Re: NEVER USE SORBS - Debian

This is a discussion on Re: NEVER USE SORBS - Debian ; On Wednesday 26 July 2006 19:53, Craig Sanders wrote: > On Thu, Jul 27, 2006 at 08:30:49AM +0800, Shane Chrisp wrote: > > > > None of these are true (at least no one making these claims has > > ...

+ Reply to Thread
Page 2 of 6 FirstFirst 1 2 3 4 ... LastLast
Results 21 to 40 of 117

Thread: Re: NEVER USE SORBS

  1. Re: NEVER USE SORBS

    On Wednesday 26 July 2006 19:53, Craig Sanders wrote:
    > On Thu, Jul 27, 2006 at 08:30:49AM +0800, Shane Chrisp wrote:
    > > > > None of these are true (at least no one making these claims has
    > > > > bothered to provide evidence).
    > > >
    > > > I'm under NDA about that situation still. Don't construe being
    > > > legally unable to share as a lack of evidence.

    > >
    > > This only looks like another way of saying I dont have any evidence to
    > > offer so im gonna give another bull**** story.

    >
    > it is. God spoke to me and told me it was, and so did the aliens.
    > unfortunately, i'm under an NDA and can't provide any proof of these
    > conversations. but they happened. really and truly they did.


    Let's keep the fagatronics to a minimum, Sanders.

    --
    Paul Johnson
    Email and IM (XMPP & Google Talk): baloo@ursine.ca
    Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.3 (GNU/Linux)

    iD8DBQBEyDMktFWT6GUYO7QRAoaiAJ9a6CtOHhsIZFQF7noOBN oTak/TLACgmIgf
    ufdHAw4tY81PeuMWjxFZp2o=
    =1taQ
    -----END PGP SIGNATURE-----


  2. Re: NEVER USE SORBS

    On Wednesday 26 July 2006 19:51, Craig Sanders wrote:

    > never heard of bl.ursine.ca. if it has DUL entries that SORBS doesn't,
    > it might be worth checking out but i dont see any point using a DUL that
    > has less than SORBS (IMO, it is woefully incomplete - there are a lot
    > more dynamic addresses which should be listed but aren't yet).


    http://ursine.ca/UrsineNSBL

    It's not a DUL list, those are usually inaccurate and there's no real easy way
    to tell their accuracy for sure. bl.ursine.ca only lists IPs that spam has
    been spotted from.

    --
    Paul Johnson
    Email and IM (XMPP & Google Talk): baloo@ursine.ca
    Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.3 (GNU/Linux)

    iD8DBQBEyDL9tFWT6GUYO7QRAi8CAKCbnNYWyJvcOO33zQJYp+ lB8F/lNgCgrBez
    u1Md3gMGNrYhiuLpzQ7mBDQ=
    =QuUV
    -----END PGP SIGNATURE-----


  3. Re: NEVER USE SORBS

    On Wed, Jul 26, 2006 at 08:29:38PM -0700, Paul Johnson wrote:
    > On Wednesday 26 July 2006 19:53, Craig Sanders wrote:
    > > On Thu, Jul 27, 2006 at 08:30:49AM +0800, Shane Chrisp wrote:
    > > > > > None of these are true (at least no one making these claims has
    > > > > > bothered to provide evidence).
    > > > >
    > > > > I'm under NDA about that situation still. Don't construe being
    > > > > legally unable to share as a lack of evidence.
    > > >
    > > > This only looks like another way of saying I dont have any evidence to
    > > > offer so im gonna give another bull**** story.

    > >
    > > it is. God spoke to me and told me it was, and so did the aliens.
    > > unfortunately, i'm under an NDA and can't provide any proof of these
    > > conversations. but they happened. really and truly they did.

    >
    > Let's keep the fagatronics to a minimum, Sanders.


    how odd. you must really be an american, despite the domain name...and
    a particularly slow-witted one at that. canadians can usually detect
    sarcasm. even americans can usually detect it when it's laid on with a
    sledgehammer as above.


    oh, you can take your juvenile homophobic insults and shove them up your
    arse. i'm not queer myself but i have no problem with anyone who is. i'm
    also long out of high school so calling me a fag or implying that i am
    one doesn't bother me in the slightest. i do, however, find high-school
    level insults to be slightly annoying in that they lower the tone of the
    list. if you're going to try and insult someone, at least make it an
    insult worth the time it takes to read it.

    run along now. it must be near your bed time.

    craig

    --
    craig sanders (part time cyborg)


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  4. Re: NEVER USE SORBS

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Michael Loftis wrote:
    > Oh and FastMail is SPAMCOPS COMPETITION.


    Citation please? From what I can see they aren't doing anything that is
    competing with spamcop.

    > By definition they can NOT be
    > objective. On that very page they make mention of the fact they're
    > trying to develop a competing system.


