Drew Weaver drew.weaver at
Fri Apr 6 12:01:55 CDT 2012

So you're suggesting that hosting companies do what?

How many emails or port 25/587 connections a (day, week, hour) makes someone a spammer if there are no objections being lodged at the abuse department?

Are we supposed to do DPI on every email that a dedicated server sends out and then decide whether it's spam?

My point is if a list has a problem with a /32 they could have the courtesy to contact the ISP/host prior to causing huge problems for a /24

I'm not sure what more can be done than having an abuse department staffed up and checking all published data before accepting a customer.

And I'm mostly just complaining about senderbase, because they seem to be the one that really large companies reference.


-----Original Message-----
From: wherrin at [mailto:wherrin at] On Behalf Of William Herrin
Sent: Friday, April 06, 2012 12:56 PM
To: Drew Weaver
Cc: nanog at
Subject: Re: SORBS?!

On Fri, Apr 6, 2012 at 7:31 AM, Drew Weaver <drew.weaver at> wrote:
> That's just not true, we would much rather be notified of something 
>that a reputation list finds objectionable and take it down ourselves 
>than have Senderbase set a poor reputation on dozens of IaaS customers.

I think the idea is that you're supposed to proactively monitor your systems for abuse and generally make your network inhospitable to spammers, not just reactively move the customer to a new IP address when the unpaid anti-spammers kindly let you know you've been detected.

Personally I see SORBS as the canary in the coal mine. Except for the DUHL (which identifies dynamic IPs, not spamming activity) nobody serious relies on SORBS' data. So, it doesn't much hurt when they list you. But, like the canary that dies first if the air turns bad, if you're careful to watch SORBS you know when you're headed for problems which will get you listed by a real RBL.

Bill Herrin

William D. Herrin ................ herrin at  bill at
3005 Crane Dr. ...................... Web: <> Falls Church, VA 22042-3004

More information about the NANOG mailing list