Can someone from SORBS contact me offlist?
I need to resolve some issues that we are having with you guys but there is a lack of timelyness with your contact forms, 28 days is simply unacceptable :(
Sorbs was shut down just about that time ago .. On Sat, Jul 11, 2009 at 7:50 PM, Ronald Cotoni<setient@gmail.com> wrote:
I need to resolve some issues that we are having with you guys but there is a lack of timelyness with your contact forms, 28 days is simply unacceptable :(
-- Suresh Ramasubramanian (ops.lists@gmail.com)
On Sat, Jul 11, 2009 at 10:20 AM, Ronald Cotoni<setient@gmail.com> wrote:
I need to resolve some issues that we are having with you guys but there is a lack of timelyness with your contact forms, 28 days is simply unacceptable :(
From www.sorbs.net:
"It comes with great sadness that I have to announce the imminent closure of SORBS. The University of Queensland have decided not to honor their agreement with myself and SORBS and terminate the hosting contract. I have been involved with institutions such as Griffith University trying to arrange alternative hosting for SORBS, but as of 12 noon, 22nd June 2009 no hosting has been acquired and therefore I have been forced in to this announcement. SORBS is officially "For Sale" should anyone wish to purchase it as a going concern, but failing that and failing to find alternative hosting for a 42RU rack in the Brisbane area of Queensland Australia SORBS will be shutting down permanently in 28 days, on 20th July 2009 at 12 noon." uhm, I dont think they care to help... -chris
On Sat, Jul 11, 2009 at 11:08 AM, Christopher Morrow<morrowc.lists@gmail.com> wrote:
From www.sorbs.net: "It comes with great sadness that I have to announce the imminent [snip]
You might want to read the June 25th update they made to the announcement, as shown on the very same page. " SORBS has had 2 offers of hosting within the Queensland/North New South Wales area, one of which is by a top hosting company in Australia. The result is at this present time I, Michelle Sullivan, feel that SORBS will not close on the date specified, though there maybe some small outages around this time. " By all appearances SORBS is still completely operational, they have not shutdown, and every indication now is that they are probably not going to shut down. -- -J
On Sat, 11 Jul 2009 11:34:58 -0500 James Hess <mysidia@gmail.com> wrote:
On Sat, Jul 11, 2009 at 11:08 AM, Christopher Morrow<morrowc.lists@gmail.com> wrote:
From www.sorbs.net: "It comes with great sadness that I have to announce the imminent [snip]
You might want to read the June 25th update they made to the announcement, as shown on the very same page.
SORBS has never had a good reputation over removals.......... -- John
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems. On Sat, Jul 11, 2009 at 11:45 AM, John Peach <john-nanog@johnpeach.com>wrote:
On Sat, 11 Jul 2009 11:34:58 -0500 James Hess <mysidia@gmail.com> wrote:
On Sat, Jul 11, 2009 at 11:08 AM, Christopher Morrow<morrowc.lists@gmail.com> wrote:
From www.sorbs.net: "It comes with great sadness that I have to announce the imminent [snip]
You might want to read the June 25th update they made to the announcement, as shown on the very same page.
SORBS has never had a good reputation over removals..........
-- John
On 7/11/09 11:05 AM, Ronald Cotoni wrote:
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems.
I find it unacceptable that people demand instant service from a company they don't have prior business arrangements/relationship with. Average turn around time for the AHBL is around two weeks if we don't have an established contact and procedure with. How would you like it if a non-customer came to you demanding resolution to a problem with a free service you provide? Would you drop everything, and give that non-customer the same service you give a paying customer? -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org
Nuno Vieira - nfsi wrote:
That's good to know.
I'll avoid using it.
Holy crap, what's with all the AHBL hate? At the very least they have a responsive human and - last time I checked - they don't require an exchange of money to get off the list. I'd hazard a guess that "two weeks" includes the responsiveness of the other party. I unsuspended a domain yesterday because the other party just now got around to the notices I sent 3 months ago on their hacked content manager hosting phishing sites. People bitch and whine about free services more than when they actually pay for something. Sad. ~Seth
On Sat, 11 Jul 2009, Seth Mattinen wrote:
Nuno Vieira - nfsi wrote:
That's good to know.
