SPEWS blacklists the world - 08/27/2003 7:11 PM
http://slashdot.org/article.pl?sid=03/08/27/0214238&mode=nocomment&tid=111&tid=126
[]"As of today, Osirusoft, distributer of the SPEWS and open relay blocklists, among others, is no longer operational. Servers using these lists (including the FTC) are currently rejecting ALL email. This shutdown seems to be in response to a several-week-long DDoS attack on Osirusoft, SPEWS and others, resulting in both sites being down. This has caused much discussion on n.a.n-a.e, including the suggestion that the attack is somehow related to the SoBig worm. The spammers must be hurting if they can devote these kinds of resources to attacking blocklists." Read on below a related submission.
NSXDavid writes "Earlier today our site mysteriously ended up on Joe Jared's Osirusoft SPAM blacklist which is used by lots of antispam software (like SpamAssassin and sendmail). Since he is currently under a serious DDoS attack, there was no way to appeal this decision. We contacted Mr. Jared by phone who informed us that 'everyone needs to stop using Osirusoft and that he's going to be shutting the service down.' Then he says he's going to blacklist 'the world' (aka, ban *.*.*.*) to get his point across. Later on this evening, he apparently went ahead and did just that. Succumbing to lawsuits and DDoS, a once great blacklist is dead. SpamAssassin is removing it from their config in the next release (rc3) and email admins around the globe are reconfiguring their mail servers." [/]
So... this is just a PSA to you guys who may be running dedicated servers, especially those which use anti-spam software like SpamAssassin. You may begin having emails bounce or not make it to their destination if you have your spam software set to check RBLs.
So, if you run SpamAssissin, you can edit the config file to turn off RBL checking server-wide. It is usually located here:
/etc/mail/spamassassin/local.cf
Add this line to that file to disable RBL checking
I am not very familiar with other server spam software, so you may need to adjust your config accordingly.
[]"As of today, Osirusoft, distributer of the SPEWS and open relay blocklists, among others, is no longer operational. Servers using these lists (including the FTC) are currently rejecting ALL email. This shutdown seems to be in response to a several-week-long DDoS attack on Osirusoft, SPEWS and others, resulting in both sites being down. This has caused much discussion on n.a.n-a.e, including the suggestion that the attack is somehow related to the SoBig worm. The spammers must be hurting if they can devote these kinds of resources to attacking blocklists." Read on below a related submission.
NSXDavid writes "Earlier today our site mysteriously ended up on Joe Jared's Osirusoft SPAM blacklist which is used by lots of antispam software (like SpamAssassin and sendmail). Since he is currently under a serious DDoS attack, there was no way to appeal this decision. We contacted Mr. Jared by phone who informed us that 'everyone needs to stop using Osirusoft and that he's going to be shutting the service down.' Then he says he's going to blacklist 'the world' (aka, ban *.*.*.*) to get his point across. Later on this evening, he apparently went ahead and did just that. Succumbing to lawsuits and DDoS, a once great blacklist is dead. SpamAssassin is removing it from their config in the next release (rc3) and email admins around the globe are reconfiguring their mail servers." [/]
So... this is just a PSA to you guys who may be running dedicated servers, especially those which use anti-spam software like SpamAssassin. You may begin having emails bounce or not make it to their destination if you have your spam software set to check RBLs.
So, if you run SpamAssissin, you can edit the config file to turn off RBL checking server-wide. It is usually located here:
/etc/mail/spamassassin/local.cf
Add this line to that file to disable RBL checking
Code
skip_rbl_checks 1
I am not very familiar with other server spam software, so you may need to adjust your config accordingly.
