Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by nicejerk

  1. I have read enaugh about Mr. Sullivan and I hope this is the last time I need to refer to him. You can read som more on that, that made me come to the conclusion. I am finished with this subject, and will not make any further replies. I promise. Some of this is really funny stuff (but serious though), like when Osirusoft shut down on the the world: http://www.dotcomeon.com/injoewetrust.html Reg. legal issues, then I want to point out to you the following cases: Media3 case: http://www.clickz.com/news/article.php/12_877011 BlackIce http://www.ifn.net/classic/blckice2.htm And not least: Read more about it here: http://www.ifn.net/classic/247media Read more about it here: http://www1.ietf.org/mail-archive/web/ietf...t/msg29620.html I concider SPEW and SORBS as more or less the same “service” with different names as Mr. Sullivan states at the bottom: http://www.santabarbaraproperties.com/casa/TwinTowers.html If in any doubt, then here are some good explanations to some of the lists: http://www.aitp.org/newsletter/2003sepoct/...mTechnology.htm Anti SPEW: http://www.ifn.net/classic/rblstory.htm + links Victims: http://www.chicagotribune.com/technology/c...5232.story?coll Almost too sarcastic: http://www.somethingawful.com/articles.php?a=1605 + many good links Honesty is best: http://www.lanechange.net/html/spews.shtml Some more reasons: http://www.clapper.org/spam/spews.html 1 more victim http://stopspam.sysop.com/ Thank you for your time, Best regards, nicejerk
  2. Hi again, sorry I could not stay away any longer. I was hoping to spare you for any further comments. But as I have found some more interesting information, I would like to share these with you. First, if you have the time, please read read this page http://www.dotcomeon.com/ . That paper is analyzing Paul Vixie, but if you read the article carefully, you will see the parallells and questionable legitimazy of SORBS´ list (rather users of the list). The legal issues quoted in the article, should be enough to discurrage serious Service Providers from using DNSBL. The author (NetSide) seems to look at this problem the same way I do, but phrases it a lot better. But it is an interesting reading. Yes, and as I stated before, I can only recommend spamcop and spamhaus, as they seem responsible in taking actions and cooperating in tracking down spammers and abusers. Maybe our discussion didn´t sway anyone´s opinion, but it sure helped me to come to a conclusion regarding SORBS/Mr. Sullivan. Thinking aloud is rightly phrased by you and there has been response on this board because of that. I think readers have the right to read about problems that can occur using SORBS´ list and the totally unreasonable response and attitude they might face, trying to communicate with Mr. Sullivan. SORBS´ list is “hand made in Australia” and humans make mistakes and Mr. Sullivan is not perfect. I only mentioned SpamAssassin, as the author of the respective article pointed out, what seems to be a very effctive solution with no DNSBL. But if that solution works, I have no idea about, but then SpamAssassin is also a differnet topic. Talking about proofs/swaying: Proofs can be circumstancial and what you read (Internet, newspaper etc.), you have to judge for yourself what might or might not be true. Your experience will help you to sort out the “truth”. I have stated my opinion on Mr. Sullivan, based on my inquieries on the Internet. I only browsed the Inernet, looking for possible answers to our problem, caused by SORBS and note: without a cause from our side. In my quest, I came across some extreamly vulgar/abusive language in many of Mr. Sullivans´ replies to inqueries. I will not blame Mr. Sullivan to use a bad language to express himself, but when he is putting people down with abusive language in replies, then I can not help but to protest. There were a few articles on the Internet that helped me to assemble a profile of this person (convincing and explanatory to me at least). And in this finding, I am simply stunned by the fact, some companies are using SORBS´ list and thereby supporting Mr. Sullivans way of extortion. But on the other hand, whenever we buy software or service, I never question the background of the developer(s), until now. Thanks to Mr. Sullivan. (So he is not that-all-bad).I didn´t come here to prosecute Mr. Sullivan, but I came here to find a solution to our problem. I have posted my conclusion, based on sources found on the Internet, and since then, found further material that supports my conclusion. But it is all a matter of how we interpretate our readings, so everyone must judge for him-/herself. I agree with you. It´s a matter of cost, bandwidth/load and quota. In each case you will have to decide what solution to use, but I am sure there are many more than DNSBL and SpamAssassin. For our business, I think it would be bad to use a DNSBL, as that might prevent potential customers from reaching us. With filters and rules, one can limit the amount of spam to reach it´s destination, but