znmeb@cesmail.net Posted March 1, 2004 Share Posted March 1, 2004 It took me a couple of weeks to spot this, but SORBS DNSbl has way too many false positives. I've lost large numbers of e-mails from two or three lists I'm on, plus responses to products I've ordered on line, even from Amazon.com. If you're using this blacklist, beware!! Ed Borasky Link to comment Share on other sites More sharing options...
Merlyn Posted March 1, 2004 Share Posted March 1, 2004 Actually SORBS works very good. A false positive for you may be spam for someone else especially when lists are involved. Give us a couple example IP's to check. Link to comment Share on other sites More sharing options...
Jeff G. Posted March 1, 2004 Share Posted March 1, 2004 Your whitelisting capabilities should help. Also, there's a reason Amazon has been called Spamazon. In addition, I've moved this Topic from SpamCop Help to SpamCop Email because it has to do with the SpamCop Email System. Link to comment Share on other sites More sharing options...
WB8TYW Posted March 2, 2004 Share Posted March 2, 2004 SORBS is a collection of different zones, some of them are known to agressively list spam sources. These zones are coded in their response, and they also have a mirror of SPEWS. Their spamtrap zone will list any mail server that sends e-mail to one of their spamtraps. I do not know if they make exceptions for viruses hitting them. According to the SORBS FAQ, the spamtrap listing will stay until a donation is made to a mutually agreable charity. Using the spamtrap zone for rejecting mail is likely to cause collateral damage. Other zones are less agressive. Check the SORBS charter. Research is needed before deploying any DNSbl in a production environment. The operators of SORBS have recently been posting in the news.admin.net-abuse.email and .blocklisting about their backlog in keeping the DUL list up to date. Some DNSbls are suitable for rejecting mail, others are more suitable for scoring potential spam. -John Personal Opinion Only Link to comment Share on other sites More sharing options...
agsteele Posted March 2, 2004 Share Posted March 2, 2004 According to the SORBS FAQ, the spamtrap listing will stay until a donation is made to a mutually agreable charity. Using the spamtrap zone for rejecting mail is likely to cause collateral damage. Other zones are less agressive. Check the SORBS charter. Our backbone ISP's SMTP server is listed in the SORBS BL because of a spamtrap message. I gather that the source of the infection has long since been resolved since it was a customer with an infected PC from one the many virus/trojan/worm infections last year. Getting the IP de-listed has proved less than easy. The problem with the SORBS approach is that a large ISP can easily have a number of customers with infected machines and despite being exceedingly effective in educating these customers and helping them clean up their act (I can't say wether our ISP is effective - just a for instance) once listed you remain listed until the money is paid. Unsurprisingly large ISPs have few mechanisms for making the charitable donations that SORBS demands. So we avoid spam filtering decisions based on SORBS alone. As noted, SORBS is likely to cause collateral damage if used alone. Andrew Link to comment Share on other sites More sharing options...
xzr1tv Posted March 2, 2004 Share Posted March 2, 2004 It took me a couple of weeks to spot this, but SORBS DNSbl has way too many false positives. I may have shared your original opinions on this.... When I first added the list, I too, had a lot of 'false positives' even from lists with 'draconian' opt-in policies, one of which I believed involved a 'snail-mailed' key! However working with the 3 blacklists I am using and reviewing/reporiting held mail daily and whitelisting where needed (yes I now have a LOONG whitelist), has now reduced my help mail list to drugs, money schemes and body part 'enhancers'. I encourage you to work with the whitelisting capabilities and the additional list and it pays off dramatically! Link to comment Share on other sites More sharing options...
Jeff G. Posted March 8, 2004 Share Posted March 8, 2004 Our backbone ISP's SMTP server is listed in the SORBS BL If you want to try to bypass your backbone ISP's SMTP Server, please see Jeff G.'s Hotspot SMTP-Auth Provider Status Report. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.