Jump to content
Sign in to follow this  
znmeb@cesmail.net

SORBS DNSbl has way too many false positives!

Recommended Posts

It took me a couple of weeks to spot this, but SORBS DNSbl has way too many false positives. I've lost large numbers of e-mails from two or three lists I'm on, plus responses to products I've ordered on line, even from Amazon.com. If you're using this blacklist, beware!!

Ed Borasky

Share this post


Link to post
Share on other sites

Actually SORBS works very good. A false positive for you may be spam for someone else especially when lists are involved. Give us a couple example IP's to check.

Share this post


Link to post
Share on other sites

Your whitelisting capabilities should help.

Also, there's a reason Amazon has been called Spamazon.

In addition, I've moved this Topic from SpamCop Help to SpamCop Email because it has to do with the SpamCop Email System.

Share this post


Link to post
Share on other sites

SORBS is a collection of different zones, some of them are known to agressively list spam sources.

These zones are coded in their response, and they also have a mirror of SPEWS.

Their spamtrap zone will list any mail server that sends e-mail to one of their spamtraps. I do not know if they make exceptions for viruses hitting them.

According to the SORBS FAQ, the spamtrap listing will stay until a donation is made to a mutually agreable charity.

Using the spamtrap zone for rejecting mail is likely to cause collateral damage.

Other zones are less agressive. Check the SORBS charter.

Research is needed before deploying any DNSbl in a production environment.

The operators of SORBS have recently been posting in the news.admin.net-abuse.email and .blocklisting about their backlog in keeping the DUL list up to date.

Some DNSbls are suitable for rejecting mail, others are more suitable for scoring potential spam.

-John

Personal Opinion Only

Share this post


Link to post
Share on other sites
According to the SORBS FAQ, the spamtrap listing will stay until a donation is made to a mutually agreable charity.

Using the spamtrap zone for rejecting mail is likely to cause collateral damage.

Other zones are less agressive.  Check the SORBS charter.

Our backbone ISP's SMTP server is listed in the SORBS BL because of a spamtrap message. I gather that the source of the infection has long since been resolved since it was a customer with an infected PC from one the many virus/trojan/worm infections last year.

Getting the IP de-listed has proved less than easy. The problem with the SORBS approach is that a large ISP can easily have a number of customers with infected machines and despite being exceedingly effective in educating these customers and helping them clean up their act (I can't say wether our ISP is effective - just a for instance) once listed you remain listed until the money is paid.

Unsurprisingly large ISPs have few mechanisms for making the charitable donations that SORBS demands.

So we avoid spam filtering decisions based on SORBS alone. As noted, SORBS is likely to cause collateral damage if used alone.

Andrew

Share this post


Link to post
Share on other sites
It took me a couple of weeks to spot this, but SORBS DNSbl has way too many false positives.

I may have shared your original opinions on this....

When I first added the list, I too, had a lot of 'false positives' even from lists with 'draconian' opt-in policies, one of which I believed involved a 'snail-mailed' key!

However working with the 3 blacklists I am using and reviewing/reporiting held mail daily and whitelisting where needed (yes I now have a LOONG whitelist), has now reduced my help mail list to drugs, money schemes and body part 'enhancers'.

I encourage you to work with the whitelisting capabilities and the additional list and it pays off dramatically!

Edited by xzr1tv

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×