Open Relay Database Ceases As Spammers Evolve
Spammers' focus has shifted from open relays to infected "zombie" computers.
The Open Relay Database, a tool e-mail service providers used for years to
help curb the spread of spam, is ceasing operations, a death partly attributable
to its own success. It was 5.
For years, spammers exploited e-mail servers with open relays -- those that
accept mail from anywhere for relaying to anywhere else -- to pass along their
Service providers responded by using lists like the ORDB to block all mail
-- including legitimate messages -- passing through open-relay servers, in turn
pressuring operators of such relays to accept outbound mail only from their
Mail-server software also has been shipping with the relays closed by default,
such that open relays aren't as big of a threat today. These days, spammers
instead use zombie computers, generally home computers taken over by viruses
and other malicious software to relay spam such that messages appear to come
from legitimate customers.
"ORDB was a holdover from the past era when open relays were a major vector
for spam," said John Levine, co-author of Fighting Spam for Dummies.
"Now the vast majority of spam is sent by virus-controlled zombie computers.
... There's way more of them [than] there ever were open relays."
Lists that target zombies as well, such as one from the Spamhaus Project, have
in recent times been more effective, Levine said.
The number of open relays listed at ORDB dropped in late 2004 and has largely
leveled off at about 225,000 servers since then.
The Danish volunteers who ran ORDB ultimately decided to shut down the project
rather than expand it to include zombies -- something that would have taken
a lot more work without adding much to resources already available from Spamhaus
and elsewhere, said Andreas Plesner Jacobsen, one of the database's operators.
The decision was made a year ago, "but nobody got around to executing
it," he said Wednesday.
Jacobsen added that so few rely solely on ORDB to fight spam these days that
people shouldn't suddenly see more junk in their inboxes.
In a Dec. 18 farewell note, the database's operators said open-relay lists
"are no longer the most effective way of preventing spam from entering
your network as spammers have changed tactics in recent years, as have the anti-spam
Operators plan to shut down the Web site on Sunday.