Slashdot Mirror

← Back to Stories (view on slashdot.org)

SORBS Blocklist Reportedly Sold For $451K

Posted by CmdrTaco on from the how-long-before-its-ruined dept.

palegray.net writes "SORBS, a well-known email blocklist provider, has reportedly been sold for $451k. Early reports indicate an acquisition by GFI, a company specializing in various communications services. In recent years, SORBS has been the target of frequent accusations of mismanagement and poor conduct, leading many to wonder if this turn in events might signal a chance for improved behavior. Citing lack of ISP support, the blocklist released statements earlier this year that they would be shuttering their operation."

16 of 88 comments (clear)

  1. Too bad by Jazz-Masta · · Score: 2, Interesting

    It is unfortunate that SORBS has gotten a bad rap. Although it has been plagued on the administrative side of things, its list was still helpful in detecting and removing spam.

    GFI is a good company - but I am betting the list will no longer be free to use. Everything they sell is licenced on a "per mailbox" structure, and as such I imagine the list will be implemented into their anti-spam products. There may also be a nominal fee (per box) to use the list with other spam filters.

    1. Re:Too bad by thijsh · · Score: 2, Interesting

      [quote]Although it has been plagued on the administrative side of things[/quote] SORBS administrators (or other participants) plagued anyone who is just kindly informing about their list. In my experience they are uncoöperative, arrogant and some are even sadist BOFH kind of people why get their biggest kick out of tormenting people with problems. When my host in the US was added together with a huge IP range as 'spam friendly subnet' I informed what I should do, and if the listing was legitimate if should move away to show my anti-spam support. They just enjoyed ridiculing and outright insulting the people who come for help... At one point they even blocked my university mail servers in Amsterdam for some random reason (relay maybe), but that only lasted for a few days because of pressure I guess...

      I long theorized that the crappy SORBS listings were intentional and these administrators just love to add random ranges of IPs to the list to laugh their ass off when they mess around with the hordes of mailserver admins that come looking for help.

    2. Re:Too bad by gmuslera · · Score: 3, Informative

      Bad rap? Like putting in blacklist entire ISPs because a single customer had a trojan? Or whole hosting companies (a /19 range) because one client from a single IP got an intrusion? A lot simply stopped trying to get delisted by them, and not sure how much people trust in what they say anyway, just too much false positives and no easy/fast way to get out.

    3. Re:Too bad by nametaken · · Score: 2

      Agreed. We moved away from their spam filtering products a couple years ago and picked up a barracuda appliance. The GFI app was such a worthless hunk of crap, we've never looked back.

    4. Re:Too bad by Just+Some+Guy · · Score: 3, Insightful

      It is unfortunate that SORBS has gotten a bad rap. Although it has been plagued on the administrative side of things, its list was still helpful in detecting and removing spam.

      So is unplugging your mailserver. It'd get roughly the same number of false positives, except without the malice.

      --
      Dewey, what part of this looks like authorities should be involved?
    5. Re:Too bad by palegray.net · · Score: 2, Interesting

      If the new owners decide to continue the trend of irresponsible behavior that has been the hallmark of SORBS in recent times, at least there's a U.S.-based entity that can be more easily sued by for losses now.

      --
      512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
    6. Re:Too bad by Guspaz · · Score: 3, Informative

      Or how about listing entire netblocks because the RDNS of an IP "looks" dynamic?

      I'm serious, they've blocked huge swathes of Linode (a virtual server provider) because Linode's default RDNS format (li12-345.members.linode.com) looks dynamic as if such a thing exists.

      Linode's attempts to get the netblocks delisted was met with silence; SORBS simply ignores anybody who tries to get delisted.

  2. you bleeping amateurs. by Anonymous Coward · · Score: 2, Funny

    Right before signing, you should have said, you know what, let's make it $419k. You guys just never miss an opportunity do you.

  3. Re:has it by doon · · Score: 2, Informative

    Well sorbs (like most DNSBL's) is based on IP address, so generally speaking the users's email address isn't passed over the wire (in terms of BL usage).

    --
    To E-mail me, replace the first period in my domain with an @
  4. Re:Is this good or bad? by cptsexy · · Score: 3, Interesting

    It took me about 6 months. I took over as the lead IT guy for a company who had their own Win Small Business server, but didn't have in house people to manage it. The initial setup wasn't done correctly and thus Sorbs had them blacklisted (along with several others I might add). I found and fixed the issues within my first week and then followed their process for removal and six months later finally got an email that I had been removed and things started working. The problem is that it seems a lot of people still use this list, because I know several of our vendors and customers were having trouble getting our email during this time. You can't expect that a business can wait 6 months to be removed. How is it fair for my company, who hired an incorporated company to set up their small business server, to have to pay SORBS bullshit fine? Esp when I've talked to other administrators who have paid it and still had to wait a bit. As far as I'm concerned SORBS is a confederacy of douchenozzles, and I for one wish they would have gone the way of geocities.

  5. Re:Shutting down by amorsen · · Score: 2, Informative

    not the opposite that happened with others blacklists in the past.

