Jump to content
Sign in to follow this  
nicejerk

SORBS on the highway to h...?

Recommended Posts

Hi you all,

Because of my latest experience with SORBS, I thought it could be interesting to have your comments on SORBS.

My story is, that one day I found out SORBES had blocklisted our mail server (only one of our customers mail servers seems to be using SORBS's blocklist). After some consultaion with the admin of the our server, I found out the reason for the blocklisting was, that a Link X-Change partner trying to contact the other sites' administrator, had accidentally sent mail to a spam Trap and thereby caught and registered by SORBS. SORBS promptly blocklisted a span of IPs and, unfortunately, including ours.

In the quest of clearing our IP from the blocklist, I found out that SORBS will not do that under any circumstances, unless the Web Service Provider (WSP) pays a "fine" to SORBS. To me, that sounds like a pure extortion. Either SORBES should sell subscription to their services or have it for free, but not stab you in the back with something they call "a fine". I am highly suspicious about this "fine", and urged our WSP not to support this kind of business. Paying this "fine", would be like accepting and acknowledge the practice of "extortion". At least the way I see it.

To solve this issue, I wrote to the admin of the blocking mail server, explained to him the situation and got whitelisted at once. Case solved for us. But I wonder how many others are suffering because of SORBES?

If an admin of WEP can not have a constructive and problem solving dialouge with spam-preventing service provider, I can not see any grounds for supporting that particular spam-preventing service. Furthermore, if no one by principal, pays the so called "fine", then finally SORBES block list would contain most IP numers on the Internet and thereby become obsolete.

Our mail administrator has before worked closely together with f.ex. SpamCop, to successfully track down spammers and close their accounts. These are typical cases where professionals work together to solve matters.

Responsible blacklisting, includes a reasonable way to get delisted, and SORBS is not reasonable on this policy.

As from this, I can only recommend spamhaus.org and spamcop.net.

All this because of a one single mail to a wrong single address.

Share this post


Link to post
Share on other sites
I found out the reason for the blocklisting was, that a Link X-Change partner trying to contact the other sites' administrator, had accidentally sent mail to a spam Trap and thereby caught and registered by SORBS. SORBS promptly blocklisted a span of IPs and, unfortunately, including ours.

Can only note that both sides of the story are not reflected here. As I'm not involved with any of this, let me just point out that some of your story doesn't match the data provided at the SORBS site http://www.dnsbl.us.sorbs.net/Overview.html .. specifically the section labelled "spam Database" .... one e-mail should not have triggered a "span of IPs" to be listed.

That the listing under this section is done manually does kind of suggest that perhaps the message sent by your Link-Xchange partner may not have been an obvious "non-spam" ... maybe this particular e-mail might stand a bit of inspection?

In the light of so many ISP admin's that don't seem to have a clue, I do find it interesting that you talked to one that can pinpoint the exact moment and cause of a specific event such as this. Might it be possible that upon recognizing this singular event, that perhaps this admin's attempts at getting unblocked was the source of the "continued spam from this address" and thus caused the expansion from a single IP to a range of IPs?

I'm making no accusations, passing no judgment, just pointing out that the total content of your query/story and the SORBS FAQ just doesn't match up 100%.

Share this post


Link to post
Share on other sites

Hi again and thanx for replies so far.

Can only note that both sides of the story are not reflected here. As I'm not involved with any of this, let me just point out that some of your story doesn't match the data provided at the SORBS site http://www.dnsbl.us.sorbs.net/Overview.html .. specifically the section labelled "spam Database" .... one e-mail should not have triggered a "span of IPs" to be listed.

I agree with you, but it also says in FAQ, that you only get listed for 2 days. I might have misunderstood something there. Neither could I anywhere on SORBS site find anything written about the so called "fine". They are not revealing the essentials.

That the listing under this section is done manually does kind of suggest that perhaps the message sent by your Link-Xchange partner may not have been an obvious "non-spam" ... maybe this particular e-mail might stand a bit of inspection?

It was not my partner or am I involved in this in any way, that my mail server got blocked. Let me quote our mail administrator exactly:

The reason they blacklisted it is that a single user on your server sent a single e-mail (through his ISP, not through your server) to the wrong e-mail address when trying to contact the Webmaster of a site they do a link exchange with. The e-mail address he sent it to was a spam trap SORBS uses. They got his domain name from the e-mail, traced it back to your server, and blacklisted it

QUOTE 

accidentally sent mail to a spam Trap

As long as there is traffic on the streets, you can expect accidents to happen, but there is no reason to punish the whole town for it. It's the humans that make mistakes, electronics/computers only fail.

Still, a penny for your thoughts.

nicejerk

Edited by nicejerk

Share this post


Link to post
Share on other sites
Neither could I anywhere on SORBS site find anything written about the so called "fine". They are not revealing the essentials.