to blindly block a range of IPs by a list made by a 3rd party, looks to be a pretty ignorant solution to me. At the same time, one is actually “trying to move” the responsibility of blocking/filtration to this third party. spam will never disappear from the Internet, but we can only limit it. No doubt, I may have used some reasonable DNSBL on mail servers, if I administred any, but on the other hand, I would never use SORBS´ list and for that sake, any DNSBL, after my experience/findings. SORBS has given DNSBL a bad name, which will keep me sceptical of others similar. Our option is to pay “Joey”, but I do not approve of that, and we got whitelisted where we needed. But that will not change the fact that we will not receive inquries from potential customers, which´s mail server uses SORBS´ blocklist. I am wondering if to put a warning on our site, explaining how to contact us in case of failed mail delivery. After learning more about Mr. Sullivan, I believe he might block all the IPs of our Service Provider, if I posted our mail server´s IP here. That would be irrisponsible. I will let our mail server administrator know about your wish, and the person can decide if to contact you or not. We are serviced in the best possible manner, and I really would regret if my writing would give them any further trouble than that, of the consequenses of the Link X-changers. Again, that way to tackle spam must depend on the business you are doing. We welcome inqueries on our produts and manufacturing, and as such, respective e-mails should NOT be rejected because it was not requested. Some of those e-mails might now be rejected because of SORBS. (**). Well, if we were to pay US$ 50,- for nothing we have done, so why don´t you just pay it? You are just as guilty as we are. Just pay it to “Joey”. I´d rather through US$50,- out of the window (as that would help), than officially supporting a vulger vigilante "at work”. Participating and supproting unethical SORBS? No. We do have some reputation to protect and preserve, so we can not support Mr. Sullivans actions. That is my point. SORBS is unreasonable. You can not communicate with the Mr. Sullivan. Communication is a vital factor in solving problems, but there is non from Mr. Sullivan. That is why I point to spamcop and spamhaus, if you really think blocklists are a must. Thay are reasonable. That is exactly what I did, contacting the user of the list. The list might be "too effective" regarding blocking, but you will have to judge for yourself. Tell me more…………. (**) Just a point in other direction: With “Senders´ notification” you now come to another point of discussion started by F-Prot manager/president: producing unnecessary e-mail traffic on the Internet. In my first thread in this forum, I was seeking solution to overwhelming flow of e-mails, infected by Sober.g, from a certain IP no. Because the Sobig.g spoofs it´s “where from” in the header, then we were also receiving endless "virus warning replies” from mail servers, almost as many as that, of the worm infected e-mails. In a way, one can defined those replies as spam. A least, those replies from mail servers were a total waste of bandwidth in the Sobig.g case. Best regards to you, nicejerk
  3. Hi again and thank you all for your time. I totally agree with you. I must disagree with you. Dynamic and search for truth, is the drive. Would there be something you know, that I happened not to know? Honestly I don´t know. Let´s not make this anything personal. It´s allowed and always fun to talk about someone, that has just left the party. I have never stated that I have proven anything and I never will. I have been poking and I think this has been a good dialog we´ve had, where many questions have been brought up, few answered, but at least broadened/narrowed some peoples mind. This discussion has a.o. led me to a somewhat truth, that using DNSBL like SORBS is a collateral damage, used by mail administrators that do not bother configuring their servers. Kind of funny when you think of the purpose of Mr. Sullivans´ list and statements. There is no reason for me to reveal our mail server´s IP# (actually it would be irresponsible of me), because you all know, that we are not the first victim in SORBS´ list. But FYI, I can reveal that all our networks access to the Internet is via NATs, supported by Outpost firewall v2.0. All PCs have F-Prot v3.14c antivirus installed. We are not irresponsible. Honestly, I do not know how much truth there is in the articles I have referred to and/or read myself. But it is hardly any coincidence that they match pretty well. Everything points to that, that Mr. Sullivan fits the description I have given him and for sure I would avoid using any DNSBL on any mail server. I take my hat off for those, who effectively configure their mail servers as f.ex. the one below (seems to be, at a glance). Here might be interesting reading: http://www.info-world.com/spam.diagnosis/ Even though the article is about the long gone Osirusoft, then there is always a question where this flaw also applies