    Fastmail's criticisms of spamcop date from over three years ago, they
    wrote this in 2003, and in 2004 they provided an update saying that they
    are developing a system. I fail to see how this is either competition,
    or how someone can write something in 2003, then have what they wrote be
    completely invalidated by the fact that they decided to write some
    software (that appears to be vaporware) a year later. I have yet to see
    their spamcop competition, but if it does exist it could very well have
    been developed in response to spamcop's idiocy, of which they spent
    quite a bit of time thinking and writing on.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.3 (GNU/Linux)

    iD8DBQFEyEAF9n4qXRzy1ioRAlPXAJ9Ugo7us8wYFo6EjUFgT/6LyF+LAQCfTljT
    /qwHz1ZyN227u20n/SYiInQ=
    =TNPt
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  5. Re: NEVER USE SORBS



    --On July 27, 2006 12:51:01 PM +1000 Craig Sanders wrote:


    > i wouldn't ever use spamcop - their automation is broken to the point
    > of being moronic. i've seen way too many legitimate mailing lists end
    > up blocked by them because some idiot (who *DID* subscribe in the first
    > place) is too lazy to read & follow the how-to-unsub instructions at the
    > bottom of each message.


    AOL's is *FAR* worse. AOL still backscatters and can't tell the difference
    between email it's users require us to forward and junk. We do everything
    we can to junk junk mail before we forward to our (misguided customers)
    with offsite forwarding to AOL, but we still get blocked by them despite
    'being on their whitelist'. 99% of the scomp feedback from them is users
    who just don't get it.

    SCs metrics have always been more reliable for us than other methods, we do
    only use it for a 4xx response from our mailservers though. Legit mail
    retries. If you're sending us enough mail that we're causing you a queuing
    problem then it's likely there's something amiss somewhere. *shrugs*



    > never heard of bl.ursine.ca. if it has DUL entries that SORBS doesn't,
    > it might be worth checking out but i dont see any point using a DUL that
    > has less than SORBS (IMO, it is woefully incomplete - there are a lot
    > more dynamic addresses which should be listed but aren't yet).


    It' just be better if ISPs would willingly block or redirect outbound mail
    from their zombie pools. Not like it's difficult, every piece of gear out
    there has the required hardware to do it.



    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  6. Re: NEVER USE SORBS

    On Thu, 27 Jul 2006, Craig Sanders wrote:

    >> SORBS throws the baby out with the bathwater.

    >
    > i keep seeing this claim, or variants of it, but i've seen no evidence
    > whatsoever to support it.


    From
    http://www.us.sorbs.net/lookup.shtml?63.193.144.218 (captcha required)

    Dynamic IP Space (LAN, Cable, DSL & Dial Ups)
    Netblock: 63.193.144.0/21 (63.193.144.0-63.193.151.255)
    Record Created: Mon Jul 3 13:53:03 2006 GMT
    Record Updated: Thu Jul 20 03:38:13 2006 GMT
    Additional Information: This netblock was removed/delisted, future listings will supersede this entry.
    Currently inactive and not flagged to be published in DNS.

    It two weeks for them to refuse my delisting request, then accept my
    upstreams request for delisting. No matter what proof of a static IP an
    end user provides besides changing rDNS, SORBS ignores it. You need an AS
    number for them to accept an IP as static, if it doesn't meet their
    requirements.

    FYI, The TTL on my rDNS is still 7200. Far below SORBS delisting
    requirements.

    I eventually set my webserver (where I have have control of rDNS) as a
    smarthost because SORBS didn't like my upstreams naming convention.

    In the two weeks I was listed, I came across 4 ISPs that bounced my
    outgoing mail. One even bounced mail to postmaster.

    If it was easier to get delisted, SORBS DUHL might be OK, but as is, It's
    a royal pain in the u-know-where to get off their list when you don't
    belong there.

    Steve


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  7. Re: NEVER USE SORBS

    On Wednesday 26 July 2006 21:14, Craig Sanders wrote:
    > On Wed, Jul 26, 2006 at 08:29:38PM -0700, Paul Johnson wrote:
    > > On Wednesday 26 July 2006 19:53, Craig Sanders wrote:
    > > > On Thu, Jul 27, 2006 at 08:30:49AM +0800, Shane Chrisp wrote:
    > > > > > > None of these are true (at least no one making these claims has
    > > > > > > bothered to provide evidence).
    > > > > >
    > > > > > I'm under NDA about that situation still. Don't construe being
    > > > > > legally unable to share as a lack of evidence.
    > > > >
    > > > > This only looks like another way of saying I dont have any evidence
    > > > > to offer so im gonna give another bull**** story.
    > > >
    > > > it is. God spoke to me and told me it was, and so did the aliens.
    > > > unfortunately, i'm under an NDA and can't provide any proof of these
    > > > conversations. but they happened. really and truly they did.

    > >
    > > Let's keep the fagatronics to a minimum, Sanders.

    >
    > how odd. you must really be an american, despite the domain name...and
    > a particularly slow-witted one at that. canadians can usually detect
    > sarcasm. even americans can usually detect it when it's laid on with a
    > sledgehammer as above.


    Or, we get South Park in Canada and you were having an Eric Cartman moment.

    --
    Paul Johnson
    Email and IM (XMPP & Google Talk): baloo@ursine.ca
    Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.3 (GNU/Linux)

    iD8DBQBEyEbotFWT6GUYO7QRAjb/AJ9JMUEUVvViK6D29PhQg4YKW2R79gCgl+E9
    LM4jx5VI4kmunIEEvwc7+aE=
    =cTw6
    -----END PGP SIGNATURE-----


  8. Re: NEVER USE SORBS

    On Wed, Jul 26, 2006 at 09:03:36PM -0700, Steve Redlich wrote:
    > On Thu, 27 Jul 2006, Craig Sanders wrote:
    >
    > >>SORBS throws the baby out with the bathwater.

    > >
    > >i keep seeing this claim, or variants of it, but i've seen no evidence
    > >whatsoever to support it.

    >
    > From
    > http://www.us.sorbs.net/lookup.shtml?63.193.144.218 (captcha required)
    >
    > Dynamic IP Space (LAN, Cable, DSL & Dial Ups)
    > Netblock: 63.193.144.0/21 (63.193.144.0-63.193.151.255)
    > Record Created: Mon Jul 3 13:53:03 2006 GMT
    > Record Updated: Thu Jul 20 03:38:13 2006 GMT
    > Additional Information: This netblock was removed/delisted, future
    > listings will supersede this entry.
    > Currently inactive and not flagged to be published in DNS.


    how is this proof that sorbs 'throws the baby out with the bathwater'?
    it looks like a netblock that SORBS has de-listed.


    > It two weeks for them to refuse my delisting request, then accept my
    > upstreams request for delisting. No matter what proof of a static IP
    > an end user provides besides changing rDNS, SORBS ignores it. You
    > need an AS number for them to accept an IP as static, if it doesn't
    > meet their requirements.


    yes, precisely so. they state this quite clearly on their web page.

    and for good reason. spammers lie. regularly and repeatedly. why
    should SORBS believe some end user who doesn't even own the IP address
    concerned? if it really isn't a dynamic IP address then the actual owner
    can contact SORBS and have it de-listed.


    > FYI, The TTL on my rDNS is still 7200. Far below SORBS delisting
    > requirements.


    if you want to do stupid cache-busting things then you have only
    yourself to blame for the consequences. e.g. if you get listed in the
    SORBS DUL and find it difficult to get de-listed because of your TTL
    then you have only yourself to blame.

    > I eventually set my webserver (where I have have control of rDNS) as a
    > smarthost because SORBS didn't like my upstreams naming convention.


    well then, you finally figured out how to get mail working correctly
    from a dynamic IP address - use a smarthost. preferably one under your
    own control.


    > One even bounced mail to postmaster.


    so? you say that as if there's something wrong in doing that. i have
    several exceptions to my anti-spam rules for my abuse@ and postmaster@
    addresses, but i'm no more willing to receive spam/viruses on those
    addresses than i am on any other address. and those addresses get
    spammed at least as often as my other addresses - it's not like spammers
    make any effort to avoid spamming them...quite the contrary. they seem
    to like spamming them, possibly because they are required (postmaster@)
    or strongly recommended (abuse@) addresses for EVERY domain.


    > If it was easier to get delisted, SORBS DUHL might be OK, but as is,
    > It's a royal pain in the u-know-where to get off their list when you
    > don't belong there.


    SORBS DUL is a list of dynamic IP addresses. it should not be
    particularly easy to get de-listed, and certainly not because of a
    request by the end user.


    craig

    --
    craig sanders (part time cyborg)


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  9. Re: NEVER USE SORBS

    Craig Sanders wrote:
    > On Wed, Jul 26, 2006 at 08:29:38PM -0700, Paul Johnson wrote:
    >> On Wednesday 26 July 2006 19:53, Craig Sanders wrote:
    >>> On Thu, Jul 27, 2006 at 08:30:49AM +0800, Shane Chrisp wrote:
    >>>>>> None of these are true (at least no one making these claims has
    >>>>>> bothered to provide evidence).
    >>>>> I'm under NDA about that situation still. Don't construe being
    >>>>> legally unable to share as a lack of evidence.
    >>>> This only looks like another way of saying I dont have any evidence to
    >>>> offer so im gonna give another bull**** story.
    >>> it is. God spoke to me and told me it was, and so did the aliens.
    >>> unfortunately, i'm under an NDA and can't provide any proof of these
    >>> conversations. but they happened. really and truly they did.

    >> Let's keep the fagatronics to a minimum, Sanders.

    >
    > how odd. you must really be an american, despite the domain name...and
    > a particularly slow-witted one at that. canadians can usually detect
    > sarcasm. even americans can usually detect it when it's laid on with a
    > sledgehammer as above.
    >
    >
    > oh, you can take your juvenile homophobic insults and shove them up your
    > arse. i'm not queer myself but i have no problem with anyone who is. i'm
    > also long out of high school so calling me a fag or implying that i am
    > one doesn't bother me in the slightest. i do, however, find high-school
    > level insults to be slightly annoying in that they lower the tone of the
    > list. if you're going to try and insult someone, at least make it an
    > insult worth the time it takes to read it.
    >
    > run along now. it must be near your bed time.
    >
    > craig


    Hi!

    Would it be possible that both of you keep those private? I'm almost
    sure that less than 1% of the readers care about the content above...

    Thomas


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  10. Re: NEVER USE SORBS

    On Thu, Jul 27, 2006 at 03:33:13PM +1000, Craig Sanders wrote:
    > > I eventually set my webserver (where I have have control of rDNS) as a
    > > smarthost because SORBS didn't like my upstreams naming convention.

    >
    > well then, you finally figured out how to get mail working correctly
    > from a dynamic IP address - use a smarthost. preferably one under your
    > own control.


    Wow. And here I thought an IP address was an IP address, each as capable
    as the other of being an IP address.

