SPEWS/Osirusoft RBL goes away

According to this Slashdot article, the SPEWS real-time block list is no longer operational. A comment-free version of the same basic story is here. The article points to a lot of discussion on news.admin.net-abuse.email, too, which amkes for interesting reading. Osirusoft shut down SPEWS after being the target of an ongoing distributed-denial-of-service (DDos) attack. The manner in which it was shut down caused lots of bounces (including for my friend Bob Thompson and Kent State University, among others). The problem is that when Joe Jared, Osirusoft operator, shut down his service, he did so by telling the server to blacklist every IP address. Sites that rely solely on SPEWS thus dropped all their incoming mail on the floor.
What does this mean to you, the Exchange administrator? As Andy Lester points out, outsourcing your spam protection completely to a third party puts your mail service at the mercy of that third party. Exchange 2003 includes RBL support, and it’s a useful adjunct to heuristic or keyword-based filters. However, RBLs themselves don’t provide a complete solution, and you should choose your RBL provider carefully to make sure that a) they provide support for their service and b) they have the resources to stick out this kind of attack.