    In the one instance that comes to my mind, they answered NOT blacklisted for more than a year after disabling the service. Still the queries came flooding in. In the end the choice was between abandoning the domain (and pushing all that load to the .com or whichever name servers) or answering blacklisted to make people wake up.

    --
    Finally! A year of moderation! Ready for 2019?
  6. Traditional route by russotto · · Score: 2, Funny

    So, will they go the traditional route and block /0 when they shut down?

  7. Re:Shutting down by TheRaven64 · · Score: 2, Insightful

    They could have reduced the load a lot by setting a very large TTL and returning NXDOMAIN at the root. For most of these systems NXDOMAIN means 'don't block' (this address is not in our block list, it does not exist). If you set it on the root for the DNSRBL then no queries will be delivered for addresses under that and every ISP nameserver will cache the NXDOMAIN. Even with a 24-hour TTL, you'd be reducing the traffic to at most one request per client per day.

    --
    I am TheRaven on Soylent News
  8. I did not like my interaction with SORBS by GoNINzo · · Score: 3, Insightful

    I was one of the people that had a very bad experience with SORBS.

    My company got a new ISP with an external block. I'm sure at some point that block had been used as a dynamic range. I had not set a PTR record (because the IP of the mail server changed at the last second), my PTR and A record for that mail server were not set to 12 hours (seriously, who does that?), and I was banned on the SORBS list. I had an SPF record, you could obviously see that I'm part of a legitimate organization, and it would have taken maybe 2 minutes of work for an physical admin to realize that this was a mistake.

    It took two support tickets with SORBS, 5 calls to my ISP, and around 10 days to get off the list. In the meantime, we could not contact certain people using it. And what's worse is that the only solution that the admin of SORBS had was to get everyone to stop using the SORBS list. I think that the TTL requirements are the worst part of their solution.

    In my opinion, an unattended, automated black list is worse than the problem of too much spam. You are blocking valid mails, and because you are blocking it at the IP level, the end user doesn't even see it show up in their spam bucket many times. If SORBS had a single admin, checking their email once a day, they could easily filter out some of these issues.

    I encouraged several anti-spam vendors to stop using their services for this reason, through the different companies that we interact with. There are several other blacklists that do their job well, there is no need to use an unattended blacklist.

    --
    Gonzo Granzeau
    "Nothing the god of biomechanics wouldn't let you into heaven for.." -Roy Batty
    1. Re:I did not like my interaction with SORBS by palegray.net · · Score: 3, Informative

      Wow. You have absolutely no idea what you're talking about; do you even work in any sector remotely associated with large-scale network operations? How about this: I'll issue you a new netblock that's blocked via the SORBS DUHL (dial-up host list), even though the range isn't dynamically allocated at all. You'll try to get it removed from the list, at which point you'll be informed that you need to set your reverse DNS to something they find acceptable to even be considered for removal. You'll probably try to get ahold of a real person to explain the situation to; that will fail.

      Meanwhile, several hundred brain-dead mail administrators, responsible for the delivery of email of tens of thousands of people, are happily using SORBS to block mail based on false assertions that your IP space is dynamically allocated. There's the one-two punch that pretty much guarantees you'll have mail delivery problems. If you're a business, that's a big deal; you could easily find yourself (as many have) unable to send email to partners, suppliers, and customers due to negligence beyond your control.

      This isn't about being listed for a few days. It's about doing absolutely nothing wrong in the first place, having SORBS make provably false statements about the usage of entire netblocks, and then sitting by helplessly while SORBS refuses to address the situation, causing real damages to your business for months. I've got news for you: the Internet is bigger than "your ISP", and it's generally considered a bad practice to rely on another organization's SMTP service for your email unless they're an operation specifically geared toward doing so as their primary business model.

      Next time you decide to post on a topic, please be certain you're well educated on the subject matter first.

      --
      512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
    2. Re:I did not like my interaction with SORBS by GoNINzo · · Score: 2, Insightful

      I think the other poster explained my position perfectly well, he gets the issue. The fact that I could get delisted within 10 days is pretty impressive for being listed there, it's normally months. And that's only because my ISP had problems with them before because the guy blocked /20's from them on a regular and repeated basis, it looks like mostly virus related.

      And both ISPs were running at the same time, but you can only send mail out one direction. Am I supposed to short circuit our entire operations across our network just because we cannot send mail? It wasn't even something we even noticed for two days. You can't relay your mail through your ISP for a large company either.

      So, ask yourself, which is worse, extra spam in your mailbox, or a valuable mail from a business partner to you getting dropped with no notice to you. Because if you honestly think it's the first thing, then just block 0.0.0.0/0 already and then you won't get any spam. But make sure to give them a bunch of things to fill out to make it look like you'll get right on reading their mail!

      In the future, just make sure to check your new mail server IP against the blacklists beforehand. And when he says 'TTL of 12 hours', just do it already and don't argue how DNS is supposed to work.

      --
      Gonzo Granzeau
      "Nothing the god of biomechanics wouldn't let you into heaven for.." -Roy Batty