    --
    "To the extent that we overreact, we proffer the terrorists the
    greatest tribute."
    - High Court Judge Michael Kirby


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  11. RE: NEVER USE SORBS

    > -----Original Message-----
    > From: Craig Sanders [mailto:cas@taz.net.au]
    > Sent: Thursday, 27 July 2006 8:39 AM
    > To: debian-isp@lists.debian.org
    > Subject: Re: NEVER USE SORBS
    >
    > On Thu, Jul 27, 2006 at 01:29:39AM +1000, Andrew McGlashan wrote:
    > > Shane Chrisp wrote:

    ....
    > > Facts:
    > > - I've successfully run my own mail server on a static IP

    > for around 3
    > > years;
    > > - recently I have had failed email to and from optusnet.com.au and
    > > westnet.com.au domains
    > > - my ISP fought with SORBS to delist my static IP [along with many
    > > other staic IPs]
    > > - SORBS relisted my block and my ISP had to fight again....


    I assume the OP is talking about being listed in the SORBS DUHL (dynamic IP
    listing) RBL - through his reference to Static IPs being listed. Let's keep
    in mind there are many different SORBS RBLs.

    > some more facts:
    >
    > - you were too lazy to bother having correctly configured
    > DNS for around 3 years.


    If indeed this is the SORBS DUHL RBL, "correctly configured" comes down to a
    "standard" devised by Matthew Sullivan of SORBS
    (http://tools.ietf.org/wg/dnsop/draft...naming-schemes
    -00.txt), suggesting people on static/dynamic IPs should somehow indicate
    which they are in their rDNS. DNS can be "correctly" configured and still
    get listed in the DUHL. The OP's only fault was that he didn't comply with
    SORB's own arbitrary policy.

    > - you think this justifies whining in public

    It sure does - your comment is completely false. The OP still could have a
    "correctly configured" rDNS (I refer to actual RFCs as standards w.r.t. DNS)
    and still get listed in SORBS DUHL.

    > the only people i ever see whining about SORBS (or most other RBL/DUL
    > services) are a) spammers, b) incompetents, c) lazy slobs,
    > and d) self-centred jerks who think that their desire to
    > operate a dinky little mail server somehow requires all other
    > mail server operators to receive millions of spams and
    > viruses just on the off-chance that they might one day want
    > to send them an email.


    Well, you're quite condescending, considering how you didn't know this.
    Colour me 'incompetent' I guess, if your statement is true.


    Cheers,


    ~Rhett


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  12. Re: NEVER USE SORBS

    CaT wrote:
    > On Thu, Jul 27, 2006 at 03:33:13PM +1000, Craig Sanders wrote:
    >
    > Wow. And here I thought an IP address was an IP address, each as capable
    > as the other of being an IP address.
    >

    All IP addresses are equal, but some are more equal than others

    :-)

    --
    Chris Jones
    chris@chris-j.net



    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  13. Re: NEVER USE SORBS

    On Wednesday 26 July 2006 23:00, CaT wrote:
    > On Thu, Jul 27, 2006 at 03:33:13PM +1000, Craig Sanders wrote:
    > > > I eventually set my webserver (where I have have control of rDNS) as a
    > > > smarthost because SORBS didn't like my upstreams naming convention.

    > >
    > > well then, you finally figured out how to get mail working correctly
    > > from a dynamic IP address - use a smarthost. preferably one under your
    > > own control.

    >
    > Wow. And here I thought an IP address was an IP address, each as capable
    > as the other of being an IP address.


    That's how it should be. Unfortunately, SORBS sympathizers such as Sanders
    think that everybody is created equal, but some people are more equal than
    others.

    --
    Paul Johnson
    Email and IM (XMPP & Google Talk): baloo@ursine.ca
    Jabber: Because it's time to move forward http://ursine.ca/Ursine:Jabber

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.3 (GNU/Linux)

    iD8DBQBEyF0etFWT6GUYO7QRAlwXAJ9E0fYeTgrVguX4TNVbzT k9KOFZ6ACdEmph
    s7waXzX8ZTU1NaKU+ybWU9c=
    =zPub
    -----END PGP SIGNATURE-----


  14. Re: NEVER USE SORBS

    On Thu, 27 Jul 2006, Craig Sanders wrote:

    >> http://www.us.sorbs.net/lookup.shtml?63.193.144.218 (captcha required)
    >>
    >> Dynamic IP Space (LAN, Cable, DSL & Dial Ups)
    >> Netblock: 63.193.144.0/21 (63.193.144.0-63.193.151.255)
    >> Record Created: Mon Jul 3 13:53:03 2006 GMT
    >> Record Updated: Thu Jul 20 03:38:13 2006 GMT
    >> Additional Information: This netblock was removed/delisted, future
    >> listings will supersede this entry.
    >> Currently inactive and not flagged to be published in DNS.

    >
    > how is this proof that sorbs 'throws the baby out with the bathwater'?


    The added a /21 of static IPs probably because some Windows Loser doesn't
    know how to keep their machine virus free.

    > it looks like a netblock that SORBS has de-listed.


    Yes. After two weeks when it should never have been listed in the first
    place.

    >> It two weeks for them to refuse my delisting request, then accept my
    >> upstreams request for delisting. No matter what proof of a static IP
    >> an end user provides besides changing rDNS, SORBS ignores it. You
    >> need an AS number for them to accept an IP as static, if it doesn't
    >> meet their requirements.

    >
    > yes, precisely so. they state this quite clearly on their web page.
    >
    > and for good reason. spammers lie. regularly and repeatedly. why
    > should SORBS believe some end user who doesn't even own the IP address
    > concerned? if it really isn't a dynamic IP address then the actual owner
    > can contact SORBS and have it de-listed.


