[182775] in North American Network Operators' Group
Re: Working with Spamhaus
daemon@ATHENA.MIT.EDU (William Herrin)
Fri Jul 31 22:36:58 2015
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <CAGkwwuOSAccvaDfr94_MmiBAGZjEFrNEGuRy1qt5023wLO10ig@mail.gmail.com>
From: William Herrin <bill@herrin.us>
Date: Fri, 31 Jul 2015 22:34:10 -0400
To: Jaren Angerbauer <jarenangerbauer@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Fri, Jul 31, 2015 at 5:28 PM, Jaren Angerbauer
<jarenangerbauer@gmail.com> wrote:
> I work for Proofpoint -- we acquired SORBS back in 2011. There is
> delisting (via SORBS support ticket). Additionally, there is NO CHARGE to
> be delisted.
Hi Jaren,
The big problem I remember with SORBS from my ISP days was that if
they tested an open relay at IP address A and the return message came
from IP address B, they listed IP address B. This put me in an
impossible situation as an ISP providing an SMTP smarthost to my
authenticated customers. If just one of them screwed up their mail
programming, not trying to spam mind you, just screwed up their
configuration, my entire relay was hit with a block.
Practically speaking, to keep my mail server off SORBS I was required
to employ SORBS on my relay to block any customers whose IP appear as
an input into SORBS. If I wanted to stay off their list then I MUST
use them. Bad ethics there IMO.
Is itstill SORBS practice to list both input and output IP addresses
of an open relay, regardless of detected spam activity and without any
attempt to notify the mail op of the problem?
Regards,
Bill Herrin
--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
