Re: OT: sorbs blacklisting scam

To: debian-isp@lists.debian.org
Subject: Re: OT: sorbs blacklisting scam
From: Mike Bird <mgb-debian@yosemite.net>
Date: Sun, 30 Apr 2006 20:19:31 -0700
Message-id: <[🔎] 1146453571.2628.10.camel@udev.yosemite.net>
In-reply-to: <[🔎] 20060501014937.GH15886@verkkotelakka.net>
References: <[🔎] 20060430031752.GF12804@taz.net.au> <[🔎] 1146368002.6440.5.camel@mgb.bullion.ims> <[🔎] 20060430101244.GD15886@verkkotelakka.net> <[🔎] 20060430135728.GB18916@khazad-dum.debian.net> <[🔎] 20060430150631.GF15886@verkkotelakka.net> <[🔎] 1146412982.30002.6.camel@mgb.bullion.ims> <[🔎] 20060430174232.GG15886@verkkotelakka.net> <[🔎] 1146419993.30002.26.camel@mgb.bullion.ims> <[🔎] 20060430225656.GA6667@www.lobefin.net> <[🔎] 1146438976.31199.12.camel@mgb.bullion.ims> <[🔎] 20060501014937.GH15886@verkkotelakka.net>

On Mon, 2006-05-01 at 04:49 +0300, Juha-Matti Tapio wrote:
> The only excuse for "no such user"-bounces is short term configuration
> mishap. It would be a bad idea to block hosts due to mailing list
> confirmations or some other necessary and non-frequent automatic messages,
> but if I recall the example presented in this thread mentioned a forged
> sender causing the bounce. For that case, there is no excuse (not even if
> Sorbs does it themselves aswell).

The discussion is not limited to "no such user" bounces.
We're informing our colleagues that SORBS adds an IP to
its RBL based on a single instance of backscatter caused
by SORBS' failure to discontinue its own honeypot addresses.

Let's take a real-life example that came in a couple of
minutes ago.  SPAMMER sent an email to USER@FOO with my
address forged as sender.  USER was clueless but not
malicious and replied asking to be "removed".

An annoyance but understandable.

However, had SPAMMER forged a SORBS honeypot as sender
instead of me, ISP FOO would now be SORBS-listed.  Even
if FOO had a simple and perfect config with absolutely
no backscatter.

Avoid SORBS.  Minimize backscatter.  Use several good RBLs.

Next topic please!

--Mike Bird

Reply to:

References:
- Re: OT: sorbs blacklisting scam
  - From: Craig Sanders <cas@taz.net.au>
- Re: OT: sorbs blacklisting scam
  - From: Mike Bird <mgb-debian@yosemite.net>
- Re: OT: sorbs blacklisting scam
  - From: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
- Re: OT: sorbs blacklisting scam
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: OT: sorbs blacklisting scam
  - From: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
- Re: OT: sorbs blacklisting scam
  - From: Mike Bird <mgb-debian@yosemite.net>
- Re: OT: sorbs blacklisting scam
  - From: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
- Re: OT: sorbs blacklisting scam
  - From: Mike Bird <mgb-debian@yosemite.net>
- Re: OT: sorbs blacklisting scam
  - From: Stephen Gran <sgran@debian.org>
- Re: OT: sorbs blacklisting scam
  - From: Mike Bird <mgb-debian@yosemite.net>
- Re: OT: sorbs blacklisting scam
  - From: Juha-Matti Tapio <jmtapio@verkkotelakka.net>

Prev by Date: Re: OT: sorbs blacklisting scam
Previous by thread: Re: OT: sorbs blacklisting scam
Next by thread: Re: OT: sorbs blacklisting scam
Index(es):
- Date
- Thread