Spam project pulls plug
Open-relay volunteer monitors hang it up
TechWorld.com - The antispam blacklist service The Open Relay Database (ORDB) has pulled the plug after five and a half years because of spammers' growing sophistication.
The ORDB was designed to deal with a technique in which spammers used SMTP proxy servers to flood the Internet with junk e-mail. The project distributed a blacklist of mail servers that allowed third-party -- or "open" -- relays and were thus liable to be used by spammers.
But the list had leveled off at around 225,000 over the past year, and updates had slowed to a crawl, according to the volunteer-run project. "It's been a case of a long goodbye, as very little work has gone into maintaining ORDB for a while," organizers said in a message this week on the project's Web site. "The general consensus within the team is that open relay RBLs [Real-time Blackhole Lists] are no longer the most effective way of preventing spam from entering your network."
The ORDB is essentially a victim of its own success. Five years ago, around 90% of spam was sent through open relays, and now the figure is less than 1%, as a result of blocking lists and Internet service providers disallowing third-party relay.
While the shift has stopped one type of spam distribution, it has also caused inconvenience for users, who were once able to use open relays to, for example, connect to mail servers from different locations. Spammers haven't been deterred and generally now rely on botnets, networks of compromised PCs, to send spam.
The project said users should remove ORDB checks from mailers immediately. As a replacement, the project recommended a combination of graylisting and content-based analysis, such as dspam, bmf or Spam Assassin.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Neustar 2014 DDoS Attacks and Impact Report For the third consecutive year, Neustar surveyed hundreds of companies on distributed denial of service (DDoS) attacks. The survey reveals evidence that the...
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Enhancing Application Protection and Recovery with a Modern Approach to Snapshot Management This CommVault Business Value and Technology White Paper explains how Simpana IntelliSnap® Recovery Manager can make your application recovery fast and reliable.
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts