What is ‘denied by gorbs’ in bounced email?
An email bounce is the message you get back when, for one reason or another,
your email cannot be delivered as you’ve requested.
Bounce messages are often cryptic but typically include important details
of why the message couldn’t be delivered. “Denied by gorbs” is relatively new
and particularly cryptic.
Become a Patron of Ask Leo! and go ad-free!
As best I’ve been able to determine, gorbs is a fairly new email spam
black-listing service.
What this means is that your recipient’s ISP is using this blacklist to
filter out SPAM. Somehow your email domain (the part after the “@” in your
email address), or the IP address of your ISP’s mail server has probably been
placed on the gorbs blacklist.
Assuming you’re not a spammer, what this means to you is that you need to
attempt to contact your recipient or your recipient’s ISP to get off the
list or to get whitelisted. The problem is, since you’re blacklisted, your
regular email won’t get through. You’ll need to use another method to contact
them. Either a different email address or server or perhaps even picking up
the telephone.
Blar.org, BlarsBL
Does anyone know where Gorbs blacklist website is?
This has been increasing. I’ve found that people are related it back to blars.org.
This Robert Larson charges $250.00 per hour with a two hour minimun and a $1000 deposit to get you off his blacklist. And he claims he’s a Non-For Profit.
Here’s his whois info.
Please pass this info to other search engines so he can be shut down or sued. It a scam!
Domain ID:D24970992-LROR
Domain Name:BLARS.ORG
Created On:14-Apr-2000 23:30:36 UTC
Last Updated On:28-Aug-2004 04:07:13 UTC
Expiration Date:14-Apr-2006 23:30:36 UTC
Sponsoring Registrar:Go Daddy Software, Inc. (R91-LROR)
Status:OK
Registrant ID:GODA-01429546
Registrant Name:Robert Larson
Registrant Organization:
Registrant Street1:3384 Scarboro St
Registrant Street2:
Registrant Street3:
Registrant City:Los Angeles
Registrant State/Province:California
Registrant Postal Code:90065
Registrant Country:US
Registrant Phone:+1.3233431073
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:blarson@blars.la.ca.us
Admin ID:GODA-21429546
Admin Name:Robert Larson
Admin Organization:
Admin Street1:3384 Scarboro St
Admin Street2:
Admin Street3:
Admin City:Los Angeles
Admin State/Province:California
Admin Postal Code:90065
Admin Country:US
Admin Phone:+1.3233431073
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:blarson@blars.la.ca.us
Tech ID:GODA-11429546
Tech Name:Robert Larson
Tech Organization:
Tech Street1:3384 Scarboro St
Tech Street2:
Tech Street3:
Tech City:Los Angeles
Tech State/Province:California
Tech Postal Code:90065
Tech Country:US
Tech Phone:+1.3233431073
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:blarson@blars.la.ca.us
Name Server:NS.BLARS.ORG
Name Server:BERT.HSC.USC.EDU
Well.. I reported him and sent him a professional, yet threatening email. We’ll see what happens.
I am curently listed as a spammer… Why?
Tim Brady
Timothy Brady….you can probably find out if you are really on a spam list by going to http://www.dnsstuff.com and plugging in your IP address in the SPAM checker. There is a real long list of SPAM databases your IP address will be test from.
As far as why you might be on this Gorbs database, it seems this is the only source of information. I’ve bookmarked this page in the event I find anything else on the subject.
Curt, which people are relating this database to Blars? I’d be interested as to where that was coming from. This is serious stuff here.
I was just informed by Bellsouth that my new site has been blacklisted by this Gorb thing. This is pretty interesting since I just got it up and going a few days ago and as yet have not been picked up by a single search engine, nor have I had a single visitor, or sent or recived a single peice of email. Go look yourself. This guy Lawson is running an extornist’s scam plain and simple. McCarthy would be proud of him and all those who use his service. It’s a shame the net has become one big larcenest nest of thieves, payola, blackmailers and con artist. And this includes the big names, Google, Yahoo, Etc. And now this guy. It is also sad, that the net has fallen so far, that the FCC is a running joke, and our tax dollars are paying for all this.
A client has recently found that they can’t send emails to a subcontractor, and are receiving the “554 denied by gorbs” bounce message. The subs email provider is Verio, and the Client’s ISP is Covad.
I subscribe to blacklistmonitor.com, and The ONLY blacklist that the client’s IP appears on is Blars Block List. Below are a number of other free black list checkers, and the client only appears on BLARS.
http://www.declude.com/Articles.asp?ID=97
http://moensted.dk/spam
You might wonder why. The client’s IP address is 68.167.xx.218. The have a block of 5 IP addresses, but have never used the next 4. Testing the next 4 (.219 …) shows that ALL of them are on BLARSBL! The reason? BLARS blocks entire netblocks. If Robert Larson feels that an ISP harbors spammers, doesn’t have an effective abuse policy, or any number of reasons, he adds large chunks of IP space to his list.
