I’ve been told not to use SORBS as it is not a legitimate list.
It has come to SORBS’ attention that some providers of mail services are sending out messages similar to MessageLab’s message:
Thank you for contacting SHS Global Client Support regarding blocks on our email infrastructure. www.sorbs.net) - BACKSCATTERER (www.backscatterer.org) - SPEWS (APEWS) SORBS will list very aggressively and often without consideration to the services we are offering our clients. To become removed from the SORBS list, they charge a fee which will often be only a temporary de-listing before we get placed back on the list. We have tried to work with SORBS but they are less than happy to co- operate with us despite our efforts against the constant threat of email borne malware and spam. As a result we do not recognise them as a legitimate list provider and request any clients experiencing issues contact their intended recipients to advise of the problems caused by using the list. BACKSCATTERER is a list that almost always contains SHS IP addresses. As stated on the backscatterer.org website, their list is not one that contains spam preventing listings but instead sender callout abusers or users that send backscatter. They advise on the site that many big email providers/ISPs will send NDR (bounce messages) because the systems they use incorporate relaying. Backscatter, is the process of sending NDRs to non-local users. Because of the way the SHS system operates, we have the need to deliver NDRs outside of our own network, or our clients would never be aware of messages that we were unable to deliver. This puts us at odds with backscatterer.org. If you are having an issue delivering to a third party who is using backscatterer as a spam list, the third party should be educated and instructed to further investigate the http://www.backscatterer.org/ website to familiarize themselve s with the concept of the list. Backscatter's policy is that they maintain their own list for specific purposes and as such will not delist anyone, unless a fee is paid. Notably, they also recommend that their list is not used as a basis for rejecting mail. SPEWS (APEWS) is a list that is no longer maintained. It was once responsible for blocking large areas of netspace and only dealing with ISPs. Because the list is no longer in service, there may be DNS records that refer to an old database. For this reason this list should not be used and de-listing is not a possibility. There are also likely to be other organisations that operate in similar ways. At present we have not discovered these lists but this response could stand for lists not named above. Due to the reasons above, we are unable to become de-listed and as such unable to affect the course of any email destined to recipients using these lists. Whilst we applaud third parties willingness to prevent spam and utilise such lists, there are many other more legitimate lists that can be utilised. SHS work closely with those offering legitimate lists to ensure our infrastructure isnt impacted should somebody abuse/compromise our system or one of our clients systems. Please feel free to respond with any questions or comments regarding the above. Alternatively if you wish to check the status of an IP/block list, please do not hesitate to contact us. Once again, please accept our sincerest apologies for not being able to offer more assistance on this matter. Kind Regards *** ******* Support Centre Analyst Symantec Hosted Services www.messagelabs.com 24x7 Global Client Support Centre: US/Canada: +1 (866) 807 **** EMEA: +44 (0) 870 850 **** Australia: 1 (800) ****** Hong Kong: 1 (800) ****** Asia Pacific: +852 6902 **** *****@messagelabs.comThere are many organisations/authorities around the world that offer a means of blocking email based on list entries that their users can subscribe to. Whilst many are entirely legitimate and beneficial, some authorities have aggressive listing policies or lists that are almost impossible to be removed from. As a result, SHS do not recognise these authorities as legitimate. Some of the block list providers will charge listed parties to become removed from the list. Once the fee has been paid and the IP delisted, the owner of the IP may find that they have become listed again a very short time later. Lists like this arent providing a beneficial service and their use can cause mails not to be delivered even if the mails/sender are legitimate. Other block list providers that we do not recognise as legitimate may look at the way email is handled. Some block lists will spot the way our service relays mail from client to recipient and from sender to client. Our relay-based service means that our infrastructure can become blocked causing unnecessary mail failures. In instances where SHS have become blocked by what we consider to be unhelpful block list providers, we are unable to request de- listing of our IP addresses. In these instances, we ask the client in question if they would kindly notify the intended recipient that they are using a block list that causes large amounts of false positives and that email from yourselves has been stopped. The intended recipient should be discouraged from using such lists in favour of more legitimate lists available on the internet. We are currently aware of some block list providers that can cause problems with SHS email routing and that we are unable to resolve by becoming de-listed. These lists are known as: - SORBS (
One should note the immediate and glaring accuracy issue SPEWS isn’t, never was and never will be associated with APEWS (or ASPEWS – another replacement for SPEWS).
Now on to the message, the email is quite patently designed to mis-lead users of SORBS into believing that MessageLabs are the good guys and SORBS are the scum of the earth. The reality of the fact is that MessageLabs have refused to officially enter into negotiations with SORBS on any level on multiple occasions. They log support requests to ‘get delisted’ and sometimes are refused based on recent examples of spam or the sheer volume requiring a donation to a charity because of the spam volume, MessageLabs rarely (if ever) reply to our messages to continue negotiation. The SORBS support system is there to provide a recorded two way communication path, some, such as MessageLabs use it as a write only path. They write their messages and ignore any replies.
SORBS lists spamming IP addresses (sources of spam) that may be used for blocking of spam into the mail system that is utilising SORBS as a blocklist. MessageLabs have never paid for delisting from SORBS despite multiple removals from the SORBS spam database (please do read the article about the fine, SORBS only places the fine on sources of spam that keep spamming, and only for those sources that spam SORBS directly.) SORBS consists of multiple databases and does not charge for delisting from majority of the databases.
MessageLabs keep getting relisted in the SORBS database because they are contracted by their customers to deliver all messages they send. This appears to be the basis of their ‘right’ to send spam. SORBS disagrees, spam is spam, and if you as a provider do not implement effective outgoing spam filtering, you will be restricted on delivery options at some time.
SORBS is considered to be an aggressive blocklist but considering that SORBS receives more than 30 billion lookups per day by tens of thousands of users it is patently obvious that SORBS is a legitimate list regardless of MessageLabs (or any other company’s) claims.
The facts are simple, if you deliver spam to our servers you will be listed sooner or later. If you do not deliver spam to our servers you should never be listed. MessageLabs despite their claims to the contrary deliver spams to our servers on a regular and ongoing basis, and as such they are listed in our database of deliverers of spam (the SORBS Spam DB.)
UPDATE [24/Aug/2010]: SORBS has spoken to MessageLabs and the message being sent is now being changed, and we are discussing issues. This page is being left as an example only as we see other messages similar to this from time to time from other providers. Kudos to the admin @ MessageLabs that enacted the change and a discussion.
Comments Off