Um, just read the FAQ on the website... It's here.

Share this post


Link to post
Share on other sites
Can only note that both sides of the story are not reflected here. As I'm not involved with any of this, let me just point out that some of your story doesn't match the data provided at the SORBS site http://www.dnsbl.us.sorbs.net/Overview.html .. specifically the section labelled "spam Database" .... one e-mail should not have triggered a "span of IPs" to be listed.

I agree with you, but it also says in FAQ, that you only get listed for 2 days. I might have misunderstood something there. Neither could I anywhere on SORBS site find anything written about the so called "fine". They are not revealing the essentials.

I'm going to have to disagree. In general, the above referenced FAQ pretty much states that an IP will be listed until it passes a retest, some dialog changes some status specifics, etc., etc. ... I have to tell you that the 2-day listing doesn't ring a bell for anyone other than the SpamCopDNSbl 48 hour max after the spew stops. The so called "fine" is documented on the URL I offered in my last post (also quoted once again in this one)

That the listing under this section is done manually does kind of suggest that perhaps the message sent by your Link-Xchange partner may not have been an obvious "non-spam" ... maybe this particular e-mail might stand a bit of inspection?

It was not my partner or am I involved in this in any way, apart from that my mail server got blocked. Let me quote our mail administrator exactly:

The reason they blacklisted it is that a single user on your server sent a single e-mail (through his ISP, not through your server) to the wrong e-mail address when trying to contact the Webmaster of a site they do a link exchange with. The e-mail address he sent it to was a spam trap SORBS uses. They got his domain name from the e-mail, traced it back to your server, and blacklisted it

That actually even sounds a bit sillier than your first presentation ... recall you first stated that a "whole range of IPs was blocked" .. now the story is a domain named was extracted from an e-mail (?), this domain was tracked to an IP (?) and then this specific IP was added to the BL. Just another small hint, the source of the incoming spamtrap e-mail would have been "tracked" via the source IP of the e-mail ... the alleged Domain wouldn't actually be tied in, unless the Domain did in fact use this specific e-mail server to send its traffic out. One can make the assumption here that there's a bit of detail lost in the various translations of the history of this event, perhaps explaining why some of this doesn't tally up to a nice round number.

Share this post


Link to post
Share on other sites
As long as there is traffic on the streets, you can expect accidents to happen, but there is no reason to punish the whole town for it. It's the humans that make mistakes, electronics/computers only fail.

Still, a penny for your thoughts.

nicejerk

Yes accidents happen on the streets but people do not pull their cars up in garages that don't belong to them and park their cars.

Share this post


Link to post
Share on other sites

Thank you Mr. Parker,

I apologize for not reading the "spam Database FAQ" section, as I looked into the the "Frequently Asked Questions" to find hints on this "fine". The price is:

......, if you are really not a spammer, or you are truly reformed, de-listing is relatively easy. You pay US$50 to a charity or trust approved by, and not connected with, SORBS for each spam received relating to the listing (This is known and refered to as the SORBS 'fine')

Further down that page they state:

The 'fine' was created to stop spammers from quickly removing themselves from the database, it also has the side effect of reminding people the hard way that they are responsible for their own actions.

Putting an unpatched, unfirewalled Microsoft Windows® machine on the Internet is irresponsible in the highest degree, installing a proxy server and leaving it open for the world to use is both foolish and irresponsible, yet people are doing these things every day, and no one is telling them they can't or that it is wrong.

This statement refers to 90% of home Internet users, and by no means justifies their way of blocking or charging their fine. It looks like they are putting themselves in the place of an "Internet Police Squad", appointed by themselves. I wasn't aware of this, until I read the link.

From this moment on, I defenitely will not recommend SORBS.

And Wazoo:

I have no reason to doubt our mail server administrator as we have been working together for several months now. You can talk about sillyness, but I take it seriously when we get blocklisted by SORBES for someone elses mistake, but as I learn more about SORBES, the less I like it.

In your previous message you wrote:

That the listing under this section is done manually......

and now you add to it:

.....he source of the incoming spamtrap e-mail would have been "tracked" via the source IP of the e-mail ... the alleged Domain wouldn't actually be tied in, unless the Domain did in fact use this specific e-mail server to send its traffic out.....

I do not know the content of the e-mail in question, but SORBES might have used some info in the message, if they do things manually. But I suspect, talking link exchange, domain names/links might have appeard in the mail in question. But the more I read about SORBES, the more I think they may have used from that mail.

One can make the assumption here that there's a bit of detail lost in the various translations of the history of this event, perhaps explaining why some of this doesn't tally up to a nice round number

Well, your few lines here have helped a bit, thank you.

Still, a penny for your thoughts. Add it up. It's a help for everyone.

nicejerk

P.S. FYI: We are a garment manufacturer and SORBS's list got our attention because of unreasonable blocklisting, and I can not see anything positive/attractive/reasonable with their services or attitude.

