http://www.techworld.com/security/news/index.cfm?newsID=7653 By Matthew Broersma Techworld 21 December 2006 Anti-spam blacklist service, The Open Relay Database (ORDB), has pulled the plug after five and a half years because of spammers' growing sophistication. ORDB was designed to deal with a technique in which spammers used SMTP proxy servers to flood the internet with junk email. The project distributed a blacklist of mail servers that allowed third-party relay - "open relays" - and were thus liable to be used by spammers. But the list had levelled off at around 225,000 over the past year and updates have slowed to a crawl, the volunteer-run project acknowledged. "It's been a case of a long goodbye as very little work has gone into maintaining ORDB for a while," organisers said in a message this week on the project's website. "The general consensus within the team is that open relay RBLs (Real-time Blackhole Lists) are no longer the most effective way of preventing spam from entering your network." ORDB is essentially a victim of its own success - five years ago around 90 percent of spam was sent through open relays, and now the figure is less than one percent, due to blocking lists and to ISPs disallowing third-party relay. While the shift has stopped one type of spam distribution, it has also caused inconvenience for users, who were once able to use open relays to, for example, connect to mail servers from different locations. Spammers haven't been deterred and generally now rely on botnets, networks of compromised PCs, to send spam. The project said users should remove ORDB checks from mailers immediately. As a replacement the project recommended a combination of greylisting and content-based analysis, such as dspam, bmf or Spam Assassin. _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Thu Dec 21 2006 - 22:14:11 PST