back to article Dutch ISP calls the cops after Spamhaus blacklists it

Dutch ISP A2B Internet has filed a complaint with the police after it claimed to have been "blackmailed" by London-based anti-spam outfit Spamhaus. A2B managing director Erik Bais told Webwereld (report in Dutch) that Spamhaus "has gone too far". The Spamhaus Project is an international organisation, founded by Steve Linford …

COMMENTS

This topic is closed for new posts.
  1. Sam Liddicott

    No it's not

    It's like denying entry to a restaurant because other guys who arrived on the same public transport don't meet the dress code.

    Perhaps to blacklist innocent net users because their hosts are on the same netblock as other perpetrators is libel.

    This sort of behaviour makes Spamhaus unreliable. How many Spamhaus users expect this sort of behaviour?

    1. Ian Stephenson Silver badge

      Close

      It's more your customers are prevented from getting into your restaurant because you havent paid the protection money/associate with the wrong people.

      Spamhaus != mafia as the mafia have better PR

      1. PatientOne

        I was thinking the situation was more like you being denied entry into multiple restaurants because some third part objected to the way you were dressed the other night.

        1. Loyal Commenter Silver badge

          Analogies? I've heard a few...

          Maybe more like not being allowed to leave the restaurant you own because someone doesn't like the fish soup, as well as not allowing anyone else to enter your restaurant, until you stop serving not only the fish soup, but anything else prepared in the same kitchen.

          1. TeeCee Gold badge
            Stop

            More like:

            The bloke next door is an amateur chef, a good mate, makes fish soup and you sell his fish soup on your menu. Some of your customers get sick as dogs, as his kitchen is actually an unlicensed, roach infested hellhole. The soup is identified as the most likely culprit and you are advised to stop selling it.

            You decide that you don't want to upset your mate and would rather carry on giving your customers the shits, 'cos you don't give a toss about them.

            Then you act all surprised when someone writes a letter to the local rag about how they got gyppo tummy at your restaurant, loads of people read it and your trade disappears overnight.....

            1. CmdrX3

              Anyone know of any good restaurants, I'm hungry now.

              1. Darryl

                You sure as hell better stay away from the fish soup though

    2. Ben Liddicott
      Pint

      Sorry bro, must disagree

      This is exactly the behaviour that spamhaus users expect. Remember: Spamhaus don't block anyone - they list them. Spamhaus users (mail operators) can choose to use their list on it's own, in conjunction with their own whitelists, with other lists in a scoring system......or not at all.

      Spamhaus, as a matter of published policy, require ISPs to prevent spam emanating from their networks or they will be listed. To avoid listing the ISP must police it's network, and if they don't the whole ISP may be blocked.

      1. dcd
        Thumb Down

        Well that's all of them then.

        Name one that doesn't?

    3. LDS Silver badge
      Thumb Down

      No. It is like a restaurant full of robbers, people trying to sell you fake items and drugs, while trying also to steal you your credit card and other data.

      When a restaurant guide publishes "hey, avoid that restaurant if you don't like robbers, drugs sellers and so on" the restaurant reacts against the guide instead of looking at its customers.

      I like Spamhaus. Without it instead of getting the mail I want to receive in my mailboxes, I would receive thousands of spam items because I have some public addresses. And spammers exist only because ISPs allow that. Probably because they have to buy more domains, IPs and bandwith than the average company. Will you rent a house of yours to known criminals?

  2. This post has been deleted by a moderator

    1. Anonymous Coward
      Anonymous Coward

      You don't have to..

      You don't have to use their service if you don't like it.

      Remember, Spamhaus doesn't block anything. The ISPs and businesses that use Spamhaus's blacklists can choose to block what they want on that basis, the same is true for other blacklists. The general principle is that if an ISP doesn't act on spam, then it has a negative impact on the reputation of the whole of its IP range, which I think is fair enough.

      Perhaps in this case we should be annoyed about an ISP allowing spam to take place, rather than Spamhaus blacklisting them.

      1. Anonymous Coward
        Anonymous Coward

        I'd be interested to hear the reasons behind the 2 down ratings above.

        Personally I'd agree, why is an ISP allowing spam to be sent? Its certainly not in their interests. What opposition would they have?

        -Different Anon from above!

        1. Anonymous Coward
          Anonymous Coward

          Define "spam", you idiot.

          How the hell is the ISP suppose to know if it's spam or not?

          And who made them judge, jury and executioner anyway? Same applies to SpamHaus.

      2. BristolBachelor Gold badge

        @AC 10:39

        OK, I'll bite:

        "You don't have to use their service if you don't like it."

        OK, that's great. I'd like to send some emails. Oh, they don't seem to get through; they are blocked. I'll just un-use Spamhaus and then send the emails again?

