|1: What is SORBS..?
SORBS is an acronym for "Spam and Open Relay Blocking System"
although this is not strictly accurate since SORBS also lists Open Proxy servers
and machines that appear to be hacked sources of spam.
|2: Why is SORBS blocking my email..?
SORBS does not block email, web sites, networks or the Internet, if you
are being blocked you will need to talk to the administrators of the service
you are trying to access.
|3: Isn't what SORBS does illegal..?
No, it has been challenged under the Privacy Act, and as it does not
identify an individual so it is not subject to these laws. Further,
it appears to be a list of IP addresses and appears to indicate test
results for those addresses. Needless to say those results would be
correct at the time of testing, which is not necessarily the same as
current tests would show.
In actual fact the SORBS DNSbl is nothing more than a list of hostnames
in the SORBS.NET domain corresponding to local IP addresses in
published worldwide in the Domain Name System (DNS) as used by
most hosts of the Internet today.
Anyone wishing to prove otherwise would do well to seek competent legal advise.
|4: Can I block SORBS..?
You can, the Internet is a cooperation based network, if you want to
block SORBS from your network you may... Just as the Administrators using the
SORBS database may block you from sending mail (or all traffic) to their domains.
|5: Isn't SORBS just like ORBS, ORBZ, ORBD etc...?
No, most of the other relay blocking systems (including the Open Proxy/Formmail
lists) scan for hosts to list. SORBS only scans a host when it attempts to
send mail to one of the 'feeder' servers. This means two things:
- First, if you are a spammer and never send mail to a domain using SORBS, you will never get blocked
- Second, SORBS considers scanning for vulnerable hosts abuse. Scanning a host upon connection is
not considered abuse by SORBS as the tested host is requesting a connection, the test is the terms of that
connection. See  for more information.
|6: What and where are the feeder servers..?
The 'feeder' servers are a selection of servers that send addresses of
selected the incoming connections to the SORBS servers for testing. The list of feeder
servers will not be disclosed, by request of those server administrators.
|7: Why are you fighting abuse with abuse...? Why are you abusing my server..?
This is answered in  as well..
SORBS automatically tests servers attempting to send mail to one of the
'feeder' servers. By sending mail to these servers you are requesting a
cooperative connection. The administrators/owners of these sites will
allow the cooperative connection on the basis that you allow the return
connections of the SORBS servers to test your server.
If you do not wish for SORBS to test your servers, please
do not attempt to send mail to a SORBS server or any SORBS feeder
Note: For security SORBS feeder servers will not
be disclosed. The alternative is we can list you in the
'do not test' database, which is also published in the same
way as the Open Server databases.
|8: SORBS makes tests that crashes my server, why...?
It has been shown that certain unpatched configurations of some servers
are not stable when some open relay tests are used. SORBS will still use
the tests which crash these unpatched server. Running an unpatched
server is more of a menace to the Internet as a whole than your individual server crashing. Please ensure your server
is patched before you attempt to contact a server using SORBS.
|9: I do not want SORBS to connect to my servers, what can I do..?
Get the AS record contact for your network to contact the SORBS
administrators and we will be happy to list your servers in the database so that
your connections to SORBS subscribers will be automatically rejected and no
testing will be performed.
Note: Sometimes this is impossible due to network size we will allow
block requests from non AS contacts on a case by case basis.
|10: What tests does the SORBS server perform..?
The source code for SORBS is available at: http://www.sorbs.net/,
please read the source code.
|11: I am listed in the Proxy/Relay database(s), what can I do..?
Fix the configuration of the server to make it no longer vulnerable to abuse. Then
request a retest using the automated system.
For information on proxy servers please see the Proxy FAQ.
For securing an open relay please see the MTA Fix Page at Osirusoft.com
Re-testing of Open-Relays is a manual process, please mail a SORBS admin for re-testing.
|12: Why can I not get re-tested, it says I need to contact the Administrators..?
The SORBS server will only accept a certain number of retest requests, this
is to prevent abuse of the system. You will need to mail the administrators to reset the
counter, detailing why you need further retests.
|13: I blocked SORBS from testing me at the firewall, and another host tested me, why..?
SORBS has a number of servers around the world, just because one server
tested you the first time, it does not guarantee that the next test will be from
Note: if you blocked the tests and get re-tested and block again
in an attempt to block all the SORBS servers your addresses will not be reset
for more retests when you are listed. The multiple testing IPs are not meant
to circumvent security in any way, it is just to stop the few who feel that
the answer is to block testing rather than close their proxy to abuse.
|14: I was spammed, and want to add hosts to the SORBS block lists, how is it done..?
