Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Imminent Demise of SORBS

kdawson posted more than 5 years ago | from the don't-let-it-be-bought-by-a-spammer dept.

Spam 290

An anonymous reader lets us know about the dire straits the SORBS anti-spam blacklist finds itself in. According to a notice posted on the top page, long-time host the University of Queensland has "decided not to honor their agreement with... SORBS and terminate the hosting contract." The post, signed "Michelle Sullivan (Previously known as Matthew Sullivan)," says that the project needs either to "find alternative hosting for a 42RU rack in the Brisbane area of Queensland Australia" or to find a buyer. Offers are solicited for the assets of SORBS as an ongoing anti-spam service — it's now handling over 30 billion DNS queries per day. An update to the post says "A number of offers have already been made, we are evaluating each on their own merits." Failing a successful resolution, SORBS will cease operations on July 20, 2009 at 12 noon Brisbane time. Such a shutdown could slow or disrupt anti-spam efforts for large numbers of mail hosts worldwide.

cancel ×

290 comments

No big loss! (5, Insightful)

Anonymous Coward | more than 5 years ago | (#28447835)

A blacklist that charges you to get your IP removed will inevitably block far more than real spammers.

Saaayyy whhhhhhhhaaaaa?? (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#28448051)

The imminent Demise of SORBS

...eesh! Sounds bad!

An anonymous reader lets us know about the dire straits the SORBS anti-spam blacklist finds itself in.

HEY! Hold on just one second. What do you have against the Dire Straits [wikipedia.org] ??

ANUS GAPING HORSE PENIS SEMEN GOAT SEX DIAHRREA (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28448625)

Hey mods, I was trying to be funny. How about you mod me down again? Just wastin' modpoints. Just wastin' modpoints.
 
Die, douchebag. Suck my nipples. Eat after my intestinal tract. There. DIEEEEEEEEEEEEEEEEEE

Re:No big loss! (4, Insightful)

CarpetShark (865376) | more than 5 years ago | (#28448171)

A blacklist that charges you to get your IP removed...

...is otherwise known as extortion.

Re:No big loss! (1)

Sorthum (123064) | more than 5 years ago | (#28448455)

Actually, Barracuda's "whitelist" is far worse in this regard.

Re:No big loss! (3, Informative)

Cramer (69040) | more than 5 years ago | (#28448833)

In their words, "it's not extortion as *we* don't see any of the money." It's still bullshit.

I've had issue with them for many years... their "spamtrap" list is 100% untrustable. It only takes one email EVER to get on the list. They provide zero evidence of how you got on the list, just that you are on it. Enties never, ever, expire. And to get off the list... you have to "make a donation." (But if you're google, you get removed without ever knowing you were listed.)

Re:No big loss! (0)

Anonymous Coward | more than 5 years ago | (#28448529)

A blacklist that monitors open relays and proxies?

There, fixed that for ya.

Re:No big loss! (1)

CohibaVancouver (864662) | more than 5 years ago | (#28448559)

I agree - Blacklists are a pain! My brother's domain got randomly blacklisted, as did another business venture I'm involved with. None of them were spammers, but email was blocked - And requests to be 'unblocked' went into what could best be described as a 'black' hole.

Re:No big loss! (2, Interesting)

MightyMartian (840721) | more than 5 years ago | (#28448661)

Blacklists are more than just a pain, they're as much a cancer on SMTP infrastructure as spam. And among cancers, SORBS is the worst. I'll be glad to see it die.

Re:No big loss! (0)

Anonymous Coward | more than 5 years ago | (#28448863)

Agreed, SORBS was one of the most poorly maintained DNSBLs which interfaced with ISPs. SORBS' responses were often hostile and demanding. Can't wait for it to be offline for good.

Wow! (1)

dotgain (630123) | more than 5 years ago | (#28447839)

A 42RU cabinet just for SORBS! No wonder they're being kicked out.

Re:Wow! (1)

aweraw (557447) | more than 5 years ago | (#28448421)

42RU of dodgy shit

ROM's being charged for: http://vampire.isux.com/ROMs/ [isux.com] [isux.com]

Dubious images: http://vampire.isux.com/pics/x/ [isux.com] [isux.com]

So what's going on here, Matthew... I mean, Michelle?

Re:Wow! (1)

djdavetrouble (442175) | more than 5 years ago | (#28448567)

WTF are those links?

What does that have to do with SORBS?

MY EYES MY EYES. THEY BURN!

Re:Wow! (1)

aweraw (557447) | more than 5 years ago | (#28448609)

Check the WHOIS info on isux.com, and it will all fall into place....