IMPORTANT NOTE: This is his right, and he is on our side in trying to put pressure on ISPs to shut down spammers. He doesn’t tell people to use his list to deny email delivery. In fact, he explictly states that it’s for his own use. I’ll admit, it does _sound_ like extortion at first, but on a closer reading, he says the there will be no charge if you are found not to be a spammer. I suspect that this may be a “bozo filter”, who knows. I wonder if anyone has actually sent him a polite email to inquire. I might do that just to find out if his list has the ability to exclude a single IP even as it blocks an entire range that encompasses it.
You can read his own description of his list here:
http://www.blars.org/errors/block.html
Also note that I have no evidence that gorbs=BLARSBL other than the coincidence that my clients IP only appears on BLARSBL and their mail is only receiving the “denied by gorbs” messages. Some third party spam filtering company could be selling a service that simply references his list, or it could be something else entirely. The spam filtering companies are unlikely to say much on the subject to avoid tipping off the spammers, and to avoid legal liability. Does anyone have any specific information that links gorbs to BLARSBL?
The fact that a large email provider like Verio is using gorbs, and that a large ISP like Covad is blocked is sure to cause a ruckus as legitimate businesses find that they can’t communicate. I had to educate my client’s subcontrator as to how email delivery and spam filtering worked, and to the wild west nature of blacklists. Their reaction was typical. “No one is responsible? No one regulates this? How can they do this? Someone should file a class action lawsuit!”. I pointed out that they really only had 2 choices. Roll over and get Verio to whitelist the “offending” email server, or vote with their wallet and switch email providers. Of course, they’d have to do the whitelisting a lot, as there are many businesses using Covad who run their own mail servers. My client isn’t the only one who can’t send them mail, I’m just the guy who figured it out (and my client is paying).
As soon as I provided the IP address of my clients mail server and the bounce message to Verio, I received this response:
—————–
Thank you for contacting Technical Support.
*Mail block issue*
We have reviewed the block and have determined to lift the block. Please let us know if there is anything else we can assist you with.
—————-
Trouble is, it didn’t work. I’m letting them know, and I’ll post the results back here when it’s resolved. I’m going to be so bold as to ask them if they can provide me some information on how to contact the company who is responsible for gorbs. Their response will be illuminating.
– Marty
They unblocked it, it worked for less than an hour, then emails started bouncing again. They wanted server logs which I provided, and repeat below for those who may find it useful. On the BLARSBL/gorbs front. I can report that I can send an email to this client from a Comcast IP address (listed in BLARSBL) without being blocked by gorbs. The Covad IP that is blocked by gorbs also happens to be listed on BLARSBL, so this shows that gorbs does not neccessarily equal BLARSBL. On the other hand, gorbs could certainly draw from BLARSBL or be related to it in some way. Has anyone else seen anything to substantiate this. It could be just speculation based on the presumption that both lists exclude entire IP ranges. Someone else may have noted some blocks common to both, and made an assumption.
I’ll provide more info as I get it.
– Marty
SMTP protocol log entries:
12/7/04 5:43:33 PM : A connection to 999.999.152.242 was established.
12/7/04 5:43:33 PM : >> EHLO mailout.xxxxxxxx.com
12/7/04 5:43:34 PM : >> MAIL FROM: SIZE=1968
12/7/04 5:43:34 PM : >> RCPT TO:
12/7/04 5:43:34 PM : >> QUIT
12/7/04 5:43:36 PM : <<< IO: |221 mx05.bcrtfl01.us.xxxxx.com Service
closing transmission channel |
12/7/04 5:43:36 PM : <<< 221 mx05.bcrtfl01.us.xxxxx.com Service closing
transmission channel
Disregard previous post SMTP protcol log entry post. It had greater-than signs which this posting system choked on. I’ve removed them and reposted below:
SMTP protocol log entries:
12/7/04 5:43:33 PM : A connection to 999.999.152.242 was established.
