Forging e-mail is extremely easy when you know how. Spammers use the spoofing technique to change the sender name and e-mail address for every message, which means blocking all e-mail from one address won't keep you spam-free.

When you signed up with your ISP, you may have noticed something in its AUP (acceptable use policy) that discussed open relays. An open relay is an SMTP server that doesn't have any security policies to control who it may receive e-mail routing from, and send e-mail to.
This is a major issue in the war against spam, because spammers can use these open relays to send huge amounts of forged e-mails with relative anonymity.

Most open relays are created by home users with broadband Internet connections who install and configure applications without understanding the implications.
There are also a small number of corporate system administrators who inadvertently configure their corporate e-mail servers to be open relays, too.
These open relays are invaluable to spammers, and information on them is often put up for sale. So not only are your computers being used to spam an innocent victim, your bandwidth will soon be flooded with spammers using your relay.

You can easily check whether your computer is an open relay using Active Ports. If Active Ports shows a process listening on TCP port 25, it's very likely you have an SMTP server running. You should investigate immediately!

Because open relays are such a menace to everyone other than spammers, ORDB (Open Relay Database) systems were created. These are publicly accessible servers on the Internet that maintain lists of domains that contain open relays. The idea is for the major network organisations through which huge amounts of Internet traffic (and thus e-mail) travels to use these databases for e-mail blocking. When e-mail is sent through one of these organisation's servers, the source address is checked against an open relay database. If a match is found, the e-mail is rejected. It's not perfect, but it does cut down on spam a little.

Some ISPs employ automated scanning tools on their own networks. These tools scan each customer's Internet connection to locate open relays and other common security issues. If a problem is found, the customer is disconnected from the Internet with force and told to remedy the problem.

Open relays are a major issue for ISPs because of ORDBs. If a single ISP customer has an open relay by one of the ORDB systems, the entire ISP can be blacklisted meaning that none of its customers can send e-mail. It often takes months to be removed from the blacklist, which is why ISPs try very hard not to get on one in the first place.