Re:Wow! (0)

Anonymous Coward | more than 5 years ago | (#28448647)

domain: isux.com reg_created: 2001-10-08 20:20:54 expires: 2013-10-09 00:20:54 created: 2002-09-24 09:56:08 changed: 2008-09-15 13:52:27 transfer-prohibited: yes ns0: ns0.sorbs.net ns1: ns6.gandi.net ns2: ns.isux.com 209.220.100.157 owner-c: nic-hdl: MS1367-GANDI owner-name: SORBS organisation: SORBS person: Sullivan Michelle address: PO Box 669 zipcode: 4111 city: Nathan state: Queensland country: Australia phone: +61.280046200 fax: +44.7031966801 email: fbffedbe9c87ef4039a7603ba9c644c3-198671@contact.gandi.net lastupdated: 2009-03-06 17:44:34

Oh my god (4, Funny)

bhenson (1231744) | more than 5 years ago | (#28447845)

Oh my god the spam is burning, burning I tell you

Big rack... (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28447849)

Especially for someone with a sex change operation.

The post, signed "Michelle Sullivan (Previously known as Matthew Sullivan)," says that the project needs either to "find alternative hosting for a 42RU rack in the Brisbane area of Queensland Australia" or to find a buyer.

Explanation please (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28447863)

"Michelle Sullivan (Previously known as Matthew Sullivan),"

Huh?

Re:Explanation please (5, Funny)

MichaelSmith (789609) | more than 5 years ago | (#28447939)

She looks like a really good girl, as girls go.

Re:Explanation please (0)

Anonymous Coward | more than 5 years ago | (#28448377)

That's a man baby! /oblig

Re:Explanation please (-1, Flamebait)

Trillian_1138 (221423) | more than 5 years ago | (#28448463)

I knew, coming into this thread, that the comments would just make me feel great, but I have a masochistic streak, so I did it anyway.

I don't know, MichaelSmith, if you intended your comment as tongue-in-cheek or not (giving you the benefit of the doubt, I'll assume not) but - as a trans woman - I'm disappointed that the two moderations your post has received so far are 'Funny.' It's A) transphobic to assume MichaelSmith meant the comment as a joke and B) not particularly funny even if it was intended as a joke...

(Obligatory acknowledgement that, yes, it's "just a joke" and, yes, I'm just over sensitive [derailingfordummies.com] and taking things too personally.) [derailingfordummies.com]

Trillian

Re:Explanation please (0, Insightful)

Anonymous Coward | more than 5 years ago | (#28448481)

And yet, transsexuals are still psychopath freaks who mutilate themselves in order to believe they are something that they will never get to be.

Re:Explanation please (3, Interesting)

MichaelSmith (789609) | more than 5 years ago | (#28448491)

Sorry if I offended you. That was a Suzanne Vega reference [suzannevega.com] . Maybe SV isn't geeky enough for /.

Re:Explanation please (2, Interesting)

Trillian_1138 (221423) | more than 5 years ago | (#28448579)

I appreciate your apology, and your comment didn't (in and of itself) offend, just the moderation. I definitely didn't get the reference and it would appear, according to Suzanne Vega herself [vega.net] (scroll down to interview excerpt), the song was certainly written with good intent.

All that said, and having nothing to do with your comment, I'm not thrilled with Vega saying, "...I found out she wasn't really a girl," (emphasis added) in reference to the song's inspiration. Again, I don't think Vega is coming from a transphobic or hateful place, I just want to point out that that's not generally considered respectful language. (This isn't directly specifically at you, MichaelSmith, just more a general note...)

-Trillian

PS - I know I've been spoiled by the Internet, because I'm frustrated I wasn't able to imediately find an audio and/or video version of As Girls Go, so I could check it out, with a 30 second Google search...

WOW! (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28447867)

That is an ugly woman [linkedin.com] .

*snort* (5, Insightful)

paitre (32242) | more than 5 years ago | (#28447871)

"Such a shutdown could slow or disrupt anti-spam efforts for large numbers of mail hosts worldwide. "

You're kidding, right?

They have done more to give legitimate anti-spam efforts a black eye than ANY legislative attempts to 'solve' the problem ever could.

I -used- to believe that 'collateral damage' was a legitimate 'tactic' in the fight against spammers. I've grown up since then.

Re:*snort* (5, Interesting)

doctorcisco (815096) | more than 5 years ago | (#28447923)

Mod parent up. The death of SORBS would be a net gain in the fight against spam. Blacklisting entire ISP's who are "insufficiently responsive" only makes sense if you don't care whether email gets delivered or not.

doc

Re:*snort* (1)

LoadWB (592248) | more than 5 years ago | (#28447959)

The only bad thing about this is the loss of mirrors of GOOD lists it provides.

Re:*snort* (4, Insightful)

lawpoop (604919) | more than 5 years ago | (#28447961)

Correct me if I'm wrong, but isn't it the case nowadays that blackhole lists ( or whatever they're called ) are used mainly as a factor in weighing scores in Bayesian methods of filtering spam, rather than just blocking email outright? In other words, the usage is still widespread, not for direct blocking, but for helping a program decide if its spam or not?

If so, this would let more spam through spam filters, really.

Re:*snort* (4, Informative)

paitre (32242) | more than 5 years ago | (#28447977)

The -smart- people are doing precisely that.

The problem is that there really are still people out there who are using lists, such as SORBS, as absolute arbiters in what is, or is not, from a spam source.

Thankfully, this number is shrinking daily as they realize just how broken some of these lists have been as a matter of policy.

