Spam and Open Relay Blocking System (SORBS)

Comment spammers are thick on social networking sites like Digg most of their comments include a link back to a bogus site. If you go to their profile you will see all of the spam they have posted and it is easy to bury from there. Post a link to that page here and we can all bury it as spam.

Moderators: JeanInMontana, rockingmtranch, ShadowPuterDude, admin, MysteryFCM, Owner

User avatar
It's Mine!!
It's Mine!!
Posts: 3331
Joined: Fri Jun 08, 2007 6:10 am
Location: South Central Montana

Spam and Open Relay Blocking System (SORBS)

Postby JeanInMontana » Mon Jul 30, 2007 11:29 pm

Introduction and a bit of history
The Spam and Open Relay Blocking System (SORBS) was conceived as an anti-spam project where a daemon would check "on-the-fly", all servers from which it received email to determine if that email was sent via various types of proxy and open-relay servers. The daemon was not particularly well written and served as a lesson in programming for its original author, Matthew Sullivan.

The daemon still exists and works, though with the latest computer piracy by spammers being hijacking by way of trojans, there are not many servers stopped. If you are interested in the daemon it is available for download and use at: However, during November 2001, the daemon was deployed alongside a number of prominent mailservers that received around 1 million emails per day. The result was a database of approximately 78,000 proxy servers collected over a 2 month period.

The SORBS DNSBL was born in November 2002. It was felt that by publicising a list of compromised hosts, the ever-increasing flow of spam through those hosts could be stopped. On January 6, 2003, the SORBS DNSBL was officially launched to the public.

Since those initial 78,000 proxies, the SORBS DNSBL has grown to an astounding 3 million listed hosts (that's less than 0.07% of the possible addresses on the internet - statistics correct as of June 2004). SORBS has also expanded over time to include hacked and hijacked servers, formmail scripts, trojan infestations (particularly those with backdoors), and more recently made the move to pre-emptively list all dynamically allocated IP address space.

Other recent innovations are the SORBS spam firewall, which is in testing, and will be released as soon as SORBS Technologies Pty Ltd completes testing and develops a market strategy (we'll keep you posted there). Also, SORBS provides its lists for groups such as Team Cymru DarkNet Project and the Australian Communications and Media Authority, with a view to listing and shutting down as many infected/trojaned machines as possible.

If anyone would like to contribute to SORBS or has any suggestions for new detection routines, and/or hosts to be listed, the SORBS team would love to hear from you. Please use the Mail/Contact Form to get in touch and discuss your thoughts.

Note: SORBS Technologies Pty Ltd is not part of, nor does it have control over, SORBS listings. We are two independent companies whose names both include the word "SORBS".

You can read more about SORBS and become a member yourself. I have been using the service for several months to research IP's and make decisions about ban or not to ban at Hoax~Slayer and now here. Today I guess I must have used it too much without logging in and I don't blame them, but they blocked me from any searches. 8)

I had a message that I needed to allow cookies. Well that actually meant, we are not letting you hammer the system any longer unless you log on. I can only imagine the job of admins there. It has to be a target of all sorts of abusers.

Anyway, we are now a member, and I will look into how we can benefit the project as well as use the resources offered.

I am just sick and tired of spammers.
:0!: :whp: :nodk:
~Think Globally * Dream Universally~Anon
ImageImageImage Donating any amount helps keep this site alive.

Return to “Mission Comment Spammer”

Who is online

Users browsing this forum: No registered users and 1 guest