Share this post


Link to post
Share on other sites

SORBS is a high collateral damage list. Folks who use it generally know this and use it *for that reason*.

With regard to your objections to their comments about windows, I have to disagree: Given how easy it is to run windows update, putting a system running *unpatched* windows on the internet is a violation of hygene roughly comparable to leaving out backflow preventers when hooking your house up to your local water/sewage systems.

Share this post


Link to post
Share on other sites

Hi again,

With regard to your objections to their comments about windows.....

I have no objections to their comments on Windows, that's only the plain truth they write there. But SORBS uses that excuse to appearingly appoint themselves as the WWW Sherif, to justify their unreasonable actions where they block a span of IPs (perhaps permanently) caused by a single mistake. They expect you to pay a "fine" for getting delisted, which looks to me, is more like extortion.

More from SORBS spam FAQ:

.....also has the side effect of reminding people the hard way that they are responsible for their own actions.

Sure, they really want to teach the home user a lesson the hard way and you have to bring your wallet. We are all responsible for our actions, but that does not mean SORBS is allowed to act unreasonably, when a user makes a mistake.

Of course, Windows vulnerablilities seem to be the main cause of virus/worm attacks on the Internet, but then we are diverting from the main thread regarding SORBS and its blocklistings and methods.

I totally agree with SORBS about Windows. Windows versions until Winsk3, have had the goal of making it as easy as possible for any layman to experience multimedia and work in ever better ways. That perspective leaves Windows very vulnerable just after installation (until Win2k3 and WinXP SP2). It leaves all services running and ports open. You have to be pretty clever to shut down unessesary and vulnerable services and ports, and you can not expect the average home user to know how to do that. Microsoft could have compensated their products by offering a free firewall (comparable to that in Win2k3) to all windows users. But then, one has to understand that despite an action like that, people will still wonder "why on earth they need that". SORBS claims they are "teaching the Internet user a lesson" and "fining" the user. You judge their method for yourself.

With Windows on more than 90% of all computers in the world, it's almost not worth writing a virus targetting other OS. As Linux is growing, it will be interesting to see if virus/worm/hijacks attacks will target that OS more in the future. You never know vulnerability before you stumble into it, so only time can tell.

If SORBS were sincere and concerned about Windows vulnerability, as they write themselves, they might have added a section to their site and advice on online virus scanning sevices, excellent freeware like Spybot and Spywareblaster which makes surfing the Internet easier and safer, and other higly useful tools. But I guess they are too busy "teaching the lessons".

I personally didn't know much about spam Trap before this incident, but I clearly see that it is a double edged sword. Users of spam Trap certainly have a great responsibility in making it work as intended, to avoid accidents.

SORBS is a high collateral damage list. Folks who use it generally know this and use it *for that reason*.
A good point, as users of the list realize that mistakes happen, and they respond to that accordingly. In our case, I provided the administrator of the mail server, blocking ours, with IP no, service proivders name and the cause of blocklisting. The admin could then look up the IP, and really verify that the provided IP no was not listed anywhere else, and the service provider is well respected.

Still, a penny for your thoughts.

Share this post


Link to post
Share on other sites
to justify their unreasonable actions where they block a span of IPs (perhaps permanently) caused by a single mistake.

Without an IP address for specifics, I am just talking generalities, but IIUC, a SINGLE mistake will not block a span of IP's.

Please prove me wrong with a specific case.

Share this post


Link to post
Share on other sites
Still, a penny for your thoughts.

In the offline world, if one does not build according to code or doesn't drive according to traffic laws (or in some places, if their vehicle doesn't measure up to certain standards), one gets a fine if caught.

Laws that would impose fines are not possible on the internet because of its international use. If SORBS thinks that a 'fine' would make people sit up and take notice, IMHO, it is not 'extortion'

Blocklists are not mandatory to be used. If SORBS actually has a lot of false positives (in the meaning that that IP address never sent spam) and doesn't delist, then admins will stop using it.

Ignorance is no excuse in a legal court. And it does not stop bad things from happening to people in the real world. Why should the internet be different?

My $.02 USD

Miss Betsy

Share this post


Link to post
Share on other sites

Hi once again,

I've spent some more time on studying SORBS and I am putting my conclusion down in words. I will post it here in 2-3 hours. My conclusion is based on information on this thread, my experience with SORBS and SORBS' official web site.

Without an IP address for specifics, I am just talking generalities, but IIUC, a SINGLE mistake will not block a span of IP's.

Please prove me wrong with a specific case

SORBS is SORBS, and it really is a question if they need any more than a single mistake. In our case, I felt their blocklisting even without a single mail. Please read my conclusion later on, as you might get a different view of SORBS. As with an actual sample, I will have to consult with our mail administrator. I do not wish to reveal any IPs to any non-concerned 3rd party member, but if the administrator agrees, I can have him contact you directly. If you work for spamcop, tracking down spammers, you might have worked with this person before.