        How do I choose to not have my emails blocked? I suppose it is possible if I suddenly change ISP; but that takes a lot of work, especially with rented rack-space etc.

        Would it also be fair for Spamhaus to say "A few bad emails have come from USA. They don't seem to be stopping them, we are blacklisting all USA"?

        1. This post has been deleted by its author

        2. Ian Michael Gumby Silver badge
          Devil

          @BristolBachelor

          And I'll bite back...

          You want to send mail.

          Your mail is blocked.

          Why?

          Because your ISP isn't policing their own networks and allow spammers to thrive.

          What can you do?

          Find another ISP that does police their networks and are not blocked.

          You have to understand Linford's logic.

          The goal is to get the ISP to modify their behavior and be good net-citizens.

          You can always start by asking.

          Unfortunately there's money on the table (pink-sheet contracts) where the ISP will give you lip service and play games.

          You can threaten verbally and again, at best you get lip service.

          Finally, you can choose to shun them.

          This is where you block their IP blocks until they change their ways.

          This is the most effective because you now are forcing the ISP to realize that the money they get from the pink-sheet contract with the spammer is now less than the money that they are losing from other paying customers who's business is being affected.

          Now in defense of Linford...

          1) Blocks usually start off small. Like a /24 netblock (class C). ISPs sometimes tried to play a shell game by moving the spammer's netblock. So then more netblocks get blocked and if there still isn't a resolution, then larger netblocks are blocked.

          2) Blocks are not permanent. If the ISP does the right thing, the blocks are removed.

          3) Most ISPs work well with Spamhaus because they use Spamhaus in their mail filtering blocks so that their customers don't get as much spam as they could.

          You may not like Linford's methods, but lets face it. They are effective and they are based on past experiences and human behavior.

          BTW, if your emails are getting blocked, you are either sitting next to a spammer, or you are the spammer. If you're not the spammer, you can bitch to your ISP. They play dumb and do nothing? Find another ISP. Trust me, its worth it.

          1. Galidron
            Flame

            @Ian Michael Gumby

            So one IP address sending spam is means the ISP isn't policing it's network? Aside from the fact that there are almost no ISPs who do police their network, locking out an entire ISP because of one address is ridiculous beyond measure. Especially since they did block that IP.

            1. Anonymous Coward
              Anonymous Coward

              If the ISP doesn't do something about the offending spammer yes.

            2. Owen Carter
              Go

              One IP address sending spam shows that you have a spammer on your network.

              It's what you do next that determines how Spamhaus treats you; get rid of that spammer and you will not be blocked.

              Make a half-hearted attempt to restrict the spammer without actually removing their ability to spam from that domain; and you will be considered 'spam friendly'

              Spamhaus treats both spammers and their supporting network of spam friendly isp's with equal contempt; and I am glad that they go after the support networks as well as the offenders. Seeing the reaction of the spammers here(*) I think the Spamhaus behaviour has been totally vindicated and my determination to continue using their services to help keep my inbox clean has increased.

              (* Given the sudden appearance of some anti-Spamhaus people here; I'd like to say a big howdie to all you spammers lurking and posting as AC's and sockpuppets! You do realise you are miserable little lowlife with small penises don't you?)

              1. moiety

                Yeah, problem is, it's not just spammers who are inconvenienced by Spamhaus. It's everyone who wants to use that IP address in the future. If that IP address is an ISP's proxy/cache server that could be thousands of people.

                Many people complaining here -I think you'll find- are sysadmins and people responsible for company mailservers who have been torpedoed by Spamhaus in the past; and who have had to spend maybe weeks trying to restore service. Appeals seem to be met with a "we've listed it, so fuck you if you don't like it attitude".

                Appealing or sending a "What's up?" email is probably the first reaction and turns out to be a waste of time.

                So then you've got to migrate your mailserver to somewhere that isn't blocked. Expensive and inconvenient...and of course always occuring right when you least need it.

                I don't like spam. I don't like spammers. I particularly don't like the cheeky bastards who spoof my domains as 'from' addresses to send spam. That said; I'm not a big fan of Spamhaus either. And for the record, I'm hung like a donkey.

            3. Ilgaz

              ISPs do police their networks

              Being an active spamcop(.net) user for years, I have seen almost all ISPs (except couple of black hats) do care about even the semi anonymous reports they get and even care to report back to spamcop. You heard the "lame" AOL? They have unplugged 2 virused/open proxy consumers and reported back to me, semi anonymous spam reporter from nowhere. Not some prestigious RBL.

              Actually, I don't do business with any ISP who seems not to care and trust me, these days your IP block's "prestige" matters. You may one day figure you have to use captcha even for google searches, ad companies blacklisting your page, users get warned when visiting your site etc.

