On Sun, Apr 30, 2006 at 08:19:31PM -0700, Mike Bird wrote: > Let's take a real-life example that came in a couple of > minutes ago. SPAMMER sent an email to USER@FOO with my > address forged as sender. USER was clueless but not > malicious and replied asking to be "removed". Since Sorbs claims spam listing is manual, do you really think that Sorbs would list a naive user asking to be removed from a mailing list? Since you claim this to be a real-life example, do you evidence of this happening? I have a hard time believing it. IF Sorbs were fully automated, then yes, you would be correct in that it would be bad behaviour to automatically list all mail received on spamtrap addresses. The only real case related to Sorbs that has been brought forth so far was related to reflecting spams in a similar matter as an open relay would. That kind of listing is hardly inappropriate. Other than that, we are talking entirely hypothetically. While we are on the topic of blacklists, can anyone point me to a blacklist of hosts performing ssh brute force attacks? I have been wondering if it would be effective to use such a list for email since those compromised hosts do seem to be used primarily for spamming. (Just having spent most of the night monitoring a Romanian spammer controlling his botnet.)
Attachment:
signature.asc
Description: Digital signature