Ignorance is no excuse in a legal court. And it does not stop bad things from happening to people in the real world. Why should the internet be different?

Good point. Should it be any different? Enron was a scandal, Anderson Revising also, so why not SORBS? Where does responsibility start/end or ignorance for that sake? We can endlessly keep on comparing and question, and that is keeping us scepticle, which makes us look for answers but finally you have to come to some kind of conclusion. Thank you for your .2. It will all add up.

I started this thread because of attitude, policy and lack of cooperation from SORBS. I wanted to hear more experiences and replies from you that could help me finding a explanation/solution to their do-not-want-to-communicate-kind-of-problem. Mr. Chris Parker pointed out a page/site, containing information I was looking for, but on the very same page I read something more interestin, which led me to something more etc. etc.

Today, I felt the pieces fell into place. I can better understand SORBS now, when I have it puzzeld together. I can not help concidering SORBS as a spammer, and I wonder if there are any official papers on that company (investigation/claims/legal issues)?

More pennies/cents for more thoughts.

Share this post


Link to post
Share on other sites
If you work for spamcop, tracking down spammers, you might have worked with this person before.

I am not an employee of spamcop. Almost everyone you will run into here is simply another user of the spamcop services who is trying to help fellow users work through their problems.

Share this post


Link to post
Share on other sites

Thank you all for your replies.

Sometimes it is necessary to write things down to get a clear picture of happenings. That is why I started this thread and now I am writing my conclusion about SORBS. My conclusion is based on information posted in this thread, my experience with SORBS, some replies from SORBS to inquiries regarding delisting and information posted on SORBS' official web site (General Q&A and spam DB FAQ, http://www.dnsbl.us.sorbs.net/Overview.html ). I was doing this observation for myself in the beginning, but I must say, it could be interesting read for many more people. But here it is:

After being blocklisted by SORBS and then learning more about SORBS, their blocklisting methods, their way of handling cases, avoiding constructive dialogs and problem solving strategies, I have come to the conclusion, that SORBS is actually running a clever spam service, and probably earning pretty good on that. My opinion is, that some Internet Authority ought to look at the practices of SORBS on the Internet and comment on that. What SORBS has been doing to our business in the last couple of days, is a clean 100% spam, and SORBS uses extortion methods to get one delisted from their blocklists. It is also disturbing that SORBS can blocklist permanently a span of IP # (also even if they just feel like it, see ad. 7. below), but then of course, the use of their lists is on voluntary basis, which limits the consequences of damage.

Let me somewhat explain this a bit:

1. What I can read from SORBS´site, they claimed themselves as to be the www Sheriff, as that would justify their business strategy and assure customers of their intended reliable business.

2. SORBS runs a DNS blocklisting service, for administrators to use in blocking "other" spammers, but SORBS. A clever move which, at the same time guarantees successful operation for some time to come. Ad 1 and ad 2 make the floor plan for the business.

3. SORBS launches a product like spam Trap, that will bring them "honestly earned money" by blocklisting/delisting. The reason for getting on to their list, they write themselves:

Well there are a few possibilities:

You are a spammer who has spammed a SORBS spamtrap or admin.

You are hosting DNS, webservices or mailservers (etc) for a spammer that has spammed a SORBS spamtrap or admin.

You are an innocent party that has been included in a wider listing policy because your provider is happy to host spammer(s) that have spammed a SORBS spamtrap or admin.¹

You had your machine hijacked by one or more spammers who have spammed a SORBS spamtrap or admin.

You have a machine with a virus or trojan that has spammed a SORBS spamtrap or admin.

You run an unsecure mailing list that has been used to spam a SORBS spamtrap or admin.

You inherited the netblock or address after your provider moved a spammer.

SORBS will not delist you without paying the 'fine' for any of these reasons.

This simply confirms, that SORBS blocklists a span of IPs, and they will not let one off the hook, once there is a bite. No matter by mistake or not. Basta. I our case, I think paying US$50,- for nothing we have done, is US$50,- too much. Is this a typical sample on how SORBS works/thrives? As SORBS knows, many citizens will pay that money to an organization, if users didn't know any better. I have asked a few people, and they would pay this amount without hesitating, if they thought a virus or worm in their PC may have triggered the event of being blocklisted. Those are the typical home users, SORBS is pretending to protect/teach a lesson. This is taking advantage of people, lacking the knowledge SORBS is referring to. There is a law against this kind of fraud in some countries, protecting civilians. SORBS is a scam spam company, and I can not see any indication on anything else. It sure is fine to block a spammer, but blocking 100 innocent and 1 spammer, brings big money to SORBS. This is really knowing how to run a business, and let innocent home users pay SORBS for delisting IP addresses, SORBS itself chooses to blocklist. SORBS should work with Service providers to track down spammers and lock them out, like professionals do. But I seriously doubt they have the quality of mind for that.