SORBS takes automated nominations from 'feeder' servers, the general public
will never be able to submit sites for testing.
You may want to take a look at: SpamCop as that system does take submissions.
|15: I am not in the SORBS database, can I get tested now..?
SORBS only tests sites nominated by the 'feeder' sites, and servers
sending messages to: firstname.lastname@example.org.
Note: The email@example.com address is not automated and therefore may be delayed in testing.
|16: Does SORBS block all spam..?
No, unfortunately it will not block all spam, all we (TINW*) can hope is
that it will cut down on the spam received.
|17: SORBS is great is there anything I can do to help..?
If you can program in 'C' please join the SORBS project at Sourceforge.
Details are at: http://www.sorbs.net.
|18: Can I use SORBS..?
Yes. Anyone can use SORBS.
|19: How can I use SORBS..?
- Subscribing to the SORBS DNS based block list.
- Running the SORBS daemons in front of your own server.
- Becoming a SORBS 'feeder' or 'tester' site.
|20: How can I become a SORBS 'feeder' or 'tester' site..?
You can donate machines and connectivity by mailing the SORBS administrators. Only,
well connected sites providing stable hosting will be able to connect to SORBS
Note: Multi shelled servers will not be permitted to connect.
|21: How can you trust people wanting to connect?
We don't, connections from feeders will only add to the database, and have
no permission to change data already there. Further, each site has its own user ID
and password, all transactions are tracked.
|22: How can you trust the 'tester' sites..?
The machines are setup and secured by SORBS administrators who are given 'root'
access. Further, servers are only used when they are recommended from known, and
|23: I want to try my luck in the courts where do I send the papers..?
The registration information for the sorbs.net domain name contains up to date
contact information for the founder. Be aware though, SORBS is a Non-Profit entity that
relies soley on donations to operate. There are no assets, nor any debts. The machines
used belong to the sponsors, the connectivity is provided by sponsors, the code is free
for anyone to use or modify (Subject to satisfying the Mozilla Public License
|24: Who is behind SORBS..?
Michelle Sullivan devised the original project, many others are now involved,
and will be listed as and when they indicate their preference.
|25: I'm blocked.... How do I send mail to the administrators of SORBS..?
You can use the mail sending form provided for
those blocked. Please remember that you have to use a real email address,
as mails with phony addresses will be ignored.
NOTE: Removal requests for the Proxy databases will be ignored.
See: the Retest FAQ. If you have problems
obtaining a key or other problems with re-tester, please feel free to mail.
|26: My address entry shows 'inactive and not flagged' but I still seen an entry in DNS, why...?
Because of load issues with DNS based block list SORBS sets each positive entry
to a 2 day TTL, this means that DNS you queried will hold the entry for 2 days, even
when it has been removed from the SORBS database.
Yes, it will cause you pain that neither you nor SORBS can control, however maybe
that will be enough pain to ensure that you don't end up back in the database.
|27: My host has been fixed and I have been re-tested clean, why am I still in the DB...?
SORBS sets a 'block' flag in the database rather than removing the entry. This
ensures that reoccuring hosts are tracked and so they will become more and more
difficult to remove from the database, the more they are tested open.
Database entries are purged after 'n' years of no activity. Where 'n' = number of re-activations
after re-tests showed clean.
|28: I'm, listed in the Zombie/Hijacked Zone, you are libeling me...
Note this item is a specific reply to: "Wrongly calling an ASN or
IP space hijacked may subject you to a lawsuit for tortious interference with
a contract, defamation, commercial disparagement, intentional and negligent
misrepresentation, and unfair business practices, for starters.".
Actually SORBS is not libeling you, interfering with any contracts, defaming you,
disparaging you, either commercially or personally, nor is it intentional and/or
negligently misrepresenting you. Finally SORBS does not use unfair business
SORBS publishes hostnames in its own domain.
The interface which allows you to check your IP against the list of SORBS hosts
in DNSbl format is for your convenience and is no reflection of status of the
address ranges. Further the Zombie/Hijacked list is a list of suspected ranges,
not necessarily proved to be hijacked ranges. If SORBS lists an address range of yours and you
can provide unequivocal proof that it has not been hijacked, the SORBS administrators will
remove the entry. Until then, that entry will stay listed.
|29: I'm going to sue you if you don't remove "X.X.X.X" entry...
See you in court, and don't expect to be removed... Oh, and expect to have
your name and addresses published for the world to see (as is the Law in Australia
provides).... No matter what the outcome.
|30: Is there anything else I should know about SORBS..?
Quite likely, but this is the end of the FAQ for the time being. It will be
expanded as people ask questions.