sorbs.net

Robert_Bonomi · March 15, 2005, 7:42pm

From owner-nanog@merit.edu Tue Mar 15 13:21:45 2005
From: Randy Bush <randy@psg.com>
Date: Tue, 15 Mar 2005 11:21:35 -0800
To: nanog@merit.edu
Subject: Re: sorbs.net

a few questions

o could this be used as a dos and then become extortion?
has this actually happened, or is it just black heli?

_Legally_, it is *not* extortion, unless the thing that is 'taken' (*with*
the 'under duress' consent of the victim) goes, directly or indirectly, to
the party making the 'threat'.

Noting also, that the legal definition of extortion requires a the property,
goods or services be given up in response to a "threat" to do something if
that property, goods or services are *not* turned over to the threatener;
Thus, a situation where somebody does *not* act unless something is recieved,
cannot be, legally, extortion.

SORBS has been running for "much longer" than a year. To the best of my
knowledge, strictly within their published guidlines.

As with any other 'voluntary use' blocklist, it's "clout" is only as good
as the number of people using it. If serious questions arose as to the
'integrity' of the list, or the list operator, the vast majority of the
mail-server operators using it would *stop* doing so. And any lack of
integrity would be a moot issue, since 'practically nobody' would still
be using it. It is _textbook_perfect_ "self regulation" at work.

  o the ts&cs would seem to indicate that the donation is
    voluntary, and proportional to the spam generated. e.g.,
    if you generated no spam, no donation. do i understand
    this correctly?

As I understand it -- and I'm -not- an expert on SORBS -- they list
individual IP addresses on various lists, for various different kinds
of problems. Far and away,the biggest being originating spam.

Listings _do_ "age off", taking an unknown period of time after 'someone'
makes a request for removal. The donation is purely voluntary, and
when provided, the SORBS operator does 'expidate' handling of the removal
request. For some strange reason he believe that those people are 'more
serious' about ensuring that problems don't occur from their machines
again. I have no opinion as to the validity of that reasoning.

Valdis_Kletnieks · March 15, 2005, 8:28pm

This is, of course, making the rather big assumption that the person who
decided to use said blocklist:

a) was fully cognizant of the list's goals and policies when they chose to use it.
*and*
b) is willing and able to track deviations on an ongoing basis.
*and*
c) whoever replaces them is also able to do so.

If it was in fact "textbook perfect", we'd never hear about stuff breaking when
a block list goes belly up with six month's warning, and people *still* being
surprised when suddenly everything returns 127.0.0.2 and a lot of mail goes kaboing.