There's been much press coverage as of late in response to a press release from Spamhaus, the operators of a well-known DNS Block List (DNSBL).
The essence of the warning is that spammers now have tools that allow them to deliver spam through the up-stream providers of infected computers, or spam-bots.
This is in fact a new trend. Up until recently, an infected spam-bot would typically attempt to send email directly to the intended recipient's email server, and this made them somewhat easy to track. Once identified, their Internet Protocol (IP) address could be added to DNSBL's which are then used by recipient machines to determine whether or not delivery would be accepted.
In response to a growing number of Internet Service Providers (ISP) who elect to block outbound Port 25 connections (thus preventing spam-bots from sending directly to recipient's servers) and perhaps also in part to thwart DNSBL tracking, spammers such as Send-Safe.com now apparently send traffic through the machines legitimate ISP connection and servers.
While primarily a method that is in response to Port 25 blocking the additional consequence is that if DNSBL's continue to list the sending IP as the spam source, they will in effect be blocking ISP servers and this will result in the denial of considerable legitimate email as well.
For many DNSBL's this is a problem, as they do genuinely attempt to avoid interfering with legitimate email traffic. This new spam tactic will in fact render many of them unusable and obsolete.
However, as the vast majority of DNSBL's actually do block quite a bit of legitimate email, (OnlyMyEmail itself has been erroneously listed by some of them) this consequence is not new, it has simply been amplified.
While this would appear to be bad news for DNSBLs and the system administrators who use them, the long-term impact is actually favorable for the average Internet user.
By forcing system administrators to take more comprehensive and accurate measures, less legitimate email will be blocked than is today. In short, without the inaccurate crutch of DNSBL's email administration will evolve in its accuracy.
On the other hand, many DNSBL's actually appear to embrace the blocking of legitimate email, considering it to be necessary and useful "collateral damage" which they feel will put greater pressure on ISP's to remove spammers from their networks.
Likely the most notorious of this breed of DNSBL is the Spam Prevention Early Warning System (SPEWS) which, as a matter of practice, will list not just a specific spamming IP address but will widen their listing to include IP ranges that might include hundreds or thousands of innocent bystanders.
The logic behind their peculiar tactic is that the bystanders will either complain enough to the ISP to force removal of the spammer, or they will change providers, thus costing the ISP business and thereby leveraging financial pressure for them to do a better job of policing their network.
Despite the appealing perversion of this guerilla warfare, the outcome is seldom as desired as the innocent victims don't typically respond as desired and the spammers can simply move on.
While many respected and well-run DNSBL's such as Spamhaus will no doubt adjust to the newer spam tactics, many of the more vigilante oriented services will find themselves obsolete as system administrators begin to realize the impact of their cavalier attitude toward legitimate email delivery.
In the end analysis, the tactic of sending spam though up-stream providers will actually greatly benefit the typical end-user.
DNSBL's that cannot or will not adjust and provide acceptable precision will become obsolete.
System administrators will be forced to implement more accurate anti-spam techniques that will increase the delivery of legitimate email.
ISP's will be in a better position to track spammers and spam-bots on their own networks, thus reducing the actual amount of spam being sent.
Combined, the result of the above represents the potential for an important step to actually solving the spam problem.
PRESS CONTACT: