Hackers Blamed For MessageLabs Spam Blunder 44
littlekorea writes "MessageLabs claims to have discovered that the systems of one of its customers were hacked by spammers after an entire block of MessageLabs IP addresses was blocked by antispam service SORBS. Customers of the managed email service had problems with outbound mail last week after MessageLabs' IP addresses were included in SORBS' block list. The Symantec-owned service provider has assured customers it has systems in place to prevent such incidents from happening again."
Please don't use SORBS blocklist (Score:5, Interesting)
Sorbs is a really poor block list which I don't think anyone should use.
I found that my mail server is listed in their list, because 3 years ago the same IP range was allocated to a dynamic IP range.
Even though it is now a static server address and the whois IP allocation records were long ago updated, and even has the reverse dns saying "static" in the format that sorbs demand, because the ENTIRE /24 network where my server lives doesn't confirm to their demanded reverse DNS standard, they refuse to delist it.
Their web service is a total nightmare and even their auto responder takes two weeks. As someone who has been working with mail servers on the internet since 1992, I would say please for the love of god, do not use sorbs as an email blocking list.
Check out Wikipedia for more info on them, they also solicit payments for some delisting which seems completely unethical.
anon (Score:3, Interesting)
Having been caught in exactly this situation between these two companies before left me with a very bitter taste in my mouth towards SORBS
SORBS "require" a "donation" ( to a charity ) to get delisted.
Type SORBS and charity onto google and have a peek at what comes back.......
On the SORBS site ( I don't remember exactly where, but I do remember reading it last time I went through this crap ) they say that ( me paraphrasing ) they are probably not allowed to charge a fee for delisting for legal reasons, so the "require" a "donation" instead. Ohh yeah you can choose a SORBS approved charity and jump through hoops to prove your donation OR rather conveniently they have a charity that you can donate to which will place less hoops in your way. Which one you gonna choose considering people are yelling at you that their mail aint getting through?
Do a bit of googling and there are reports of people blacklisted by SORBS being asked to buy hardware for SORBS as the "donation" to get unlisted.
See much info on the SORBS site on what measures they take to prevent and deal with false positives? No? Well that's probably because when they are charging for delisting it's in their intererests to generate as much paying custom as possible.
Seems like a form of extortion to me........
Re:This all sounds backwards (Score:3, Interesting)
I think that's just bad phrasing. My reading is that they only found out that the customer had been "hacked" because they were blacklisting (i.e. 'hacking' occurred, blacklisting occurred, awareness of blacklisting occurred, and finally awareness of 'hacking' occurred).