The Spam and Open Relay Blocking System (SORBS) was originally conceived in 2001 as an anti-spam project where a daemon would check "on-the-fly" all servers from which it received email to determine if that email was sent via various types of proxy and open-relay servers. Deployment of the daemon in November 2001 yielded a list of 78,000 host servers.
The daemon project eventually gave way to what we know as SORBS today, a DNS-based Block List (DNSBL), which at its start, was seeded with the 78,000 servers the original daemon detected. In 2003, the SORBS DNSBL was publicly launched and the list has grown to more than 12 million host servers known to disseminate spam and now processes tens of billions of requests per day. The list typically includes hosts designed specifically for spreading spam, hacked and hijacked servers, and those with Trojan infestations. In an attempt to provide preemptive protection, SORBS also lists servers with dynamically allocated IP addresses.
In November 2009, SORBS was acquired by GFI Software. In July 2011, Proofpoint, Inc., a pioneering security-as-a-service provider vendor, acquired the assets of SORBS. The acquisition enabled Proofpoint to develop enhanced real-time detection capabilities and intelligence about email-borne threats for its enterprise customers, based on the service's extensive visibility into email traffic patterns and trends. SORBS service has also been improved, as Proofpoint has devoted additional development and support resources to improve both the accuracy of the SORBS service and the timeliness of response to support and dispute inquiries. Proofpoint continues to operate SORBS as a free, standalone service.