by CIO Staff

Spam Project ORDB Pulls the Plug

News
Dec 21, 20062 mins
Malware

Antispam blacklist service The Open Relay Database (ORDB) has pulled the plug after five and a half years because of spammers’ growing sophistication.

ORDB was designed to deal with a technique in which spammers used SMTP proxy servers to flood the Internet with junk e-mail. The project distributed a blacklist of mail servers that allowed third-party relay—”open relays”—and were thus liable to be used by spammers.

But the list had leveled off at about 225,000 over the past year and updates have slowed to a crawl, the volunteer-run project acknowledged. “It’s been a case of a long goodbye as very little work has gone into maintaining ORDB for a while,” organizers said in a message this week on the project’s website. “The general consensus within the team is that open relay RBLs (Real-time Blackhole Lists) are no longer the most effective way of preventing spam from entering your network.”

ORDB is essentially a victim of its own success. Five years ago, about 90 percent of spam was sent through open relays, and now the figure is less than 1 percent, due to blocking lists and to ISPs disallowing third-party relay.

While the shift has stopped one type of spam distribution, it has also caused inconvenience for users, who were once able to use open relays, for example, to connect to mail servers from different locations. Spammers haven’t been deterred and generally now rely on botnets, networks of compromised PCs, to send spam.

The project said users should remove ORDB checks from mailers immediately. As a replacement, the project recommended a combination of greylisting and content-based analysis, such as dspam, bmf or Spam Assassin.

-Matthew Broersma, Techworld.com (London)

Related Links:

  • The Spam Before Christmas (CIO.com blog entry)

  • E.U. Fights Flood of Unwanted Mail

  • U.S. Tops List of Spam-Relaying Countries in Q3

  • IronPort: Image-Based Spam Now in the Billions

Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.