to. I agree with the author, that the use of DNSBL should be banned, especially a list cooked up by a person like Mr. Sullivan. Thanks to common sence, the use of his list is not as widespread as indicaded. I consider the use of a list, like that of Mr. Sullivan, as a “cheap solution” for an administrator of a mail server. Serious administrators configure their servers. All the information is on the Internet, and there is no excuse for using a cheap solution. For security there are many solutions like: http://www.earthlink.net/about/press/pr_as...h/asta_tech.pdf A good point here: And for further info: If you want to do a lookup on an IP#, you might want to bookmark this “one pit stop”: http://www.moensted.dk/spam/ Well, this one was on me. I thank you all for your comments and critics. If SORBS wouldn´t have happened at this time, I would probably never have gotten the time to dig into this and just forgotten all about it. I consider my question on SORBS is done. I´ve just revised and added to my conclusion, and filed for future reference (which I doubt will ever come to). I will drop in for the next 2-3 days to see if you have any further comments. I will try not to answer (as I guess you have had enaugh of my comments), but that of course depends on the content. PS: Off topic: Patch the patch that was patched http://catless.ncl.ac.uk/Risks/23.01.html#subj9 Again, thank you very much for you help. Best regards to you all nicejerk
  4. Once again, thank you for your comments. I totally agree with you. But when this “someone” is dictated via SORBS list, blocking communication between businesses, that are doing business, both parts wanting to communicate, the blocking is a sabotage. As I quoted Alden Bates before: You can make a civil arrest, but you can not take the law into your own hand. That is a legal fact in the real physical world. Mr. Sullivan is making his own extreamist laws, and administrators may not be aware of that. By using SORBS´ list, administrators are applying Mr. Sullivans laws into practice. By practicing Mr. Sullivans law, the administrator must be responsible for that act. But is the administrator aware of Mr. Sullivans ethical laws/rules? I highly doubt that, but I hope our discussion has revealed some of SORBS´ unethical practices. Some years ago, my mother was receiving obscene phone calls, from a jealous/disturb woman. Of course the phone company could not reveal the identity of the person calling, which forced my mother to go to the police. The police then, went to the phone company and authorized, they tracked down the abuser, and the abuser got an ultimatum. That is exactly how our mail administrator works with f. ex. SpamCop, tracking down abusers, locating them and closing down their accounts. That doesn´t work with SORBS. Mr. Sullivan will not/can not cooperate with anyone. It is ridiculous to believe, that by blocking a span of IPs will make spammers disappear. Especially today, after the can spam act, it is very important to track down spammers, identify them and give them what serves them right. An administrator is not born perfect. For the Internet and administrators to develop, there must be given some space and tolorance to learn, not simply block them out. SORBS´ way of blocking is the Nazy´s 1930´s ideology of perfectionism, that only brought themselves down.
  5. Well, first of all, right now I “almost” have the time to seek necessary info about SORBS. Secondly, I want to know: our possibilities if SORBS continiues to harass us, the reason for SORBS for doing so and how SORBS justifies it´s means to keep on the harassments. Discussion reveals the truth and I am gathering information. Mr. Sullivan avoids discussion/communication, so where is the truth? I am sad to say, that the more you learn about Mr. Sullivan, the less you appreciate him, and Mr. Sullivan knows that. So far, everything indicates that Mr. Matthew Sullivan is an arrogant, respectless, unreasonable person, hiding behind SORBS and trying to unreasonably dictate the use of the Internet via his lists. Lists, that contain both “personally” listed IP#, rightfully listed IP# and not least the IP# that should not be on the list at all. It would be ignorant of me, not following up on this subject, after his act on us, an act of no cause from our side. We access Internet from various locations around the world and use several Service Providers. If SORBS will blocklist any of those servers (if Mr. Sullivan suddenly “just felt like it”), then I need to know the best solution/workaround. Until now, I can only judge it by the e-mail I sent to the administrator of the blocking mail server. Probably by experience, the administrator knew that SORBS makes “mistakes”, and therefor whitelisted our mailserver at once. If there will a next time or a new customer using current IP blocklist from SORBS, I can not be sure of the experience of that administrator. That´s why I bother “waisting” my time on this. Furthermore, I hope some people, that may have read this thread, will consider carefully about using the blocklist from SORBS. I hope our Service Provider will not pay any extortion money, but I have no idea if others in our IP block have temporarily solved their blockilisting issues, as we have and might therefore insist on that (that´s what SORBS is about). You really think there is no censorship? Please remember Mr. Sullivan!! Mr. Sullivan is allready controlling much freedom on the Internet. Again, remember Mr. Sullivan. A circulating malicious code, is defined as such, (trojan/virus/worm/other) after it has entered “the market” (not before) and identified as such, by respective companies. I do not believe your machine is born with a lifelong resistency to worms/viruses/Trojans. One year ago, my AV Protection alerted me about, that an ADSL driver I just downloaded from an ISP was infected by a 1 1/2 old virus. Fine. I called up the maintenance division of the ISP and informed them about my findings. I named the virus, the AV software I was using and identified myself by both IP number and subscription. That ISP provider used McAfee to protect their system and files. While on the phone, they did a scan with McAfee, which found nothing. Then “surprisingly” Norton, found nothing. Still on the phone, they asked me to hold on while they downloaded F-Prot to do and did a test. The guy did run the test, found the virus and the whole ISP ´s web site was taken down for further scanning. Responsibility and helping out, YES, but that is not SORBS. ??? Not a victim! My negligence! “Good to know that you know!!?!” I must let others be the judge on that, but I really disagree with you. You said it yourself, SORBS!. (Don´t fool yourself: boys never grow up). I I can not comment on this, because it sounds like a phrase of that in a spam!
  6. Hi again you all and thank you, Evolution and progress. That is the counterpart of SORBS. "The teacher punishing the whole class because of one students' behaviour" is a "going back to the future techology", so I must disagree with you. To be satisfied with status quo, also is a sign of stagnation. The sunrise predictably will continue for some more millions years to come, but I hope our Service Provider does not pay anything to SORBS, because paying is the proof of accepting this unethical way of business, SORBS is doing. Paying a fine, for a "lesson" that brings you back into the future, technologically, is a bad investment for the Internet. The presence of SORBS is only keeping others from developing intelligent tools, others from doing a better work on intelligent basis, not Mathew's manual basis. Let me quote Alden Bates: and BlueBottle: A site complimenting the above statement: Merit and this one Do not get mad . Complaints about lack of support/communication from SORBES can be found in previous mentioned links, but in short:Support. Let me quote one "victim of SORBS": As I said before, a kind of thinking, like that in Germany in the 1930's (before computers). Religion has never been good in International businesses, and neither is Sullivans'. Don't Internet users have any rights? I believe I do have some rights, despite SORBS eccentric action. At least according to law, you are innocent until proven guilty. I want to quote: And finally a quote an e-mail from Mr. Sullivan to a "abuser" (that is, "abuser" by Mr. Sullivans defenition): Seriously!?! I am still stunned. I am still gathering more information on the mind(s) behind SORBS, which is giving me a sharper picture of the eccentric person(s) behind it. All the above quotes, I have links/articles/names behind it, which I might publish with a revised conclusion. You can always PM me, if you want the info sooner. Best regards, nicejerk
  7. Hi once more and thank you for your replies so far. I guess your defentition of spam is something like "unsolicited usually commercial E-mail sent to a large number of addresses". My defenition is somewhat like "To abuse any network service or tool by for promotional purposes or annoyance". By blocklisting our IP#, SORBS prevented us from communicating with some customers via e-mail. That is just as much spam as receiving "unsolicited commercial e-mail" or even worse. Hehe. Do you really expect me to belive that? Read their site again. I think you should do more study on SORBS. Guess who is taking advantage of us and our services for the moment! Good point. That also better explains that SORBS realizes that companies have the money, and perhaps will rather pay a "fine" to SORBS, as that might be the easiest solution, even though it's not the right one.
  8. Well Merlyn, Good to see you have a good sense of humor. But on the other hand??? Do you believe in the survival of "service" provider like SORBS? My bet they will be extinct. Our service provider offered us to move our site and services to a clean IP # (not blocklisted by SORBS). As we solved our problem with direct contact to the administrator of the blocking mail server, we currently have no problem. I do not expect any major problem in the future with SORBS, as I can not see how Internet users continue to support unethical activity of this kind.
