War on spam turns to open proxies

The Exploits Block List at Spamhaus will let companies crack down on open proxies that let spam through, as well as on other popular spam exploits

Anti-spam site Spamhaus has added a new feature to its services which should, it says, help ISPs and companies cut out more spam from arriving at their servers.

The Exploits Block List (XBL) is a database of IP addresses that originate 'illegal' third party exploits, according to Spamhaus, such as open proxies. The term "open proxy" refers to the situation when a server allows network connections from anyone, to anywhere, on arbitrary ports and with arbitrary protocols. It means that spammers, for instance, can use that server to send spam without it being traced back to them. Connections made via open proxies are often non-accountable, since the open proxy server may be doing no logging, or if logging is being done, logs may be unavailable to those investigating network incidents.

The XBL list should also help block worms and viruses with built-in spam engines, and other types of Trojan-horse exploits utilised by spammers, said Spamhaus in a statement.

XBL is designed to sit alongside the Spamhaus Block List (SBL), which blocks incoming spam from direct spam sources. It incorporates the SBL, and system administrators can set their mail servers' anti-spam DNSBL feature (sometimes called "Blacklist DNS Servers" or "RBL servers") to query xbl.spamhaus.org. The service is provided free of charge.

"The combination of SBL and XBL enables ISPs to safely reject a high volume of incoming spam outright, without needing to accept it into their mail queues for processing," said Spamhaus. "This enables the use of further slower post-receipt spam filters to process a vastly reduced volume of remaining spam."

Rejected messages generate instant feedback to the sender via the standard SMTP rejection (bounce) message, giving reason for rejection and providing information about what to do about it. "This differs from post-receipt spam filter systems which accept all email and then silently discard or route to a trash mailbox email identified as spam without the sender knowing," said Spamhaus.