Re:*snort* (2, Interesting)

EdIII (1114411) | more than 5 years ago | (#28448223)

There are not a lot of products out there that support anything but blocking based on those RBL's.

I would love to find a proprietary product out there that uses the RBL's like that and also provides the features I am looking for.

So far I have not run into too many problems with the outright blocking though. I figure if there is a real problem, that I will get a support call from a customer and I can act accordingly. So far, no calls after 3 years of running like this with quite a number of mail clients and domains.

You dont count (4, Insightful)

coryking (104614) | more than 5 years ago | (#28448263)

Your parent is right. There does exist a set of clueless people who straight filter based on RBL's like SORBS. Sure, filter your home mail server any way you want, but the *second* you have third-party people using your system (or the second you run the mail server for a business), you should be outright fired for filtering based solely on something like SORBS.

I figure if there is a real problem, that I will get a support call from a customer and I can act accordingly

That is because I dont waste my time calling you. I call your boss and your sales department. If you really are running a business mail server and filtering based on SORBS, you are basically clueless and I'll gain nothing talking to you Your sales staff though, I'm sure they'd be happy to know you are blocking my customers inquiries into your companies products. And I'm probably also sure that if you are the type who filters like that, they probably have a bunch of other issues with the way you run their systems and this just might be the straw that broke the camels back.

(of course, I may have mis-read you) (1)

coryking (104614) | more than 5 years ago | (#28448265)

and you are asking if there exists products that don't outright block based on crap like SORBS. In which case "You" refers the general type of idiot who I've dealt with that does block based on SORBS.

Re:(of course, I may have mis-read you) (4, Insightful)

EdIII (1114411) | more than 5 years ago | (#28448355)

Wow. That's a lot of hostility there.

First off, I never said I used SORBS. I did some research first about which ones would probably be best, respond to delisting requests in a timely fashion, and could provide me with a list that was had a lot of maintenance. Spamhaus and Spamcop are fairly decent and AFAIK, they DO respond to delisting requests and don't just put IP blocks up willy nilly.

I'm hardly an idiot. If I could find an open source software package capable of doing what I require, I would have gone that way a long time ago. As it stands, I have to use a proprietary software package that does not allow me to weight the incoming emails based of *any* RBL's. I can only refuse the connection based on the RBL's.

My original point stands. You want to be so incredibly hostile and label anyone that dares to use a RBL (or maybe just SORBS, could you clarify?) as an idiot, but fail to realize just how many mail server software packages out there don't do what you are asking for.

Try taking the hostility down a notch or two, and if you are so knowledgeable about mail server product that do offer weighting based on RBL's, why not just post it here for people to read? Maybe there are people new to running a mail server, don't understand the implications of a RBL (which hardly makes them an idiot), and would gladly implement a better solution.

Or... you could just attack people personally and denounce them for being idiots without actually writing anything productive while foaming at the mouth.

Heh.. you will find a lot of hostility (4, Informative)

coryking (104614) | more than 5 years ago | (#28448389)

A lot of people have had their lives turn into a living hell because of some listing on SORBS. Thus if it wasn't me who chewed you out, somebody else probably would have :-)

Spamhaus's PBL?* I filter on that... the friggen ISP's make up most of that list. I'm pretty damn sure AOL and friends filter off that list too and my motto is "if AOL or Yahoo filters mail based on XYZ policy, I will too". Plus, you can get off that list on a web page.

It is SORBS that I have an issue with. SORBS was created out of pure spite. So my apologies random internet person :-)

* Excepting Godaddy who is fucking insane. Those assholes filter *URL's pointing to a PBL'd IP that are embedded in a message*!!! Worse, they dont tell you. Had fun learning that.

Re:Heh.. you will find a lot of hostility (1)

omnichad (1198475) | more than 5 years ago | (#28448663)

Yeah. That GoDaddy thing had me confused for the longest time. I don't remember how I ever figured it out. I never saw it written anywhere, that's for sure. They. Should. Die. For that.

Re:Heh.. you will find a lot of hostility (3, Interesting)

mynubarta (1583769) | more than 5 years ago | (#28448783)

"A lot of people have had their lives turn into a living hell because of some listing on SORBS." Yes, and because SORBS volunteers were at times unprofessional and trollish in their responses for removal, it is just as well they are shutdown. Most other RBL volunteers would not behave this way, except SPEWS or whatever name changed to.

The only RBLs worth considering (1)

coryking (104614) | more than 5 years ago | (#28448795)

Are those who let people delist simply by visiting a website and clicking "unlist me". After that, they are instantly unlisted. See also--spamhaus. You can pretty much outright block traffic listed in the PBL.

Re:(of course, I may have mis-read you) (0)

Anonymous Coward | more than 5 years ago | (#28448431)

Dealing with spam just plain sucks in many ancillary ways (financial, unproductive use of time, asshat admins, etc.).

Perhaps his posts were borne of frustration, rather than malice. Or not.

