Sorbs decided to list 184.108.40.206 which is the IP that the cpan.org mail goes through.
I'm not entirely sure why (a bounce? evil user?, ...) but they are making it a pain to get de-listed and I just lost patience navigating their slow, broken-link-ish, wordy website. So, if you or your ISP blocks mail based on SORBS you might miss your cpan.org (and other perl.org) mail. Too bad for you.
(On a similar note: If you or your ISP are using Spamcop you'll every few months lose some perl.org list mail because some idiotic spamcop user/perl.org subscriber submits a mailing list mail to that system).
Update: Robert just told me we had trouble with our virus scanner (it wasn't updating the definitions) so for a few days we were bouncing some new viruses instead of just dropping them in a giant file never to be looked at like we usually do. Their "spamtrap" was joe-jobbed and we bounced a mail to it. Anyway, if you know anyone at SORBS feel free to make them de-list us. Thanks.
hi Ask --ReplyDelete
in my experience, you'd really need to go via the SORBS delisting procedure; they don't do personal requests :(
if it's any consolation, that's the SORBS sub-list that Spamassassin doesn't use -- we don't support the $50 delisting fee they change (or at least, used to charge) for that sublist. so that listing will have no effect on people using SA.
Judging by the rule hit frequencies, it looks like it tends to have a huge false positive rate, too -- hitting about 8% of our nonspam collections on average:
(that's computed by taking the hitrate for __RCVD_IN_SORBS, 9.7573%, and subtracting the various sub-0.2% false positive rates for all the other RCVD_IN_SORBS_* rules... leaves about
8%, which can only be that one rule.)
if that FP rate is correct, then people using SORBS directly will be quite used to losing a metric crapload of good mail.
I'm glad I didn't bother to figure out to get de-listed then. :-) (They still had a $50 donation thing too).
As a sidenote, we finally got our MX to not accept mails to addresses we don't have anyway (before it was doing the standard qmail thing - we'd absorb most spam and all viruses, but we still had some silly bounces going back out - not anymore!)