Spews Is Dead

[Head Guru]

From slashdot

 

Osirusoft Blacklists The World

 

Posted by timothy on Tuesday August 26, @11:15PM

from the wildcard-matches-for-evil dept.

ariehk writes "As of today, Osirusoft, distributer of the SPEWS and open relay blocklists, among others, is no longer operational. Servers using these lists (including the FTC) are currently rejecting ALL email. This shutdown seems to be in response to a several-week-long DDoS attack on Osirusoft, SPEWS and others, resulting in both sites being down. This has caused much discussion on n.a.n-a.e, including the suggestion that the attack is somehow related to the SoBig worm. The spammers must be hurting if they can devote these kinds of resources to attacking blocklists." Read on below a related submission. NSXDavid writes "Earlier today our site mysteriously ended up on Joe Jared's Osirusoft SPAM blacklist which is used by lots of antispam software (like SpamAssassin and sendmail). Since he is currently under a serious DDoS attack, there was no way to appeal this decision. We contacted Mr. Jared by phone who informed us that 'everyone needs to stop using Osirusoft and that he's going to be shutting the service down.' Then he says he's going to blacklist 'the world' (aka, ban *.*.*.*) to get his point across. Later on this evening, he apparently went ahead and did just that. Succumbing to lawsuits and DDoS, a once great blacklist is dead. SpamAssassin is removing it from their config in the next release (rc3) and email admins around the globe are reconfiguring their mail servers."

 

This will most likley be corrected on the next update of cPanel.

[surefire]

What does this mean for Spam Assassin at TCH?

[Head Guru]

Not sure yet Jack.

 

Ive been in contact with cPanel just as of this morning asking the same questions.

 

I will update when I know more.

[ztrauq]

According to their website, SpamAssassin, in addition to using blacklists, also uses heuristic analysis to analyze features in the header and text of the emails to decide whether or not they are spam. Because it uses multiple methods, I would think that SpamAssassin should still be able to do a good job of filtering, but perhaps not quite as good without the blacklists.