By on November 12, 2010

Watching from the sidelines: Messagelabs vs SORBS

This week has brought us news of a battle, almost certainly unintentional, between two major antispam services.  It seems that SORBS has put MessageLabs on a blacklist that is blocking outbound email from MessageLabs customers.

Now, you might think that, since I’m Chief Scientist for a third email security company, Mimecast, I would just be sitting back and enjoying this development. But while I can’t deny that there’s a certain pleasure to be obtained from watching your competitors hit each other over the head with sticks, I think that both companies are being somewhat unfairly vilified in the popular portrayal of this little spat.

View from the sideline

To explain why I would want to defend both MessaageLabs and SORBS while they’re happily beating each other up, it’s necessary to say a little about the structure and complexity of the Internet in general and antispam technology in particular.  The enormous success of the Internet has come, almost entirely, from the development of clearly-specified protocols that are used by otherwise competitive parties.

Mail flows between Lotus Notes, Microsoft Exchange, Gmail, and other tools because the implementers are all doing their best — for the most part — to comply with a set of vendor-neutral standards from the IETF, such as SMTP and MIME.

This kind of “coopetition” is hard to do in any case, but it gets much harder in any security-related area, because you are fighting an active opponent.  It’s hard enough to get multiple vendors to converge on a single standard and its interpretation; things get really complicated when they have to cooperate at subverting a clever, active opponent such as a spammer.  The bad guys are actively trying to find holes or ambiguities in the protocols, and to exploit them for anti-social ends.

In other words, spam control is hard, and there’s no rule book for doing it well.  Like local police who rush in to arrest a crime ring that turns out to be FBI agents on a sting operation, the good guys can easily end up shooting at each other with the best of intentions.

Of course, police work can be good or sloppy.  Maybe the FBI didn’t keep local police informed about the sting, or maybe the local police didn’t tell the FBI what they were up to.  The mere fact that they’re shooting at each other doesn’t begin to tell you who’s at fault.  I could easily believe that either SORBS, MessageLabs, both, or neither were at fault here, so I hate seeing a rush to judgement.  With most of the mechanisms fully automated, this kind of blacklisting could probably happen to any of us.

While I don’t know who to blame in this case, I am pretty sure that MessageLabs doesn’t deserve to have customers abandon it simply because of this incident, as a few have indicated they will do.  Every anti-spam company has to walk the line between aggression in fighting spam and defence against its customers being inadvertently labelled spammers.  (And note the word inadvertent:  Mimecast, for example, vets and trains its potential customers to try to ensure that they aren’t spammers, intentional or not.)

My colleagues and I are happy to offer dozens of good reasons for users of MessageLabs, SORBS, or other email security services to switch to Mimecast.   But this incident isn’t one of them.  MessageLabs was the victim of an unhappy accident, and while it may or may not share some blame with SORBS, such accidents can, in the end, happen to anyone.   Perfection is an admirable goal, but an unreasonable expectation.

Image (c) storem

Chief Scientist
Mimecast

Article Tags

, , ,
  • Peter

    Was this really necessary? I am not oblivous to the whole issue around Spam and am keen to progress on better Spam protection, however, the reality is that emails are one of the most important communication methods nowadays and therefore any restriction on email deliveries needs to be addressed with immidiate effect. SORBS has a legitimate reason to exist – and I’m not writting this to question their business acumen or their moral decissions – but to take a company that tries to fight SPAM seriously, I expect them to react on issues like this promptly and constructive. My own experience with SORBS isn’t very good either. I can’t tell if they do a good job, but what I can say is that they are not responsive at all. A search in the internet will give anybody that questions this enough cases in which SORBS did not react, respond or move even a little finger. I recently had an issue whereby my ISP’s ip-range was suddenly listed as dynamic though it’s not dynamic. My ISP couldn’t explain why this has happened, but SORBS also chose not to respond to any ticket, email or anything for now two months. Both, my ISP tried to get in contact with them and so have I. Wiht this reason and only wiht this reason I can’t recomment using SORBS. I prefer to receive Spam to not being able to send legitimate emails for months.

  • http://www.justinpirie.com Justin Pirie

    Absolutely.

    Although we wanted to defend MessageLabs, in particular, against criticisms that we viewed as unfair, it certainly wasn’t our intention to recommend the use of SORBS or MessageLabs. But nobody really benefits from fuzzy thinking, and even a criminal deserves to be acquitted of crimes he did NOT commit.

    What is interesting is that you speak from a personal perspective- by marking the IP range dynamic, were they tarring you with the same brush as spammers?

    It does raise a really interesting issue though- maintaining an email gateway of your own can be hard work.

  • http://www.fourcommunications.com Alex Heylin

    I’m so glad I dumped MessageLabs for Mimecast! :-D

Previous Post

Next Post