http://www.techworld.com/security/news/index.cfm?newsID=7653
By Matthew Broersma
Techworld
21 December 2006
Anti-spam blacklist service, The Open Relay Database (ORDB), has pulled
the plug after five and a half years because of spammers' growing
sophistication.
ORDB was designed to deal with a technique in which spammers used SMTP
proxy servers to flood the internet with junk email. The project
distributed a blacklist of mail servers that allowed third-party relay -
"open relays" - and were thus liable to be used by spammers.
But the list had levelled off at around 225,000 over the past year and
updates have slowed to a crawl, the volunteer-run project acknowledged.
"It's been a case of a long goodbye as very little work has gone into
maintaining ORDB for a while," organisers said in a message this week on
the project's website. "The general consensus within the team is that
open relay RBLs (Real-time Blackhole Lists) are no longer the most
effective way of preventing spam from entering your network."
ORDB is essentially a victim of its own success - five years ago around
90 percent of spam was sent through open relays, and now the figure is
less than one percent, due to blocking lists and to ISPs disallowing
third-party relay.
While the shift has stopped one type of spam distribution, it has also
caused inconvenience for users, who were once able to use open relays
to, for example, connect to mail servers from different locations.
Spammers haven't been deterred and generally now rely on botnets,
networks of compromised PCs, to send spam.
The project said users should remove ORDB checks from mailers
immediately. As a replacement the project recommended a combination of
greylisting and content-based analysis, such as dspam, bmf or Spam
Assassin.
_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
Received on Dec 21 2006
Intro
