Remove SORBS from your filters ...

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
While there's a slight chance that SORBS will either find a new host or be bought out by someone who can continue it, we're currently working on a new release of SpamBlocker 3, which will be released at least two weeks ahead of the shutdown.

I've already started discussions with DirectAdmin staff on making changes to the release copy of SpamBlocker 2, which should be posted on the DirectAdmin file site shortly. As soon as it's ready an announcement will be made both on these forums and on on the mailing list.

Since both SpamBlocker2 and SpamBlocker3 require modification for your server, you may be tempted to simply comment out or remove some lines from your current configuration.

If so:

If you're using SpamBlocker2 and are intending to stay with SpamBlocker2, it will probably be enough to just remove or comment out the SORBS section of your ACLs, but if you're using SpamBlocker3, then this will mark the move of SpamBlocker3 from beta to release status, and we recommend a complete reinstall of the SpamBlocker exim.conf file.

Jeff
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,285
If we do not remove or comment out the sorbs section does that mean that all email will be rejected? What are the consequences of leaving the sorbs section in there?
 

Henrik

Verified User
Joined
Mar 14, 2008
Messages
121
I simply commented out all blocks in exim.conf that had anything of "sorbs" in it, fair enough?
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,285
Henrik that is great. It does not answer my question though.
 

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
8,937
Hello,

I'm pretty sure any RBL that isn't active would just timeout, and exim would continue on, skipping that check.

So the worst case, is email delivery may be delayed a few seconds while it waits for the timeout. I highly doubt that exim's logic would bounce an email if an RBL check failed.

John
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
I believe that John is right, but since the timeout delay will occur on every email delivery, I still suggest removing references to sorbs lists from your exim.conf file.

Yesterday I posted to the DirectAdmin announcement lists that people should remove sorbs-based lists from their exim.conf file.

Here's what one may look like, and how to remove it:

1) What it may look like (any with the word sorbs in it should be commented out:
Code:
# deny using safe.dnsbl.sorbs.net
  deny message = Email blocked by SORBS - to unblock see http://www.example.com/
       hosts = !+relay_hosts
       domains = +use_rbl_domains
       !authenticated = *
       dnslists = safe.dnsbl.sorbs.net
And here's what it shold look like after it's commented out:
Code:
# deny using safe.dnsbl.sorbs.net
#  deny message = Email blocked by SORBS - to unblock see http://www.example.com/
#      hosts = !+relay_hosts
#      domains = +use_rbl_domains
#      !authenticated = *
#      dnslists = safe.dnsbl.sorbs.net
Note that as of June 25th Michelle has announced that it's likely that Sorbs will continue to work. However since there have been no posts to the effect of continuation for almost a month I highly recommend you remove references to Sorbs from your exim.conf file.

I've updated SpamBlocker 3-beta on my website, but even if you're already using SpamBlocker 3-beta it's going to be easier to make changes to your local copy to remove references to sorbs lists than it is going to be to install a new version and make the changes required for your site.

A new SpamBlocker 3.2 RC will be available in as little as a day or two, but it will take a week or so before it goes gold even if it's perfect, and even then, it might take a while before DirectAdmin begins using it, if ever (that's not up to me).

Don't forget that after any changes to your exim.conf file you must restart exim on your server.

Jeff
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,285
I need to get used to explaining more too. I was asking not because I did not want to have to change anything. I was asking because I have so many to change I wanted to know what would happen if I forgot one or two.
 

R1Lover

Verified User
Joined
Feb 24, 2007
Messages
439
Why woud this not be done via update DA?

It would make it easier for those with many systems.

Just wondering.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,285
How would you propose DA do this? Its not a matter of downloading a new exim.conf file since the exim.conf file has custom configurations for those of us who make use of the RBL's. I tried writing a script to do it myself but decided it would be faster for me to manually do it since it would be a one time thing.
 

R1Lover

Verified User
Joined
Feb 24, 2007
Messages
439
lol I'm not a developer but it's a DA supplied file so I would assume it would just be an overwrite to a bas config file again. Not too many people mess with the exim config files on a standard server config.
 