4. Mails, SORBS receives by spam Trap, SORBS will by no means want to miss at least the US$50,-. In order to raise the chance for receiving payment, SORBS presses Service Providers to pay the "fine". SORBS does that by blocklisting a span of IP numbers disposable by the Service Provider. SORBS must be the biggest and longest living spammer I have come across until now.

5. To make things look more responsible for visitors, on SORBES site they use a phrase like

Putting an unpatched, unfirewalled Microsoft Windows® machine on the Internet is irresponsible in the highest degree, installing a proxy server and leaving it open for the world to use is both foolish and irresponsible, yet people are doing these things every day, and no one is telling them they can't or that it is wrong.
, so SORBS decides what is right and what is wrong for the home users and even when to pay. SORBS is going to catch the wrong-doers and teach them a lesson! Kind of thinking, like that in Germany in the 1930's.

6. Phishy payments? Reading the "How to Pay" is a fun section. After "discouraging" the payee to pay to charity (mentions unrefundable and long delisting time) then at the bottom of the page "encourages" (delisting within 24 hours) SORBS write:

Payment here is usually immediate, and delisting is performed usually within 24 hours.

Payment maybe made via PayPal, to: joey[at]vtgts.com

For those unfamiliar:

Goto: http://www.paypal.com/

Click the 'Send Money' tab.

Create an account (if you don't already have one)

Make payment of US$50 to joey[at]vtgts.com stating the IP address in the information field.

Note: It is very important you list the IP address you want delisted in the information field, without it we will not be able to match the payment to database entry.

Note: Joey McNicol has no connection with SORBS, he has not control over who is listed or delisted, complaining to him about an entry will fall not get you anywhere.

The Joey McNicol Legal Defense Fund is a good cause that SORBS supports.

Notice especially the

Payment maybe made via PayPal, to: joey[at]vtgts.com  ..... Note: Joey McNicol has no connection with SORBS, he has not control over who is listed or delisted, complaining to him about an entry will fall not get you anywhere.

My question here, why pay to Joey to get delisted at SORBS, if he has no connection whatsoever to SORBS? Is Joey on the way to jail? Or is Matthew Sullivan in deep trouble? Or is it just a sick joke?

7. To really convince doubtful minds, like mine, about the legitimacy of SORBS' business, SORBS writes in the General Q&A section:

29: I'm going to sue you if you don't remove "X.X.X.X" entry... 

See you in court, and don't expect to be removed... Oh, and expect to have your name and addresses published for the world to see (as is the Law in Australia provides).... No matter what the outcome.

Not only is this a threat of never being removed from the blocklist, but it is a threat of publishing names and addresses, with unforeseen consequences.

This phrasing is way out over my understanding and that any decent company on this planet, would ever use a service from a company, with statements like the ones I have quoted above, directly from SORBS´ site.

Furthermore, when you read some of the replies to people from SORBS, trying to get delisted at SORBS, the language used in SORBS´replies is impatient, arrogant and respectless towards the querier. Once again I am stunned.

We all know, that there is a comparison standard like Common Practice within blablabla and Common Practice in blebleble and so on. We even ourselves use “our own Common Practice”, because we think it´s better than the Accepted Common Practice. But the practice of SORBS is non sociable, non acceptable, non common, non resolvable, non anything.

I have some more points to add, but this SORBS is too obscure for any further listing.

Please comment on my conclusion. I could be terribly wrong, but on the contrary, I also might have hit the bulls eye.

Edited by nicejerk

Share this post


Link to post
Share on other sites

Makes perfect sense.

Have your ISP pay the fine which will be used in a way they seem fit or stay listed.

You can cry and complain forever but it is not going to change things.

Share this post


Link to post
Share on other sites

Well Merlyn,

Good to see you have a good sense of humor.

But on the other hand???

Do you believe in the survival of "service" provider like SORBS? My bet they will be extinct.

Our service provider offered us to move our site and services to a clean IP # (not blocklisted by SORBS). As we solved our problem with direct contact to the administrator of the blocking mail server, we currently have no problem. I do not expect any major problem in the future with SORBS, as I can not see how Internet users continue to support unethical activity of this kind.

Edited by nicejerk

Share this post


Link to post
Share on other sites
Please comment on my conclusion. I could be terribly wrong, but on the contrary, I also might have hit the bulls eye.

Okay...

I have come to the conclusion, that SORBS is actually running a clever spam service, and probably earning pretty good on that.

I don't think you really know what spam is. And...