  9. Thank you all for your replies. Sometimes it is necessary to write things down to get a clear picture of happenings. That is why I started this thread and now I am writing my conclusion about SORBS. My conclusion is based on information posted in this thread, my experience with SORBS, some replies from SORBS to inquiries regarding delisting and information posted on SORBS' official web site (General Q&A and spam DB FAQ, http://www.dnsbl.us.sorbs.net/Overview.html ). I was doing this observation for myself in the beginning, but I must say, it could be interesting read for many more people. But here it is: After being blocklisted by SORBS and then learning more about SORBS, their blocklisting methods, their way of handling cases, avoiding constructive dialogs and problem solving strategies, I have come to the conclusion, that SORBS is actually running a clever spam service, and probably earning pretty good on that. My opinion is, that some Internet Authority ought to look at the practices of SORBS on the Internet and comment on that. What SORBS has been doing to our business in the last couple of days, is a clean 100% spam, and SORBS uses extortion methods to get one delisted from their blocklists. It is also disturbing that SORBS can blocklist permanently a span of IP # (also even if they just feel like it, see ad. 7. below), but then of course, the use of their lists is on voluntary basis, which limits the consequences of damage. Let me somewhat explain this a bit: 1. What I can read from SORBS´site, they claimed themselves as to be the www Sheriff, as that would justify their business strategy and assure customers of their intended reliable business. 2. SORBS runs a DNS blocklisting service, for administrators to use in blocking "other" spammers, but SORBS. A clever move which, at the same time guarantees successful operation for some time to come. Ad 1 and ad 2 make the floor plan for the business. 3. SORBS launches a product like spam Trap, that will bring them "honestly earned money" by blocklisting/delisting. The reason for getting on to their list, they write themselves: This simply confirms, that SORBS blocklists a span of IPs, and they will not let one off the hook, once there is a bite. No matter by mistake or not. Basta. I our case, I think paying US$50,- for nothing we have done, is US$50,- too much. Is this a typical sample on how SORBS works/thrives? As SORBS knows, many citizens will pay that money to an organization, if users didn't know any better. I have asked a few people, and they would pay this amount without hesitating, if they thought a virus or worm in their PC may have triggered the event of being blocklisted. Those are the typical home users, SORBS is pretending to protect/teach a lesson. This is taking advantage of people, lacking the knowledge SORBS is referring to. There is a law against this kind of fraud in some countries, protecting civilians. SORBS is a scam spam company, and I can not see any indication on anything else. It sure is fine to block a spammer, but blocking 100 innocent and 1 spammer, brings big money to SORBS. This is really knowing how to run a business, and let innocent home users pay SORBS for delisting IP addresses, SORBS itself chooses to blocklist. SORBS should work with Service providers to track down spammers and lock them out, like professionals do. But I seriously doubt they have the quality of mind for that. 4. Mails, SORBS receives by spam Trap, SORBS will by no means want to miss at least the US$50,-. In order to raise the chance for receiving payment, SORBS presses Service Providers to pay the "fine". SORBS does that by blocklisting a span of IP numbers disposable by the Service Provider. SORBS must be the biggest and longest living spammer I have come across until now. 5. To make things look more responsible for visitors, on SORBES site they use a phrase like , so SORBS decides what is right and what is wrong for the home users and even when to pay. SORBS is going to catch the wrong-doers and teach them a lesson! Kind of thinking, like that in Germany in the 1930's. 6. Phishy payments? Reading the "How to Pay" is a fun section. After "discouraging" the payee to pay to charity (mentions unrefundable and long delisting time) then at the bottom of the page "encourages" (delisting within 24 hours) SORBS write: Notice especially the My question here, why pay to Joey to get delisted at SORBS, if he has no connection whatsoever to SORBS? Is Joey on the way to jail? Or is Matthew Sullivan in deep trouble? Or is it just a sick joke? 7. To really convince doubtful minds, like mine, about the legitimacy of SORBS' business, SORBS writes in the General Q&A section: Not only is this a threat of never being removed from the blocklist, but it is a threat of publishing names and addresses, with unforeseen consequences. This phrasing is way out over my understanding and that any decent company on this planet, would ever use a service from a company, with statements like the ones I have quoted above, directly from SORBS´ site. Furthermore, when you read some of the replies to people from SORBS, trying to get delisted at SORBS, the language used in SORBS´replies is impatient, arrogant and respectless towards the querier. Once again I am stunned. We all know, that there is a comparison standard like Common Practice within blablabla and Common Practice in blebleble and so on. We even ourselves use “our own Common Practice”, because we think it´s better than the Accepted Common Practice. But the practice of SORBS is non sociable, non acceptable, non common, non resolvable, non anything. I have some more points to add, but this SORBS is too obscure for any further listing. Please comment on my conclusion. I could be terribly wrong, but on the contrary, I also might have hit the bulls eye.
