Security Basics mailing list archives

RE: SORBS

From: "Robertson, Seth (JSC-IM)" <Seth.Robertson-1 () nasa gov>
Date: Fri, 5 Jan 2007 09:46:27 -0600

If you have the budget, you might consider affordable products that
feature many different public blocking list services (like SORBS),
heuristics, and bayesian analysis--all using genetically-tuned weights.
That way, no single keyword or blocking list will cause a message to be
"blocked".  These products also offer you features like a quarantine (so
a user can retrieve a message that was blocked if it shouldn't have),
anti-virus, content filtering, and auto-encrypted email (e.g., for HIPAA
compliance).  I'm afraid that blocking messages due to the listing in a
single block list service is going to yield poor results (plenty of
false positives and false negatives).


http://www.espionintl.com
http://www.barracudanetworks.com
http://www.ciphertrust.com/products/ironmail/


Seth Robertson 
IT Security Forensics Specialist


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of mbs
Sent: Thursday, January 04, 2007 3:23 PM
To: security-basics () securityfocus com
Subject: Re: SORBS

I am considering setting up our Exchange servers to use some sort of
SPAM blocking list service. SORBS sounds like the wrong choice. Are
there any better options, or should I just learn to love deleting SPAM?

Michael

Dan Tesch wrote:

That organization is un-believable, good luck!  I spent at least 40 
hours over the course of a month or two trying to get a domain off 
their list.  Seemed like every time I passed one of their criteria, 
there was something else wrong.  It came down to the fact that the 
server IP was in a block of SBC addresses that they didn't like how 
they were configured.

-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of policysup () gmail com
Sent: Tuesday, January 02, 2007 2:20 PM
To: security-basics () securityfocus com
Subject: SORBS

In trying to get de-listed from SORBS I get:  
" the someone is lying, pay the fine response."
 
A friend once said: "

Life is so much easier when you assume that anyone who disagrees with 
you is evil. Cuts down on the need to take responsibility or do any 
real objective thinking.


------------------------------------------------------------------------
---
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetec
t
------------------------------------------------------------------------
---

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

SORBS policysup (Jan 02)
- RE: SORBS Dan Tesch (Jan 04)
  - Re: SORBS mbs (Jan 04)
    - Re: SORBS Thomas Choi (Jan 05)
    - RE: SORBS Dan Tesch (Jan 05)
    - Re: SORBS Jon Bruce (Jan 05)
    - Re: SORBS PCSC Information Services (Jan 08)
    - Re: SORBS kamran (Jan 08)
    - RE: SORBS Devin Rambo (Jan 05)
    - Re: SORBS Micheal Espinola Jr (Jan 08)
    - RE: SORBS Robertson, Seth (JSC-IM) (Jan 08)
    - RE: SORBS Omar Sherin (Jan 08)
- <Possible follow-ups>
- Re: Re: SORBS radkins (Jan 08)
- RE: SORBS Omar Sherin (Jan 08)