Thought I would share our recent and ongoing experience with the SORBS rbl. We were unfortunate enough to be on the same net block as a spammer. Apparently, SORBS sent emails to our provider (we are co-located) but our provider says that they did not receive any communication from them. So SORBS lists the entire net block including our innocent ip addresses.
I discovered our ip addresses listed on SORBS and open a ticket with them through their very user unfriendly web site. I politely communicate with “Joey” from SORBS who explains there is really nothing we can do except have our provider resolve the issue for the entire net block. Fine…not fair, but fine I’ll take it up with our provider. Our provider contacts them to get further information about the listing. They got one vague response that said exactly what was already on the SORBS database check. All further communications were (and continue to be) ignored by SORBS. My provider assures me there is no spam coming from anywhere in the net block so I try to contact SORBS again myself. I quoted their website this time…
“Delisting. If the size of the listing is anything more than a single IP address, delisting can only take place when the spammer is no longer using the address space, in which case the size of the listing will be reduced down to the originally spamming IP addresses free of charge. The affected IPs (the ones used to send the spam) will only be delisted when US$50 is donated to a SORBS nominated charity or good cause.”
I just want to get our ip addresses off the list…seems reasonable right? I get a response from SORBS that says this issue is not about fines but gives no further information on how to get delisted or why they don’t respond to my provider’s emails. So I email them again asking them to acknowledge that they received the emails from my provider….no response.
Here’s the best part: So I go to the SORBS web site today and just for kicks I put our mail server ip address in the database check. They now not only have the net block listed but they actually have our mail server ip address individually listed too. The listing gives the ESMTP id number responsible for sending to a “spam trap” so I look it up in our log files….It’s the message I sent to them responding to our open ticket!!!
This has gone on for over a month now and I’m pulling my hair out. I’d like to hear if anyone has any suggestions or similar experiences with SORBS.
They now not only have the net block listed but they actually have our mail server ip address individually listed too. The listing gives the ESMTP id number responsible for sending to a “spam trap” so I look it up in our log files….It’s the message I sent to them responding to our open ticket!!!
SORBS = horrible experience no matter what. They ought to be blacklisted from providing a blacklist.
Yes, I see this stated a lot but there are numerous host that continue to use them as an rbl. Several of our clients do business with people that are on a host that uses SORBS. They receive the bounced messages and look to us to fix the problem.
What do you say? Um, it wasn't our fault and we can't do anything to fix it....you're SOL? Of course they are mad and they have every right to be. We have even taken the time to contact other hosts to try to get them to add our client to their rbl whitelist. I personally have spent so much time and effort dealing with this listing it's crazy....and we (like our clients) are an innocent party in this.
Welcome to the club! But I must say, at the very least they are active in removing the IP addresses if you follow their process. It took us two requests but the mail server IP address eventually was removed.
I agree 100% you have a client, that has loose permissions, a hacker/spammer finds a way in and spams like crazy you notice the server going into over drive with load because of exim. You catch this 1 hour after it starts. The account gets turned off files removed permissions set correctly.
Server gets listed spamcop and SORBS. You work with spamcop and they help you once you tell them the story and they unlist you. They have always worked with us.
SORBS different story, now they demand a ransom from companies of 50.00
This is BS..
Would be a different story if we did not do our very best to stop spam and kill anything we find but we always have.
2009 and still same weak service.
Nobody reply. Nobody delist.
We have an IP listed for 1 month! I can not understand how some admins/postmaster still use this database as email filtering! This is not maintained at all and service is the worst I ever saw (also the webpage!)
The way to deal with unreasonable black lists is to ignore them, *but* explain why to the appropriate people.
"Yes, Mr. CEO, your critical email went missing, that's because your admin is using list x. This is something that you need to address internally."
"Yes, Ms. CEO, your critical email never got to company X, that is because they are using list x. More correctly, it was delivered, but dropped by them. Your best bet is to ask your counter part at Company X to discuss this with their administrator."
Just watch how fast company X stops using the list. It's just a creative application of "the squeaky wheel gets the grease".
Some lists are used almost exclusively by small time administrators who are obsessed with spam or clueless. Large organisations are much more careful which lists they use. See above for the reason.
You'll need to stand firm of course for this approach to work because it's a question of who blinks first. But, if enough admins do this, list x just vanishes due to disinterest.