Jump to content

SORBS Rant


Telarin

Recommended Posts

Ok, this is a long story, and is more of a frustrated rant than a request for assistance at this point.

I'll start at the beginning. Our internet connectivity was provided through Time Warner's Metro Ethernet fiber solution, starting about 3 years ago. Sometime at the end of last year, Comcast bought out the Time Warner franchise here in Houston, and took over the metro ethernet product as well.

About 4 weeks ago, I got a call from the Comcast NOC, letting me know that they were going to have to change IP allocations in the near future, since the IPs we were using were allocated to Time Warner, and they had to return them fairly soon. Great, I though, I needed to ask for a larger allocation anyway, as all 5 of my usable IPs were being used, and we were considering adding another piece of telephony equipment that would require a public IP. This didn't seem like a big deal at the time, I just made myself a to-do list, spent a day late at the office to change over routers, DNS records, etc.

I even took the time to run the new IPs through some of the RBL checkers to make sure they were clean, and everything looked good... That is, until the next day when my users started getting undeliverables from att.net, sbcglobal.net, earthlink.net, and several other domains. Somehow I had managed to miss the fact that SORBS has elected to list the entire range that my IPs came from in their DUHL. Clearly these IPs are not dynamic, as they all have matching non-generic PTR and A records registered in DNS.

Again, I figured this wouldn't be that big a deal. The SORBS DUHL is after all supposed to be a policy based list, and my IPs didn't fall within that policy, a simple support ticket should correct the problem, right? Yeah, not the case. I submitted a ticket through the Help & Support link on the SORBS site, which in and of itself is not an entirely clear process, at some point halfway through the ticket, it gives you a list of which SORBS list your IP is in, and it is not entirely clear at that point how to proceed, but by clicking on the Get Help & Support button presented at that point, it gives you the option to enter a description of the problem and click submit. Then it tells me "Your ticket has been submitted, check your email".

No email ever arrives at any email address I have used to submit the ticket... I figure maybe there is something wrong with the ticketing system, so a few days later, after no response from SORBS, I submit another ticket. Same thing, no confirmation email is ever received, and no response is ever heard from SORBS. At this point I'm getting a bit desperate, the CEO is calling me on a regular basis to tell me his emails are not going through, and wanting to know when it will be fixed. The best I can do is stall. I call Comcast and let them know. The Comcast NOC submits a ticket to SORBS about the error in the DUHL, again with no response.

I remember that Matthew Sullivan posted here in response to someone a few weeks back, so having run out of ideas I do some hunting around, find him here, and send him a PM letting him know that there may be a ticketing problem, and let him know what happens. He responds back telling me he is receiving tickets daily, so there is most likely not a problem with the ticketing system, but asks for a few details so he can track down the wayward ticket. After several PMs for me to provide him additional troubleshooting details, he goes silent and won't respond to further PMs asking about the status of my ticket.

So, here I sit, a fair amount of email being blocked by a SORBS DUHL listing that shouldn't be, I've submitted tickets every few days to SORBS, hoping that one of them will get through and I will see some kind of confirmation, even going so far as trying to submit via a few of the various SORBS mirror sites. It has been over 3 weeks since my initial request, and still the erroneous listing persists.

So, if you are using the SORBS DUHL for filtering, be warned that the list is not being maintained in a responsible and consistent manner, and may contain a number of rangers that are not, in fact, dynamic in nature.

Link to comment
Share on other sites

SORBS did a major upload last May which created all sorts of problems at the time. Seems to have some similarities, in terms of effect at least. The Westnet case on Whirlpool might be illuminating if you've not already seen it - Matthew Sullivan contributed to the thread and there are some contact details in there which you may not have tried yet (also some tech stuff towards the end but that should contain no surprises):

http://forums.whirlpool.net.au/forum-repli...cfm/522592.html

If not, at least there are some other rants there to read.

Link to comment
Share on other sites

*bangs head against wall repeatedly*

Well, there was what I hoped would be a helpful link in there to an automatic exclusion tool. You have to have a SORBS account to use it, no big deal, right? So I register a SORBS account... but never get the validation email... Try again using my personal email address... yahoo.com email addresses are not allowed...

Anyone here have a validated SORBS account? If so, can you hit https://www.dnsbl.au.sorbs.net/scgi-bin/dulexclusions and exclude 24.149.202.2 and 24.149.202.4?

Link to comment
Share on other sites

What's happening Will? I now see

[TTL 86400] giaserver.gia-tx.com. [24.149.202.2] excluded

Listed as an exception and therefore NOT blocked.

Which sounds like you're free to fly. Comcast did the trick?

Link to comment
Share on other sites

No, I just kept hammering away until one of the tickets was finally actioned... Would have been nice if they had removed the whole static block, rather than just listing a couple IPs as exceptions, but at this point, I'm just happy to be able to get email through to all the major services that use SORBS...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...