Feeds

back to article Spamhaus and ISP spar over 'email DoS' blacklisting

Spamhaus and a Dutch ISP that was temporarily slapped on the anti-spam organisation's blacklist continue to be at loggerheads – even after the service provider was removed from the list. The row between A2B and Spamhaus came after the Dutch ISP allegedly provided connectivity services to CB3ROB (AKA Cyberbunker), an outfit long …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Discrepancies

LIR stands for LOCAL internet registry, not LEGAL, and has to do with handing out of address ranges. It doesn't imply providing transit or any other service. Curious that a director of such an outfit doesn't know this.

Spamhaus say they've repeatedly notified them and A2B say they only got one email after asking for it. Time to whip out the evidence. Spamhaus does, as per their published policies, move up (first one, then) two ISPs if the ones below don't react. Again, time to whip out the evidence. Making a point is exactly what spamhaus is about. It is why they only publish blocklists that others to use at their discretion.

This is perfectly reasonable in the cooperative of networks that forms the larger internet. Collateral damage is implied in the escalation policy, but A2B or whoever could've moved the innocents to clean blocks (and if they had run out of addresses, weren't they a LIR?), so it's their failure to care for their network that's gotten them into this. Shoulda moved addresses around, or better yet, not host known spammers. They should have gotten ample advance warning. If not they might have something to take up with spamhaus.

Who else supports A2B's cause? Er, their so-not-a-subsidiary-honest Datahouse is probably one (say hi to the sockpuppet) and well maybe CB3ROB is the other. Though getting classified as "dutch" ought to upset them a bit unless they'll argue that part just happens to not be part of their CYBERBUNKER thing. Wonder what that "strict" policy is. One could speculate, darkly, it's probably very strict on what abuse complaints they'll look at.

I think that spamhaus has the better cards in this, but with the low standards of plod and prosecutors in the Netherlands, if they do manage to get around to this complaint we'll just have to watch what's going to happen.

5
3
Bronze badge
Thumb Up

"Curious that a director of such an outfit doesn't know this"

No, smart of him to softly fiddle the words to corroborate his (disingenuous) argument -- I read over it, and probably many or most would.

It's a bit strange that he's so happy to ruin the reputation of his company, starting a fight he cannot win (ask e360 or Austria's NIC).

0
0

Gods at play

Whilst the movers and shakers play their cyberspace games us poor little people suffer. Of course the internet needs policing but its about time it wasn't by self-appointed vigilantes. We use the internet for B2B marketing and were shocked to find that we could be blacklisted without any warnings and only found out via our customers. We then had to start a nightmare process of trying to find out who had made the blacklisting decision and the even more tortuous process of getting them to talk to us. This despite complying with all the known codes of conduct. It is a matter of conjecture just how many reputable companies have had their legitimate activities disrupted but logic suggests it can't be helping growth and job creation.

0
1
Anonymous Coward

No sympathy for you, terry.

If you're in the email business then you should know where to look. I regularly check my hosting provider for spamhaus (et al) listings and I'm about to move to another because this bunch have accrued too many ROKSO regulars (and done did claim incompetence at fixing it: "we're too big!!1!", but I accidentally noticed their abuse@ is /dev/null'ed in spamcop. oh well). If you think getting stuck on spamhaus' list is a nightmare, then go make a fool of yourself in public (like nic.lv, for instance) and get stuck on innumerable and entirely private blacklists that you haven't a snowflake's chance in hell to ever find all, nevermind get off again. Meaning you just burned a chunk of IP space and will likely have to hop over to the next like a good little spam outfit.

You seem to've forgotten that the internet doesn't exist as an entity; it's a cooperative of networks. That very much indeedy means that each network can, and does, set their own rules. Yes, I've been on the receiving end of that one too*, and while aggravating, if the other guy says no there's really nothing you can do. If you want to play in this playground, then those are the rules. If you can't abide, well, someone will tell you off. And they did. Sucks to be you.

In that way, a dnsbl with a published policy and clearly defined contacts is a service to the general public and moreso to everyone that ends up on the list. It sucks to get on it, but if you do you generally deserved it --if not your provider did, either through spamming or negligence, and you should change providers-- and even so you get a clear shot at getting off. Even these A2B bozos did get off right quick.

Calling for protection for "poor little people"? You're a business. What do you want, a world internet police protecting everyone from badness but which so naturally is not your spam? Or are you simply a sucker for bureaucrazies? Spar the ITU to get off their world-wide blacklist? Try and convince ICANN to see reason and delist you? Petition the UN by telex to please be allowed to email again? Get real.

* IICR it was verizon blocking all of Europe indiscriminately so customer care replies back to inquiries made by verizon users never made it, with predictable results. Didn't help that at that time the US was recorded as emitting more spam than Europe.

0
0
Anonymous Coward

Re Marvin

Most would probably read over it, yes. I didn't pick it apart properly either, and there is lots more word-weaseling going on. But I thought I'd give him the benefit of the doubt, figuring this was enough red flag to make the point. Seems I've hit a bit of a raw nerve regardless with some. Especially those who fail to understand the salient points of just how the internet is put together. "Self-appointed vigilantes" indeed. Oh well.

That was Latvia's NIC, which I found quite astounding. Someone badly needed a time-out over there. Spamhaus' listing of nic.at IMO was unconsciable. Blocking IP addresses for spamming is one thing (and well-regulated escalating is excusable there), but blocking the name registry, disrupting its service, for refusing to drop names from the registry without sufficient proof that the names somehow violate nic.at's Ts&Cs... well, blocking at all there is out of line really. Arguments like "don't worry about the legalities, the phishers won't complain" are themselves a bit disingenious. Spamhaus doesn't have squeaky clean hands there, even if it did work out in the end. I suspect more than a few Austrian services will either have dropped spamhaus or at least whitelisted nic.at for that little trick.

e360 probably had nothing better to do anyway, and he did get a default judgement at first, only to "snatch defeat from the jaws of victory", quoth the judge presiding. Impressive, that. But then, believing everyone else and the world is to blame for their own stupidity is a trait many spammers and (dare I say other) criminals share. Down to people (even here) effectively demanding service guarantees. Well, if other people choose to have their servers not accept email from you, tough cookies. I do reserve that right for my servers, and I will use any list to aid me in that as I see fit, yes.