              I agree the "license to use internet" is absurd but seriously, if you don't manage your IP pool, you don't deserve to own IPs at all. We don't talk about dumb.ignorant,zombie PCs. We talk about assigned IP pools.

          2. Anonymous Coward
            Anonymous Coward

            "Linford's logic"

            Oxymoron of The Day.

          3. Anonymous Coward
            Anonymous Coward

            Now in defense of Linford...

            How can you defend the indefensible ???

            Whether a twerp is playing music or playing God, a twerp is a twerp is a twerp.

      3. quartzie
        Stop

        dream on

        The key word here is accountability.

        While it is true that Spamhaus doesn't block anything, but its market penetration is so large, that it has enormous influence without any sort of accountability. That is a BAD thing, evidenced by the bullish behaviour described in this article.

        You attempt at giving Spamhaus a carte blanche, since it's "your ISP's choice", is flawed from its very conception. Once you find your company mail server's IP blacklisted, and happen to lose business because of it, you'll start to understand my opposition.

        Spamhouse has a lot of clout, yet there are no clear guidelines saying how far they can go. This is a position open to all sorts of political influence and I'd hate to put so much power to a body which clearly lacks ethical standards and can lower itself to the described behaviour.

        1. Anonymous Coward
          Anonymous Coward

          Spamhouse has a lot of clout^H^Hwns

          Spamhouse - the world's only circus without sawdust.

        2. Anonymous Coward
          Anonymous Coward

          deja vu

          > I'd hate to put so much power to a body which clearly lacks ethical standards

          That's exactly what the lone voice of reason in the CIA said about Osama Bin Laden in 1977.

  3. dcd
    Stop

    Clarification needed

    It's not clear (from the story) why all the ISP customers were blacklisted.

    El Reg?

    1. Criminny Rickets
      Boffin

      From the story, A2B and it's customers were blacklisted over A2B's refusal to put a total block on German ISP Cyberbunker, which got it feed from A2B and in turn fed The Pirate Bay. Instead, A2B blocked the specific IP address that was responsible for the reported Spam. This was not good enough for Spamhaus as they wanted TPB shuttered. As soon as A2B completely blocked Cyberbunker, Spamhaus removed A2B from its blacklist.

      1. Anonymous Coward
        Anonymous Coward

        Many tin foil hats here in relation to TPB.

        >"This was not good enough for Spamhaus as they wanted TPB shuttered"

        Where did you and the various other paranoids in this thread get any suggestion that this was because Spamhaus wants to shut down TPB from? Spamhaus wanted the whole of Cyberbunker disconnected because of one offending IP, but there's no evidence that their grudge is against TPB specifically; TPB was collateral damage along with whoever else Cyberbunker hosts.

        The article mentioned that TPB is *a* Cyberbunker customer as a bit of background colour, but Spamhaus is not an MPAA/RIAA organisation and has no interest or other motive to target TPB; it's just coincidence that TPB is one of Cyberbunker's customers besides the spammer.

        Cyberbunker has other customers too, but I don't see you claiming that it was those guys that Spamhaus wanted shuttered; you're making the mistake of picking the one single customer that happens to be relevant to *you* and imagining that they were relevant to Spamhaus, because you're projecting.

    2. Fred Flintstone Gold badge
      FAIL

      As far as I can make out..

      .. Spamhaus blacklisted the lot because the ISP didn't do as Spamhaus demanded.

      If that is the case I'm rather disappointed in Spamhaus as it apparently sees no problem with affecting innocent parties with what it does. It takes the shine off their efforts and turns them into Net bullies - very disappointing indeed.

      For those who claim they don't *have* to use Spamhaus ignores the fact that many draw their email via their ISP, and have thus no control over the use of Spamhaus.

      I thus hope I misread this story. Anyone from Spamhaus care to comment?

      1. Ben Liddicott
        Pint

        If you run your own mailserver you control spam filtering

        If you rely on your ISP mail server, either choose an ISP which allows you to customise spam filtering it or turn it off, or accept their best judgement for how to do it.

        The spamhaus rule "ISP is responsible as well as the customer" is because previously the same old spammers would keep turning up on adjacent IP addresses/blocks under different names. This leads to guacamole. Sorry: Whack-a-mole. Spamhaus can only react because they have no visibility as to whether these are the same people as before until they begin spamming again. Indeed some ISPs took advantage of this to keep taking the same cusomers on purpose and feigning ignorance.

        The ISP is in a position to know beforehand whether these are the same people running the same "business", therefore the ISP must bear responsibility.

        1. moiety

          Thanks to Spamhaus I cannot run my own mailserver

          Back in the day -after ISP email dropped some very expensive emails- I used to run my own desktop mailserver...that way the emails would either arrive, or I'd get an error message explaining why not.