SORBS is a Non-Profit entity that relies soley on donations to operate. There are no assets' date=' nor any debts.[/quote']

What SORBS has been doing to our business in the last couple of days, is a clean 100% spam,

Nope. You definitely don't know what spam is.

and SORBS uses extortion methods to get one delisted from their blocklists.

Harsh methods, but not extortion at all. SORBS is a non-profit and has no income. All fees paid go to unrelated charities that return no money to SORBS.

It is also disturbing that SORBS can blocklist permanently a span of IP #

I can do the same thing. So can you. So can anyone. You can make a blocklist on a computer that isn't even connected to the net. The trick is to get people to realize that your blocklist is 1) useful, and 2) trustworthy. Many people believe that about SORBS, which is why it gets used. Remember, SORBS does not block anything! Server administrators who use and trust SORBS use the SORBS lists so that they can block spam. If the owner of the system you sent mail to didn't trust SORBS, your mail would have made it.

but then of course, the use of their lists is on voluntary basis, which limits the consequences of damage.

True, but not all of us consider it damage.

2. SORBS runs a DNS blocklisting service, for administrators to use in blocking "other" spammers, but SORBS.

Again, your grasp of the whole spam concept is shaky.

3. SORBS launches a product like spam Trap, that will bring them "honestly earned money" by blocklisting/delisting.

spam traps are not products. They are email addresses that have no reason to be used. Any mail coming to a spam trap is uninvited and fair game.

This simply confirms, that SORBS blocklists a span of IPs, and they will not let one off the hook, once there is a bite. No matter by mistake or not.

Yes, they are extremely harsh. I haven't done enough research to see if a single email can actually get you listed and as far as I can tell you haven't proved that, so I remain in the air over whether or not they are too harsh.

Those are the typical home users, SORBS is pretending to protect/teach a lesson. This is taking advantage of people, lacking the knowledge SORBS is referring to.

There are many, many other resources to teach home users not to run open mail servers and how not to get infected with spam-sending viruses. People who don't learn how to safely navigate the net and end up spewing millions of mails into my inbox are taking advantage of me.

Share this post


Link to post
Share on other sites
Those are the typical home users, SORBS is pretending to protect/teach a lesson. This is taking advantage of people, lacking the knowledge SORBS is referring to.

The typical home user will never see a block because they are using their ISP's server to send the mail and not sending directly. They can stay on the list indefinietly without affecting their service. There is another bl that specifically lists dial-up and dhcp broadband address space. The ISP's themselves place many of those requests so their clients can not spam the world.

Most SMTP software using blocklists only scan the connecting server. The spamcop email service does scan on every IP in the chain and would affect these types of users.

Edited by StevenUnderwood

Share this post


Link to post
Share on other sites

Hi once more and thank you for your replies so far.

QUOTE 

What SORBS has been doing to our business in the last couple of days, is a clean 100% spam,

Nope. You definitely don't know what spam is.

I guess your defentition of spam is something like "unsolicited usually commercial E-mail sent to a large number of addresses". My defenition is somewhat like "To abuse any network service or tool by for promotional purposes or annoyance". By blocklisting our IP#, SORBS prevented us from communicating with some customers via e-mail. That is just as much spam as receiving "unsolicited commercial e-mail" or even worse.

QUOTE (SORBS)

SORBS is a Non-Profit entity that relies soley on donations to operate. There are no assets, nor any debts.

Hehe. Do you really expect me to belive that? Read their site again.

QUOTE 

This simply confirms, that SORBS blocklists a span of IPs, and they will not let one off the hook, once there is a bite. No matter by mistake or not.

Yes, they are extremely harsh. I haven't done enough research to see if a single email can actually get you listed and as far as I can tell you haven't proved that, so I remain in the air over whether or not they are too harsh

I think you should do more study on SORBS.

QUOTE 

Those are the typical home users, SORBS is pretending to protect/teach a lesson. This is taking advantage of people, lacking the knowledge SORBS is referring to.

There are many, ......... are taking advantage of me.

Guess who is taking advantage of us and our services for the moment!

QUOTE 

Those are the typical home users, SORBS is pretending to protect/teach a lesson. This is taking advantage of people, lacking the knowledge SORBS is referring to.

The typical home user .......... the list indefinietly without affecting their service.

Good point. That also better explains that SORBS realizes that companies have the money, and perhaps will rather pay a "fine" to SORBS, as that might be the easiest solution, even though it's not the right one.

Share this post


Link to post
Share on other sites
Well Merlyn,

Good to see you have a good sense of humor.

But on the other hand???

Do you believe in the survival of "service" provider like SORBS? My bet they will be extinct.

Our service provider offered us to move our site and services to a clean IP # (not blocklisted by SORBS). As we solved our problem with direct contact to the administrator of the blocking mail server, we currently have no problem. I do not expect any major problem in the future with SORBS, as I can not see how Internet users continue to support unethical activity of this kind.