    If My IP was Spamming or was dynamic, It would be perfectly acceptable for
    SORBS to list it or have difficult delisting requirements. However, my IP
    is neither. I pay considerably more that my upstreams standard offering
    for the privileges and benefits of a static IP. (almost 4 times as much)

    I'm pleased the new buyer of my upstream ISP was able to get me delisted
    from SORBS. It shouldn't take two weeks.

    > if you want to do stupid cache-busting things then you have only
    > yourself to blame for the consequences. e.g. if you get listed in the
    > SORBS DUL and find it difficult to get de-listed because of your TTL
    > then you have only yourself to blame.


    My upstream controls the TTL setting for my rDNS. Please contact them if
    it is busting your cache.

    SORBS lists three criteria to get delisted.

    a) change your pointer record to meet their criteria for name.
    b) change the TTL on your PTR record to 43200 or higher.
    c) be contacted by the RIR for the IP space and be told the IP space is
    static.

    >> I eventually set my webserver (where I have have control of rDNS) as a
    >> smarthost because SORBS didn't like my upstreams naming convention.


    > well then, you finally figured out how to get mail working correctly
    > from a dynamic IP address - use a smarthost. preferably one under your
    > own control.


    Who said anything about a dynamic IP address? My IP is static.
    It worked just fine for eight years before SORBS listing it. Next time my
    colo server goes down, the relay setting gets removed and I'll stop
    relaying thru my colo.

    >> One even bounced mail to postmaster.

    >
    > so? you say that as if there's something wrong in doing that.


    This ISP said to contact the postmaster in their bounce message.

    > i have
    > several exceptions to my anti-spam rules for my abuse@ and postmaster@
    > addresses, but i'm no more willing to receive spam/viruses on those
    > addresses than i am on any other address. and those addresses get
    > spammed at least as often as my other addresses - it's not like spammers
    > make any effort to avoid spamming them...quite the contrary. they seem
    > to like spamming them, possibly because they are required (postmaster@)
    > or strongly recommended (abuse@) addresses for EVERY domain.


    Any IP that spams my postmaster accounts will quickly get a 5xx added to
    my postfix helo_access.map

    Greylisting, SPF, relays.ordb.org, lists.dsbl.org, sbl-xbl.spamhouse.org
    and my short blacklist. leaves me very little spam.

    Most of the spam I receive either comes thru the debian.org listserv or
    my email address was scraped from the archive.

    >> If it was easier to get delisted, SORBS DUHL might be OK, but as is,
    >> It's a royal pain in the u-know-where to get off their list when you
    >> don't belong there.

    >
    > SORBS DUL is a list of dynamic IP addresses.


    SORBS DUHL is a list of both dynamic and static IP addresses. Best avoid
    using it to reject outright.

    > it should not be
    > particularly easy to get de-listed, and certainly not because of a
    > request by the end user.


    I provided SORBS with a long list of domains for which my IP is the MX
    and NS. Along with a netcraft report showing a linux server running
    apache for several years at my IP. All to no avail.

    SORBS is the only company where a reasoned email with facts was ignored.
    Every other time I've had a problem. An email or phone call with the
    correct information reaching the right person quickly takes care of it.
    Even the ISP who rejected my mail to postmaster, whitelisted my IP after
    being contacted thru alternative channels.

    SORBS bites off more than they can chew and does not respect other members
    of the community.

    If you are not the RIR for the IP space with an AS number, don't
    bother contacting SORBS. Have your upstream contact them.

    Steve


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  15. Re: NEVER USE SORBS

    I think this TTL issue is relatively trivial and I would like to not see too
    long threads about it here, so after this message, I can talk to people
    privately about it but I prefer not to flood this list about this specific
    issue for now. So I would appreciate reply's about this to be off-list.


    On Wed, Jul 26, 2006 at 09:50:25PM +0000, Andy Smith wrote:
    > On Thu, Jul 27, 2006 at 12:13:57AM +0300, Juha-Matti Tapio wrote:
    > > And if TTL is not a listing criteria, it therefore is
    > > propably never the sole delisting criteria.

    > http://strugglers.net/~andy/tmp/sorb...-delisting.txt
    > This IP space, and many others, are not delisted solely because of
    > their DNS PTR record's TTL. SORBS has no place enforcing arbitrary
    > rules on DNS TTL, and that is why I no longer use it to outright
    > reject email.


    I think the message you link to gives pretty well specified options where
    TTL check is not the sole criteria nor even necessary.

    [Quoting from it:]
    : (2) Have your DNS data modified so that the listed IP address has a
    : clearly non-dynamic rDNS. We suggest that you include the keyword
    : "static" on this name, to avoid future listings. Also, insure that the
    : TTL is set to no less than 43200 seconds (we recommend 86400).
    [...]

    Sorbs claimed that your address was listed because the reverse looked like a
    dynamic one. This delisting option number 2 requires that both the reverse
    has to be changed to a non-dynamic one _and_ that the TTL must be high
    enough to look convincing. Therefore in this scenario TTL is not the _sole_
    delisting criteria, but it is only there to make the primary delisting
    criteria more trustworthy.