          Then Spamhaus decided to block email traffic from my ISP (and many others, it turns out). I did try to appeal at the time, but the response was essentially 'fuck you if you don't like it'. Very high handed treatment. Possibly they do some good; but there are genuine victims and I sympathise with the ISP in this case.

  4. Anonymous Coward
    Anonymous Coward

    huh? So Spamhaus is now part of the anti torrenting crowd and is using its power as a email filtering resource to get its way??

    Sequence of events seems to be

    ISP provides service to TPB,

    Spamhaus finds a offending host and informs ISP

    ISP blocks offending host

    Spamhaus blocks the whole ISP range until it stops giving services to TPB

    Sounds a bit illegal to me. A bit like cutting off the water to a block of flats until the noisy neighbour in no. 32 leaves.

    1. Anonymous Coward
      Anonymous Coward

      Spamhaus blocks nothing

  5. Anonymous Coward
    Anonymous Coward

    Grrr

    I used to work for a company that was built around a well known European TLD and we took a lot of shit from Spamhaus. Whilst I agree that they are trying to provide a valued service, they have a puffed-up image of themselves and frequently act as Judge & Jury (or maybe Judge Judy?).

    So, yup, let them carry on distributing their "lists", but for fuck sake, keep their ego´s in check and stop them behaving like some overweight vigilante with delusions of überpower. They can and DO make mistakes and are piss-poor at admitting/dealing with it.

    1. Anonymous Coward
      Anonymous Coward

      (or maybe Judge Judy?).

      More like Punch & Judy!

      > So, yup, let them carry on distributing their "lists", but for fuck sake, keep their ego´s in check and stop them behaving like some overweight vigilante with delusions of überpower.

      Well said! They sure as hell need their wings clipped!

  6. Anonymous Coward
    Anonymous Coward

    Well done Spamhaus

    This sounds like A2B wouldn't deal with the spam so Spamhaus added A2Bs IP ranges to the SBL. Simple as that.

    That's how its supposed to work folks. Don't like it then deal with the spammer. Don't deal with the spammer and why should anyone deal with you?

    A2B sound like utterly clueless fuckwits.

    1. Chris007
      FAIL

      @ john RTFA

      A2B BLOCKED the IP address (note SINGLE) that was identified by Spamhaus as sending the offending spam emails.

      Spamhaus decided that wasn't good enough (who the fuck are they to judge) and demanded that the entire subnet be removed even thought there was NO EVIDENCE that any other IP within the range was being used to send spam.

      That is outrageous and is certainly smacks of blackmail and it would seem Spamhaus (whether knowingly or not is unknown) are being used to stop TPB through "back door" methods.

      Icon for John and Spamhaus

      1. JimC Silver badge

        If you use spamhaus

        You know that they take a particularly aggresive posture towards spammers and ISPs who either support spammers, or through inactivity allow them to continue. If you don't like that you don't use them. It means you get less spam but also more unduly rejected messages...

        1. Chris007
          Flame

          @JimC

          It's not really an issue of if you use Spamhaus, it's the fact that other people do.

          If you get put on a Spamhaus BL then you can find your company/customers not being able to send/receive email from large parts of the Internet.

          I have always been against spammers but blocking an entire subnet (at a mimum a /24 but could have been a /21 or even a /16) due to ONE IP address is WAY over the top. It's the classic using a sledgehammer to crack a nut.

          In this instance A2B did nothing wrong, they blocked the offending IP address. However this did not appease Spamhaus who did, effectively, blackmail them into blocking the entire subnet. A totally disproportionate response.

        2. The Original Ash
          Big Brother

          "You know that they take a particularly aggresive posture towards spammers and ISPs who either support spammers, or through inactivity allow them to continue."

          Spamhaus listed *the entirety of A2B's IP pool* because they refused to black hole *ALL* IP's from a single downstream client when *ONLY ONE* was responsible for sending spam, which was blocked by A2B appropriately.

          This was Spamhaus strong-arming A2B into piping The Pirate Bay into /dev/null, and nothing more. It is a despicable practice, and I'd like to see people in jail for it.

          I think we need a "Censorship" icon; BB doesn't fit here, but it's the closest available.

          1. JimC Silver badge

            > Spamhaus listed *the entirety of A2B's IP pool* because they refused to black hole *ALL* IP's

            > from a single downstream client when *ONLY ONE* was responsible for sending spam,

            Yep, that's the way they work, always have, always will. Reasons why have been well presented in other posts. I'm damn sure that it had nothing to do with TPB *except* that its no suprise that a Spam friendly downstream client was also associated with piracy.

      2. Owen Carter
        Meh

        Ever watched an experienced teacher dealing with a devious spoiled brat?