  10. Hi once again, I've spent some more time on studying SORBS and I am putting my conclusion down in words. I will post it here in 2-3 hours. My conclusion is based on information on this thread, my experience with SORBS and SORBS' official web site. SORBS is SORBS, and it really is a question if they need any more than a single mistake. In our case, I felt their blocklisting even without a single mail. Please read my conclusion later on, as you might get a different view of SORBS. As with an actual sample, I will have to consult with our mail administrator. I do not wish to reveal any IPs to any non-concerned 3rd party member, but if the administrator agrees, I can have him contact you directly. If you work for spamcop, tracking down spammers, you might have worked with this person before. Good point. Should it be any different? Enron was a scandal, Anderson Revising also, so why not SORBS? Where does responsibility start/end or ignorance for that sake? We can endlessly keep on comparing and question, and that is keeping us scepticle, which makes us look for answers but finally you have to come to some kind of conclusion. Thank you for your .2. It will all add up. I started this thread because of attitude, policy and lack of cooperation from SORBS. I wanted to hear more experiences and replies from you that could help me finding a explanation/solution to their do-not-want-to-communicate-kind-of-problem. Mr. Chris Parker pointed out a page/site, containing information I was looking for, but on the very same page I read something more interestin, which led me to something more etc. etc. Today, I felt the pieces fell into place. I can better understand SORBS now, when I have it puzzeld together. I can not help concidering SORBS as a spammer, and I wonder if there are any official papers on that company (investigation/claims/legal issues)? More pennies/cents for more thoughts.
  11. Hi again, I have no objections to their comments on Windows, that's only the plain truth they write there. But SORBS uses that excuse to appearingly appoint themselves as the WWW Sherif, to justify their unreasonable actions where they block a span of IPs (perhaps permanently) caused by a single mistake. They expect you to pay a "fine" for getting delisted, which looks to me, is more like extortion. More from SORBS spam FAQ: Sure, they really want to teach the home user a lesson the hard way and you have to bring your wallet. We are all responsible for our actions, but that does not mean SORBS is allowed to act unreasonably, when a user makes a mistake. Of course, Windows vulnerablilities seem to be the main cause of virus/worm attacks on the Internet, but then we are diverting from the main thread regarding SORBS and its blocklistings and methods. I totally agree with SORBS about Windows. Windows versions until Winsk3, have had the goal of making it as easy as possible for any layman to experience multimedia and work in ever better ways. That perspective leaves Windows very vulnerable just after installation (until Win2k3 and WinXP SP2). It leaves all services running and ports open. You have to be pretty clever to shut down unessesary and vulnerable services and ports, and you can not expect the average home user to know how to do that. Microsoft could have compensated their products by offering a free firewall (comparable to that in Win2k3) to all windows users. But then, one has to understand that despite an action like that, people will still wonder "why on earth they need that". SORBS claims they are "teaching the Internet user a lesson" and "fining" the user. You judge their method for yourself. With Windows on more than 90% of all computers in the world, it's almost not worth writing a virus targetting other OS. As Linux is growing, it will be interesting to see if virus/worm/hijacks attacks will target that OS more in the future. You never know vulnerability before you stumble into it, so only time can tell. If SORBS were sincere and concerned about Windows vulnerability, as they write themselves, they might have added a section to their site and advice on online virus scanning sevices, excellent freeware like Spybot and Spywareblaster which makes surfing the Internet easier and safer, and other higly useful tools. But I guess they are too busy "teaching the lessons". I personally didn't know much about spam Trap before this incident, but I clearly see that it is a double edged sword. Users of spam Trap certainly have a great responsibility in making it work as intended, to avoid accidents. A good point, as users of the list realize that mistakes happen, and they respond to that accordingly. In our case, I provided the administrator of the mail server, blocking ours, with IP no, service proivders name and the cause of blocklisting. The admin could then look up the IP, and really verify that the provided IP no was not listed anywhere else, and the service provider is well respected. Still, a penny for your thoughts.