I'll avoid using it.
Holy crap, what's with all the AHBL hate? At the very least they have a responsive human and - last time I checked - they don't require an exchange of money to get off the list. I'd hazard a guess that "two weeks" includes the responsiveness of the other party. I unsuspended a domain yesterday because the other party just now got around to the notices I sent 3 months ago on their hacked content manager hosting phishing sites.
People bitch and whine about free services more than when they actually pay for something. Sad.
From the other side of the coin - on a professional level I had cause to deal with Michael Sullivan on behalf of an ISP I worked for that had been
People who choose to run with SORBS - yes, a free service - take a significant risk (as other posters have highlighted); the people who run SORBS (person?) take a fairly extreme approach to the idea of removing hosts.... unfortunately the combination of blacklisting a host over a questionable report / reason, and then making removal of said host all-but impossible, would point toward a system that's far from 'user friendly', from the 'victim' point of view. Ala it appears that there's no room for any view that disagrees with that which SORBS take. But it is free. And one of the simplest implementations is a yes/no based on the RBL response... as opposed to simply perhaps using it for 'scoring'. I personally used one of the SORBS BL's several years ago on my personal MTA with good effect - primarily dropping inbound connections deemed to be from dynamic IP addresses. Unfortunately after a while false positives started creeping in and the collatoral damage started accumulating. I subsequently adopted other ways of dealing with inbound spam and can't say i've missed the crap that resulted from using them. listed.... again the totalitarian viewpoint taken by SORBS made negotiation all-but impossible, this caused us "customer service issues". Most recently all i've been able to do is recommend people steer clear. That recommendation stands. Spam filtering technology has evolved over the last few years and there's plenty of better ways.... ... offers no solace to the victims of providers who are still running SORBS, however. Mark.
----- Original Message ----- From: "Seth Mattinen" <sethm@rollernet.us> To: <nanog@nanog.org> Sent: Saturday, July 11, 2009 3:40 PM Subject: Re: Can someone from SORBS contact me offlist?
Nuno Vieira - nfsi wrote:
That's good to know.
I'll avoid using it.
Holy crap, what's with all the AHBL hate? At the very least they have a responsive human and - last time I checked - they don't require an exchange of money to get off the list. I'd hazard a guess that "two weeks" includes the responsiveness of the other party. I unsuspended a domain yesterday because the other party just now got around to the notices I sent 3 months ago on their hacked content manager hosting phishing sites.
People bitch and whine about free services more than when they actually pay for something. Sad.
~Seth
"Proxy removal is functioning (sort of). Any other type of removal is no longer possible. Do not contact us about removals." That's quoted from their web site. No method of communications except through the proxy, which is only "sort of" working. So, if someone is listed, and the proxy only sort or works and can't remove them, there's no recourse. -- Micheal Patterson
On 7/11/09 3:30 PM, Micheal Patterson wrote:
"Proxy removal is functioning (sort of). Any other type of removal is no longer possible. Do not contact us about removals."
That's quoted from their web site. No method of communications except through the proxy, which is only "sort of" working. So, if someone is listed, and the proxy only sort or works and can't remove them, there's no recourse.
I knew I forgot to push the update that had the new contact form. Anyways, proxy removal works fine, and the contact form works. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org
On Jul 11, 2009, at 4:40 PM, Seth Mattinen wrote:
Nuno Vieira - nfsi wrote:
That's good to know. I'll avoid using it.
Holy crap, what's with all the AHBL hate? At the very least they have a responsive human and - last time I checked - they don't require an exchange of money to get off the list. I'd hazard a guess that "two weeks" includes the responsiveness of the other party. I unsuspended a domain yesterday because the other party just now got around to the notices I sent 3 months ago on their hacked content manager hosting phishing sites.
Definitely not what the poster was implying (one could argue outright stating). I've never met anyone who quoted "It takes X long" when X was mostly waiting for you to respond. Why do you assume they would inflate their stats and make themselves look that bad in such a silly way?
People bitch and whine about free services more than when they actually pay for something. Sad.