    : - or -
    : (3) Ask your ISP to get in touch with SORBS with the list of dynamic
    : and static IP allocations within its network, so that our DUHL list
    : can be updated. Note that many large ISPs do this periodically to
    : reduce the inconvenience to its users. In this case, the communication
    : must come from a RIR contact for the affected IP space.

    And since Sorbs promises to give this option number three, did your ISP use
    it? Did the RIR contact do this? Because this option does not seem to demand
    high TTL at all. I assume this is intentional from Sorbs part and not just
    an accidental omission. The word of a RIR-contact does mean a lot. So again
    the TTL criteria is not a _sole_ delisting criteria.

    Also note that if you adjust your DNS configuration properly, you may
    be able to use the automated delisting facility at

    https://www.dnsbl.sorbs.net/scgi-bin/dulexclusions

    This facility can allow you to quickly delist IP addresses under your
    control without intervention of SORBS' staff.

    > My users get false positives and then I have to tell them that the
    > ISP of the person sending the mail applied a TTL that is too low in
    > the opinion of SORBS, then I need to explain what DNS TTL is about.
    > And after all that when they ask "Okay so why is that bad?" there
    > really isn't a good answer other than some paranoid stance regarding
    > people changing their RDNS while SORBS looks and then changing it
    > back later (WTF???) I cannot advocate a position I find ridiculous,
    > much less spend a lot of time doing so.


    I do have kind of a hard time understanding why anyone would refuse to raise
    the TTL while they have anyway decided to choose option number two and
    change their reverse name to something real. For the admin the biggest
    hurdle is to just open up the DNS zone and start editing it, not the
    individual changes.


    Just to sidestep a bit since you mentioned users. I assume you are talking
    about the host that got listed. How many mail users do you host on an ADSL
    line and what kind of experiences have you had with it?

    ADSL does have kind of bad reputation for servers (at least mine has almost
    daily network problems) and I would propably not be brave enough to use it
    for such purpose, but I would be interested to know about your environment.

    Don't you get too many blocked outbound messages for having 'adsl' in your
    reverse name?


    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)

    iD8DBQFEyILERGhQc/k/gTsRAgJ5AKCNFC8Y+OBHq7Me9hvoVY2UcfAiLACfcn8j
    9eJy/7VTUjsXYbShzVS7Mic=
    =zKCZ
    -----END PGP SIGNATURE-----


  16. Re: NEVER USE SORBS

    On Thu, Jul 27, 2006 at 12:09:24PM +0300, Juha-Matti Tapio wrote:
    > I think this TTL issue is relatively trivial and I would like to not see too
    > long threads about it here, so after this message, I can talk to people
    > privately about it but I prefer not to flood this list about this specific
    > issue for now. So I would appreciate reply's about this to be off-list.


    It may be convenient for you to be able to regard other people's
    problems with being listed by SORBS as trivial, but the TTL criteria
    is in my opinion both arbitrary and not something that most users of
    the DNSBL are aware of.

    > On Wed, Jul 26, 2006 at 09:50:25PM +0000, Andy Smith wrote:
    > > On Thu, Jul 27, 2006 at 12:13:57AM +0300, Juha-Matti Tapio wrote:
    > > > And if TTL is not a listing criteria, it therefore is
    > > > propably never the sole delisting criteria.

    > > http://strugglers.net/~andy/tmp/sorb...-delisting.txt
    > > This IP space, and many others, are not delisted solely because of
    > > their DNS PTR record's TTL. SORBS has no place enforcing arbitrary
    > > rules on DNS TTL, and that is why I no longer use it to outright
    > > reject email.

    >
    > I think the message you link to gives pretty well specified options where
    > TTL check is not the sole criteria nor even necessary.


    You don't appear to have read the part where I said that everything
    had already been done apart from the TTL change. The SORBS response
    is essentially a canned one in response to me asking why it was
    still listed after the RDNS had been changed and the ISP in question
    had stated it was a static.

    > [Quoting from it:]
    > : (2) Have your DNS data modified so that the listed IP address has a
    > : clearly non-dynamic rDNS. We suggest that you include the keyword
    > : "static" on this name, to avoid future listings. Also, insure that the
    > : TTL is set to no less than 43200 seconds (we recommend 86400).
    > [...]
    >
    > Sorbs claimed that your address was listed because the reverse looked like a
    > dynamic one. This delisting option number 2 requires that both the reverse
    > has to be changed to a non-dynamic one _and_ that the TTL must be high
    > enough to look convincing. Therefore in this scenario TTL is not the _sole_
    > delisting criteria, but it is only there to make the primary delisting
    > criteria more trustworthy.


    Yes, I am aware. BTW, this is not my IP address. It was one trying
    to communicate with my servers when I used to use SORBS DUHL.

    What you seem to keep ignoring though is that after the ISP jumps
    through the RDNS hoops, there is still the TTL hoop, and if they
    won't jump through that one then they don't get delisted.

    > : (3) Ask your ISP to get in touch with SORBS with the list of dynamic
    > : and static IP allocations within its network, so that our DUHL list
    > : can be updated. Note that many large ISPs do this periodically to
    > : reduce the inconvenience to its users. In this case, the communication
    > : must come from a RIR contact for the affected IP space.
    >
    > And since Sorbs promises to give this option number three, did your ISP use
    > it? Did the RIR contact do this? Because this option does not seem to demand
    > high TTL at all. I assume this is intentional from Sorbs part and not just
    > an accidental omission. The word of a RIR-contact does mean a lot. So again
    > the TTL criteria is not a _sole_ delisting criteria.


