ordbscan is a Perl script to scan sendmail logs for ORDB bounces.
The Open Relay Database is a formerly-popular tool in the fight against spam, and it works by allowing system operators to reject traffic from insecure mail servers. These insecure servers are a scourge of the internet, and by rejecting their traffic it reduces spam and motivates the server operators to clean up their acts.
Our experience is that the vast majority of mail rejected by ORDB is actually spam, but occasionally we find "false positives": blocked mail from people we want to interact with. These folks are in fact running insecure mail servers, but here we can at least help them fix them.
ordbscan is a tool to process sendmail logfiles and report on all the mail bounced by ORDB, and a visual scan of the output usually shows the "obvious" candidates for further investigation.
Sendmail ORDB Configuration
This is not a tutorial on sendmail, but we can highlight the configuration we use to employ ORDB. We always use the normal sendmail ".mc" macros because doing the raw configuration files by hand is madness. Adding ORDB support to sendmail is straightforward: simply add these two lines to the dot-mc file:
FEATURE(`dnsbl', `relays.ordb.org', `Rejected - see http://ordb.org/')dnl
NOTE: This is for my version of sendmail. You should check your sendmail documentation for the details on yours.
Rebuild the configuration and "kick" sendmail. Now, mail from insecure servers will be rejected and logged.
Note that the delay_checks feature is crucial to using ordbscan. Without it, sendmail will reject mail from open relays very early in the SMTP conversation, before the recipients are known. It's more efficient to reject the traffic early, but by delaying the checks until RCPT time (recipient processing), sendmail logs both sender and recipient. ordbscan relies on this behavior.