SORBS, a list of email servers known to distribute spam, has been shut down by its current owner, Proofpoint. Industry observers said that SORBS was no longer profitable and that enterprises had long since moved to other spam filter options.
“The decision to sunset a product is never an easy one and was made after thorough consideration of various factors impacting the service’s sustainability,” Proofpoint said in an email to CSOonline. “We can confirm that the Spam and Open Relay Blocking System (SORBS) was decommissioned on June 5, 2024, and the service no longer contains reputation data. Given the wide range of potential replacement solutions in the market, Proofpoint cannot make recommendations nor endorse any specific replacement product. This is dependent on an organization’s needs.”
SORBS was launched back in 2001 “as an anti-spam project where a daemon would check ‘on-the-fly’ all servers from which it received email to determine if that email was sent via various types of proxy and open-relay servers,” according to a history page on the SORBS site. “Deployment of the daemon in November 2001 yielded a list of 78,000 host servers.”
Longtime email antispam professional Anne Mitchell, who today serves as the CEO of Get To The Inbox, said that for years the SORBS list got senders to take quick action if they found themselves on it.
“If a sender realized they were listed on SORBS, they knew that they had a customer who was causing issues and was not following best practices. This is a loss for the industry,” Mitchell said.
As for why it closed, “It wasn’t making money. That is what this is all about,” she said.
Like decommissioning the Better Business Bureau
But some entities that are doing good deserve to be supported, and expecting all services to turn a profit is problematic, she suggested. “That is a bit like saying that we should decommission the Better Business Bureau. It was one of the sticks that you could beat a sender with, to tell them that they are doing something wrong.”
Not everyone will miss it, though.
Mickey Chandler, an email anti-abuse specialist, posted thoughts about the shutdown and argued SORBS had a history of being respected but also sometimes being unpleasant.
“SORBS has a long and somewhat checkered history. It was created in the early 2000s, with a DNSBL (Domain Name System-based Blackhole List) version coming online in January 2002,” Chandler wrote. “The closure of SORBS does not mark any real turning point in the email security landscape. Although it was one of the oldest DNSBL services, SORBS helped mainly hobbyist email administrators filter spam and other malicious email traffic. However, its controversial history and management issues have made it a source of frustration for many in the industry and depressed its overall use. SORBS listings have not been considered impactful in the email marketing space for many years. A recent consulting client saw fewer than 200 messages blocked over a volume of less than a million.”
Other ways to filter spam
Girish Bhat, a security marketing executive who worked for Proofpoint when SORBS was acquired, said the decisions were influenced by business dynamics and the difficulty in making such a list profitable.
“For a high growth business like Proofpoint, monetization would have required significant investment, and the ROI was unclear. I believe that the email industry would not have gotten here without DNSBL services such as Spamhaus, SpamCop, SORBS and others. As most of these services originated and are managed by a dedicated individual or individuals with strong opinions, it is likely to alienate a few,” Bhat said. “To Proofpoint’s credit, even after the SORBS acquisition, they did not interfere with its day-to-day operations. Discussions around monetizing SORBS were abandoned quickly. Although SORBS was a pioneer and did serve an important community role in the past, its utility has diminished due to a plethora of other services.”
Mitchell, like others interviewed, said the SORBS shutdown is unlikely to have any impact on enterprise security and email operations. “From a purely enterprise standpoint, this is not even going to be a blip,” she said, but “Senders are likely dancing a jig today.”