Open Relay Database Ceases As Spammers Evolve

Spammers' focus has shifted from open relays to infected "zombie" computers.

The Open Relay Database, a tool e-mail service providers used for years to help curb the spread of spam, is ceasing operations, a death partly attributable to its own success. It was 5.

For years, spammers exploited e-mail servers with open relays -- those that accept mail from anywhere for relaying to anywhere else -- to pass along their junk pitches.

Service providers responded by using lists like the ORDB to block all mail -- including legitimate messages -- passing through open-relay servers, in turn pressuring operators of such relays to accept outbound mail only from their own customers.

Mail-server software also has been shipping with the relays closed by default, such that open relays aren't as big of a threat today. These days, spammers instead use zombie computers, generally home computers taken over by viruses and other malicious software to relay spam such that messages appear to come from legitimate customers.

"ORDB was a holdover from the past era when open relays were a major vector for spam," said John Levine, co-author of Fighting Spam for Dummies. "Now the vast majority of spam is sent by virus-controlled zombie computers. ... There's way more of them [than] there ever were open relays."

Lists that target zombies as well, such as one from the Spamhaus Project, have in recent times been more effective, Levine said.

The number of open relays listed at ORDB dropped in late 2004 and has largely leveled off at about 225,000 servers since then.

The Danish volunteers who ran ORDB ultimately decided to shut down the project rather than expand it to include zombies -- something that would have taken a lot more work without adding much to resources already available from Spamhaus and elsewhere, said Andreas Plesner Jacobsen, one of the database's operators.

The decision was made a year ago, "but nobody got around to executing it," he said Wednesday.

Jacobsen added that so few rely solely on ORDB to fight spam these days that people shouldn't suddenly see more junk in their inboxes.

In a Dec. 18 farewell note, the database's operators said open-relay lists "are no longer the most effective way of preventing spam from entering your network as spammers have changed tactics in recent years, as have the anti-spam community."

Operators plan to shut down the Web site on Sunday.


comments powered by Disqus

Subscribe on YouTube