12/7/04 5:43:33 PM : IO: |220 mx05.bcrtfl01.us.xxxxx.com ESMTP
mxl_mta-1.3.8-10p4; Tue, 07 Dec 2004 17:45:13 -0500 (EST); NO UCE |
12/7/04 5:43:33 PM : 220 mx05.bcrtfl01.us.xxxxx.com ESMTP
mxl_mta-1.3.8-10p4; Tue, 07 Dec 2004 17:45:13 -0500 (EST); NO UCE
12/7/04 5:43:33 PM : EHLO mailout.xxxxxxxx.com
12/7/04 5:43:34 PM : IO: |250-mx05.bcrtfl01.us.xxxxx.com |
12/7/04 5:43:34 PM : 250-mx05.bcrtfl01.us.xxxxx.com
12/7/04 5:43:34 PM : IO: |250-SIZE 0 250 PIPELINING |
12/7/04 5:43:34 PM : 250-SIZE 0 250 PIPELINING
12/7/04 5:43:34 PM : MAIL FROM: SIZE=1968
12/7/04 5:43:34 PM : IO: |250 Sender Ok |
12/7/04 5:43:34 PM : 250 Sender Ok
12/7/04 5:43:34 PM : RCPT TO:
12/7/04 5:43:34 PM : IO: |554 denied by gorbs |
12/7/04 5:43:34 PM : 554 denied by gorbs
12/7/04 5:43:34 PM : QUIT
12/7/04 5:43:36 PM : IO: |221 mx05.bcrtfl01.us.xxxxx.com Service
closing transmission channel |
12/7/04 5:43:36 PM : 221 mx05.bcrtfl01.us.xxxxx.com Service closing
transmission channel
Gorbs is actaully owned & operated by Bellsouth webhosting.
It is an internal product that they use for spam control.
you can call this number to request to be remove from their list, they will then ask you to submit a email to support@bellsouth-hosting.net and this is the number to call; 800-313-6589
My company email server was also blacklisted by ‘gorbs’. After several days of investigation I finally got to the bottom of this mystery. Gorbs is NOT owned or operated by Bellsouth. It is owned and operated by Verio Inc. Before you try to go to their website for information, stop…there is nothing there related to gorbs. I had to call their customer service number (which IS on the website) and get transferred to tech support, but I got my answer. If you find your email server on their list you need to email ‘support@verio-hosting.com’ AFTER you obtain a ticket number from their tech support group. It took them two days, but my server was removed. Good luck!
I have been in contact with BellSouth and Verio. Both deny that they work with GORBS and will not assist (they say they have no ability to remove anyone from the list). Does anyone out there have any other info on the dang GORBS?
I provide IT support for a number of companies that use Verio as their hosting company. Last year Verio put a number of anti-spam measures in place one of which was reverse DNS. If your ISP does not have reverse DNS in place your mail will get bounced by any company using Verio to host their mail and domain. You can check your setting here http://www.dnsstuff.com/
I have been reading through everything I can find on this GORBS issue online. It seems that no one can pin point the exact way to get off of this list. Has anyone come up with a solution to the Denied by GORBS problem. I have 1 client out there screaming that his emails are getting bounced back. HELP!!
My company email server was also blacklisted by ‘gorbs’. I sent a simple request to abuse@verio.net to have our IP address removed from their blocklist. I received a response within 5 hours from Verio that they had retested our mail server and found it not to be an Open Relay. They removed us from their Gorbs’database.
Before http://www.tantricmemory.com could ever be launched, listed on a single url, or ever be seen by anyone, I received an intimadating E-mail from Bellsouth that I had been “Gorbed”! This guy Lars, in connection w/ Bellsouth, is running a nasty McCarthy-like scam. He’s a crook. It seems it cost big bucks to get ungorbed! The proof of this is that he didn’t wait long enough for the baby to be born – before pouncing on his next Bellsouth meal/victim.
Direct confirmation that GORBS is maintained by Verio. They were helpful in getting my issue cleared. Cliff…
—–Original Message—–
From: Chris [mailto:support@verio-hosting.com]
Sent: Friday, June 24, 2005 12:38 PM
To: Clifford Kaiser
Subject: Re: [IDS-7937079] [AB-C2385619Z] Blacklist
Cliff,
Yes, we maintain the GORBS database. The database is a list of IP addresses that were tested to be an Open Relay. You will need to find out the IP address of the SMTP server that is getting these errors.
Chris
Verio Abuse Team
I sent an email to abuse@verio.net, and we were removed within 3 hours. I was very pleased with the response.
I agree with Scott. I did the same, and received an eMail from Chris of Verio Abuse Team within 5 hours:
“I have re-tested the mail server at xxx.x.xxx.xx and found that it is no longer an Open Relay. I have removed xxx.x.xxx.xx from our gorbs database”
Hi, just a note. I am the president of GORBS Corp. which has NO AFFILIATION with Gorbs blacklist. We are a Graphic Art company based on Long Island in NY. The address is http://www.gorbs.com and the business number is 988-2604 – if you are given this address and number for the purpose of getting “un-blacklisted” please disregard it as I get numerous calls and emails a week about it and have nothing to do with it.
Thanks,
Ron Smith
Pres.
Gorbs Corp.