(Dr. Phil hat off)

Re:(of course, I may have mis-read you) (0)

Anonymous Coward | more than 5 years ago | (#28448437)

My first guess is that you're using Exchange. If so, ever since Exchange evolved into the emacs of mail servers (boy, it does a lot of awesome stuff, but it sure would be nice if they had a MTA in there somewhere), the "new hotness" has been to put a real mailserver in front of the Exchange server to "soften the blow" of incoming mail and deal with all of the crap. Of course, whether you go with an appliance like the barracuda, or some other server, it'll take a bit of money and elbow grease to get it to work well (eg validating incoming addresses against AD rather than just bouncing them off the exchange server, defeating the purpose).

Even if you're using something else, the premise still works: for incoming mail, add an additional layer where you take care of business before handing it off for sorting into users' mailboxes.

Re:You dont count (1)

Boomerang Fish (205215) | more than 5 years ago | (#28448665)

Having worked in IT Admin for an ISP in the past, I have to to tell you're positioning yourself as exactly the type of customer I used to tell our sales staff we didn't want.

If you weren't willing to work with our support staff and provide us the necessary information to understand where our efforts were failing, you are useless. The threats on the internet change daily (sometimes hourly) and what works today is broken tomorrow... I had enough trouble keeping up with the obvious threats that, unless a customer worked WITH me, his problems really didn't bother me.

And before you respond telling me that I lost our company business, let me just say that the one time a sales person tried to have management fire me over this, I had them check recent sales and showed that 70% of the people who left because "we weren't addressing their concerns", came back... because our support team did respond -- when utilized correctly and not through the sales filter which amounts to a bunch of commission based telemarketer monkeys screaming "it doesn't work and I can't make a sale!"

You want support, then talk to the support people and give them the details they need. Otherwise take your business to AOL or Comcast...

--
I drank what?

Sorry pal (2, Funny)

coryking (104614) | more than 5 years ago | (#28448775)

And I realize you aren't the kind of idiot who blocks based on SORBS (or god forbid SPEWS, remember them?), and you are an ISP so if you were filtering based on SORBS you wouldn't have much business anyway, so I'm not really talking about you--I'm talking about small to medium sized businesses and other hotspots of cluelessness... "Me" in this case is my ISP and my customers trying to send email to *you* and your funky smelling email servers. In other words, imagine if some asshole listed *your* ISP or one of your upstreams in SORBS... Your (er, my) customers are now bitching to *you* (er, me). This is what I'm ranting about here.

If you weren't willing to work with our support staff and provide us the necessary information to understand where our efforts were failing, you are useless.

If you are filtering inbound email based 100% on SORBS, you are clueless and it would be a waste of my time to deal with you. Why? Either you are ignorant (thus it wouldn't do me any good anyway) or you are an asshole who does this for kicks, in which case you'd tell me to FOAD. As such, talking to you is a waste of time.

I used to tell our sales staff we didn't want [you as a customer]

You are the IT guy. Why would they listen to you? The probably already hate your guts for installing some other spite-ware or have them change their password every week. They dont listen to you and they dont like you (again, I'm not talking about you sir, but the SORBS filtering BOFH guy--ISP's are typically not the type to filter this way anyway). My calling them is just more ammo to go after you. It is politics my friend :-)

Otherwise take your business to AOL or Comcast

Funny enough, AOL has a 24 hour 1-800 number you can call to talk with the postmaster.

Re:*snort* (2, Informative)

ZorinLynx (31751) | more than 5 years ago | (#28448393)

>I would love to find a proprietary product out there that uses the RBL's like that and also provides the features I am looking for.

http://spamassassin.apache.org/ [apache.org]

Why does the solution have to be proprietary? SA works great. Out of thousands of spams that come into my account per day, maybe only 1 or 2 make it through, and there's no almost no false positives lately.

Re:*snort* (0)

Anonymous Coward | more than 5 years ago | (#28448561)

Not all of them are 'broken'. Spamhaus, for example, is (as far as I can tell) professional in their approach and using them as an absoulte arbiter has only produced one false positive (a single email) in the last five years. I'm quite happy with that.

SORBS's attitude has been, well, less-than-professional on occasion. It has produced many a false positive for us. (We don't use it any more, not even as a list of dynamic IP addresses.)

Re:*snort* (1)

MightyMartian (840721) | more than 5 years ago | (#28448695)

When I had to switch ISPs, my static IP ended up in the middle of a block of addresses blocked by SORBS. Dealing with that miserable, vile prick who was running it was impossible, and finally my new ISP went to bat for me. Despite all of that, no less than Hotmail was still blocking based solely on SORBS.

SORBS is bad. Michael/Michelle/Debbie/Frank/Whoever is a worthless repugnant piece of scum.

Re:*snort* (4, Informative)

paitre (32242) | more than 5 years ago | (#28447965)

And before anyone starts to give me any guff about being soft on spam -

I've been known to nuke accounts, and not bother asking questions. I chased down the Empire Towers group and helped put an end to them. I spent 18 months cleaning up the -very- tarnished reputation of a now bought out web host almost 10 years ago, and have the scars to prove it. I hunted a spammer down and ratted him out to his own mother in Vancouver, BC, Canada.

The news regarding Ralsky had me drop a shot in celebration.