    I'm afraid it is. Everything had been done apart from the TTL
    change. The ISP in question gave up at this point.

    > > My users get false positives and then I have to tell them that the
    > > ISP of the person sending the mail applied a TTL that is too low in
    > > the opinion of SORBS, then I need to explain what DNS TTL is about.
    > > And after all that when they ask "Okay so why is that bad?" there
    > > really isn't a good answer other than some paranoid stance regarding
    > > people changing their RDNS while SORBS looks and then changing it
    > > back later (WTF???) I cannot advocate a position I find ridiculous,
    > > much less spend a lot of time doing so.

    >
    > I do have kind of a hard time understanding why anyone would refuse to raise
    > the TTL while they have anyway decided to choose option number two and
    > change their reverse name to something real. For the admin the biggest
    > hurdle is to just open up the DNS zone and start editing it, not the
    > individual changes.


    Who are SORBS to make arbitrary demands over the TTL of a DNS
    record? I can perfectly understand why ISPs would decline to pander
    to this; it makes no sense.

    > Just to sidestep a bit since you mentioned users. I assume you are talking
    > about the host that got listed. How many mail users do you host on an ADSL
    > line and what kind of experiences have you had with it?
    >
    > ADSL does have kind of bad reputation for servers (at least mine has almost
    > daily network problems) and I would propably not be brave enough to use it
    > for such purpose, but I would be interested to know about your environment.
    >
    > Don't you get too many blocked outbound messages for having 'adsl' in your
    > reverse name?


    I don't do that and do not recommend that anyone send mail from
    servers at the end of DSL, even business DSL, since blocking of it
    is too prevalent.

    However my customers still expect to receive mails and when they are
    sent by:

    - a business
    - at the end of business SDSL
    - with static-looking reverse DNS

    and it gets blocked because SORBS has the IP range listed and won't
    delist due to the TTL of PTR records being too low, that is when I
    can't justify using it in that mode any longer. Neither can I
    maintain a whitelist due to the numbers of such listings and the
    inability to easily tell which ones are listed only because of TTL.

    Cheers,
    Andy

    --
    http://strugglers.net/wiki/Xen_hosting -- A Xen VPS hosting hobby
    Encrypted mail welcome - keyid 0x604DE5DB

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFEyIcuIJm2TL8VSQsRAiTfAKDLRuDMuQtAHyRhLLDwOt xajGxziACg/i1I
    BQAjf4CPUZNjONNd4/d810Q=
    =AABB
    -----END PGP SIGNATURE-----


  17. Re: NEVER USE SORBS

    On Thu, Jul 27, 2006 at 04:00:15PM +1000, CaT wrote:
    > On Thu, Jul 27, 2006 at 03:33:13PM +1000, Craig Sanders wrote:
    > > > I eventually set my webserver (where I have have control of rDNS) as a
    > > > smarthost because SORBS didn't like my upstreams naming convention.

    > >
    > > well then, you finally figured out how to get mail working correctly
    > > from a dynamic IP address - use a smarthost. preferably one under your
    > > own control.

    >
    > Wow. And here I thought an IP address was an IP address, each as capable
    > as the other of being an IP address.


    just shows how wrong you can be, doesnt it?

    the fact that it is technically possible to run a mail server on a
    dynamic ip address doesnt mean that it is practical to do so. even
    aside from DULs making it difficult to send mail directly with any
    reliability, it is actually impossible to reliably receive mail via smtp
    direct to a dynamic IP - dynamic dns just doesnt cut it for MX records
    (at minimum you're risking your mail bouncing or being intercepted in
    the possibly small window of opportunity between when you log out and
    the time when you login and update your ddns record).

    similarly, you cant reliably run a web server or any other kind of
    server on a dynamic IP address.

    something that only works sometimes may be acceptable for a home user
    that doesnt reaaly care that much, but they should just accept the fact
    that they're only paying for a "best effort" level of service and quit
    whinging about the fact that nobody cares any more than they do (and
    probably considerably less).

    craig

    --
    craig sanders (part time cyborg)


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  18. Re: NEVER USE SORBS

    On Wed, Jul 26, 2006 at 11:40:08PM -0700, Steve Redlich wrote:
    > On Thu, 27 Jul 2006, Craig Sanders wrote:
    >
    > >>http://www.us.sorbs.net/lookup.shtml?63.193.144.218 (captcha required)
    > >>
    > >> Dynamic IP Space (LAN, Cable, DSL & Dial Ups)
    > >>Netblock: 63.193.144.0/21 (63.193.144.0-63.193.151.255)
    > >>Record Created: Mon Jul 3 13:53:03 2006 GMT
    > >>Record Updated: Thu Jul 20 03:38:13 2006 GMT
    > >>Additional Information: This netblock was removed/delisted, future
    > >>listings will supersede this entry.
    > >>Currently inactive and not flagged to be published in DNS.

    > >
    > >how is this proof that sorbs 'throws the baby out with the bathwater'?

    >
    > The added a /21 of static IPs probably because some Windows Loser doesn't
    > know how to keep their machine virus free.


    no, they added it because the dns records indicated that it was probably
    dynamic. probably triggered by virus or spam as you suggest.

    they de-listed it when shown evidence by the owner that it was
    statically allocated.

    so...what, exactly, is your problem with this scenario? looks like the
    DUL working exactly as designed and exactly as documented.

