MainDoctor WhoMusicSoftware
Main Page

Alden Bates' Weblog

Feigning normality since 1973

SORBS Strikes Back

Filed in: Spam.

Good old SORBS (Spam and Open-Relay Blocking System) is still at it. Not only are they blocking whole ISPs, they're apparently also blocking email from servers hosted on dynamic IP addresses. Once again, SORBS is throwing the baby out with the bath water.

The reason thay're blocking anything from dynamic IP addresses is because virus-ridden PCs can be used to send spam. Gosh, wait until they realise that 100% of spam emails are sent via the SMTP protocol! "OMG! By blocking any email sent with that protocol, we can block 100% of spam! We'll be saviours!"

As I mentioned a while back on my LJ, SORBS came to my attention because I tried to email a friend of mine, and it bounced. If there's one thing I hate more than spam, it's having a perfectly valid email bounce for no good reason. (I've been able to email George since, and it looks like Paradise was taken off SORBS' list.)

Blacklisting is bad, it stops legitimate emails and doesn't really affect spammers much, because they use fake email addresses and don't get the bounces. Of course, if everyone used the blacklist, that would stop the spammers... for about five minutes before they found a way around it. Spammers make quite a lot of money, you see, so they're determined to keep doing it. The only way to stop spam for good is to cut it off at the source. Blacklisting doesn't do that, it just makes the problem invisible, like taking painkillers for a brain tumour.

Of course, people will still use blacklists. However if you consider using SORBS, you might stop to consider what valid emails you might miss out on.

Incidentally, SORBS is currently in fourth position for a worthless project.

Posted November 19, 2004 7:31 PM

Comments

Blacklisting is actually a very effective way to stop spam; it's just important that it is set up correctly and an accurate set of blocks are used.

The fact that you do get a bounce with DNS blacklisting is the great thing about it - at least you know you've been identified as junk. With the other method of stopping spam - a junk mail folder - you don't know you've ended up there.

I block dozens of spam emails a day by blacklisting, but have an alternative contact method (via a web form) shown in the bounced emails. Because of this it is possible for someone to contact me should they be blocked. This has only happened once in the one year of using a block.

I currently use spamhaus.org's block list.

I am now considering using a block list of dynamically assigned addresses. Why? Because the remainder of the spam I receive *all* comes from dynamic space. Is it really that much for people to send mail through official ISP SMTP servers?

As for 'blacklisting not affecting spammers much', I think you are very wrong. Because ISPs get blacklisted they are now much more wary of spammers on their network. This is why spammers have to move around so often, they go from blacklist to blacklist, get known to ISPs, and find it very difficult to set up permanent spamming operations. The harder their life gets, the more likely they are to move onto another criminal activity in the future.

However, it is interesting to read of yours and other's experiences of SORBS, as I will think twice about using them.

Out of interest, how would you react if: an email you sent was blocked, but you were able to send a contact via a webform to someone who would then whitelist your address?

Posted by: Andrew Beverley | December 27, 2004 11:21 PM

Depends on several things. I'd only reply if the person is someone I email regularly (in which case they should have me in their whitelist already anyway) or it's a matter of life and death. Generally, if I get a bounce from either a blacklist or a whitelist, I'm liable to shrug and go on to the next email to answer.

As for 'blacklisting not affecting spammers much', I think you are very wrong.

Yet the volume of email spam seems to be ever increasing. :)

Posted by: Alden Bates | December 28, 2004 12:45 AM

Anyone not doing research before using SORBS is making a mistake. Make no mistake.. I've done the research and it's a mistake. I think ISP's that utilize it will see that... hopefully before it's too late.

Posted by: Steve Ryan | September 14, 2006 5:39 PM

I am currently trying to figure out how to get out of SORBS' blacklist. I work at a charter school but any emails that try to go to a local ISP account or AOL accounts get bounced back. They are asking me to fix the DNS server to not be reclusive. How can I fix that if it is at our ISP's office, not the school? They also want money...wtf??? can someone help me figure this out?

Posted by: Rick | October 11, 2006 7:46 AM

A Google search for "dns server" reclusive doesn't turn up anything relevant. It's a problem your ISP will have to handle anyway...

Posted by: Alden Bates | October 11, 2006 9:18 AM

Tetrap.com Site Map