verified that are Open-Relays machines (Junkmailers).
A host listed here, unlike RSBL list, isn't necessarily a spammer host because hosts running an open-relay usually do it accidentally, for inexperience of its administrator(s).
Like ORBS list, our ORVEDB list is maintained by a 100% automated engine that is called "ORVE" (Open-Relays Verifying Engine). This engine works without any human intervention of the ANTISPAM-UFRJ's administrators. When our ORVE receive a open-relay notification (via WEB or E-mail), it connects to the open-relay machine and attempts to send a relay-test mail using the MTA of the remote host machine and, if the message delivery is accept, it adds an encrypted token key which is linked to the IP address of the remote host. If the test-relay message comes back to it intact, it have confirmed that the remote machine is a true open-relay. Automaticaly this open-relay is stored in our Open-Relays databases and at 01:00hs o'clock BRT/BRST it is added to our RBL-style DNS engine and a warning mail message is sent to the administrator(s) of the remote open-relay machine (at postmaster@reverse-dns-name or postmaster@[ip.address], if there are no reverse dns name, with a carbon copy to abuse, root and hostmaster of the same machine). If the test-relay message is bounced back to the sender or never delivered, then the remote host machine under test is not to be considered an open-relay.
In some circumstances, because the MTA of the remote host is misconfigured or due an unsuccessful human intervention by the administrator of the remote host, a few number of the hosts that aren't open-relays can be listed in our ORVEDB list, if it happens, a new test must be procceded by our ORVE to probe whether the remote host is a close-relay machine or not.
Periodically, at every 90 days or when the remote host administrator(s) resquest to our ORVE, a new open-relay test is procceded. Our ORVE relay test is composed by 20 relay-tests, due to obvious reasons, ONLY THE HOSTS THAT REFUSED ITS 20 RELAY-TESTS WILL IMMEDIATELY BE SET TO BE REMOVED FROM OUR DATABASES, if one or other test reveal any suspicion, our ORVE will wait 90 days to remove the remote host from our databases. If the relay-test message comes back to our ORVE intact, then the remote host won't be removed from our databases and a warning message will be send to its administrator(s).
To prevent that any open-relay host administrator try to forge a false close-relay conditions, blocking our ORVE test using a firewall or other similar artifice, if our ORVE cannot connect to the remote open-relay host to verify if it remains or not an open-relay machine, it will attempt to connect periodically for 2 years, when the remote host will be considered a non existent host machine and will be removed from our databases.
Our Realtime Open-Relays Database List is exported in an RBL-style DNS zone (orvedb.aupads.org), to see how to use it, click in the link "Using our databases" in the left menu.
NOTE: Our realtime lists are freeing exported by anybody that want be use of them. If any host XXX blocked a delivering mail from a third-party host that is listed here, is because the third-party host MUST comply with the rules that the XXX's admin (not our rules) require to a mail message can be delivered to it. We are just verifing to the XXX's admin whether a host is a spammer, open-relay or IP/DIALUP machine or not.