1: What is SORBS..?
SORBS is an acronym for "Spam and Open Relay Blocking System" although this is not strictly accurate since SORBS also lists Open Proxy servers and machines that appear to be hacked sources of spam.

2: Why is SORBS blocking my email..?
SORBS does not block email, web sites, networks or the Internet, if you are being blocked you will need to talk to the administrators of the service you are trying to access.

3: Isn't what SORBS does illegal..?
No, it has been challenged under the Privacy Act, and as it does not identify an individual so it is not subject to these laws. Further, it appears to be a list of IP addresses and appears to indicate test results for those addresses. Needless to say those results would be correct at the time of testing, which is not necessarily the same as current tests would show.

In actual fact the SORBS DNSbl is nothing more than a list of hostnames in the SORBS.NET domain corresponding to local IP addresses in published worldwide in the Domain Name System (DNS) as used by most hosts of the Internet today.

Anyone wishing to prove otherwise would do well to seek competent legal advise.

4: Can I block SORBS..?
You can, the Internet is a cooperation based network, if you want to block SORBS from your network you may... Just as the Administrators using the SORBS database may block you from sending mail (or all traffic) to their domains.

5: Isn't SORBS just like ORBS, ORBZ, ORBD etc...?
No, most of the other relay blocking systems (including the Open Proxy/Formmail lists) scan for hosts to list. SORBS only scans a host when it attempts to send mail to one of the 'feeder' servers. This means two things:
  • First, if you are a spammer and never send mail to a domain using SORBS, you will never get blocked
  • Second, SORBS considers scanning for vulnerable hosts abuse. Scanning a host upon connection is not considered abuse by SORBS as the tested host is requesting a connection, the test is the terms of that connection. See [7] for more information.

6: What and where are the feeder servers..?
The 'feeder' servers are a selection of servers that send addresses of selected the incoming connections to the SORBS servers for testing. The list of feeder servers will not be disclosed, by request of those server administrators.

7: Why are you fighting abuse with abuse...? Why are you abusing my server..?
This is answered in [5] as well..

SORBS automatically tests servers attempting to send mail to one of the 'feeder' servers. By sending mail to these servers you are requesting a cooperative connection. The administrators/owners of these sites will allow the cooperative connection on the basis that you allow the return connections of the SORBS servers to test your server.

If you do not wish for SORBS to test your servers, please do not attempt to send mail to a SORBS server or any SORBS feeder

Note: For security SORBS feeder servers will not be disclosed. The alternative is we can list you in the 'do not test' database, which is also published in the same way as the Open Server databases.

8: SORBS makes tests that crashes my server, why...?
It has been shown that certain unpatched configurations of some servers are not stable when some open relay tests are used. SORBS will still use the tests which crash these unpatched server. Running an unpatched server is more of a menace to the Internet as a whole than your individual server crashing. Please ensure your server is patched before you attempt to contact a server using SORBS.

9: I do not want SORBS to connect to my servers, what can I do..?
Get the AS record contact for your network to contact the SORBS administrators and we will be happy to list your servers in the database so that your connections to SORBS subscribers will be automatically rejected and no testing will be performed.

Note: Sometimes this is impossible due to network size we will allow block requests from non AS contacts on a case by case basis.

10: What tests does the SORBS server perform..?
The source code for SORBS is available at: http://www.sorbs.net/, please read the source code.

11: I am listed in the Proxy/Relay database(s), what can I do..?
Fix the configuration of the server to make it no longer vulnerable to abuse. Then request a retest using the automated system.

For information on proxy servers please see the Proxy FAQ.

For securing an open relay please see the MTA Fix Page at Osirusoft.com

Re-testing of Open-Relays is a manual process, please mail a SORBS admin for re-testing.

12: Why can I not get re-tested, it says I need to contact the Administrators..?
The SORBS server will only accept a certain number of retest requests, this is to prevent abuse of the system. You will need to mail the administrators to reset the counter, detailing why you need further retests.

13: I blocked SORBS from testing me at the firewall, and another host tested me, why..?
SORBS has a number of servers around the world, just because one server tested you the first time, it does not guarantee that the next test will be from that host.

Note: if you blocked the tests and get re-tested and block again in an attempt to block all the SORBS servers your addresses will not be reset for more retests when you are listed. The multiple testing IPs are not meant to circumvent security in any way, it is just to stop the few who feel that the answer is to block testing rather than close their proxy to abuse.

14: I was spammed, and want to add hosts to the SORBS block lists, how is it done..?
SORBS takes automated nominations from 'feeder' servers, the general public will never be able to submit sites for testing.

