A year ago, in november 2009, GFI Software acquired spam blocklist provider SORBS promising improvements to the responsiveness and data quality problems:
GFI is now actively developing plans for the future of SORBS, including SORBS 2.0 and methods to improve SORBS data and responsiveness.
Having a reputation service within GFI will allow us to provide a better service to our customers and to greatly enhance our standing in the anti-spam community as well as give us opportunities to report on spam trends and analyze real-time feeds in ways we have not previously been able to.
Source: http://www.theregister.co.uk/2009/11/06/sorbs_sold/
Now a year later, Steve from WordToTheWise (Email, Delivery, Spam) catches on to see if GFI delivered the goods. With a title such as ‘GFI/SORBS considered harmful‘, it would appear this is not the case.
GFI/SORBS seems to have the same problems they already had a year ago, and responsiveness to queries has not improved from the quotes we can see on the WordToTheWise article. Steve hasn’t yet evaluated data quality (this should be available tomorrow) but from Delivery_Kitty’s Tweet (see below), one can only assume the worst.
LOLs! SORBS has blacklisted the IP of a major anti-spam discussion list. (In the 'spam' zone.) Double LOL!
December 1, 2010
Source: http://twitter.com/#!/delivery_kitty/status/10045916199260160
Amazon (EC2) users blocked by the SORBS block list
[...]SORBS has listed the entire Amazon EC2 IP address space as a source of spam.
[...] SORBS days are numbered because the IT community is not going to tolerate rogue spam-police regimes.
July, 2010
Source: http://mailchannels.com/blog/?p=155
XS4ALL, an internet and email service provider in the Netherlands, also discourages the use of GFI/SORBS:
* In some cases bounces, out-of-office messages, or automatic replies from mailinglists are treated as spam and used to blacklist the sending mail server.
* The official way to remove an address from the SORBS blacklist is by donating to a legal defense fund for a lawsuit that was ended in 2002.
* Because it is so difficult to remove an IP address from the list, SORBS as a blacklist produces many false positives. * Because it takes a long time before a spamming IP address reliably appears on the blacklist, not much spam is stopped.
Source: http://www.xs4all.nl/bl/sorbs/
Vircom (Email Security & Anti Spam) customers are also reporting similar problems with SORBS and the general concencus is: stop using it! Here are a few comments:
* We just removed dul.dnsbl.sorbs.net (or was it dun!.). Anyway it had blacklisted many legit servers.
* I had to remove dnsbl.sorbs.net, it was becoming a pain. They have aol, gmail and yahoo blacklisted randomly, it is pain to whitelist servers as people find that mail cannot be delivered from those hosts
According to GFI’s web site, GFI MailEssentials uses the SORBS database as the counter-measure to Botnets and Zombies. If SORBS responsiveness is as slow as depicted in the articles and user comments above, how can it be effective against Botnets, which are known to be extremely fluctuating targets (fast infection rates).
Does anyone have experience with SORBS? Use it on a daily basis? Is it that bad? How come GFI is still associated with SORBS? It would seem the logical choice to just drop the service completely if it is that ineffective.
Steve from WordToTheWise just posted his GFI/SORBS part 2 article. Find it here:
http://blog.wordtothewise.com/2010/12/gfi-sorbs-considered-harmful-part-2/
And make sure you read the comments (one of which is from SORB’s Michelle). Enlightening.