    > >it looks like a netblock that SORBS has de-listed.

    >
    > Yes. After two weeks when it should never have been listed in the first
    > place.


    if they received spam, and if the DNS PTR records were indicating
    dynamic ip address space (as they were when i did a lookup this
    afternoon) then they definitel *should* have been listed in the DUL.

    this may have caused you some inconvenience, and you may not have likedf
    it but you should know by now that there are lots of things in life you
    wont like. learn to deal with it.


    > >>It two weeks for them to refuse my delisting request, then accept my
    > >>upstreams request for delisting. No matter what proof of a static IP
    > >>an end user provides besides changing rDNS, SORBS ignores it. You
    > >>need an AS number for them to accept an IP as static, if it doesn't
    > >>meet their requirements.

    > >
    > >yes, precisely so. they state this quite clearly on their web page.
    > >
    > >and for good reason. spammers lie. regularly and repeatedly. why
    > >should SORBS believe some end user who doesn't even own the IP address
    > >concerned? if it really isn't a dynamic IP address then the actual owner
    > >can contact SORBS and have it de-listed.

    >
    > If My IP was Spamming or was dynamic, It would be perfectly acceptable for
    > SORBS to list it or have difficult delisting requirements. However, my IP
    > is neither. I pay considerably more that my upstreams standard offering
    > for the privileges and benefits of a static IP. (almost 4 times as much)


    it looked like it was probably dynamic, so listing it until evidence to
    the contrary was provided BY THE OWNER was a perfectly reasonable response.


    > I'm pleased the new buyer of my upstream ISP was able to get me
    > delisted from SORBS. It shouldn't take two weeks.


    i'm glad you got it resolved. that proves that SORBS policy works as
    documented. sometimes things take longer than you'd like them to. ****
    happens. learn to deal with it.

    > >it should not be particularly easy to get de-listed, and certainly
    > >not because of a request by the end user.

    >
    > I provided SORBS with a long list of domains for which my IP is the MX
    > and NS. Along with a netcraft report showing a linux server running
    > apache for several years at my IP. All to no avail.


    yes. their policy on who can request a delisting is quite clear and well
    documented.

    why should they make an exception for you? lots of pammers can show NS
    and MX records for their domains, and many of them can prove they've run
    linux for several years at the same IP. SORBS dont know you from a bar
    of soap (or a spammer for that matter).


    > SORBS is the only company where a reasoned email with facts was ignored.


    1. SORBS isnt a company.

    2. i'd ignore a whiny complaint that ignored the documented policy and
    asked for a special exemption too.


    > If you are not the RIR for the IP space with an AS number, don't
    > bother contacting SORBS. Have your upstream contact them.


    yes. they state this quit clearly on their web site. why is this so
    difficult to understand?


    craig

    --
    craig sanders (part time cyborg)


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  19. Re: NEVER USE SORBS

    craig,

    even documented on their site,
    the throwing of the baby with the water is throwing the baby with the water.
    i think that the so proclaimed techniques sucks. maybe it is the best
    (will not stop here!) but it sucks big time.

    also, it comes to me, after 100's of messages, that you don't like water.
    and some people do like the kids.

    that's why they seem to you "whinning".
    and that's why you surely are unnesessary rude to them.

    edi.


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  20. Re: NEVER USE SORBS

    On Thu, Jul 27, 2006 at 07:38:14PM +1000, Craig Sanders wrote:
    > On Thu, Jul 27, 2006 at 04:00:15PM +1000, CaT wrote:
    > > On Thu, Jul 27, 2006 at 03:33:13PM +1000, Craig Sanders wrote:
    > > > well then, you finally figured out how to get mail working correctly
    > > > from a dynamic IP address - use a smarthost. preferably one under your
    > > > own control.

    > >
    > > Wow. And here I thought an IP address was an IP address, each as capable
    > > as the other of being an IP address.

    >
    > just shows how wrong you can be, doesnt it?


    Please feel free to kill the attitude at any time. If you have something
    to say, say it without the spittle.

    > the fact that it is technically possible to run a mail server on a
    > dynamic ip address doesnt mean that it is practical to do so. even


    Depends on the purpose you're going to put it to.

    > aside from DULs making it difficult to send mail directly with any
    > reliability, it is actually impossible to reliably receive mail via smtp


    I think you're confusing dynamic IPs with your desire to deny people
    behind them the ability to send mail out of servers running behind them.
    There is nothing about a dynamic IP that makes outgoing mail unreliable,
    the peculiar attitude of some people aside.

    > direct to a dynamic IP - dynamic dns just doesnt cut it for MX records


    That's neither here nor there and not at all relevant.

    > similarly, you cant reliably run a web server or any other kind of
    > server on a dynamic IP address.


    This too is neither here nor there and not at all relevant (nor 100%
    accurate).

    > something that only works sometimes may be acceptable for a home user
    > that doesnt reaaly care that much, but they should just accept the fact
    > that they're only paying for a "best effort" level of service and quit
    > whinging about the fact that nobody cares any more than they do (and
    > probably considerably less).


    Nobody? I think you're giving your personal opinion more weight then it
    may necessarily have.

    --
    "To the extent that we overreact, we proffer the terrorists the
    greatest tribute."
    - High Court Judge Michael Kirby


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

+ Reply to Thread
Page 2 of 6 FirstFirst 1 2 3 4 ... LastLast