0
0

Ah well, you see

A lot of us consider you internet marketers to be in a worthless business, your codes of conduct to be self serving and essentially meaningless and your "legitimate" activities best confined to the dustbin of history...

0
0

@ Terry Maguire

>> We use the internet for B2B marketing and were shocked to find that we could be blacklisted without any warnings and only found out via our customers.

Ahh diddums.

Quite frankly, most "marketing" is spam. Apologies if you genuinely only ever send mail to those who genuinely and **knowingly** opted in - if you are then you are in a very very small minority. Note that failing to tick a box, hidden at the bottom of a long form, drawn in pale grey on a slightly paler grey background and labelled with pale grey text, does **NOT** constitute an opt in.

If you were prevented from sending emails because of being on a blacklist then the reason is that the recipients had made policy decisions that they don't want to receive mail from the sort of outfits that find themselves on the blacklist(s) they use. Once you realise that, then your complaint becomes "I couldn't send mail because the recipients didn't want it", and the logical extension of your comments becomes "people shouldn't be allowed to block our emails just because they don't want to receive them".

As an analogy, I'm sure some (for example) minicab outfits have policies about the types of people they want to have in their cars. Some may have a policy not to take bookings from the "rougher end of town" - if that is the case, then your complaint that they won't pick you up is down to you choosing the wrong place to live. The internet is a bit like that - if you make the mistake of setting up office in a rough neighbourhood (ie an ISP that supports spammers) then I'm afraid you'll just have to live with the fact that you won't be able to deal with the people who don't want to deal with email from "the rough end" of the internet.

That is a policy decision made by the people who set up their mail servers. The blacklists simply provide an opinion about any particular bit of the internet. They don't block any mail, and no-one is forced to use them if they don't want to.

I run the mail service for a small ISP/IT services company. Yes we occasionally get blacklisted, and it's almost always because one of our customers has been a d**khead with the stuff they send. However, I find dealing with blacklists a lot easier than dealing with the f***tards at the likes of AOL.

0
0

And as we all know "replica" is an euphemism for counterfeit. The fact that China, a source of poisoned baby food and toxic toothpaste does not see an issue with violation of copyright, does not mean the civilized world does not.

0
0
Thumb Up

Interesting to see the chain of emails...

That A2B published. Pretty much what I'd expected, and I thought they supported Spamhaus' side of the story, but then I'm kinda biased towards them, PITA though they can undoubtedly be, so I'm hardly a neutral judge.

0
0
Alert

On the one hand its good that people are fighting spam, and there is a group set-up to handle a coordinated response.

On the other it is frankly terrifying that such a huge amount of power is in the hands of such a small group of vigilantes, who appear to be acting like a bunch of cocks

1
0
LDS
Silver badge

Spamhaus is not a "vigilante" because it itself doesn't block anything. It just publish a blacklist you or your ISP may use or not. I use it otherwise I would receive thousands of spam messages daily to my public email addresses and I could hardly find the legitimate ones.

IMHO ISP like spammers because they buy hundreds of domain (while a legitimate customer may buy one only or little more), needs a lot of IPs because more and more gets blocked (a legitimate user/company will buy just a few), and set up a lot of fake sites to hide behind, while buying bandwith for their criminal use. The perfect customer, if their business was legal. Organizations like Spamhaus just make that lucrative "business" hard to last long, eventually whole blocks may be blacklisted if ISPs prefer to host spammers and other criminals instead of making money delivering good services to legal customers.

0
0
Silver badge
Thumb Down

"The thing is that we are a LIR (Legal Internet Registrant) and we provide transit to other LIRs and ISPs," Erik Bais, a director at A2B Internet told El Reg.

"If Spamhaus is having an issue with something that CB3ROB is doing, they can either take it up with them or if they don't want to, take it up with the police.

----

Loading Google Translate.... 100%

Translating Weasel to English.

"Don't blame us. We're just the getaway driver; we're not responsible for the robbery".

0
0

178.249.152.0/21

Ta - added to my firewall for both the inbound an outbound routing blacklist :-)

0
0
Silver badge

Seems to me the only real line of attack for A2B

is to claim Spamhaus engaged in defamation when they blacklisted them, because Spamhaus doesn't actually block anybody. And it seems to me that Spamhaus can pretty easily refute that claim. All the rest is sound and fury signifying nothing.

0
0
LDS
Silver badge

DigiNotar, and now A2B?

Netherlands is becoming an interesting cybercrime hotspot, first DigiNotar, now A2B. DigiNotar was sent out of business when MS, Mozilla, Google and others removed its root certificates after its failure to protect its certificate business properly. Did it sue them? No, even if the "collateral damage" was big for its unlucky customers.

Because the failure was on DigiNotar side, not on those who removed the certs to protect users. A2B should take notice, and control its network instead of complaining about Spamhaus simply listing cybercriminals use A2B network. Or follow DigiNotar path.

0
0
Bronze badge

Fixed it

A2B posted the full conversations with Spamhaus on their web site, along with their reports of criminal activity. I have to partially agree with A2B - It's not right for me to let Spamhaus choose whether or not A2B mail is blocked. I need a permanent blacklisting in my local deny list.

0
0
This topic is closed for new posts.