Believe me - I -detest- spam. At the same time, the methods utilized by SORBS were ineffective, and most legitimate hosts and providers stopped using them years ago.

Selective DNSRBL systems, as a practical method, WORK. Blocking residential cable from sending email? Hella good idea, for example. Blocking known dial-up ranges, as well. Blocking webhosts in an attempt to get their customer base to force them into canceling contracts that may cost the web host hundreds of thousands, if not millions of dollars? Nuh-uh.

When 'collateral damage' was useful, losses MIGHT have hit 10k. Now? Talking millions? Businesses will buy a new IP block and move the affected customers, and call it a day. Especially if they're blocked not because a customer has been an idiot, per se, but because the customer was hacked and used as a bot.

So, yeah. Rock on with your bad selves.

Re:*snort* (1)

gad_zuki! (70830) | more than 5 years ago | (#28448199)

>Believe me - I -detest- spam. At the same time, the methods utilized by SORBS were ineffective, and most legitimate hosts and providers stopped using them years ago.

Actually, thats untrue. Our solution at work is to weigh multiple blacklists. Im not sure what SORBS is weighed but its part of the overall spam score. Less blacklists means we are at the mercy of one or two big blacklists instead of averaging out the craziness by a weighted forumula. SORBS' faults dont matter when theyre only a small part of the equation. More samples means better signal to noise.

Re:*snort* (0)

Anonymous Coward | more than 5 years ago | (#28448245)

The charges leveled at SORBS is that they are demonstrably arbitrary - at times demanding all sorts of unusual documentation or fees to remove listings including listings that have demonstrably changed legal possession.

If true, the SORBS signal in your equation is worse than false-positive noise.

Re:*snort* (1)

Onymous Coward (97719) | more than 5 years ago | (#28448469)

More samples means better signal to noise.

Does it also mean more DNS activity?

I agree with your idea that a list can almost always be useful if it gets weighed in (even if it receives negative weighting!), but the thing you replied to and contested was "most legitimate hosts and providers stopped using them years ago." Are you actually saying that most legitimate providers have not stopped using them?

As far as the "mercy of one or two big blacklists", that's the option I went for. I shopped around and looked at performance and looked at the methodology and infrastructure as much as I could, and I settled on two blacklists. (Though each of them is an aggregate of others, maybe something like blended vintage wines.) They've done a damn good job over the past year and I expect them to continue to work well for at least a few more years. (Probably longevity was another consideration.)

Training my own filter to blend multiple blacklists isn't that unappealing an option, though. It just didn't occur to me as easily configurable when I built my system.

Re:*snort* (1)

jmcvetta (153563) | more than 5 years ago | (#28448565)

I hunted a spammer down and ratted him out to his own mother

Let me buy this man a beer!

Re:*snort* (1)

djdavetrouble (442175) | more than 5 years ago | (#28448595)

Let me buy this man a beer!

He prefers to drop a shot....

Re:*snort* (1)

omnichad (1198475) | more than 5 years ago | (#28448673)

I don't think blocking IP addresses just because they look dynamic is a good idea. I tried to run a web server on a static (ok, sticky) IP address from a Pro AT&T DSL account. Just about half the blocklists still blocked the IP and some of them even denied delisting. For a small server with low bandwidth requirements, should there really be a data center tax? I, for one, don't like the Internet closing off into a pay-for-play system that spits on the open nature of the Internet.

Re:*snort* (1)

MightyMartian (840721) | more than 5 years ago | (#28448861)

So far as I'm concerned, if you've got a legitimate reverse entry that matches one of your MX records (I know there's still some debate over that, but I think it's good form), I'm letting your email through. I'll say it again, the real key to knocking the larger degree of spam and worms is not RBLs, it's greylisting. What little makes it past that can usually be nailed by Bayesian filters.

It's a big world out there, and I don't think I should be punishing a guy who has a static IP address and has made the effort to get his DNS entries right. RBLs are just too easy to get false positives out of, and SORBS seems almost designed to hit folks with false positives.

Re:*snort* (3, Interesting)

Zontar_Thing_From_Ve (949321) | more than 5 years ago | (#28448033)

You're kidding, right?

They have done more to give legitimate anti-spam efforts a black eye than ANY legislative attempts to 'solve' the problem ever could.

I -used- to believe that 'collateral damage' was a legitimate 'tactic' in the fight against spammers. I've grown up since then.

You get a big high five from me on that. On my previous job, SORBS caused us a lot of problems. It was very difficult to get off their lists once they listed you and if I remember correctly they also had a policy of not telling you why you were listed to begin with. I remember that one of the guys in our main European office was able to make friends with one of the SORBS guys in the same country and get some information about why we were blacklisted. Normally they didn't tell you why you were blacklisted, but this was some "countryman to countryman" special favor this SORBS guy did for us. We had a lot of email problems because some customers would use only SORBS for dealing with spam so if you're on the list, your email doesn't go through to them. I'm not saying that SORBS couldn't have been a useful minor part of an anti-spam solution, but all I saw was customers who blindly trusted SORBS and only SORBS and that made our life hell. I agree that I no longer think that SORBS' collection of tactics is legitimate. There are better ways to deal with spam and if SORBS dies, well, sign me up to dance on their grave.

