Posted online: 8th Sep, 2009.

 

This is but one of many on the net.  Seems SORBS are hated by spammers AND legit internet users trying to send email.

 

 

 

 

Finally got a response to my ticket, sort of.  Looks like they are not going to delist the IP though.  I guess it will be blacklisted on SORBS forever now due to SORBS's attitude and unprofessionalism.  (As stated earlier I've now rerouted our SMTP traffic away from the blacklisted IP so the SORBS listing is irrelevant now anyway.)

 

Here's the email in it's entirety:  (PS: I did threaten

-=-=-=-=-=-=-=-=-=-=-=-=-

*UPDATED 10th September, 2009*

 

Oopsy, looks like Mathew/Michelle isn't currently hosting ROMs.

A person kindly suggested I try downloading one.  What do I get?  Not a MAME ROM but this text file:

Thanks for abusing my server, for that I have no download quota left
for this month and consequently no-one will get any more ROMs unless
you want to donate $10.00 to the cost of my Internet connection.

If you do want to donate mail me, and sent $10.00 to paypal@isux.com
via PayPal.

So, no current MAME ROMs that I can see there, however, is this worse in a way?  Sullivan obviously was hosting ROMs and actually asking for money for access to them.  Tsk tsk.

 

 

*UPDATED 9th September, 2009*

 

Another update: Stuff you SORBS, I've redirected SMTP traffic from that site via another address.

 

WOW! I got a response from SORBS! (Kind of - via Whirlpool).  (PS: Try searching Whirlpool for SORBS and see what people there think of SORBS.  On the subject of the possible closure of SORBS, not one tear was shed).

 

I paste the response in it's entirety, my original comments in BLUE, SORBS in BLACK, my new comments in RED.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Yeah I'm getting that impression too.
Actually chasing up their hosting company, maybe that will get some action.

Yes it did, you just got yourself pushed to the back of the queue again.

Bombarding SORBS with delisting requests has one reaction. It takes longer to answer you (regardless as to whether you get delisted or not.)

 

In fact after I submitted the first ticket I did nothing for hours, but no response.  Most RBL's act a LOT quicker than this to correct issues.  Maybe I would not have been so hasty in escalating this until a Google of SORBS SUCKS showed me how hard, (futile?) it is getting off this list.

I wouldn't mind *if* the system in question was sending spam, then I could troubleshoot and get it fixed.

Yes it was, back in Nov 2008, and it's taken you nearly a year to log a ticket, guess it's not that much of a problem, or is that just a show of how good your skills are?

 

Given we are only listed on SORBS directly, and almost a year has passed, don't you think if we WERE sending spam still, we'd be on every blackhole list in existence?  We might have accidently had an open relay then, or perhaps we didn't even operate on that IP then?  Any open relays are quickly corrected by myself, I hate spam too!

I've gone and ranted online at: http://www.sputcorp.com/IT/SORBS.aspx

As you've chosen the public route lets have a little look at the ticket:

Name: Simon Shaw
Company: Micromine PL
IP: 94.159.0.54
rDNS: [TTL 0] NXDOMAIN
Domain: 94.159.0.54
Type: company
Primary OS: windows
Skill Level: admin
DB: spam database
Additional Information:

Please send me a copy of the email that was sent to the spamtrap address.
I do not believe that the listed IP is an open relay.

Address: 94.159.0.54
Last Seen: Thu Nov 6 09:43:00 2008 GMT
Additional Information: [ Submitted via: Report 'o Matic ] Received: from [94.159.0.54] by secure.arboris.co.uk with esmtp (Exim 4.69) (envelope-from ) id 1Ky1OB-0006MZ-Gp for [email]; Thu, 06 Nov 2008 09:42:55 +0000

====

Its not listed as an open-relay, it is listed as sending spam to a spamtrap.

====

I've gone and ranted online at: http://www.sputcorp.com/IT/SORBS.aspx

Yeah .. love this:

The first link below shows some of the main reasons you should not use SORBS.
Especially: "Anyone running a C/R system will eventually get an email from a spammer with return address that is a spamtrap. This will cause SORBS to blacklist a legitimate sender (examples)."

So you support spammers ideals of sending unsolicited bulk email to random people...! Stop spamming!

 

Uh, that's from a link.  I was using it purely to point out how easy it is to get accidently listed on SORBS.  What's wrong with challenge response authentication to an SMTP server anyway?  Companies do this all the time so people can send mail from outside their office.

SORBS

PS: for the peanut gallery, the listing in the SpamDB is because we received spam, that's not challenge response spam, but real, botnet delivered spam claiming to be from an educational establishment in Sweden.

 

 

-END-

 

Well... After that refreshing clash, more news below.

 

 

Well, looks like Mathewl/Michelle Sullivan, the SORBS owner/maintainer is also hosting illegal MAME ROMs on their Westnet ISP connection.  (Under vampire.isux.com)  Way to be professional!  I've reported this to the ISP concerned.

 

SORBS's data carriage service provider seems to have their hands tied a bit.  I would encourage them to stop providing any service for SORBS data traffic.  Personally I cannot see why any reputable hosting company would want to conduct any business with a customer that appears to have the bad reputation that SORBS does.

 

Yes, our IP is still listed on the SORBS database, and yes we have yet to receive a single response from SORBS despite submitting yet another useless ticket today.

 

Maybe I can go after SORBS with the police for preventing us from being able to conduct normal email operations.  I am loathe to do that though as it will probably end up nowhere, especially given the IP in question is hosted in Moscow.

 

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 

We came across the problem when one of our staff received bounces trying to email some clients.
A quick lookup showed the IP was listed on the SORBS RBL.  Easy I thought, I'll go to SORBS, get it checked out and arrange delisting of the affected IP.

 

Nope.  After submitting tickets to SORBS, with zero response I tried emailing postmaster@sorbs.net and abuse@sorbs.net, (since they don't supply any other contact email).  No go, looks like they don't actually accept email to those addresses despite it being in the RFC that they should.  I have two open tickets.  I don't see the point in submitting another since they haven't responded to the others.

 

Some sites I've read tell me to hammer them with tickets till you get a response.  Frankly I do not have the time for this, especially since some people say it took up to a month to get a response from them.

 

I've left a voice message on their answering service, no response.  Looks like getting delisted is nigh on impossible unless I cough up fifty dollars, which I refuse to do.  I only have SORBS word that the affected IP was sending SPAM in the first place.

 

So next step was to try contacting them via their hosting company.  I'll let you know more as that develops, so far they have been as helpful as they can given the circumstances.

 

In the meantime, if you are using SORBS as a RBL I strongly advise you not to, you may be blocking legitimate emails.  Use another RBL, preferably one that actually responds to support tickets.

 

The first link below shows some of the main reasons you should not use SORBS.

Especially: "Anyone running a C/R system will eventually get an email from a spammer with return address that is a spamtrap.  This will cause SORBS to blacklist a legitimate sender (examples)."