Dravu

Verified User
Joined
Sep 9, 2007
Messages
324
lol I'm not a developer but it's a DA supplied file so I would assume it would just be an overwrite to a bas config file again. Not too many people mess with the exim config files on a standard server config.
But the people that do would be pissed that their configuration got overwritten.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,285
If they are using the RBL's like sorbs then they would have had to customize the exim.conf.

If they are just using what DA supplied without any changes then they are not taking advantage of the RBL's and the sorbs stuff being in there will not matter anyway.
 

scsi

Verified User
Joined
Aug 19, 2008
Messages
4,695
Still wouldnt use it...

Matthew Sullivan != Michelle Sullivan

*VOMIT!!!!!*
 
Last edited:

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
Floyd:

It's nice to see that Michelle has updated the site. I still believe we should no longer use Sorbs as there's no guarantee.

scsi:

How we feel about transgender people is our own business. Please try to refrain from such expressions on the forums.

R1Lover,

The DirectAdmin exim.conf file cannot be an all-purpose file; here are only some of the customizations required:

1) As supplied the official file from DirectAdmin only supports mbox; it needs to be modified (there's a script available) to use Dovecot/Maildir.

2) As supplied unofficial file from NoBaloney Internet Services only supports Dovecot/Maildir; it cannot be easily modified to use mbox.

3) As supplied neither file supports ClamAV. The unofficial file from NoBaloney Internet Services contains the code but one line needs to be uncommented, and several others uncommented.

4) As supplied neither file supports SpamAssassin; the code is in the file but must be uncommented to work.

5) As supplied neither file supports an offer to accidentally blocked senders to whitelist them; the current error message simply tells such senders to visit example.com.

Jeff
 

R1Lover

Verified User
Joined
Feb 24, 2007
Messages
439
Floyd:

It's nice to see that Michelle has updated the site. I still believe we should no longer use Sorbs as there's no guarantee.

scsi:

How we feel about transgender people is our own business. Please try to refrain from such expressions on the forums.

R1Lover,

The DirectAdmin exim.conf file cannot be an all-purpose file; here are only some of the customizations required:

1) As supplied the official file from DirectAdmin only supports mbox; it needs to be modified (there's a script available) to use Dovecot/Maildir.

2) As supplied unofficial file from NoBaloney Internet Services only supports Dovecot/Maildir; it cannot be easily modified to use mbox.

3) As supplied neither file supports ClamAV. The unofficial file from NoBaloney Internet Services contains the code but one line needs to be uncommented, and several others uncommented.

4) As supplied neither file supports SpamAssassin; the code is in the file but must be uncommented to work.

5) As supplied neither file supports an offer to accidentally blocked senders to whitelist them; the current error message simply tells such senders to visit example.com.

Jeff
thanks for taking the time to explain this... :)
 

hostneverdie

Verified User
Joined
Jul 21, 2009
Messages
7
Just removed sorbs block list from by web control panel.
Just wondering what will happend if I do not remove the block list.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,285
Just removed sorbs block list from by web control panel.
Just wondering what will happend if I do not remove the block list.
Already answered.

Hello,

I'm pretty sure any RBL that isn't active would just timeout, and exim would continue on, skipping that check.

So the worst case, is email delivery may be delayed a few seconds while it waits for the timeout. I highly doubt that exim's logic would bounce an email if an RBL check failed.

John
 

Peter Laws

Verified User
Joined
Sep 13, 2008
Messages
1,747
Location
London UK
SORBS2 is almost here...!

SORBS2 is almost here...!

All,

SORBS2 is about to be released, some of you will already know about it,
some it will be a completely new concept. The database started
development back in 2004 and was almost coded in 2005, but due to lack
of funding and support it was never completed. Now with the help of
GFI, the basic code of SORBS1 and some new functionality is complete and
ready for the world, more on what's new further down.

To move from the SORBS1 database to the SORBS2 database we are going to
need to migrate some 23 million database rows in to the current 91
million rows in SORBS2. The migration will cause an outage of the SORBS
website and will cause a suspension of 'new and delisted' entries. This
means during the migration new spam whilst detected will not be
published to the website or the DNS zone files. Similarly no delistings
will happen during the migration.