You may want to take a look at: SpamCop as that system does take submissions.

15: I am not in the SORBS database, can I get tested now..?
SORBS only tests sites nominated by the 'feeder' sites, and servers sending messages to: testme@dnsbl.sorbs.net.

Note: The testme@dnsbl.sorbs.net address is not automated and therefore may be delayed in testing.

16: Does SORBS block all spam..?
No, unfortunately it will not block all spam, all we (TINW*) can hope is that it will cut down on the spam received.

17: SORBS is great is there anything I can do to help..?
If you can program in 'C' please join the SORBS project at Sourceforge. Details are at: http://www.sorbs.net.

18: Can I use SORBS..?
Yes. Anyone can use SORBS.

19: How can I use SORBS..?
Three ways:
  • Subscribing to the SORBS DNS based block list.
  • Running the SORBS daemons in front of your own server.
  • Becoming a SORBS 'feeder' or 'tester' site.

20: How can I become a SORBS 'feeder' or 'tester' site..?
You can donate machines and connectivity by mailing the SORBS administrators. Only, well connected sites providing stable hosting will be able to connect to SORBS directly.

Note: Multi shelled servers will not be permitted to connect.

21: How can you trust people wanting to connect?
We don't, connections from feeders will only add to the database, and have no permission to change data already there. Further, each site has its own user ID and password, all transactions are tracked.

22: How can you trust the 'tester' sites..?
The machines are setup and secured by SORBS administrators who are given 'root' access. Further, servers are only used when they are recommended from known, and trusted sources.

23: I want to try my luck in the courts where do I send the papers..?
The registration information for the sorbs.net domain name contains up to date contact information for the founder. Be aware though, SORBS is a Non-Profit entity that relies soley on donations to operate. There are no assets, nor any debts. The machines used belong to the sponsors, the connectivity is provided by sponsors, the code is free for anyone to use or modify (Subject to satisfying the Mozilla Public License MPL 1.1.)

24: Who is behind SORBS..?
Michelle Sullivan devised the original project, many others are now involved, and will be listed as and when they indicate their preference.

25: I'm blocked.... How do I send mail to the administrators of SORBS..?
You can use the mail sending form provided for those blocked. Please remember that you have to use a real email address, as mails with phony addresses will be ignored.

NOTE: Removal requests for the Proxy databases will be ignored. See: the Retest FAQ. If you have problems obtaining a key or other problems with re-tester, please feel free to mail.

26: My address entry shows 'inactive and not flagged' but I still seen an entry in DNS, why...?
Because of load issues with DNS based block list SORBS sets each positive entry to a 2 day TTL, this means that DNS you queried will hold the entry for 2 days, even when it has been removed from the SORBS database.

Yes, it will cause you pain that neither you nor SORBS can control, however maybe that will be enough pain to ensure that you don't end up back in the database.

27: My host has been fixed and I have been re-tested clean, why am I still in the DB...?
SORBS sets a 'block' flag in the database rather than removing the entry. This ensures that reoccuring hosts are tracked and so they will become more and more difficult to remove from the database, the more they are tested open.

Database entries are purged after 'n' years of no activity. Where 'n' = number of re-activations after re-tests showed clean.

28: I'm, listed in the Zombie/Hijacked Zone, you are libeling me...
Note this item is a specific reply to: "Wrongly calling an ASN or IP space hijacked may subject you to a lawsuit for tortious interference with a contract, defamation, commercial disparagement, intentional and negligent misrepresentation, and unfair business practices, for starters.".

Actually SORBS is not libeling you, interfering with any contracts, defaming you, disparaging you, either commercially or personally, nor is it intentional and/or negligently misrepresenting you. Finally SORBS does not use unfair business practices....

SORBS publishes hostnames in its own domain.

The interface which allows you to check your IP against the list of SORBS hosts in DNSbl format is for your convenience and is no reflection of status of the address ranges. Further the Zombie/Hijacked list is a list of suspected ranges, not necessarily proved to be hijacked ranges. If SORBS lists an address range of yours and you can provide unequivocal proof that it has not been hijacked, the SORBS administrators will remove the entry. Until then, that entry will stay listed.

29: I'm going to sue you if you don't remove "X.X.X.X" entry...
See you in court, and don't expect to be removed... Oh, and expect to have your name and addresses published for the world to see (as is the Law in Australia provides).... No matter what the outcome.

30: Is there anything else I should know about SORBS..?
Quite likely, but this is the end of the FAQ for the time being. It will be expanded as people ask questions.

Copyright © 2002-2014 by SORBS | Terms & Conditions | Privacy Policy