        "who the fuck are they to judge"

        They are people with years and years experience dealing with Spammers.. they are just doing the stuff they know works.

      3. Franklin
        Stop

        A title is optional

        "A2B BLOCKED the IP address (note SINGLE) that was identified by Spamhaus as sending the offending spam emails.

        Spamhaus decided that wasn't good enough (who the fuck are they to judge) and demanded that the entire subnet be removed even thought there was NO EVIDENCE that any other IP within the range was being used to send spam."

        Actually, that's not quite true. Spamhaus is aggressive, sure, but even Spamhaus is not THAT aggressive.

        Those of us--and I'm sure there must be others of us among the El Reg commentards--who have been part of the spam and malware fighting community for a while are very aware of Cyberbunker. If you read the archives of the North American Network Operators' Group mailing lists or some of the antispam Usenet newsgroups, you'll be well aware that Cyberbunker has been a source of problems for years. I've seen emails from Cyberbunker admins from 2009 that complain about being blocklisted for spam and malware (usually in highly aggrieved, "how dare you tell us who we can and can't have on our networks; we don't care if people are spamming, it's income for us" tones).

        This current spat is about one IP address, and so I can totally understand why people might incorrectly believe that means that Spamhaus blocklists entire IP ranges for one single incident. But this one IP address is the proverbial straw that broke the camel's back. Cyberbunker has been a source of ongoing problems for *years* before this. This last incident tipped Spamhaus into saying "enough."

        It's impossible to give the full history in one news article (or even one comment in a news article). But if Spamhaus routinely blocklisted every ISP's entire IP range for every single one-off spam incident, they would no longer exist, because they would no longer be useful. Yes, this incident revolves around one IP address, but don't make the mistake of thinking that what has happened here is about one single spam incident that happened one single time. It's not.

  7. Zilla

    Spamhaus don't block anything? What a load of....

    Spamhaus are a bunch of self righteous tw*ts.

    I have had numerous run-ins with them over the years and they have never failed to treat me with contempt and always leave me feeling like I want to smash someones pathetic face in.

    I don't spam... in fact I hate spammers, but they don't seem to want to help the situation at all and they are downright obnoxious.

    And at the very end of it they sit back and say "we aren't block your mail, play by our rules or go away".

    Unfortunately LOTS AND LOTS of people around the world use Spamhaus whether they like it or not because some administrator has decided to subscribe to the Spamhaus feed and treat it as gospel.

    Which means when they block your IP.... expect to see at least 40-50% reduction in message delivery, if not more.

    I know for a fact that they are all evil b*stards because they once blocked a large international house hold name Charities e-mail server during a large campaign relating to a recent humanitarian disaster. I won't go into specifics but it wasn't the charities fault and it took something like 4 weeks before they finally removed the block.

    1. Jacqui

      "I know for a fact that they are all evil b*stards because they once blocked a large international house hold name Charities e-mail server during a large campaign relating to a recent humanitarian disaster. I won't go into specifics but it wasn't the charities fault and it took something like 4 weeks before they finally removed the block."

      This will be the same charity that used various spam houses to get its campaigns for donations out then tried to blame the massive volumes of spam reports on the spam houses they had employed. They deserved being added to URIBLs and blacklists based upon the replies going back to thier servers even if the spam did not originate dircetly from their servers.

      Jacqui

      1. Owen Carter
        FAIL

        Huh

        "they once blocked a large international house hold name Charities e-mail server during a large campaign relating to a recent humanitarian disaster"

        Oh yes.. I remember reading about that when the charity got in touch with the press to put pressure on Spamhaus.

        Err; well I don't actually; which is strange because large international charities are past masters at getting around obstructions, and certainly let everybody know if, for instance, a bank blocks donations etc.. But according to you they were so scared and intimidated by naughty little Spamhaus that they meekly complied.

        Can I call BS now?

    2. Anonymous Coward
      Anonymous Coward

      "I don't spam... in fact I hate spammers, but..."

      Ahh yes, but.

      This sort of phrasing is more traditionally seen in the classic "I'm not racist, but..."

    3. Brian Morrison
      FAIL

      Spam is spam...

      ....and I don't care whether it comes from the usual penis pill pushers or from a charity trying to raise awareness of their need for income, er sorry, I mean the need for disaster victims to be helped out.

      If I want to help someone I will, but if they spam me then I won't be listening again, ever!

    4. Ilgaz

      Charity?

      Spam is UNWANTED mail, the mail you haven't signed up for. Even if Mother Therasa rises up from grave and spams my mail address, she will be reported to spamcop.net .

      Being a charity, assuming a religious holiday celebration, serving to "world peace" doesn't matter. I haven't signed up for that thing, you can't provide proof that I signed up (wrongfully called double opt-in) so you are spamming me.