Nothing of value lost? (1)

Jonas Buyl (1425319) | more than 5 years ago | (#28447883)

I don't suppose it's that vital for fighting spam or otherwise it would be government controlled wouldn't it?

Re:Nothing of value lost? (0)

Anonymous Coward | more than 5 years ago | (#28447963)

What? No... wait what are you trying to say?

Re:Nothing of value lost? (1)

maxume (22995) | more than 5 years ago | (#28448019)

What now?

Re:Nothing of value lost? (1)

Techman83 (949264) | more than 5 years ago | (#28448045)

<sarcasm> Like all the other vital Government controlled anti-spam operations.... </sarcasm>

No Problem (0, Funny)

Anonymous Coward | more than 5 years ago | (#28447897)

Just tell Michelle to "man up" and let you stay . . .

Sex Change? (-1, Redundant)

Anonymous Coward | more than 5 years ago | (#28447941)

Matthew? Michelle?
I believe we have either an identity crisis for spam or alter egos taking the internets

Um, is this at all credible? (5, Interesting)

Anonymous Coward | more than 5 years ago | (#28447949)

I don't know if this is subterfuge, but:

http://www.iadl.org/sorbs/sorbs-story.html [iadl.org]

Re:Um, is this at all credible? (2, Informative)

Anonymous Coward | more than 5 years ago | (#28448229)

That site is run by a known net-kook.

Re:Um, is this at all credible? (1)

emurphy42 (631808) | more than 5 years ago | (#28448339)

Evidence? I've never heard of them before (I'm not an e-mail admin of any sort), Google / Google Groups seem to turn up nothing supporting your claim, and whois just turns up a PO box that turns out to belong to an ISP (AV8 Internet Services) which may just happen to have the guy as a customer. So you could be lying, or I could be missing something; both seem plausible to me so far.

Re:Um, is this at all credible? (2, Insightful)

e9th (652576) | more than 5 years ago | (#28448343)

So is the FSF [fsf.org] , but that alone is not reason to disregard it.

Sounds like a TRAP (-1)

Anonymous Coward | more than 5 years ago | (#28447987)

Let's get to the meat of the matter here, does he tuck or fold, and is he passable?

Re:Sounds like a TRAP (0)

Anonymous Coward | more than 5 years ago | (#28448075)

http://www.myspace.com/michelle_i_sullivan

Re:Sounds like a TRAP (0)

Anonymous Coward | more than 5 years ago | (#28448501)

Good find, here's the "before" photo of Matthew and his wife dated 2002, before he became Michelle:
http://www.isux.com/pics/me-and-ally.jpg [isux.com]

A TRAP indeed.

Re:Sounds like a TRAP (0, Troll)

Anonymous Coward | more than 5 years ago | (#28448109)

Seems oddly appropriate that he/she runs an anti-spam list to block all those penis enlargement offers.

Re:Sounds like a TRAP (-1, Troll)

Sorthum (123064) | more than 5 years ago | (#28448479)

Stay classy, Slashdot.

Summary is absurd (5, Informative)

Loki_1929 (550940) | more than 5 years ago | (#28448061)

Any mail admin who's depending in any significant way on the anti-spam wasteland of SORBS should be on their way to apply for jobs at local fast food restaurants as soon as possible. Even if someone handling spam control for a decent size business actually believed in SORBS' accuracy or effectiveness, the only effect of SORBS disappearing from the face of the Earth should have is a slight uptick in spam being caught by filters slightly further down the path to their users' mailboxes.

Seriously, is there anyone out there who isn't use a multi-tiered, inter-connected array of spam filtering methods at this stage of the game? ~96% of the mail going to my users is spam. My worst offender has some ~5300 messages a day of spam being filtered prior to reaching their inbox. If my best filter were rendered worthless tomorrow, I wouldn't expect to hear any complaints from users. (of course, I'd be pretty unhappy.)

I think honeypots are probably my best weapon again spammers at the moment, followed by my keyword blacklists.

Re:Summary is absurd (0)

Anonymous Coward | more than 5 years ago | (#28448255)

Word. SORBS has got to be one of the most poorly administered rbl's of any repute. I've been telling people that it was all but abandoned for years now.

Re:Summary is absurd (1)

MightyMartian (840721) | more than 5 years ago | (#28448751)

One of the best weapons against spam has been for several years now greylisting. Over 90% of the crap that gets flung at my mail server never makes it past the Postfix server I have sitting between my Exchange server (I know I know, I hate it, and I'd get rid of it if I could) and the outside world. RBLs maybe, just maybe, had some justification a decade ago, but they have none now, and only retards who should be set to work cleaning toilets still use them. I frankly wouldn't even use them as part of a weighting system. RBLs are bad bad bad. SORBS was the worst (by about a lightyear), but they're all bad, even the best are bad.

