Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

What is 'denied by gorbs' in bounced email?

What is ‘denied by gorbs’ in bounced email?

An email bounce is the message you get back when, for one reason or another,
your email cannot be delivered as you’ve requested.

Bounce messages are often cryptic but typically include important details
of why the message couldn’t be delivered. “Denied by gorbs” is relatively new
and particularly cryptic.

Become a Patron of Ask Leo! and go ad-free!

As best I’ve been able to determine, gorbs is a fairly new email spam
black-listing service.

What this means is that your recipient’s ISP is using this blacklist to
filter out SPAM. Somehow your email domain (the part after the “@” in your
email address), or the IP address of your ISP’s mail server has probably been
placed on the gorbs blacklist.

Assuming you’re not a spammer, what this means to you is that you need to
attempt to contact your recipient or your recipient’s ISP to get off the
list or to get whitelisted. The problem is, since you’re blacklisted, your
regular email won’t get through. You’ll need to use another method to contact
them. Either a different email address or server or perhaps even picking up
the telephone.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

20 comments on “What is 'denied by gorbs' in bounced email?”

  1., BlarsBL

    Does anyone know where Gorbs blacklist website is?
    This has been increasing. I’ve found that people are related it back to

    This Robert Larson charges $250.00 per hour with a two hour minimun and a $1000 deposit to get you off his blacklist. And he claims he’s a Non-For Profit.

    Here’s his whois info.

    Please pass this info to other search engines so he can be shut down or sued. It a scam!

    Domain ID:D24970992-LROR
    Domain Name:BLARS.ORG
    Created On:14-Apr-2000 23:30:36 UTC
    Last Updated On:28-Aug-2004 04:07:13 UTC
    Expiration Date:14-Apr-2006 23:30:36 UTC
    Sponsoring Registrar:Go Daddy Software, Inc. (R91-LROR)
    Registrant ID:GODA-01429546
    Registrant Name:Robert Larson
    Registrant Organization:
    Registrant Street1:3384 Scarboro St
    Registrant Street2:
    Registrant Street3:
    Registrant City:Los Angeles
    Registrant State/Province:California
    Registrant Postal Code:90065
    Registrant Country:US
    Registrant Phone:+1.3233431073
    Registrant Phone Ext.:
    Registrant FAX:
    Registrant FAX Ext.:
    Admin ID:GODA-21429546
    Admin Name:Robert Larson
    Admin Organization:
    Admin Street1:3384 Scarboro St
    Admin Street2:
    Admin Street3:
    Admin City:Los Angeles
    Admin State/Province:California
    Admin Postal Code:90065
    Admin Country:US
    Admin Phone:+1.3233431073
    Admin Phone Ext.:
    Admin FAX:
    Admin FAX Ext.:
    Tech ID:GODA-11429546
    Tech Name:Robert Larson
    Tech Organization:
    Tech Street1:3384 Scarboro St
    Tech Street2:
    Tech Street3:
    Tech City:Los Angeles
    Tech State/Province:California
    Tech Postal Code:90065
    Tech Country:US
    Tech Phone:+1.3233431073
    Tech Phone Ext.:
    Tech FAX:
    Tech FAX Ext.:
    Name Server:NS.BLARS.ORG
    Name Server:BERT.HSC.USC.EDU

  2. Timothy Brady….you can probably find out if you are really on a spam list by going to and plugging in your IP address in the SPAM checker. There is a real long list of SPAM databases your IP address will be test from.

    As far as why you might be on this Gorbs database, it seems this is the only source of information. I’ve bookmarked this page in the event I find anything else on the subject.

    Curt, which people are relating this database to Blars? I’d be interested as to where that was coming from. This is serious stuff here.

  3. I was just informed by Bellsouth that my new site has been blacklisted by this Gorb thing. This is pretty interesting since I just got it up and going a few days ago and as yet have not been picked up by a single search engine, nor have I had a single visitor, or sent or recived a single peice of email. Go look yourself. This guy Lawson is running an extornist’s scam plain and simple. McCarthy would be proud of him and all those who use his service. It’s a shame the net has become one big larcenest nest of thieves, payola, blackmailers and con artist. And this includes the big names, Google, Yahoo, Etc. And now this guy. It is also sad, that the net has fallen so far, that the FCC is a running joke, and our tax dollars are paying for all this.

  4. A client has recently found that they can’t send emails to a subcontractor, and are receiving the “554 denied by gorbs” bounce message. The subs email provider is Verio, and the Client’s ISP is Covad.

