Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Imminent Demise of SORBS

Posted by kdawson on from the don't-let-it-be-bought-by-a-spammer dept.

An anonymous reader lets us know about the dire straits the SORBS anti-spam blacklist finds itself in. According to a notice posted on the top page, long-time host the University of Queensland has "decided not to honor their agreement with... SORBS and terminate the hosting contract." The post, signed "Michelle Sullivan (Previously known as Matthew Sullivan)," says that the project needs either to "find alternative hosting for a 42RU rack in the Brisbane area of Queensland Australia" or to find a buyer. Offers are solicited for the assets of SORBS as an ongoing anti-spam service — it's now handling over 30 billion DNS queries per day. An update to the post says "A number of offers have already been made, we are evaluating each on their own merits." Failing a successful resolution, SORBS will cease operations on July 20, 2009 at 12 noon Brisbane time. Such a shutdown could slow or disrupt anti-spam efforts for large numbers of mail hosts worldwide.

19 of 290 comments (clear)

  1. No big loss! by Anonymous Coward · · Score: 5, Insightful

    A blacklist that charges you to get your IP removed will inevitably block far more than real spammers.

    1. Re:No big loss! by CarpetShark · · Score: 4, Insightful

      A blacklist that charges you to get your IP removed...

      ...is otherwise known as extortion.

  2. Oh my god by bhenson · · Score: 4, Funny

    Oh my god the spam is burning, burning I tell you

  3. *snort* by paitre · · Score: 5, Insightful

    "Such a shutdown could slow or disrupt anti-spam efforts for large numbers of mail hosts worldwide. "

    You're kidding, right?

    They have done more to give legitimate anti-spam efforts a black eye than ANY legislative attempts to 'solve' the problem ever could.

    I -used- to believe that 'collateral damage' was a legitimate 'tactic' in the fight against spammers. I've grown up since then.

    1. Re:*snort* by doctorcisco · · Score: 5, Interesting

      Mod parent up. The death of SORBS would be a net gain in the fight against spam. Blacklisting entire ISP's who are "insufficiently responsive" only makes sense if you don't care whether email gets delivered or not.

      doc

    2. Re:*snort* by lawpoop · · Score: 4, Insightful

      Correct me if I'm wrong, but isn't it the case nowadays that blackhole lists ( or whatever they're called ) are used mainly as a factor in weighing scores in Bayesian methods of filtering spam, rather than just blocking email outright? In other words, the usage is still widespread, not for direct blocking, but for helping a program decide if its spam or not?

      If so, this would let more spam through spam filters, really.

      --
      Computers are useless. They can only give you answers.
      -- Pablo Picasso
    3. Re:*snort* by paitre · · Score: 4, Informative

      And before anyone starts to give me any guff about being soft on spam -

      I've been known to nuke accounts, and not bother asking questions. I chased down the Empire Towers group and helped put an end to them. I spent 18 months cleaning up the -very- tarnished reputation of a now bought out web host almost 10 years ago, and have the scars to prove it. I hunted a spammer down and ratted him out to his own mother in Vancouver, BC, Canada.

      The news regarding Ralsky had me drop a shot in celebration.

      Believe me - I -detest- spam. At the same time, the methods utilized by SORBS were ineffective, and most legitimate hosts and providers stopped using them years ago.

      Selective DNSRBL systems, as a practical method, WORK. Blocking residential cable from sending email? Hella good idea, for example. Blocking known dial-up ranges, as well. Blocking webhosts in an attempt to get their customer base to force them into canceling contracts that may cost the web host hundreds of thousands, if not millions of dollars? Nuh-uh.

      When 'collateral damage' was useful, losses MIGHT have hit 10k. Now? Talking millions? Businesses will buy a new IP block and move the affected customers, and call it a day. Especially if they're blocked not because a customer has been an idiot, per se, but because the customer was hacked and used as a bot.

      So, yeah. Rock on with your bad selves.

    4. Re:*snort* by paitre · · Score: 4, Informative

      The -smart- people are doing precisely that.

      The problem is that there really are still people out there who are using lists, such as SORBS, as absolute arbiters in what is, or is not, from a spam source.

      Thankfully, this number is shrinking daily as they realize just how broken some of these lists have been as a matter of policy.

  4. Re:Explanation please by MichaelSmith · · Score: 5, Funny

    She looks like a really good girl, as girls go.

    --
    http://michaelsmith.id.au
  5. Um, is this at all credible? by Anonymous Coward · · Score: 5, Interesting

    I don't know if this is subterfuge, but:

    http://www.iadl.org/sorbs/sorbs-story.html

  6. Summary is absurd by Loki_1929 · · Score: 5, Informative

    Any mail admin who's depending in any significant way on the anti-spam wasteland of SORBS should be on their way to apply for jobs at local fast food restaurants as soon as possible. Even if someone handling spam control for a decent size business actually believed in SORBS' accuracy or effectiveness, the only effect of SORBS disappearing from the face of the Earth should have is a slight uptick in spam being caught by filters slightly further down the path to their users' mailboxes.

