My experience with SORBS was sorta a mix of the terrible (similar to Jeremy) and the very good. I actually had direct dealings with the guy who ran SORBS. If you are an employee of an ISP who is directly accountable for things that happen on that net - usually the abuse@ person is good - SORBS will usually be very helpful (ok, this is my experience of 2 years ago...) - they gave me access to some of their online back-end tools which let me look up the reasons for a listing (including sample headers) which helped prevent repeats of the same offense cause relisting. I'd encourage ISPs security guys to proactively attempt to contact SORBS and establish a dialogue that isnt necessarily tied to a 'we're blocked and not happy!' message. Its less antagonising for a start. The listings are set up in the DNS with a 48hr TTL and the zone is not refreshed unless another offense occurrs. (So if you're clean for 48 hours the entry gets purged.) If Paradise are listed it means one of their clients sent something which got listed in SORBS, and theres a complaint in the system younger than 48hours. In theory. They wont 'unlist' you by request. If OTOH you happen to get assigned a netblock that was in their Dynamic IP list and start using it for systems that handle mail, thats another story... I do agree that Companies and others for whom email delivery is important, should not be using systems such as SORBS. I personally run their Dynamic IP Blacklist but nothing else.... frankly someone on a Dynamic IP should be relaying through their ISP and not direct to me. I do provide a webform on my site that can be used for people to contact me should there be an accidental blacklisting, of course. And if I start seeing collateral damage, i'll stop using SORBS. So far however it hasnt been an issue, _for me personally_. Mark.
I've been involved in an ongoing attempt to remove 3 particular ranges (equating to a /24) from SORB's DB for nearly 3 months now. Here's what I've found.
*snip*