    I subscribe to, and The ONLY blacklist that the client’s IP appears on is Blars Block List. Below are a number of other free black list checkers, and the client only appears on BLARS.

    You might wonder why. The client’s IP address is 68.167.xx.218. The have a block of 5 IP addresses, but have never used the next 4. Testing the next 4 (.219 …) shows that ALL of them are on BLARSBL! The reason? BLARS blocks entire netblocks. If Robert Larson feels that an ISP harbors spammers, doesn’t have an effective abuse policy, or any number of reasons, he adds large chunks of IP space to his list.

    IMPORTANT NOTE: This is his right, and he is on our side in trying to put pressure on ISPs to shut down spammers. He doesn’t tell people to use his list to deny email delivery. In fact, he explictly states that it’s for his own use. I’ll admit, it does _sound_ like extortion at first, but on a closer reading, he says the there will be no charge if you are found not to be a spammer. I suspect that this may be a “bozo filter”, who knows. I wonder if anyone has actually sent him a polite email to inquire. I might do that just to find out if his list has the ability to exclude a single IP even as it blocks an entire range that encompasses it.

    You can read his own description of his list here:

    Also note that I have no evidence that gorbs=BLARSBL other than the coincidence that my clients IP only appears on BLARSBL and their mail is only receiving the “denied by gorbs” messages. Some third party spam filtering company could be selling a service that simply references his list, or it could be something else entirely. The spam filtering companies are unlikely to say much on the subject to avoid tipping off the spammers, and to avoid legal liability. Does anyone have any specific information that links gorbs to BLARSBL?

    The fact that a large email provider like Verio is using gorbs, and that a large ISP like Covad is blocked is sure to cause a ruckus as legitimate businesses find that they can’t communicate. I had to educate my client’s subcontrator as to how email delivery and spam filtering worked, and to the wild west nature of blacklists. Their reaction was typical. “No one is responsible? No one regulates this? How can they do this? Someone should file a class action lawsuit!”. I pointed out that they really only had 2 choices. Roll over and get Verio to whitelist the “offending” email server, or vote with their wallet and switch email providers. Of course, they’d have to do the whitelisting a lot, as there are many businesses using Covad who run their own mail servers. My client isn’t the only one who can’t send them mail, I’m just the guy who figured it out (and my client is paying).

    As soon as I provided the IP address of my clients mail server and the bounce message to Verio, I received this response:

    Thank you for contacting Technical Support.
    *Mail block issue*
    We have reviewed the block and have determined to lift the block. Please let us know if there is anything else we can assist you with.

    Trouble is, it didn’t work. I’m letting them know, and I’ll post the results back here when it’s resolved. I’m going to be so bold as to ask them if they can provide me some information on how to contact the company who is responsible for gorbs. Their response will be illuminating.

    – Marty

  5. They unblocked it, it worked for less than an hour, then emails started bouncing again. They wanted server logs which I provided, and repeat below for those who may find it useful. On the BLARSBL/gorbs front. I can report that I can send an email to this client from a Comcast IP address (listed in BLARSBL) without being blocked by gorbs. The Covad IP that is blocked by gorbs also happens to be listed on BLARSBL, so this shows that gorbs does not neccessarily equal BLARSBL. On the other hand, gorbs could certainly draw from BLARSBL or be related to it in some way. Has anyone else seen anything to substantiate this. It could be just speculation based on the presumption that both lists exclude entire IP ranges. Someone else may have noted some blocks common to both, and made an assumption.

    I’ll provide more info as I get it.

    – Marty

  6. SMTP protocol log entries:

    12/7/04 5:43:33 PM : A connection to 999.999.152.242 was established.
    12/7/04 5:43:33 PM : >> EHLO
    12/7/04 5:43:34 PM : >> MAIL FROM: SIZE=1968
    12/7/04 5:43:34 PM : >> RCPT TO:
    12/7/04 5:43:34 PM : >> QUIT
    12/7/04 5:43:36 PM : <<< IO: |221 Service
    closing transmission channel |
    12/7/04 5:43:36 PM : <<< 221 Service closing
    transmission channel

  7. Disregard previous post SMTP protcol log entry post. It had greater-than signs which this posting system choked on. I’ve removed them and reposted below:

    SMTP protocol log entries:

