Proofpoint, a cybersecurity software developer, has ceased operations of its SORBS spam (Spam and Open Relay Blocking System) service. This service, which has been active for many years, provided valuable information about well-known spam sources, assisting in the creation of block lists.
SORBS offered free access to DNS Base (DNSBL), which included over 12 million servers known for spreading spam, phishing attacks, and other malicious emails. The service typically listed suspected spam-sending servers, hacked and infected servers, as well as servers with Trojan programs.
With the trust of over 200 thousand organizations, SORBS was highly regarded for its accuracy. Created over twenty years ago by Michelle Sullivan in Australia, SORBS was managed under Proofpoint.
Regarding the closure of the service, Proofpoint stated, “The decision to discontinue the product was not easy and was made after careful consideration of various factors affecting the service’s stability. SORBS was disabled on June 5, 2024, and no longer contains reputation data.”
Upon the shutdown of SORBS, its 18 lists categorized spam servers were cleaned of data. However, the potential restoration of information in these “zones” may require minimal effort as the service’s code base remains intact, facilitating a possible relaunch in the future.
The closure of SORBS has sparked conversations within the anti-spam community about the potential acquisition and management of this resource. Throughout its existence, SORBS underwent several changes, transitioning from university infrastructure to GFI, and eventually to Proofpoint, which recently closed the service.
High hosting and support costs made it unfeasible for an individual to sustain SORBS. Sources have suggested that proposals for purchasing SORBS will likely be received, even from organizations involved in spam distribution who have previously taken an interest in exploiting this influential service for their own agendas.