Death to SORBS (3, Interesting)

Anonymous Coward | more than 5 years ago | (#28448073)

I run an ISP in the midwest. SORBS has caused so many problems, I don't want to bore you all with them here. I briefly talked with Mr(s?) Sullivan via email back in 07 about several problems he caused by blocking subnets we had on both Nuvox and XO. His response to my email (which was long but detailed), I paster here for brevity:

---------snip---------
F_ck off.

Yours trully,
ms
---------snip---------

Hopefully, she/he takes up dancing at a crossdress clubs and stays the _hell_ off the internet.

Good riddance. (0)

Anonymous Coward | more than 5 years ago | (#28448087)

SORBS: Don't let the door hit your ass on the way out.

I didn't know Kevin Sorbo was sick. (3, Funny)

fyrie (604735) | more than 5 years ago | (#28448111)

RIP Herc.

Re:I didn't know Kevin Sorbo was sick. (1)

CarpetShark (865376) | more than 5 years ago | (#28448395)

Hey, as long as Andromeda's still hot.

Potential bidders? (1)

e9th (652576) | more than 5 years ago | (#28448133)

SORBS is officially "For Sale" should anyone wish to purchase it as a going concern

Now that Alan Ralsky [slashdot.org] is out of business, who would want to buy it?

The REAL story (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#28448139)

Whoa, whoa, whoa! Hold yer horses. We're missing the REAL story here:

>"Michelle Sullivan (Previously known as Matthew Sullivan),"

Who wants to chatter about some spam thing when there's dirt on a sex change??!?!?!

Re:The REAL story (3, Insightful)

bruns (75399) | more than 5 years ago | (#28448151)

How is what Michelle did any of your business?

Re:The REAL story (1)

emurphy42 (631808) | more than 5 years ago | (#28448357)

Since when did trolls ever stop to worry about that?

Re:The REAL story (1)

Nimey (114278) | more than 5 years ago | (#28448363)

You might ask the ever-sensationalistic kdawson that as well. Why was that included in the summary?

Re:The REAL story (2, Informative)

Trillian_1138 (221423) | more than 5 years ago | (#28448473)

I asked myself the same question. In all fairness, that is how she signed off in the link included in TFS, but I still think its inclusion wasn't strictly needed for the "News for Nerds" aspect of the story....

Re:The REAL story (0)

Anonymous Coward | more than 5 years ago | (#28448521)

How is what Michelle did any of your business?

When one signs a post "Michelle Sullivan (Previously known as Matthew Sullivan)" one has made it the business of all who read the post.

It raises some interesting questions...

Is an IT geek who has gotten a F2M sex change more likely to get laid than one who hasn't?

If the answer is "more likely" then "How's the sex now? Is it good?" might well be a follow up.

Which might lead to "Why don't all you lonely geeks get together, pool your money, and then draw straws to see who gets to become ladies?"

Re:The REAL story (1)

bruns (75399) | more than 5 years ago | (#28448541)

It still doesn't answer the question why it needed to be included with the story, given it doesn't have anything to do with 'news for geeks'.

And, its Male to female. Female to male is a completely different process. Hardly something to joke about regardless.

Re:The REAL story (1)

n30na (1525807) | more than 5 years ago | (#28448747)

Its because they try to include as much useless information for people to go off on ideological tirades about as possible. How else would slashdot stay interesting?

It's nice to see (1)

pyster (670298) | more than 5 years ago | (#28448247)

Its nice to see that most of ppl here have finally come to terms with the fact sorbs is worthless.

The only thing that would make me happier is if those involved with sorbs became burn victims from trying to freebase jenkem.

Asshats (0)

Anonymous Coward | more than 5 years ago | (#28448381)

Caused me no end of grief back when I was on dialup with a dynamic IP address all the time. Kept me on their blacklist claiming I was a spam relay because of some windows exploit. I was on linux the whole time and absolutely was not part of some zombie spam relay thing. And they didn't care either, despite the obvious dichotomy there. "Take it up with your ISP" Ya RIGHT, the ISP was going to bump all their windows users or come up with the magic educate them all at the same time plan plus fix microsofts bogus buggy operating system. Like that is really going to happen. I mean, WTF, aren't half of windows machines compromised most of the time anyway? What's the purpose of these lists then "BTW, 7/8ths of the intertubes are spam relay nodes and/or part of some zombie network, so we here at SORRY are putting all of you on our evile blacklist!!1!"

These things serve no real purpose any longer, good to see them go. Nice idea, horrid implementation, ridiculous to think it could ever work, and this "power" went to their heads or something. Someone please send SORRY that copypasta about how their SPAM solution won't work, and please check every single box on the thing.

Greatly exaggerated (0)

Anonymous Coward | more than 5 years ago | (#28448461)

Sorbs [cottbus.de] are alive and kicking.

Good! (2, Insightful)

jidar (83795) | more than 5 years ago | (#28448543)

The death of SORBS should be good news to any decent ISP mail admin out there. Nothing like being forced to pay to get your mail server IP removed from a blacklist because you somehow can't keep the thousands of residential customers on your service from occasionally getting a virus and sending a few spams.
SORBS sucks and has for years. Don't get me wrong, I hate spam as much as the next guy, but sometimes a few get through, that's just how it is.
Luckily we haven't had much trouble with them lately since it seems that the vast majority of mail admins came to their senses and stopped using SORBS... frankly I'm surprised they need that many servers.

some good DNSBLs (2, Informative)

Onymous Coward (97719) | more than 5 years ago | (#28448549)

I recommend Spamhaus XBL [spamcop.net] and Spamcop Blocking List [spamhaus.org] .

