[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: sorbs blacklisting scam

On Mon, May 01, 2006 at 02:38:08AM -0400, Chris Wagner wrote:
> At 10:10 AM 5/1/2006 +1000, Craig Sanders wrote:
> >and an RBL listing is a statement that spam has been received from
> >a particular IP address - this is 1. a statement of verifiable fact
> >(i.e.
> Not necessarily.  This thread has brought up numerous cases where a
> non spammer can have their address/IP caught up in one of SORBS's
> traps.  If ur statement is accepted then any organization could be
> totally DOS'd by a malicious user and SORBS.

backscatter, you mean?  SORBS states that they list backscatter sources.
that's a perfectly valid listing criteria (although, IMO, it should be
a distinctly separate RBL from spam-sources and open-relays...others
disagree and see no great difference between backscatter and any other
kind of spam).

some sites don't want to receive mail from backscatter sources. their
server, their rules. end of story. affected sites which generate
backscatter should fix their servers.

the only non-whinge (i.e. valid) complaint mentioned was the possibility
of being listed by SORBS because of a mailing list confirmation being
sent to a (forged) SORBS honeypot address. while that would indeed be
broken behaviour, 1. nobody has actually provided any proof that SORBS
don't filter them out and 2. SORBS have every right to be broken if they
want to....that would be yet another reason to not use the SORBS RBL,
not to sue them.

> >"truth"), and 2. not a defamatory statement - it identifies only an
> >*IP Address*, it does not identify any particular individual (i.e.
> >the plaintiff) so can not injure their reputation or expose them to
> >public hatred, contempt, ridicule or degradation.
> That is not true.  That's like saying that 123 Main St. is a dirty
> spammer and under ur breath saying "I'm only incriminating the
> address, not the business".  There is a direct relationship between
> any IP address and the person or business behind it.

bullshit. you should know better than that, it is disingenuous of you to
even suggest it.

an IP address is nothing like a street address. it does not identify any
individual or business ("the user"), and it can be reassigned at any

even companies who have their own network allocations DO NOT *OWN* them,
they are on loan from, and can be reassigned by, the allocating NIC.

furthermore, the vast majority of the public aren't even aware of
(nor do they understand) the relationship between domain names and ip
addresses, let alone the extremely tenuous relationship between ip
addresses and an identifiable entity.


craig sanders <cas@taz.net.au>           (part time cyborg)

Reply to: