Spam and Open Relay Blocking System
From Wikipedia, the free encyclopedia.
Snapshot of page as on 9th July 2006. Linked from Pigeon's rant: SORBS IP blacklist: Matthew Sullivan is an arrogant wanker.
SORBS (Spam and Open Relay Blocking System) is a controversial open proxy and open mail relay DNSBL. It has been augmented with complementary lists that include various other classes of hosts, allowing for customized email rejection by its users.
The SORBS DNSbl project was created November of 2002. It was maintained as a private list until January 6, 2003 when DNSbl was officially launched to the public. The list consisted of 78,000 proxy relays and has grown to over 3,000,000 compromised spam relays. (Source: SORBS.NET as of February 8, 2006)
Some of the controversy arises from SORBS' policy of demanding a USD 50 payment to the Joey McNicol Legal Defense Fund or any other eligible charity in order to get an IP de-listed from the spam database. Because of this requirement, SORBS has often been compared to an extortion racket.
Unused amounts in the fund are made available to defend other actions brought by spammers against people who fight spam. Donations have been made to the following:
|Source of money||Amount||Destination||Citation|
|Joey McNicol Legal defense fund and Matthew Sullivan SORBS||$2150.00||Abusive Hosts Blocking List|||
|Joey McNicol Legal Defence Fund & Matthew Sullivan (Sorbs)||$960.70||OsiruSoft Research & Engineering (Pallorium Vs. Jared)|||
SORBS has also gained criticism because of blacklisting of Gmail addresses, Ameritech, Southern Bell, British Telecom, France Telecom, static Wanadoo IPs, KORE, Inc. and Australia's BigPond, including static IPs. Their DNSBL has listed Yahoo! for some time, and Hotmail has been noted as being listed and getting unlisted from time to time. This is an consequence of the spam database listing policy: any IP address that sends spam to the SORBS spamtrap addresses gets listed, and increasingly, advance fee fraud spam is being sent through various freemail systems, including but not limited to Gmail, Yahoo! or Hotmail.
A simple Google search reveals that problems caused by the SORBS blacklist are extremely widespread.
http://www.emailbattles.com/archive/battles/spam_ajhcjhcdfg_dg/ has an article on SORBS's extreme blocking methods.
SORBS also adds IP ranges that belong to dialup modem pools, dynamically allocated wireless and DSL connections as well as DHCP LAN ranges by using Reverse DNS PTR records, WHOIS records, and sometimes by submission from the ISPs themselves. This is called the 'DUHL' or Dynamic User and Host List.
SORBS also adds static IP addresses that use dsl connections from ILEC carriers to their DUHL list because they don't follow SORBS quirky rDNS name or TTL policies. This causes SORBS users to block legitimate email (False Positives). It is widely recommended that SORBS DUHL not be used, see for example this advisory message for Kerio users.
SORBS also makes mistakes in its listings of Dynamic Blocks. In March of 2006, SORBS listed KORE, Inc. and all of their hosted customers without reason. According to Internic it is clearly seen that their listing of this block is wrong.
In May 2006 they also listed IP blocks 188.8.131.52/23 and 184.108.40.206/23. These IP blocks are used by Metronet (aka Parbin Ltd) to provide IPs for ADSL customers. All Metronet customers have static IPs.