  8. Ben Liddicott
    Pint

    Spamhaus don't block you, they list you.

    People who trust their list, block you when you are listed by them. Not the same thing, at all.

    This is in fact why they are better than having and "internet police". They aren't the only ones - there is rbl, uribl, enemieslist, and a whole array of others, and each recipient can choose who to use.

    Spamhaus, at the moment, are the best and most trusted. The minute they stop being good, they will lose their power.

    If only we could say that about the government!

    1. JeevesMkII

      They're also colossal douchebags, for whom the word "professionalism" isn't in the dictionary. Imagine having to deal with the kind of internet kiddy that inhabits online games, but unlike other species of internet kiddy there's no option to avoid dealing with them.

      Whatever good they may do is vastly outweighed by their personal faults, and I think very few would be sorry if they were all had up on criminal blackmail charges.

      1. Anonymous Coward
        Anonymous Coward

        Wait, you want them to be held for 'criminal blackmail charges', when its nothing of the sort? And in doing so would populate all our mailboxes with considerably more spam.

        Maybe you're bitter because your firm was picked up after a large set of mail was sent which people didn't expect, or you hosted an open relay either by incorrect settings of having a compromised machine. Ether way, if true, I'd rather not receive email from your IP Range.

      2. Ben Liddicott
        Pint

        Unlikely!

        Users will notice the extra spam but don't know who they are, only that their email is full of penises.

  9. Anteaus
    Holmes

    The truth of the matter...

    ...is that BOTH the spamming AND the spamfiltering industries rely for their profits on websites continuing to be vulnerable to address-harvesting, this being the principal source of spam mailing-lists.

    This in turn arises through lazy or dumbass webdesigners failing to implement even simple security measures, to prevent spammers from using 'bots to collect email addresses.

    But, check the advice on the Spamhaus site, and you won't find any info on this. Maybe that's not so surprising when you consider that Spamhaus' profits depend on the spam continuing to flow.

    I've had dealings with Steve Linford and could make a comment or two... but then my lawyer isn't as expensive as his, so I won't.

    1. Ben Liddicott
      Pint

      We get vast amounts of spam attempts on our published addresses

      You know, the addresses we want to make it easy for people to send email to? Like "support", "info", "sales", "abuse", "postmaster"?

      The truth is "don't publish your address on the web" or "use a graphical image" or "obfuscate it with javascript" is just poor advice that makes it harder for legitimate senders.

      At some point, sooner rather than later, your address will be gotten either in a dictionary attack or from some infectee's computer. Bots collecting email addresses are not the issue.

    2. Franklin
      FAIL

      1. A great deal of spam is directed to addresses not only from email address harvesting, but also from emails sent to role accounts and dictionary attacks. Not putting email addresses on the Web wouldn't end spam; likely wouldn't even make a dent in it.

      2. Spamhaus is non-profit.

      Other than those two minor quibbles, your post is spot-on...oh, wait.

      1. Anonymous Coward
        Anonymous Coward

        Spamhaus is non-profit. ?????

        Yep --- and Elvis is alive and well and eating watermelons down in my truck patch.

    3. Anonymous Coward
      Anonymous Coward

      Spamhaus' profits depend on the spam continuing to flow.

      If only the army of arse-kissing Spamhaus sycophants could read and understand that.

  10. Anonymous Coward
    Anonymous Coward

    We agree with ‘As an IT Manager’. We fully support the fight against spam and most of the work this ‘person’ does but he does act like a bully and a spoilt child to the point that we quickly realised that we must be dealing with an individual rather than an accountable and professional organization.

    He put a negligent mis-statement online about our company stating that we were spammers just because we advised them that we would speak to our client immediately rather than just canceling the account even though the spam was not sent from our network (our clients url was used in a bulk email without their consent*) so we started preparing a draft injunction and part of the due diligence was to do a credit and background check on the organization and this is when our suspicions were confirmed. The ‘organization’ was just an eccentric guy who lives on a house boat and the business had no assets so after a board meeting we decided that based on our experience we would not be the only ones as at some point someone else would make them accountable (saving us the legal fees). You just need to do a public look up on the companies accounts to realize that this is certainly not an accountable/professional entity.

    However this is a great pity as we fully support 99% of what they/he do/does but we simply can’t risk using their lists based on what we now know about them.

    (* Client added SPF records to their domain and it didn’t happen again.)

  11. Anonymous Coward
    Anonymous Coward

    This is why I don't use blacklists

    ...other but my own.

    I think this isn't about spamhause alone; a lot of these blacklists look reliable and easy to use until you actually meet the people behind it. Then it remains to be seen how reliable they really are...

    Last time I experienced a figure like this was when I still more active on the GoDaddy userforums. At some time a discussion started about a similar problem; several clients who ran their own mailserver but were blocked in some blacklists.

