Re: Re: Re: OT: sorbs blacklisting scam - Debian

This is a discussion on Re: Re: Re: OT: sorbs blacklisting scam - Debian ; I knew it was a bad idea to reply. However, Keith is right, the thread has repeatedly gone to the personal insults, and considering SORBS is a large part of me, that means every post you have made. He's a ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: Re: Re: Re: OT: sorbs blacklisting scam

  1. Re: Re: Re: OT: sorbs blacklisting scam

    I knew it was a bad idea to reply. However, Keith is right, the thread
    has repeatedly gone to the personal insults, and considering SORBS is a
    large part of me, that means every post you have made.

    He's a tip Mike, if you are such a good admin and good netizen, why
    don't you:

    1/ Stop spam filter backscatter which is widely known to be 99.9999999%
    forged senders, and thus stop attacking innocent users.
    2/ Admit that you are/were running a faulty system which was attacking
    innocent users.
    3/ Stop making things up about SORBS - the mailbox your servers hit was
    a real user, not a spamtrap (or as you incorrectly term it a "honey pot")
    4/ Program and setup a better DNSbl than SORBS - you seem to have some
    good ideas and you certainly indicate a superior knowledge on the subject.
    5/ Let the list go back to a technical discussion within it's charter
    instead of slagging third party people and organisations.
    6/ Resist the temptation to hijack another list with off-topic postings
    and spam all the users with this unfounded drivel and propaganda in an
    attempt to disguise the real issue (2).

    Regards,

    Mat

    PS: dnsbl-users@sorbs.net is open subscription un-censored and the
    correct place to hold discussions about SORBS listings and policies...
    and oddly enough you'll find a lot of the SORBS users there (certainly
    more than on this list).

    --

    To the moderator/owner of this list - sorry, however I believe someone
    should have said the above to Mike a long time ago, the technical
    discussion part being of interest to the list is still off topic.


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  2. Re: Re: Re: OT: sorbs blacklisting scam

    On Mon, 2006-05-01 at 04:52, Matthew Sullivan wrote:
    > 1/ Stop spam filter backscatter which is widely known to be 99.9999999%
    > forged senders, and thus stop attacking innocent users.


    Both your system and ours have generated backscatter in the
    past. Despite yesterday's change, your systems (and ours)
    can still generate backscatter today. Let's concede that
    we're both working to minimize backscatter but preventing
    backscatter is not yet technically feasible.

    The difference between us is that we don't cause email to
    be blocked for reasons different from those documented on
    the SORBS website.

    > 2/ Admit that you are/were running a faulty system which was attacking
    > innocent users.


    Our system is less than perfect, as is SORBS. Faulty? No.

    An RBL is not just about software. It's about minimizing
    false positives and false negatives, providing a fast and
    reliable service, and responding promptly to issues. But
    let's focus in this technical list on the technical issues:

    A well run RBL lists based on the criteria documented on
    the website, not some undocumented test (backscatter) which
    the RBL domain itself has failed for years.

    A well run RBL typically takes care to avoid false
    positives.

    A well run RBL typically provides tools to quickly
    determine the cause of a listing.

    A well run RBL typically provides a speedy and well
    documented mechanism to rectify its mistakes.

    A well run RBL typically involves a mechanism to
    automatically remove listings after a time period
    proportional to the severity of the attack.

    A well run RBL does not have a $50 "fine" as the primary
    criteria for delisting.

    We respect those who can manage RBLs well, and we are
    grateful that we are permitted to use their RBLs.

    --Mike Bird


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  3. Re: OT: sorbs blacklisting scam

    Matthew Sullivan wrote:

    *snip*

    > PS: dnsbl-users@sorbs.net is open subscription un-censored and the
    > correct place to hold discussions about SORBS listings and policies...
    > and oddly enough you'll find a lot of the SORBS users there (certainly
    > more than on this list).
    >


    Is it the only correct place? No, and don't deny the people that
    have signed up for a debian list (focused on isp's) the joy of a
    discussion and a good flame war. It could have done without the
    personal stuff.. but ey, we're all human.
    With all the hubbub about SORBS having the right to do "this" or
    not, I never known about a couple of things.. regarding SORBS. This
    discussion wasn't useless at all.

    It has left me with one or two questions unawanserd though.

    The one thing that pissed off a lot of people (and suprised me
    because I have never had a listing at SORBS before, so I couldn't
    have known) is the part about a the so to call "delisting fine". Why
    are we forced to trust (SORBS) a organisation in donating funds to a
    good case that we are forced to provide to get delisted? SORBS has a
    financial funnel to a random charity? How does this work?

    This delisting fee is not optional, but there is no external
    organisation that has any way of doing a check in how the SORBS
    organisation is setup, and financially is beeing maintained. This is
    a guess, and that's because of the lack of easy accessable
    information about this fee.. which brings me to the following:

    It realy amazes me, the lack of immediate information about this
    "feature". SORBS, independent and all, but no clear overview in how
    this works.. a lack of advertisment?

    Kind regards,
    ,Mark


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  4. Re: Re: Re: OT: sorbs blacklisting scam

    On Mon, May 01, 2006 at 01:24:10PM -0700, Mike Bird wrote:

    > On Mon, 2006-05-01 at 04:52, Matthew Sullivan wrote:
    >
    > > 1/ Stop spam filter backscatter which is widely known to be 99.9999999%
    > > forged senders, and thus stop attacking innocent users.

    >
    > Both your system and ours have generated backscatter in the past.
    > Despite yesterday's change, your systems (and ours) can still generate
    > backscatter today. Let's concede that we're both working to minimize
    > backscatter but preventing backscatter is not yet technically
    > feasible.