    12/7/04 5:43:33 PM : A connection to 999.999.152.242 was established.
    12/7/04 5:43:33 PM : IO: |220 ESMTP
    mxl_mta-1.3.8-10p4; Tue, 07 Dec 2004 17:45:13 -0500 (EST); NO UCE |
    12/7/04 5:43:33 PM : 220 ESMTP
    mxl_mta-1.3.8-10p4; Tue, 07 Dec 2004 17:45:13 -0500 (EST); NO UCE
    12/7/04 5:43:33 PM : EHLO
    12/7/04 5:43:34 PM : IO: | |
    12/7/04 5:43:34 PM :
    12/7/04 5:43:34 PM : IO: |250-SIZE 0 250 PIPELINING |
    12/7/04 5:43:34 PM : 250-SIZE 0 250 PIPELINING
    12/7/04 5:43:34 PM : MAIL FROM: SIZE=1968
    12/7/04 5:43:34 PM : IO: |250 Sender Ok |
    12/7/04 5:43:34 PM : 250 Sender Ok
    12/7/04 5:43:34 PM : RCPT TO:
    12/7/04 5:43:34 PM : IO: |554 denied by gorbs |
    12/7/04 5:43:34 PM : 554 denied by gorbs
    12/7/04 5:43:34 PM : QUIT
    12/7/04 5:43:36 PM : IO: |221 Service
    closing transmission channel |
    12/7/04 5:43:36 PM : 221 Service closing
    transmission channel

  8. My company email server was also blacklisted by ‘gorbs’. After several days of investigation I finally got to the bottom of this mystery. Gorbs is NOT owned or operated by Bellsouth. It is owned and operated by Verio Inc. Before you try to go to their website for information, stop…there is nothing there related to gorbs. I had to call their customer service number (which IS on the website) and get transferred to tech support, but I got my answer. If you find your email server on their list you need to email ‘’ AFTER you obtain a ticket number from their tech support group. It took them two days, but my server was removed. Good luck!

  9. I have been in contact with BellSouth and Verio. Both deny that they work with GORBS and will not assist (they say they have no ability to remove anyone from the list). Does anyone out there have any other info on the dang GORBS?

  10. I provide IT support for a number of companies that use Verio as their hosting company. Last year Verio put a number of anti-spam measures in place one of which was reverse DNS. If your ISP does not have reverse DNS in place your mail will get bounced by any company using Verio to host their mail and domain. You can check your setting here

  11. I have been reading through everything I can find on this GORBS issue online. It seems that no one can pin point the exact way to get off of this list. Has anyone come up with a solution to the Denied by GORBS problem. I have 1 client out there screaming that his emails are getting bounced back. HELP!!

  12. My company email server was also blacklisted by ‘gorbs’. I sent a simple request to to have our IP address removed from their blocklist. I received a response within 5 hours from Verio that they had retested our mail server and found it not to be an Open Relay. They removed us from their Gorbs’database.

  13. Before could ever be launched, listed on a single url, or ever be seen by anyone, I received an intimadating E-mail from Bellsouth that I had been “Gorbed”! This guy Lars, in connection w/ Bellsouth, is running a nasty McCarthy-like scam. He’s a crook. It seems it cost big bucks to get ungorbed! The proof of this is that he didn’t wait long enough for the baby to be born – before pouncing on his next Bellsouth meal/victim.

  14. Direct confirmation that GORBS is maintained by Verio. They were helpful in getting my issue cleared. Cliff…

    —–Original Message—–
    From: Chris []
    Sent: Friday, June 24, 2005 12:38 PM
    To: Clifford Kaiser
    Subject: Re: [IDS-7937079] [AB-C2385619Z] Blacklist


    Yes, we maintain the GORBS database. The database is a list of IP addresses that were tested to be an Open Relay. You will need to find out the IP address of the SMTP server that is getting these errors.

    Verio Abuse Team

  15. I agree with Scott. I did the same, and received an eMail from Chris of Verio Abuse Team within 5 hours:
    “I have re-tested the mail server at and found that it is no longer an Open Relay. I have removed from our gorbs database”

  16. Hi, just a note. I am the president of GORBS Corp. which has NO AFFILIATION with Gorbs blacklist. We are a Graphic Art company based on Long Island in NY. The address is and the business number is 988-2604 – if you are given this address and number for the purpose of getting “un-blacklisted” please disregard it as I get numerous calls and emails a week about it and have nothing to do with it.

    Ron Smith
    Gorbs Corp.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.