    Turned out that the author behind said list wasn't satisfied in the way GoDaddy addressed his complaints towards a single allegedly spamming server and as such decided to put the whole netblock into the list. Even though said servers all use static IP addresses.

    So quite honestly stories like these don't surprise me one bit. You can't nor should generalize, but a lot of those spam blacklists are highly as reliable or fair as they may appear.

    1. Franklin

      "Turned out that the author behind said list wasn't satisfied in the way GoDaddy addressed his complaints towards a single allegedly spamming server and as such decided to put the whole netblock into the list. Even though said servers all use static IP addresses."

      That's exactly the idea behind a blocklist. That's how it's supposed to work. ISP doesn't handle spam (or phishing or malware or some other network abuse) in a responsible way; blocklist puts pressure on the entire ISP. Customers of the ISP have a choice: stay or move. If they want reliable service, they move to a more responsible and proactive ISP.

      It's capitalism in action. And like much about capitalism in action, the consumers get caught in the crossfire. :)

      So, yes, how it's supposed to work. Now, before people get upset and start flaming me, I'm not offering an opinion over whether the idea is a GOOD one; I'm simply explaining that that is, in fact the idea.

      And, honestly, I can sympathize with it. Abuse teams are the redheaded stepchild of any ISP. They don't make money for their company; they LOSe money. Almost all ISPs would be happy to allow spam, malware, and phish sites on their networks; after all, it costs money to shut them down. Often, it is only fear of blocklists that prompts ISPs to take action.

      Seriously. I deal with ISP abuse teams on almost a daily basis. I've dealt with ISPs--and I don't mean little fly-by-night reselling companies, I mean huge, high-profile ISPs in the US and UK--who have told me directly "We know this is a compromised site hosting malware and PayPal phish pages. That's the Webmaster's problem, not ours." I've had ISP admins tell me point-blank that they won't deal with a spammer unless he does come to the attention of a blocklist.

      And those don't even consider the hosting companies who adopt a strategy of deliberate incompetence in order to keep their abuse people from losing them money--for a particularly annoying example involving Earthlink, visit my blog at http://tacit.livejournal.com/359564.html for a transcript of an attempt to get them to shut down a phish.

      So it's no wonder to me that blocklist operators are willing to put pressure on entire ISPs and their customers in order to try to get them to clean up. Annoying? Sure. High-handed? Maybe. Does it catch innocent third parties in the crossfire? Sometimes. Is there any other way to get ISPs to take action against abusers? Not as far as I can tell. f anyone else has any ideas, I'm sure the entire Internet community would love to hear them.

  12. Anonymous Coward
    Anonymous Coward

    Spamhaus = Evil

    I've had run ins with Spamhaus a number of times over the years. Each time, their addition of a domain I was running was done on basically zero evidence of abuse. Each time, I had to jump through a lot of hoops to get the domains off the Spamhaus block list. While I was successful each time, it became pretty clear that Spamhaus is an ego driven terrorist organization. It should have it's domain taken away.

    1. Franklin
      FAIL

      A "terrorist organization"? Seriously? Spamhaus plants explosives and flies airplanes into buildings?

      The word "terrorist" has just officially lost all meaning.

  13. Rick Cross 1
    FAIL

    Not As Bad as ORDB

    There was once a popular "service" similar to Spamhaus that black listed servers with open smtp relays. (Where one could use the server to send unauthenticated male from an external domain.) I'd screwed up and left the SMTP open for about a week and they found it and blacklisted us.

    Their method wasn't to go after spammers, but against servers who COULD be used by spammers. They would go through MX records and attempt to send spam to themselves and if successful, black list the offending server.

    This was rather like walking down the street at night, trying to open doors and when you find one unlocked, publishing a list of them for the crooks to use.

  14. CmdrX3

    Whats TPB got to do with anything

    They are only using Cyberbunker as an ISP, probably because they don't easily cave in to threats. The problem for TPB is that Cyberbunker are likely also acting as ISP for some mass spammer as well ( probably for the same reasons as TPB use them). It's got nothing to do with backdoor methods to close down TPB.

  15. Pete 2

    Comparing Spamhaus to credit scoring agencies

    While both can (disingenuously) claim "we don't block your email/credit" they are both responsible for sourcing the information that does. With credit rating companies, we all have a right to access the information they hold about us and have it corrected if it's wrong. With Spamhous we have no rights, no means of getting incorrect information put right and we aren't even judged on our own behaviour.

    In human rights terms collective punishments are illegal. You cannot punish a group of people for the wrongdoings of one, whom you suspect of being in that group. Yet this is precisely what happens with Spamhous. What's worse is that you, as an individual, have no rights to have information that Spamhous publish about the IP address you are using updated. While you could argue that with dynamic IP allocation it's not practical, that doesn't excuse the behaviour, which is simply a poor implementation which addresses the wrong problem.