I am not saying I agree with them or disagree with them. There is nothing to do but pay or stay listed. It does not matter if they are good or bad or if they are going to stay alive or not. Their policy is not going to change. Your feelings or my feelings or any one else, it does not matter. The sun will come up tomorrow and you will still be listed unless your provider pays. It's very simple.

Share this post


Link to post
Share on other sites

Hi again you all and thank you,

There is nothing to do but pay or stay listed. ............Their policy is not going to change. .......It's very simple.

Evolution and progress. That is the counterpart of SORBS. "The teacher punishing the whole class because of one students' behaviour" is a "going back to the future techology", so I must disagree with you. To be satisfied with status quo, also is a sign of stagnation.

The sun will come up tomorrow and you will still be listed unless your provider pays.

The sunrise predictably will continue for some more millions years to come, but I hope our Service Provider does not pay anything to SORBS, because paying is the proof of accepting this unethical way of business, SORBS is doing. Paying a fine, for a "lesson" that brings you back into the future, technologically, is a bad investment for the Internet. The presence of SORBS is only keeping others from developing intelligent tools, others from doing a better work on intelligent basis, not Mathew's manual basis.

Let me quote Alden Bates:

SORBS is basically the spam-fighting equivalent of hanging all your suspects just to make sure you get the criminal.

and BlueBottle:

A small Melbourne anti-spam company, Bluebottle Systems, also disagrees with the approach adopted by block-lists.

"It's creating more havoc than good," Bluebottle founder Robert Pickup says.

"They (block-lists) are not well managed. If someone is on the same IP range (set of IP addresses) as someone who is sending a spam, then they will also be blocked, and even Telstra and Optus have found it difficult to get off a block-list."

A site complimenting the above statement: Merit and this one Do not get mad . Complaints about lack of support/communication from SORBES can be found in previous mentioned links, but in short:Support.

Let me quote one "victim of SORBS":

Matthew Sullivan’s self-appointed vigilante mission according to his web site is “Fighting spam by finding and listing Exploitable Servers.”  In other words, this vigilante does not respond to complaints about spam.  Rather, he attacks the issue in the very same manner as spammers -- by probing Internet mail servers for security flaws. ........Instead of advising the Internet hosting or service provider company with the security-flawed server that their system failed to pass his vulnerability test, which is a standard practice of security consulting firms, Mathew simply blacklists the IP address of the server.  Updates to his blacklist database are then uploaded by  systems administrators worldwide, who never question Mathew’s blacklist calls......

As I said before, a kind of thinking, like that in Germany in the 1930's (before computers). Religion has never been good in International businesses, and neither is Sullivans'.

Don't Internet users have any rights? I believe I do have some rights, despite SORBS eccentric action. At least according to law, you are innocent until proven guilty. I want to quote:

1. You have a legitimate right to do business on the Web and nobody has complained about you.

2. You are an indiscriminate victim of IP address blacklisting.

3. With no fault of your own, you must now pay a bribe to an enterprising young fellow in Australia in order to continue doing business on the Web. 

4. Instead taking the payments directly, which would be outright blackmail, you must make a “SORBS 'fine'” blackmail payment to a charity “approved by” SORBS.NET.

5. Are you ready for the sweet part?  You have to send your blackmail mordita (“little bit” in Spanish) thank you note to Matthew at payments[at]sorbs.net.

And finally a quote an e-mail from Mr. Sullivan to a "abuser" (that is, "abuser" by Mr. Sullivans defenition):

...................you will never know because you are too tied up in your own selfishness and self-importantness to have a clue.  Ask around if you actually want to resolve your issue, many people will tell you how you can talk to me to get what you want with the least possible pain.  Don't expect me to take crap off you or anyone else... because I won't. ................
Seriously!?! I am still stunned.

I am still gathering more information on the mind(s) behind SORBS, which is giving me a sharper picture of the eccentric person(s) behind it. All the above quotes, I have links/articles/names behind it, which I might publish with a revised conclusion. You can always PM me, if you want the info sooner.

Best regards,

nicejerk

Edited by nicejerk

Share this post


Link to post
Share on other sites

I don't understand why you keep spinning your wheels and wasting time and effort on something you cannot change. It's their site/blocklists and they can do what they want. If you don't want to use them then don't. If someone is blocking you then ask them to whitelist you. You will change nothing.

Share this post


Link to post
Share on other sites

I disagree with your analysis about SORBS and the quote about blocklists in general.

One of the great things about the Internet is that anything goes - there is no censorship, there is freedom to go and come and say just about anything you want. The other great thing about the Internet is that individuals do not have to access those sites they don't want to and do not have to receive any email that they are not interested in. No one can 'force' anyone to see, do, or read anything.

