SORBS - Is There a Better Spam Blacklist?

rootnl asks: "Recently I decided to upgrade my email server with better spam detection and decided to use the SORBS blacklist. It is a very aggressive blacklist and could be deemed quite effective. However, I discovered two totally legal servers currently being blocked by their Spam 'o Matic service: a Google Gmail server (64.233.182.185), and another server belonging to an ISP called Orange (193.252.22.249). Now, normally one would think these providers would probably get themselves de-listed, but the process provided revolves around donating money. As I just happen to have a friend that is using the said ISP, I have to seriously reconsider using SORBS. What is your experience with SORBS? If you have alternatives, what would you suggest as a better blacklist service?"

Re:Dunno about better

[Brightest+Light]

What exactly is an RBL operator supposed to do about large server parks that simply do not give a shit about the spammers residing on their network? What do you do about networks that actively aid spammers by moving them around and around to clean IP space as they're blacklisted? Playing IP whack-a-spammer went out of fashion years ago, and obviously asking politely doesn't work. Yeah, finding your ISP listed on SPEWS sucks, because there's no real way to contact them; though you can beg in NANAE and NANABL for the entertainment of the wannabe 'spam-fighters' till you're blue in the face -- but if your ISP does not care about the fact that one of their customers is stealing bandwidth, CPU cycles, and time from other people and their ISPs, what else can SPEWS do about it? My understanding of the SPEWS escalation process is that they notify the ISP about the spammer on their network, and then if nothing is done, they list the surrounding IP blocks in an ever-increasing fashion. Meaning if the ISP simply does not care that there's a spammer on their network, they are made to care by virtue of their entire netspace being (eventually) listed. What else *can* an RBL operator do when the ISP does not listen or care? I ask this as a serious question. IANASFBFNANAE (I am not a SPEWS fan boy from NANAE) - in fact, I don't directly use RBLs any longer.

Use spam assassin with more that one RBL

[simm1701]

I prefer to use spam assassin and use a couple of RBLs with various weightings on each.

I keep the weightings quite low since I find most of the RBLs too agressive - added to the bayes and other checks however it is quite good at pushing spam into the right destination (and for the very spammy thats /dev/null)

True this means I actually have to receive and process the mail rather than just arbitarily ignoring connections, but my mail server doesn't really get that much traffic as its only personal use.

Re:SORBS should be shut down.

[finchwizard]

All 30 IP's I rent are Static, and that has never changed over the years I've owned them, my servers are also running Linux and are very secure with both Spamassassin and ClamAV scanning, as well as blocking certain mimetypes. So don't give me dynamic IP range stuff, I was lucky that my ISP managed to straighten them out, but I've had friends that aren't as lucky. Of course SORBS is going to block a high rate of spam, it's also blocking a lot of legitimate people, and the fact they are extorting people to get off the list is ludacris.