ORBS forge headers (thereby violating the RFC) to look as if they're coming from domains you host, then if it goes through, they put you in their little black book for being an 'open relay'. No notice, nothing.
The last part of that statement is simply untrue. I got ORBS'd once and they notified me via postmaster@domain. If you don't get notified then you don't have a postmaster account for the domain, and it is you who are in violation of the RFCs. As for the "forge headers in violation" part, they have to test the common variations. Who cares if they do that as a one-off probe. If they were doing it all the time it would be a problem, but once is nothing. Of course, the spammers who are using your server as an open relay are certainly violating that and much more, so if it really bothers you close your freaking relay. ;) I for one was happy for the free and comprehensive testing. It pointed out a whole I had missed in my config. Once patched, I was out of the ORBS database in less than 24 hourse, and was able to get out on my own just by filling out a form on their web site that kicked off an automated retesting. I think ORBS provides an excellent service, and I say that because my experience says that they rely entirely upon factual evidence before they block, and it is easy to get out of the database once you provide evidence that you have fixed your server. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/