You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Darren Casey <sa...@darrencasey.co.uk> on 2004/09/12 20:00:03 UTC

SORBS Fine - Views

We run a large number of servers and do our best to keep ontop of spam
reports etc..

One user recently enabled webmail fron Nuke and got a spammer using it to
send out a ton of junk mail.

The first reports we got we tracked it down and removed the site in question
etc..

However, SORBs are demanding $50 to remove the IP from the list. Their
comparison of speeding is something I find totally crazy.

Whats everyone elses view on their "blackmail"?

Darren

Re: SORBS Fine - Views

Posted by Kai Schaetzl <ma...@conactive.com>.

Darren Casey wrote on Sun, 12 Sep 2004 19:00:03 +0100:

> However, SORBs are demanding $50 to remove the IP from the list. Their
> comparison of speeding is something I find totally crazy.
>

Hm, $50 isn't that much. Don't view that as a "fee" you have to pay. Bill 
your customer since he's obviously created the problem by doing something 
he shouldn't have done. In summary your customer has probably created much 
more expenses than only $50 to many people around the world.


Kai

-- 

Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org

Re: SORBS Fine - Views

Posted by Matt Kettler <mk...@evi-inc.com>.

At 05:06 PM 9/13/2004, Daniel Quinlan wrote:
>"Darren Casey" <sa...@darrencasey.co.uk> writes:
>
> > However, SORBs are demanding $50 to remove the IP from the list. Their
> > comparison of speeding is something I find totally crazy.
>
>It's definitely not blackmail and I don't think it's extortion either,
>but the developers viewed it as unreasonable and we generally don't use
>blacklists where the delisting policy is unreasonable.

Good point Dan.. I kind of have mixed feelings on the SORBS fine, but I'd 
agree it's neither blackmail nor extortion.

The only way on that list is if your server sent spam directly to one of 
the admins of SORBS or one of the spamtraps they operate. You don't get on 
that list via third-party report or testing. At that point, your system has 
been directly used in causing damage to their networks, and the negligence 
of the admin turning on webmail facilitated the damages.

I really do think that at some level administrators of open relays should 
be liable for at least some of the damages they've inadvertently caused 
through their negligence. Let's face it, there's lots of legal situations 
where failure to properly secure something dangerous can lead to you being 
held liable for a portion of the damages, or even subject to criminal charges.

Wether $50 is a reasonable amount of damages or I'm not sure, and I can't 
say I 100% support the method, but I'd have to agree the concept isn't too 
far out in left field. They aren't vigilante fining people for damaged done 
to others, they're holding people liable for damages directly done to 
themselves. I've got slightly mixed feelings about the method of complaint, 
but I can't say they have no basis for requesting compensation.

On the other hand as SA's mass-check testing has shown, this particular 
list isn't very accurate.

It's an interesting concept, but the community benefits of the list aren't 
really there, so it's not a very useful list to use as a general DNSBL.

Re: SORBS Fine - Views

Posted by Daniel Quinlan <qu...@pathname.com>.

"Darren Casey" <sa...@darrencasey.co.uk> writes:

> However, SORBs are demanding $50 to remove the IP from the list. Their
> comparison of speeding is something I find totally crazy.

It's definitely not blackmail and I don't think it's extortion either,
but the developers viewed it as unreasonable and we generally don't use
blacklists where the delisting policy is unreasonable.

The guy running it does a great service for the internet otherwise,
though.

Daniel

-- 
Daniel Quinlan
http://www.pathname.com/~quinlan/

Re: SORBS Fine - Views

Posted by Matt Kettler <mk...@comcast.net>.

At 07:00 PM 9/12/2004 +0100, you wrote:
>We run a large number of servers and do our best to keep ontop of spam
>reports etc..
>
>One user recently enabled webmail fron Nuke and got a spammer using it to
>send out a ton of junk mail.
>
>The first reports we got we tracked it down and removed the site in question
>etc..
>
>However, SORBs are demanding $50 to remove the IP from the list. Their
>comparison of speeding is something I find totally crazy.
>
>Whats everyone elses view on their "blackmail"?


I think SA's configuration reflects a fairly reasonable view on it:

         # unscored by default -- requires a $50 payment to be 
delisted.  If you
         # want to use this, give it a score so it will be checked.  Note that
         # in our testing, we found the accuracy to be quite low (hits 5.2%
         # of spam, but 0.6% of non-spam).

         score RCVD_IN_SORBS_SPAM 0

Only the sorbs "spam" list has a fee associated, all their other lists are 
free to remove from.

SA does use their other lists, which are free to remove, but doesn't use 
the $50 fee one.