  12. Thank you Mr. Parker, I apologize for not reading the "spam Database FAQ" section, as I looked into the the "Frequently Asked Questions" to find hints on this "fine". The price is: Further down that page they state: This statement refers to 90% of home Internet users, and by no means justifies their way of blocking or charging their fine. It looks like they are putting themselves in the place of an "Internet Police Squad", appointed by themselves. I wasn't aware of this, until I read the link. From this moment on, I defenitely will not recommend SORBS. And Wazoo: I have no reason to doubt our mail server administrator as we have been working together for several months now. You can talk about sillyness, but I take it seriously when we get blocklisted by SORBES for someone elses mistake, but as I learn more about SORBES, the less I like it. In your previous message you wrote: and now you add to it: I do not know the content of the e-mail in question, but SORBES might have used some info in the message, if they do things manually. But I suspect, talking link exchange, domain names/links might have appeard in the mail in question. But the more I read about SORBES, the more I think they may have used from that mail. Well, your few lines here have helped a bit, thank you. Still, a penny for your thoughts. Add it up. It's a help for everyone. nicejerk P.S. FYI: We are a garment manufacturer and SORBS's list got our attention because of unreasonable blocklisting, and I can not see anything positive/attractive/reasonable with their services or attitude.
  13. Hi again and thanx for replies so far. I agree with you, but it also says in FAQ, that you only get listed for 2 days. I might have misunderstood something there. Neither could I anywhere on SORBS site find anything written about the so called "fine". They are not revealing the essentials. It was not my partner or am I involved in this in any way, that my mail server got blocked. Let me quote our mail administrator exactly: As long as there is traffic on the streets, you can expect accidents to happen, but there is no reason to punish the whole town for it. It's the humans that make mistakes, electronics/computers only fail. Still, a penny for your thoughts. nicejerk
  14. Hi you all, Because of my latest experience with SORBS, I thought it could be interesting to have your comments on SORBS. My story is, that one day I found out SORBES had blocklisted our mail server (only one of our customers mail servers seems to be using SORBS's blocklist). After some consultaion with the admin of the our server, I found out the reason for the blocklisting was, that a Link X-Change partner trying to contact the other sites' administrator, had accidentally sent mail to a spam Trap and thereby caught and registered by SORBS. SORBS promptly blocklisted a span of IPs and, unfortunately, including ours. In the quest of clearing our IP from the blocklist, I found out that SORBS will not do that under any circumstances, unless the Web Service Provider (WSP) pays a "fine" to SORBS. To me, that sounds like a pure extortion. Either SORBES should sell subscription to their services or have it for free, but not stab you in the back with something they call "a fine". I am highly suspicious about this "fine", and urged our WSP not to support this kind of business. Paying this "fine", would be like accepting and acknowledge the practice of "extortion". At least the way I see it. To solve this issue, I wrote to the admin of the blocking mail server, explained to him the situation and got whitelisted at once. Case solved for us. But I wonder how many others are suffering because of SORBES? If an admin of WEP can not have a constructive and problem solving dialouge with spam-preventing service provider, I can not see any grounds for supporting that particular spam-preventing service. Furthermore, if no one by principal, pays the so called "fine", then finally SORBES block list would contain most IP numers on the Internet and thereby become obsolete. Our mail administrator has before worked closely together with f.ex. SpamCop, to successfully track down spammers and close their accounts. These are typical cases where professionals work together to solve matters. Responsible blacklisting, includes a reasonable way to get delisted, and SORBS is not reasonable on this policy. As from this, I can only recommend spamhaus.org and spamcop.net. All this because of a one single mail to a wrong single address.
  15. After reading through previous posts, I think this discussion is coming to a very interesting point. Reporting an Chinese ISP/host might/will work. The number of complaints will decide survival of the host. China is more responsible and concerned to issued content in the country than others. I like that. Nowhere in the world have I seen more capitalism than in Shanghai/China. My guess is that, like what any Western company is doing, is investing in China, then of course, so do spammers. They pay people in China to "manufacture" their spam. (Filthy) business as usual. By that way, "the payer" spairs his own IP address(-es) from being blacklisted, blaming it all on China. It's only been recently China is recocnizing this "International" problem. Remember though: It's not only the Chinese authorities doing filtration, but Western companies also do. I feel it every day here from Shanghai. It does not matter if manufacturers sell their ready-made technology to China or not, because all major companies are already manufacturing their equipment in China (Nokia, BMW, Mercedes, VolksWagen, GM, FORD, Cadillac, Intel, AMD). Until 2004 all joint ventures have been in 51% Chinese owned, and that is smart. Your box and CPU are most probably allready stamped with "Made in China" or "Made in Malysia" or "Made in Singapore". The Chinese government can not do all things by over night (many parts of the country do not even have running water nor electricity). But it is impressive to see a very efficient government working, much more effective than that of any Western Country (I've lived in DK, USA, IS). My main point is, that spammers in China, without doubt, are driven by money provided by the West. All big brand names know how to market their products, and I am sure that a product like Viagra would not have gotten so "imprinted", if it was not for the overwhelming "spam-campaign" on the Net, the sponsor "must have bought". If you look at a typical spam content from China, then the spam only contains "European/U.S.A." products. That is, 99.99% of spammers are selling Western products. Chinese do not understand english, so the spam is not aimed at Asians and they are not making the products! You ask yourself about the source of spam There is 1.300.000 of Chinese, and they spam in their own language, which remarkably, I have not yet received a single spam in chinese (the only spam I get is on the mobile). Worth thinking of. Please report the ISP/Web host. The Red Democracy is here only for a short time, but while it's working, go ahead and enjoy it (it's working far better than any democracy in Europe/America). Best to you all, 'Ottar
  16. All the virus mails were stamped with the same IP address, even though the virus spoofed where it was sent from in the address bar. There is no confusion there. I found the abuser after reading through the returned mails "Mail Delivery Subsytem..Returned Mail...." (returned because of nonexistence/unreachable, but spoofed and sent by the sober.g). That list gave me the hints I needed, to recognise names/version of names that helped me identifing the source. In this case, I identified one e-mail address in that list, that was pretty unique and propably identified the host. To verify that, I contacted and asked the person to tell me the IP number of the PC via http://www.simflex.com/ip.shtml. The persons IP number matched that one from the mails. As I said before, I was very lucky to be able to identify the source, but I would like to have seen more activity/aggressive work from the ISP. Specially after giving them all necessary info, both IP no. and Worm. Irresponsible!! While writing this, I came to think of the 7 years sentence for spamming. There is no mention of ISP in that, so I might be pissing against the wind with my quary. A penny for your thoughts, 'Ottar
  17. I do not know elsewhere to look for answers, so if any of you could help me with the following: For 2 weeks, we were receiving 30-50 e-mails a day from *.*.*.*, containing the sober.g worm. After 10 days, I complained to the ISP, because I was getting concerned, both for the spoofing and perhaps vulnerable clients. Two days later, I followed up on that complaint, because I could see the IP # had changed (user reconnected) and we were still getting same amount of mail, containing the virus from this one user. I was informed, that because of "client policy" the ISP could not give me any information about the client, but said the ISP had issued a warning and disconnected the client. BUT, the ISP only disconnected the client (maybe for a second or so), so the client could reconnect, with a different IP #, and propably "hoping" this problem would "disappear". That of course didn't happen. I was getting mad, because this user was sending spoofed mail, pretending to be sent from us, and thereby damaging our "fine reputation" and only generating traffic on servers. Finally this morning, after reading through lots of mail addresses, I thought I had narrowed the problem down to a specific customer of ours, and luckily I was right. I could inform the user, that he was causing damage, not only to us but to everyone else listed in his mail database. He promised to fix this (I'll give him time until Monday). I am only glad that I found the root of the problem, but the ISP did not do anything to help solving this (except disconnecting the abuser twice, maybe for totally 2 seconds). I think it is very irresponsible way the ISP reacted. 1. I wonder, if this could have continiued forever, if I would not have found the abuser by myself? What are my options? 2. Is there no obligation the ISP has, regarding stopping spam and virus distribution? I sincerely hope anyone of you could advise me on this (common practice, accepted practice). Best regards, nicejerk
  • Create New...