Spamcop used to have problems, but I think they resolved them a couple years ago [dnsbl.com] .

Back when http://stats.dnsbl.com/ [dnsbl.com] was operational I used their data to give me a quick leg up on figuring out which lists to look at. Then I checked out the lists for how they operate and then did a performance analysis.

Aside from policy/operation, two things that were particularly important to me were false positives and overlap. These lists get very low false positives and they combine nicely.

Old stats:

http://stats.dnsbl.com/zen.html [dnsbl.com]

http://stats.dnsbl.com/spamcop.html [dnsbl.com]

Matthew/Michelle (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28448645)

The issue of Matthew/Michelle is totally relevant. It lets us see what a fucked up individual Matthew Sullivan is. It's now apparent he has a severe mental illness, one so severe he is infact considering genital mutilation.

Mental Illness goes part the way to explain why sorbs was such a fucked up service run by someone who appeared to be complete mad, irrational and illogical.

Now, heres hopeing he takes his mental illness to the next level, and removes himself from the gene pool. The unfortunate fact is Matthew has a 15 year old son.

Re:Matthew/Michelle (1)

bruns (75399) | more than 5 years ago | (#28448667)

They don't call it 'anonymous coward' for nothing. If you are so sure about how you feel and your beliefs, why don't you post with your actual slashdot username and an e-mail address? Or is it, you are worried about how the world will view you once your words are put with a name?

Matthew = Michelle (0)

Anonymous Coward | more than 5 years ago | (#28448675)

I used to know Matthew when he was still a guy, gave me a chuckle to see he is calling himself Michelle now.

She has updated the photo on her linkedin profile;
http://www.linkedin.com/in/sorbs

SORBS: about the most unprofessional RBL (0)

Anonymous Coward | more than 5 years ago | (#28448705)

I have dealt with BL services for years now from the ISP side of things. From my own experience, the only ones worse than SORBS were APEWS /SPEWS where one would have to go to the Usenet to post for removals and when one would post a removal, one was met with endless trolling, an utter waste of time. APEWS would block entire ISPs, and even /8 which is more than slightly ridiculous. SORBS, on the other hand, was unprofessional in responses time to time. Quick to resort to name-calling, which in my view is juvenile. In the past 2 years or so getting a response was like pulling teeth, so SORBS being shutdown is probably the best thing for it. I contend that SORBS own volunteerism dropped off and they stayed behind not addressing requests for removal. One of their tacky tactics was to respond to people who asked for removal within the block full well knowing that the ISP is to address the issue and not one of the sufferers in the /23 or /19 blocks they would list over a few spams hitting their spamtraps. I know of some people at large ISPs are happy that it is being shutdown. Being rude and ignoring requests for removal are utterly inexcusible. At times the volunteers at SORBS behaved like juveniles, so no ISP wanted to even deal with them. Another list from a few years ago was BLARS just another one that was just one big PITA. A few BLs that are much more useful to the ISPs are Spamhaus, Spamcop, and CBL. Though there is interest, I really hope no one purchases SORBS and keeps it going, it ruined its own reputation over time by being too aggressive and non-responsive. The only good thing I can think of about SORBS is it had a FeedBackLoop (FBL) report sent on a weekly basis, IIRC, that would let the ISP know which IPs appeared to be sending out compromised spam.

MATTHEW IS WATCHING THIS THREAD (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#28448737)

ALL,

Matthew is watching this thread!!! Doesn't it feel good? Basking in the shadow of a mentally disturbed, cross dressing, homosexual, AIDS FAGGOT!

Possible Alternate Hosting (0)

DaWilko (647616) | more than 5 years ago | (#28448755)

Hi Michelle, One of our staff have left you a voice mail via the number posted on us.sorbs.net and I've shot you an email. Please feel free to contact me back regarding possible alternate hosting. Wilko

Re:Possible Alternate Hosting (4, Interesting)

MightyMartian (840721) | more than 5 years ago | (#28448813)

Can you provide all the domains you host, so that I can get as many mail admins together to arbitrarily block your servers, and demand "donations" to unblock them?

Thanks in advance, you worthless pile of trash.

Re:Possible Alternate Hosting (1)

bruns (75399) | more than 5 years ago | (#28448849)

Can you provide all the domains you host, so that I can make sure that when they get blocked by the AHBL for abuse, they won't get removed? :)

SORBS is a failure (0)

Anonymous Coward | more than 5 years ago | (#28448825)

Completely ridiculous that you need to pay to get your IP removed from there. If you run your own mail server or whatever and someone gets a virus and some spam is sent out without them knowing then having your IP blacklisted is just stupid, and then having to pay to get it removed it even worse.

http://antimatter.atbhost.net/

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...