We are expecting to start the migration sometime between 8pm GMT on the
6th August 2010 and 10am GMT on the 6th August 2010. The migration
tests have brought the expectation that it will take around 60 hours,
however the test hardware is different from the production hardware
(slower disks but faster CPUs) so we expect the tests to be a guide only
and are not a fixed time. The migration is dependent on successful
completion of the final tests (a full test migration) and as with all
best laid plans it is possible that something unexpected occurring in
the execution. If the migration has not started by 10am GMT it will be
postponed until next weekend Friday 13th August 2010 (I'm not
superstitious!)

Why are we doing this you might ask? Well quite simply the SORBS1
database has very limited functionality and is very "you are listed" or
"you are not listed" and has no functionality to allow anyone but a
SORBS admin to update it. The SORBS2 database on release will include
the following new functionality:

- Self Delisting of Spam/Hacked/Proxy etc entries without needing to use
the IP listed if already authorised as an administrator of the network/IP.

- Removal of the SORBS Spam DB fine, to be replaced by a simple formula
that will allow self delisting based on the number of times we have seen
spam from your network* against the number of previous delistings and
the time elapsed since the last spam was recorded.

- Full integration between the SORBS support tickets and the SORBS2
database so you can quickly reference any support tickets logged as well
as seeing any status updates. This integration will also show the
status of tickets logged by other people about an entry whilst denying
access to the ticket contents.

- Creation of a common interface for SORBS staff, ISPs and end users alike.

- Requirement to register and verify the email address for any new
support tickets or delisting requests. **

- Cleaner and 'snappier' interface where more detail is shown in a less
confused and cluttered way.

- Network and Host lookups <- big change here - you can put in your
network '127.0.0.0/24' for example and it will show all entries in the
netblock.

- The ability to publicly comment on listings - this will be monitored
closely for abuse, writing in support requests into comments will not
result in a delisting, comments may be deleted by administrators if
inappropriate. HTML will not be allowed. We expect people to make
comments like 'this network has been the bain of our lives and has sent
so much spam that it should be escalated' etc.. SORBS Admins will also
be able to make multi entry comments on listings that all can view that
will be in a similar vein.

- Access to the headers of spams and other data relating to listings if
appropriate access is given.

- Access to full original spam/logfiles/network traces (and captures)
for all abuse in a "write once read many table" for law enforcement
purposes. Law enforcement officials will have access to this data
without interaction from SORBS staff once the initial authorisation is
given.

- An extensible interface and backend that can be extended to include
new data types with just the smallest of changes to the code base.


New funtionality that will be released soon after the migration.

- Network usage updates (not only DUHL, but also the new 'static',
'residential', 'business', 'co-location servers', "permitted to run mail
services" zones) will be updatable directly and instantly by any
authorized representative of the network (ie ISP) ***

- New zone files, including a new SORBS URI database and Malware database.

- Instant listing and delisting (we are moving to the ability for live
DNS information, meaning when the database is updated within seconds the
DNS will be updated, for both listings and delistings)

- Instant reports - new listings will send an email to a registered
administrator of your choice alerting about the listing, the reasons
behind it, and what caused it.

- Instant reports by SMS (subscription service), same as the instant
reports by email but will page any number you have registered with an
SMS alert so that in the event that email is not available (eg through
spammer overload) or not delivering for several hours due to network
outages you will get the message. This service, unless we find
sponsorship will be a 'premium service' that will require a subscription
to cover the costs.

- Reputation data, SORBS2 will 'know' what networks are sending lots of
"not spam" and adjust it's listing policy automatically based on the
quantities of "not spam", this will result in a lower occurrence of
otherwise good network providers getting listed.

SORBS' goal has been and always will be the eradication of abuse from
the Internet, to that end we are expanding our services to enable system
administrators and end users alike to have an external view of their
network. We want you the users to see what is being abused, how, and
why, and hopefully this will give you enough information to eradicate
abuse from your small corner of the Internet making the world a better
place.

SORBS has always been a community project, but has not enabled many
people in the community to take an active role due to security
considerations, with the advent of SORBS2 we will be able to extend the
project to many people can become active participants whilst protecting
the integrity of the data.

Spread the word, SORBS is about to move spam fighting to a whole new level.

Best regards,

Michelle Sullivan
Shame :(
 
Top