    Seriously, is there anyone out there who isn't use a multi-tiered, inter-connected array of spam filtering methods at this stage of the game? ~96% of the mail going to my users is spam. My worst offender has some ~5300 messages a day of spam being filtered prior to reaching their inbox. If my best filter were rendered worthless tomorrow, I wouldn't expect to hear any complaints from users. (of course, I'd be pretty unhappy.)

    I think honeypots are probably my best weapon again spammers at the moment, followed by my keyword blacklists.

    --
    -- "Government is the great fiction through which everybody endeavors to live at the expense of everybody else."
  7. You dont count by coryking · · Score: 4, Insightful

    Your parent is right. There does exist a set of clueless people who straight filter based on RBL's like SORBS. Sure, filter your home mail server any way you want, but the *second* you have third-party people using your system (or the second you run the mail server for a business), you should be outright fired for filtering based solely on something like SORBS.

    I figure if there is a real problem, that I will get a support call from a customer and I can act accordingly

    That is because I dont waste my time calling you. I call your boss and your sales department. If you really are running a business mail server and filtering based on SORBS, you are basically clueless and I'll gain nothing talking to you Your sales staff though, I'm sure they'd be happy to know you are blocking my customers inquiries into your companies products. And I'm probably also sure that if you are the type who filters like that, they probably have a bunch of other issues with the way you run their systems and this just might be the straw that broke the camels back.

  8. Re:(of course, I may have mis-read you) by EdIII · · Score: 4, Insightful

    Wow. That's a lot of hostility there.

    First off, I never said I used SORBS. I did some research first about which ones would probably be best, respond to delisting requests in a timely fashion, and could provide me with a list that was had a lot of maintenance. Spamhaus and Spamcop are fairly decent and AFAIK, they DO respond to delisting requests and don't just put IP blocks up willy nilly.

    I'm hardly an idiot. If I could find an open source software package capable of doing what I require, I would have gone that way a long time ago. As it stands, I have to use a proprietary software package that does not allow me to weight the incoming emails based of *any* RBL's. I can only refuse the connection based on the RBL's.

    My original point stands. You want to be so incredibly hostile and label anyone that dares to use a RBL (or maybe just SORBS, could you clarify?) as an idiot, but fail to realize just how many mail server software packages out there don't do what you are asking for.

    Try taking the hostility down a notch or two, and if you are so knowledgeable about mail server product that do offer weighting based on RBL's, why not just post it here for people to read? Maybe there are people new to running a mail server, don't understand the implications of a RBL (which hardly makes them an idiot), and would gladly implement a better solution.

    Or... you could just attack people personally and denounce them for being idiots without actually writing anything productive while foaming at the mouth.

  9. Heh.. you will find a lot of hostility by coryking · · Score: 4, Informative

    A lot of people have had their lives turn into a living hell because of some listing on SORBS. Thus if it wasn't me who chewed you out, somebody else probably would have :-)

    Spamhaus's PBL?* I filter on that... the friggen ISP's make up most of that list. I'm pretty damn sure AOL and friends filter off that list too and my motto is "if AOL or Yahoo filters mail based on XYZ policy, I will too". Plus, you can get off that list on a web page.

    It is SORBS that I have an issue with. SORBS was created out of pure spite. So my apologies random internet person :-)

    * Excepting Godaddy who is fucking insane. Those assholes filter *URL's pointing to a PBL'd IP that are embedded in a message*!!! Worse, they dont tell you. Had fun learning that.

    1. Re:Heh.. you will find a lot of hostility by siliconincdotnet · · Score: 4, Insightful

      > It is SORBS that I have an issue with. SORBS was created out of pure spite.

      No, you're confusing "spite" with "greed". There's a difference. Spite is blacklisting a spammer's ISP in a fit of anti-spam zealotry. Greed is blacklisting a spammer's ISP hoping to extort a huge amount of money from them so their customers can send email again, and then blacklisting them again right after you un-blacklist them (yes, SORBS does this).

      Good riddance to them. They've done nothing but tarnish the reputation of legitimate RBLs.

      Spamcop, Spamhaus, and Uceprotect are plenty of RBL for me.

      --
      Insert witty .sig here
  10. What's this then, eh? by aweraw · · Score: 4, Interesting

    ROM's being charged for: http://vampire.isux.com/ROMs/

    Dubious images: http://vampire.isux.com/pics/x/

    So what's going on Matthew... I mean, Michelle?

    --
    5468652047616D65
  11. Re:Possible Alternate Hosting by MightyMartian · · Score: 4, Interesting

    Can you provide all the domains you host, so that I can get as many mail admins together to arbitrarily block your servers, and demand "donations" to unblock them?

    Thanks in advance, you worthless pile of trash.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  12. full disclosure by corbettw · · Score: 5, Interesting

    kdawson should've included the disclosure that SourceForge, one of Slashdot's sister companies, is a sponsor of SORBS. There's an ad on the right side of the SORBS main page touting this fact, so it's not like it should've been difficult for him to find to point out in the summary.

    --
    God invented whiskey so the Irish would not rule the world.
  13. Re:Not that disrespectful by idlemachine · · Score: 4, Funny

    You've got to face the music, to Joe six-pack you're not a girl, you're a post-op transsexual.

    Or to put it in a way /.ers will understand: you're not a Mac, you're OSX running on hackintosh hardware.