That is not at all clear from the post above, or anything else in this thread. Hell, I don't even see hate for AHBL. I just see .. indifference. Just 'cause I and others do not want to use a service doesn't mean we hate it. -- TTFN, patrick
On Jul 11, 2009, at 1:11 PM, Brielle Bruns wrote:
On 7/11/09 11:05 AM, Ronald Cotoni wrote:
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems.
I find it unacceptable that people demand instant service from a company they don't have prior business arrangements/relationship with. Average turn around time for the AHBL is around two weeks if we don't have an established contact and procedure with.
How would you like it if a non-customer came to you demanding resolution to a problem with a free service you provide? Would you drop everything, and give that non-customer the same service you give a paying customer?
I don't see any demands there. I see someone commenting on the utility of the "free service" offered. If a blacklist, free or not, lists good IP addresses and takes a long time to remove them, then the blacklist is not useful. Given that you said AHBL requires two weeks to remove good IP addresses unless there is an "established contact", I'll be sure never to use said list. Suppose my business partner gets listed? Am I to ruin our relationship for two weeks because you are busy or don't like the fact we don't pay you? We didn't pay you to list us either. Besides, there are plenty of useful blacklists with very low FP rates who are responsive. Why use one that has high FP and is unresponsive? Running a blacklist sucks. It's got to be one of the hardest jobs for a white-hat to do on the 'Net. But if you don't like it, don't do it. Doing it then complaining about it after is .. silly. -- TTFN< patrick
Patrick W. Gilmore wrote:
Given that you said AHBL requires two weeks to remove good IP addresses unless there is an "established contact", I'll be sure never to use said list. Suppose my business partner gets listed? Am I to ruin our relationship for two weeks because you are busy or don't like the fact we don't pay you? We didn't pay you to list us either.
What he's describing isn't a business; it's a protection racket.
Running a blacklist sucks. It's got to be one of the hardest jobs for a white-hat to do on the 'Net. But if you don't like it, don't do it. Doing it then complaining about it after is .. silly.
Yep. Mike
On 7/11/09 12:47 PM, Patrick W. Gilmore wrote:
Given that you said AHBL requires two weeks to remove good IP addresses unless there is an "established contact", I'll be sure never to use said list. Suppose my business partner gets listed? Am I to ruin our relationship for two weeks because you are busy or don't like the fact we don't pay you? We didn't pay you to list us either.
Actually, if its a simple issue with a proxy or trojan, if you use the removal tool, provided the IP comes back clean from our tester, you are removed within 12-24 hours. If it requires manual intervention, yeah, its going to take longer. Our original idea was to base removal time on how long the listing was in the AHBL. If you hosted and gladly accepted money from a spam spewer for a year, and only decided to terminate them after they didn't pay, you'd be listed for somewhere in between 6 months to a year. Those two weeks are our buffer for seeing if said spam source is really gone, or just shut off long enough to fool us. We've been lied to so many times, its hard to justify doing instant removals on request. Further, there is such thing as a local whitelist of IP addresses.
Besides, there are plenty of useful blacklists with very low FP rates who are responsive. Why use one that has high FP and is unresponsive?
*shrugs* Thats up to you. I never held a gun to your head telling you to use the AHBL.
Running a blacklist sucks. It's got to be one of the hardest jobs for a white-hat to do on the 'Net. But if you don't like it, don't do it. Doing it then complaining about it after is .. silly.
I'm not complaining. People talk shit about Michelle, and yes, I will get involved. She's a friend of mine, and a fellow DNSbl maintainer. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org
On Jul 11, 2009, at 5:37 PM, Brielle Bruns wrote:
Further, there is such thing as a local whitelist of IP addresses.
Easier to just not use the BL.
Besides, there are plenty of useful blacklists with very low FP rates who are responsive. Why use one that has high FP and is unresponsive?
*shrugs* Thats up to you. I never held a gun to your head telling you to use the AHBL.
See we completely agree!
Running a blacklist sucks. It's got to be one of the hardest jobs for a white-hat to do on the 'Net. But if you don't like it, don't do it. Doing it then complaining about it after is .. silly.
I'm not complaining. People talk shit about Michelle, and yes, I will get involved. She's a friend of mine, and a fellow DNSbl maintainer.