The only regulation of the internet is by individuals who control their computers. If other users are irresponsible (the people who get trojanized), then no one /has/ to suffer because of it because they can block irresponsible IP addresses. If other people who use that IP address don't do anything to make the other users responsible or find another IP address that is responsibly run, then they are being irresponsible in their choices.

You are not a victim of SORBS; you are a victim of your own negligence. Everyone, at some time, makes an error (of judgment or of technique) and the consequences are inescapable. Everyone, at some time, is a victim because someone close to them has made an error and again the consequences are inevitable. How one handles these kinds of errors makes one an effective contributor to the community or a nuisance or a menace.

Whiners, complainers, attackers who want others to do it their way are nuisances or menaces. On the internet, one can just block them; ignore them.

BTW, several of my correspondents have been 'victims' of viruses - only they didn't describe themselves that way - they said, "I was pretty ignorant. Now I know better."

When you grow up, perhaps there could be a debate about how to encourage better blocklist management so that there would be lots of good blocklists to choose from.

Miss Betsy

Share this post


Link to post
Share on other sites
I don't understand why you keep spinning your wheels and wasting time and effort ………………….
Well, first of all, right now I “almost” have the time to seek necessary info about SORBS. Secondly, I want to know: our possibilities if SORBS continiues to harass us, the reason for SORBS for doing so and how SORBS justifies it´s means to keep on the harassments.

Discussion reveals the truth and I am gathering information. Mr. Sullivan avoids discussion/communication, so where is the truth? I am sad to say, that the more you learn about Mr. Sullivan, the less you appreciate him, and Mr. Sullivan knows that. So far, everything indicates that Mr. Matthew Sullivan is an arrogant, respectless, unreasonable person, hiding behind SORBS and trying to unreasonably dictate the use of the Internet via his lists. Lists, that contain both “personally” listed IP#, rightfully listed IP# and not least the IP# that should not be on the list at all. It would be ignorant of me, not following up on this subject, after his act on us, an act of no cause from our side. We access Internet from various locations around the world and use several Service Providers. If SORBS will blocklist any of those servers (if Mr. Sullivan suddenly “just felt like it”), then I need to know the best solution/workaround. Until now, I can only judge it by the e-mail I sent to the administrator of the blocking mail server. Probably by experience, the administrator knew that SORBS makes “mistakes”, and therefor whitelisted our mailserver at once. If there will a next time or a new customer using current IP blocklist from SORBS, I can not be sure of the experience of that administrator. That´s why I bother “waisting” my time on this. Furthermore, I hope some people, that may have read this thread, will consider carefully about using the blocklist from SORBS. I hope our Service Provider will not pay any extortion money, but I have no idea if others in our IP block have temporarily solved their blockilisting issues, as we have and might therefore insist on that (that´s what SORBS is about).

One of the great things about the Internet is that anything goes - there is no censorship, there is freedom to go and come and say just about anything you want.
You really think there is no censorship? Please remember Mr. Sullivan!! Mr. Sullivan is allready controlling much freedom on the Internet.

The only regulation of the internet is by individuals who control their computers.
Again, remember Mr. Sullivan.

If other users are irresponsible (the people who get trojanized), then no one /has/ to suffer because of it because they can block irresponsible IP addresses.
A circulating malicious code, is defined as such, (trojan/virus/worm/other) after it has entered “the market” (not before) and identified as such, by respective companies. I do not believe your machine is born with a lifelong resistency to worms/viruses/Trojans.

One year ago, my AV Protection alerted me about, that an ADSL driver I just downloaded from an ISP was infected by a 1 1/2 old virus. Fine. I called up the maintenance division of the ISP and informed them about my findings. I named the virus, the AV software I was using and identified myself by both IP number and subscription. That ISP provider used McAfee to protect their system and files. While on the phone, they did a scan with McAfee, which found nothing. Then “surprisingly” Norton, found nothing. Still on the phone, they asked me to hold on while they downloaded F-Prot to do and did a test. The guy did run the test, found the virus and the whole ISP ´s web site was taken down for further scanning. Responsibility and helping out, YES, but that is not SORBS.

If other people who use that IP address don't do anything to make the other users responsible or find another IP address that is responsibly run, then they are being irresponsible in their choices.
???

You are not a victim of SORBS; you are a victim of your own negligence.
Not a victim! My negligence! “Good to know that you know!!?!” I must let others be the judge on that, but I really disagree with you.

…..attackers who want others to do it their way are nuisances or menaces
You said it yourself, SORBS!.

When you grow up, perhaps there could be a debate about how to encourage better blocklist management so that there would be lots of good blocklists to choose from
(Don´t fool yourself: boys never grow up).

Everyone, at some time, makes an error (of judgment or of technique) and the consequences are inescapable. Everyone, at some time, is a victim because someone close to them has made an error
I I can not comment on this, because it sounds like a phrase of that in a spam!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×