    A quick technical note to this great discussion: Courier has backscatter
    suppression built in. It pays attention to which accounts are not
    getting delivered to (quota, whatever) and stops backscattering.

    The link http://www.courier-mta.org/install.html#backscatter has all the
    details.

    m


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  5. Re: OT: sorbs blacklisting scam

    On Mon, May 01, 2006 at 01:24:10PM -0700, Mike Bird wrote:
    > An RBL is not just about software. It's about minimizing
    > false positives and false negatives,


    In the past things have been so, yes, I admit that. But I think false
    positives and false negatives are becoming less important as solutions like
    Spamassassin's score calculations are becoming the norm. Almost none of the
    email I block is blocked because of one single reason. Almost always I block
    email because the recipient is listed on more than one list and the message
    looks fishy.

    I think this is the way things will be handled in the future, there will be
    more different ways to analyze suspiciousness of a message and it's source.
    Then a single listing only will only cause the other filters to be used more
    readily.

    I must say, it would be nice if Exim had a nice sender scoring extension so
    that I would not have feed almost all spam to my dedicated Spamassassin
    server. (Hint: I would love it if some Exim-guru were to tell me that I am
    wrong and there already is such an extension

    Another point about false positives is that many people do actually wan't
    false positives via escalation. It puts pressure on bad ISP's and may or may
    not help to get them understand how important fighting spam is. But I
    personally prefer that escalation would not be used to cause more than
    inconvenience. Graylisting connected to Spamassassin scores seems to be a
    nice way to handle this in a way that may cause inconvenience, but does not
    block email entirely.

    > A well run RBL lists based on the criteria documented on
    > the website, not some undocumented test (backscatter) which
    > the RBL domain itself has failed for years.


    I agree that this part of the documentation could use some clarification,
    but I think the current text includes all spam, even that spam which is
    reflected. I do not think that it includes bounces not including the spam,
    but I kind of understood that Sorbs is not supposed to list because of them.

    It is not as if there was some huge misunderstanding about Sorbs listing all
    ways that spam are delivered to end users. People clearly have different
    views on this policy.


    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)

    iD8DBQFEVpUwRGhQc/k/gTsRAmKyAJ0c9PzHcx44uBjbtVVzD9RwjZfPpgCfdGLO
    M0iBJEjC3HvB4EtlETcFiP0=
    =yzSq
    -----END PGP SIGNATURE-----


  6. Re: OT: sorbs blacklisting scam

    This one time, at band camp, Juha-Matti Tapio said:
    >
    > I must say, it would be nice if Exim had a nice sender scoring extension so
    > that I would not have feed almost all spam to my dedicated Spamassassin
    > server. (Hint: I would love it if some Exim-guru were to tell me that I am
    > wrong and there already is such an extension


    I do exactly this at some sites. I use an acl variable, and increment
    it every time something doesn't feel right (RBL hit, odd looking helo
    name, etc). Enough points on the variable and exim makes a decision
    about disposition.

    Take care,
    --
    -----------------------------------------------------------------
    | ,''`. Stephen Gran |
    | : :' : sgran@debian.org |
    | `. `' Debian user, admin, and developer |
    | `- http://www.debian.org |
    -----------------------------------------------------------------

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFEVqPWSYIMHOpZA44RAno+AJ42WdtTiGMPvHBeXxlq31 6eQYnAyQCfcaqV
    7OKgQNGDtm4WEJo/os7E0CY=
    =UfoY
    -----END PGP SIGNATURE-----


  7. Re: NEVER USE SORBS

    On Wed, 26 Jul 2006 10:05:01 +0800, Shane Chrisp
    wrote:

    > Anyone can get off thier list providing you do what is
    > mentioned ... ttl >= 43200 seconds.


    I don't like my TTL set at 12 hours. And I don't have time to argue
    with wackos.

  8. Re: NEVER USE SORBS

    On Tue, 2006-07-25 at 22:24 -0400, John Kelly wrote:
    > On Wed, 26 Jul 2006 10:05:01 +0800, Shane Chrisp
    > wrote:
    >
    > > Anyone can get off thier list providing you do what is
    > > mentioned ... ttl >= 43200 seconds.

    >
    > I don't like my TTL set at 12 hours. And I don't have time to argue
    > with wackos.


    Thats your choice of course. Just as is thier choice not to delist if
    your not prepared to do what is asked.


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  9. Re: NEVER USE SORBS

    Shane Chrisp wrote:
    > On Tue, 2006-07-25 at 22:24 -0400, John Kelly wrote:
    >> On Wed, 26 Jul 2006 10:05:01 +0800, Shane Chrisp
    >> wrote:
    >>
    >>> Anyone can get off thier list providing you do what is
    >>> mentioned ... ttl >= 43200 seconds.

    >> I don't like my TTL set at 12 hours. And I don't have time to argue
    >> with wackos.

    >
    > Thats your choice of course. Just as is thier choice not to delist if
    > your not prepared to do what is asked.


    Somebody will soon argue that it's stupid to set TTL for 12 hours, then
    somebody else will say it is not, then it will start all over again. To
    me it's just a waste of time and valuable discussion in this mailing list.

    I don't want to be annoying but SORBS case have been discussed here a
    lot, and I think there are better things to talk about. Like it or not,
    it has been clearly discussed here that SORBS operate at least a
    controverted service, and I don't think arguing again and again will
    change that fact.

    Thomas


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

+ Reply to Thread