Michelle has tried very hard to do some good thing. She has succeed at some of them. She has failed miserably at others. To the point where there are many people who believe she has done more harm than good. I am on the fence about her overall utility to the 'Net. I tend to believe the balance is more good than bad, if for no other reason than she raised awareness of the issue. But I could not argue strongly against those who believe otherwise, especially those who have been forced to pay to get delisted. I strongly recommend _against_ using SORBS. I've never used your BL, but given the ambiguity of your responses ("it takes two weeks .. uh .. unless you call me out about it on a public mailing list"), I'm inclined to never use it. Which is fine with you, so hopefully that makes us both happy. If you call that talking shit, bring it on. Being a DNSBL maintainer does not make you immune to factually correct criticism. -- TTFN, patrick P.S. Anyone looking to find a good DNSBL, I would recommend Al Iverson's web page, <http://www.dnsbl.com/>. Hrmmm, AHBL is not listed there. Al's pretty clueful about such things and checks all the major BLs in use. Did you ask him not to rate your service?
Hi Brielle. Do they take two weeks to put a spammer on the list? Regards, John John Souvestre - New Orleans LA
-----Original Message----- From: Brielle Bruns [mailto:bruns@2mbit.com] Sent: Saturday, July 11, 2009 12:12 PM To: nanog@nanog.org Subject: Re: Can someone from SORBS contact me offlist?
On 7/11/09 11:05 AM, Ronald Cotoni wrote:
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems.
I find it unacceptable that people demand instant service from a company they don't have prior business arrangements/relationship with. Average turn around time for the AHBL is around two weeks if we don't have an established contact and procedure with.
How would you like it if a non-customer came to you demanding resolution to a problem with a free service you provide? Would you drop everything, and give that non-customer the same service you give a paying customer?
-- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org
Sadly, this is for remote hosts. I have no idea why someone would use such services as there are too many false positives. It is like using an IDS that is 2 weeks behind on it's definition. That brings up the point of false positives and outdated information blocking legitimate users, perhaps many which is what my company is experiencing since they deem certain reverse dns entries too "generic" and blacklisted a /18. I believe that is why no one knows if they will be bought or whatnot. Who knows. On Sat, Jul 11, 2009 at 1:50 PM, John Souvestre <johns@sstar.com> wrote:
Hi Brielle.
Do they take two weeks to put a spammer on the list?
Regards,
John
John Souvestre - New Orleans LA
-----Original Message----- From: Brielle Bruns [mailto:bruns@2mbit.com] Sent: Saturday, July 11, 2009 12:12 PM To: nanog@nanog.org Subject: Re: Can someone from SORBS contact me offlist?
On 7/11/09 11:05 AM, Ronald Cotoni wrote:
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems.
I find it unacceptable that people demand instant service from a company they don't have prior business arrangements/relationship with. Average turn around time for the AHBL is around two weeks if we don't have an established contact and procedure with.
How would you like it if a non-customer came to you demanding resolution to a problem with a free service you provide? Would you drop everything, and give that non-customer the same service you give a paying customer?
-- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org
On Sat, 11 Jul 2009, Ronald Cotoni wrote:
Sadly, this is for remote hosts. I have no idea why someone would use such services as there are too many false positives.
Desperation in trying to limit the amount of spam delivered.
It is like using an IDS that is 2 weeks behind on it's definition.
That's still going to be more effective than no IDS. Anyone blocking using DNSBLs really ought to know how to locally whitelist to override the DNSBLs. Maybe you'll need to accept mail from a host that legitimately has issues and isn't a FP. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Sat, 2009-07-11 at 11:11 -0600, Brielle Bruns wrote:
On 7/11/09 11:05 AM, Ronald Cotoni wrote:
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems.
I find it unacceptable that people demand instant service from a company they don't have prior business arrangements/relationship with. Average turn around time for the AHBL is around two weeks if we don't have an established contact and procedure with.
Yes, but the AHBL is actually a responsible blacklist service. SORBS has policies which make me choose to not use it on my mailservers, and the general amount of complaints I have heard about it is a major turnoff. Also, I believe SORBS are the ones that require a donation to get out if you've been screwed by your upstream provider that just handed you a tainted class-C. With the shortage of IPv4 addresses becoming more and more imminent, such policy is simply unacceptable. William -- William Pitcock SystemInPlace - Simple Hosting Solutions 1-866-519-6149
On Sat, 11 Jul 2009 14:34:18 -0500 William Pitcock <nenolod@systeminplace.net> wrote:
On Sat, 2009-07-11 at 11:11 -0600, Brielle Bruns wrote:
On 7/11/09 11:05 AM, Ronald Cotoni wrote:
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems.
