OVH Community, your new community space.

SORBS2 is almost here...!


Razakel
08-08-2010, 15:15
People actually use SORBS?

I don't think it could be any more obviously a scam.

LawsHosting
08-08-2010, 12:48
I don't take kindly to personal abuse (you know who you are idnet user!)..........I posted this for OVH as they have problems with Sorbs blocking /32 nets........

LawsHosting
08-08-2010, 12:32
SORBS2 is almost here...!

Dispite in 2009, they said the'll cease to trade, advised us to remove the RBL check in our MTA's..... Ironic!

All,

SORBS2 is about to be released, some of you will already know about it,
some it will be a completely new concept. The database started
development back in 2004 and was almost coded in 2005, but due to lack
of funding and support it was never completed. Now with the help of
GFI, the basic code of SORBS1 and some new functionality is complete and
ready for the world, more on what's new further down.

To move from the SORBS1 database to the SORBS2 database we are going to
need to migrate some 23 million database rows in to the current 91
million rows in SORBS2. The migration will cause an outage of the SORBS
website and will cause a suspension of 'new and delisted' entries. This
means during the migration new spam whilst detected will not be
published to the website or the DNS zone files. Similarly no delistings
will happen during the migration.

We are expecting to start the migration sometime between 8pm GMT on the
6th August 2010 and 10am GMT on the 6th August 2010. The migration
tests have brought the expectation that it will take around 60 hours,
however the test hardware is different from the production hardware
(slower disks but faster CPUs) so we expect the tests to be a guide only
and are not a fixed time. The migration is dependent on successful
completion of the final tests (a full test migration) and as with all
best laid plans it is possible that something unexpected occurring in
the execution. If the migration has not started by 10am GMT it will be
postponed until next weekend Friday 13th August 2010 (I'm not
superstitious!)

Why are we doing this you might ask? Well quite simply the SORBS1
database has very limited functionality and is very "you are listed" or
"you are not listed" and has no functionality to allow anyone but a
SORBS admin to update it. The SORBS2 database on release will include
the following new functionality:

- Self Delisting of Spam/Hacked/Proxy etc entries without needing to use
the IP listed if already authorised as an administrator of the network/IP.

- Removal of the SORBS Spam DB fine, to be replaced by a simple formula
that will allow self delisting based on the number of times we have seen
spam from your network* against the number of previous delistings and
the time elapsed since the last spam was recorded.

- Full integration between the SORBS support tickets and the SORBS2
database so you can quickly reference any support tickets logged as well
as seeing any status updates. This integration will also show the
status of tickets logged by other people about an entry whilst denying
access to the ticket contents.

- Creation of a common interface for SORBS staff, ISPs and end users alike.

- Requirement to register and verify the email address for any new
support tickets or delisting requests. **

- Cleaner and 'snappier' interface where more detail is shown in a less
confused and cluttered way.

- Network and Host lookups <- big change here - you can put in your
network '127.0.0.0/24' for example and it will show all entries in the
netblock.

- The ability to publicly comment on listings - this will be monitored
closely for abuse, writing in support requests into comments will not
result in a delisting, comments may be deleted by administrators if
inappropriate. HTML will not be allowed. We expect people to make
comments like 'this network has been the bain of our lives and has sent
so much spam that it should be escalated' etc.. SORBS Admins will also
be able to make multi entry comments on listings that all can view that
will be in a similar vein.

- Access to the headers of spams and other data relating to listings if
appropriate access is given.

- Access to full original spam/logfiles/network traces (and captures)
for all abuse in a "write once read many table" for law enforcement
purposes. Law enforcement officials will have access to this data
without interaction from SORBS staff once the initial authorisation is
given.

- An extensible interface and backend that can be extended to include
new data types with just the smallest of changes to the code base.


New funtionality that will be released soon after the migration.

- Network usage updates (not only DUHL, but also the new 'static',
'residential', 'business', 'co-location servers', "permitted to run mail
services" zones) will be updatable directly and instantly by any
authorized representative of the network (ie ISP) ***

- New zone files, including a new SORBS URI database and Malware database.

- Instant listing and delisting (we are moving to the ability for live
DNS information, meaning when the database is updated within seconds the
DNS will be updated, for both listings and delistings)

- Instant reports - new listings will send an email to a registered
administrator of your choice alerting about the listing, the reasons
behind it, and what caused it.

- Instant reports by SMS (subscription service), same as the instant
reports by email but will page any number you have registered with an
SMS alert so that in the event that email is not available (eg through
spammer overload) or not delivering for several hours due to network
outages you will get the message. This service, unless we find
sponsorship will be a 'premium service' that will require a subscription
to cover the costs.

- Reputation data, SORBS2 will 'know' what networks are sending lots of
"not spam" and adjust it's listing policy automatically based on the
quantities of "not spam", this will result in a lower occurrence of
otherwise good network providers getting listed.

SORBS' goal has been and always will be the eradication of abuse from
the Internet, to that end we are expanding our services to enable system
administrators and end users alike to have an external view of their
network. We want you the users to see what is being abused, how, and
why, and hopefully this will give you enough information to eradicate
abuse from your small corner of the Internet making the world a better
place.

SORBS has always been a community project, but has not enabled many
people in the community to take an active role due to security
considerations, with the advent of SORBS2 we will be able to extend the
project to many people can become active participants whilst protecting
the integrity of the data.

Spread the word, SORBS is about to move spam fighting to a whole new level.

Best regards,

Michelle Sullivan
Shame