    1. Anonymous Coward
      Anonymous Coward

      Spamhaus punish nobody, they publish a list and do not enforce that list.

      If you want to query someone, why not ask those who are blocking you.

  16. Anonymous Coward
    Anonymous Coward

    Boo Hoo

    Failure to follow piracy laws and court rulings will land you in deep crap.

  17. Anonymous Coward
    Anonymous Coward

    To those who are angry with this and have the power:

    Put up some tests of your own to check whether someone uses Spamhaus. When their e-mail hits your server, bounce it and tell them why.

  18. Chris 228

    Spamhaus is good IMO

    They report the scum of the internet to help the majority not the criminals. That works for me. TPB is the one who got convicted not Spamhaus.

  19. Alan Brown Silver badge
    FAIL

    Spammers and spam supporters

    The whole article reads like it was written by a spanked spammer.

    For starters, Spamhaus don't care about TPB or other p2p networks, legal or not. All they care about is spam (and only email spam. IM or other spam is outside their remit)

    I'm not particularly surprised by this. TheRegister has a long history of trashtalking DNSBLs at every opportunity.

    At least this time the author didn't pretend he'd attempted to contact Spamhaus for a right of reply. (Hint: Leaving 2 minutes between sending such email and publishing the story isn't exactly ingenous)

    I've found Steve and most other spamfighters perfectly reasonable to deal with even when we've had miscreants on our network. More importantly I've seen multiple instances of ISPs ignoring complaints until networks were blacklisted as a last resort, then trying to go on the offensive via the media.

    If you pitch up to any volunteer organisation(*) acting like an asshat, don't be surprised if you get treated like something the cat dragged in. Trying to launch secret court action won't help either: After past incidents many BLs and BL observers have deadman switches designed to kick in upon such an action (aka "When the canary stops singing, it's time to get worried")

    (*) Yes, spamhaus charges for bulk data access. Server hosting costs money - lots of it at the kind of data volumes involved.

    If admins thought Spamhaus was ineffective then they wouldn't use it. If spamfighters like Spamhaus didn't exist email would have been dead a long time ago - ISPs, etc would have shut down their mail spools like most of them did with Usenet after it turned into 99% spam (I know it's recovered a bit now, but Usenet used to be a backbone service, now it's a minor niche most people have never heard of, like Gopher)

    1. Anonymous Coward
      Anonymous Coward

      The sign on my bathroom door reads "Beware of the flying pink pigs!"

      > If spamfighters like Spamhaus didn't exist email would have been dead a long time ago

      Bollocks!

      When I stop leaving yellow patches in the snow on my front lawn while rolling around pissing my frilly lace knickers with laughter I might make a serious comment.

      Until then - Bwaaaahahhaaaaahhhaaaaahhaaaaaahh!

  20. LarsG

    SIMPLE SOLUTION

    Anyone who has lost business or had business losses due to the direct action of Spamhaus should get together find a no win no fee legal representative and begin a class action. If 4000 people claim €2000 each it could become expensive.

    Spamhaus is not a legal entity, they do not have the right to accuse and convict and demand, which may be a breach under the Human rights act pertaining to a persons freedom.

    3 or 4 class actions and spamhaus would be out of business just defending the cases.

    1. Anonymous Coward
      Anonymous Coward

      Talking thru your arse

      Ever heard of frivolous lawsuits? Many courts award significant punitive damages in addition to ALL costs for defense. You might want to brush-up on lawsuits while searching for a siren chaser.

    2. LDS Silver badge

      That would not be a class action. That would be a spam action...

  21. Mongo 1

    Blocked for what?

    Mongo found the SBL record!

    http://www.spamhaus.org:80/sbl/sbl.lasso?query=SBL99505

    and

    http://www.spamhaus.org/sbl/listings.lasso?isp=cb3rob.net

    Senderbase getting cold feet too.

  22. Anonymous Coward
    Anonymous Coward

    Kiwis are so full of shite, they can't fly!

    History shows that anti-spammers have collectively caused more disruption of legitimate business than the spammers from whom they claim they are protecting us.

    Amateur anti-spammers who turn professional inevitably become festering pimples on the arsecheeks of the Internet - ego tripping wankers, one and all.

    Sorry to be the bearer of bad news, but that's just the way it is.

  23. Inachu

    The idea nd methodology of spamhaus is worthy and honorable.

    If peoples emails were added without asking to be added to spamhaus then there

    should be a complain but If spamhaus only adds emails and ip address by request

    then this is not any fault of the spammer at all nor the fault of spamhaus.

    Clients who want to be added so their customers do not get spam should be awarded.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019