<snip>
Also, I believe SORBS are the ones that require a donation to get out if ^^^^^^^^^^^^^^^^^^
A 'required donation' sounds like a ransom to me.
On Jul 14, 2009, at 5:47 PM, Mark Smith wrote:
On Sat, 11 Jul 2009 14:34:18 -0500 William Pitcock <nenolod@systeminplace.net> wrote: On Sat, 2009-07-11 at 11:11 -0600, Brielle Bruns wrote:
On 7/11/09 11:05 AM, Ronald Cotoni wrote:
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems.
<snip>
Also, I believe SORBS are the ones that require a donation to get out if
A 'required donation' sounds like a ransom to me.
You make the donation to a "registered charity", not to SORBS. Michelle never sees a dime, nor does anyone else associated with SORBS. You can still call it a ransom if you like, I won't even argue, but in fairness I thought it was useful to make that distinction. In more fairness, last time I checked, all but one of the 'registered charities' asked to be removed from the SORBS list because it was doing them more harm than good. Interpretation of these facts is left up to the reader, I am not making any judgements. -- TTFN, patrick
On Wed, 15 Jul 2009, Mark Smith wrote:
Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems.
Also, I believe SORBS are the ones that require a donation to get out if
A 'required donation' sounds like a ransom to me.
AFAIK, the donation requirement is for getting IPs off the "your IP has sent us spam" subzone of the SORBS dnsbl. Most of the people I'm aware of who've had issues with SORBS have wanted to get incorrect listings removed from the SORBS DUL dul.dnsbl.sorbs.net - Dynamic IP Address ranges (NOT a Dial Up list!) Donations won't help you there. Shouldn't someone have tried steering this thread over to spam-l or someplace other than nanog a day or two ago? ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
I wouldn't condone usage of SORBS' lists, because they sometimes use robots to automatically list things that have little rational basis for being listed, which causes problems. But it may be hard to convince your mail recipients to avoid the same. Commonly, providers may give un-assigned subnets generic PTR records like "isp192-168-0-1.somedomain.com" over their IP space. SORBS automatically lists these in the DUHL. And does not automatically remove them later, when the reverse zone is populated with final hostnames. Legitimate mailservers that do not originate spam routinely appear in the DUHL (and get blocked by users of the list).
How would you like it if a non-customer came to you demanding resolution to a problem with a free service you provide? Would you drop everything, and give that non-customer the same service you give a paying customer?
That depends on the service. The DNS root servers provide a free service to internet users who aren't customers. If those servers all started directing users' .COM, lookups to an incorrect TLD server, so nothing resolved, people would be upset if $root_server_operator told them to wait 2 weeks. People who consume a blacklist might get that service for free, but they only do it on reliance that the blacklist follows the policies that the maintainer had published for their blacklist. In other words, that they provide what they say they are providing, and not something different. The expectation of timeliness arises, because internet applications, services like the web and e-mail are time-critical, no ability to send e-mail may mean lost revenue. An improper blacklist entry (or even a proper one) does direct, immediate, and serious damage to the party listed, and this injury is caused directly by the actions of the blacklist provider maintaining the list entry. I would suggest blacklist services have a moral duty to take reasonable measures to ensure they are not inflicting excessive, easily avoidable damage on innocent third parties, with stale or erroneous entries in their lists. If people believed a blacklist did not take reasonable measures to correct errors quickly, then it would be understandable that their reputation suffers. -- -J
participants (17)
-
Brielle Bruns
-
Christopher Morrow
-
James Hess
-
John Peach
-
John Souvestre
-
Jon Lewis
-
Mark Foster
-
Mark Smith
-
Michael Thomas
-
Micheal Patterson
-
Nuno Vieira - nfsi
-
Patrick W. Gilmore
-
Ronald Cotoni
-
Seth Mattinen
-
Suresh Ramasubramanian
-
Tomas L. Byrnes
-
William Pitcock