Spam project pulls plug
Open-relay volunteer monitors hang it up
TechWorld.com - The antispam blacklist service The Open Relay Database (ORDB) has pulled the plug after five and a half years because of spammers' growing sophistication.
The ORDB was designed to deal with a technique in which spammers used SMTP proxy servers to flood the Internet with junk e-mail. The project distributed a blacklist of mail servers that allowed third-party -- or "open" -- relays and were thus liable to be used by spammers.
But the list had leveled off at around 225,000 over the past year, and updates had slowed to a crawl, according to the volunteer-run project. "It's been a case of a long goodbye, as very little work has gone into maintaining ORDB for a while," organizers said in a message this week on the project's Web site. "The general consensus within the team is that open relay RBLs [Real-time Blackhole Lists] are no longer the most effective way of preventing spam from entering your network."
The ORDB is essentially a victim of its own success. Five years ago, around 90% of spam was sent through open relays, and now the figure is less than 1%, as a result of blocking lists and Internet service providers disallowing third-party relay.
While the shift has stopped one type of spam distribution, it has also caused inconvenience for users, who were once able to use open relays to, for example, connect to mail servers from different locations. Spammers haven't been deterred and generally now rely on botnets, networks of compromised PCs, to send spam.
The project said users should remove ORDB checks from mailers immediately. As a replacement, the project recommended a combination of graylisting and content-based analysis, such as dspam, bmf or Spam Assassin.
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!