back to article Rise in Latvian botnets prompts Spamhaus row

Concerns over the rising tide of nuisance and malicious email from Latvia have sparked an acrimonious dispute between anti-spam organisation Spamhaus and the country's top-level domain registry. NIC.LV, which administers .lv web addresses, has branded Spamhaus "impolite, arrogant and even rude" after it added a large chunk of …

COMMENTS

This topic is closed for new posts.
  1. K
    Thumb Up

    Spamhaus sucks

    I appreciate the job Spamhaus do, everybody hates spam.. but I've got to agree, they are arrogant and their appeals process is clumsy.

    1. Anonymous Coward
      Thumb Up

      but equally...

      ...so is presuming you will not be hit, so therefore ignore the crap on yor pipes, because you are the biggest ISP in Latvia.

    2. Pet Peeve
      Heart

      Uh huh

      Thinking your ISP is too big to be blocked is arrogant. Spamhaus is right on here. If you have out-of-control spamming from a host's IP, and that host is unresponsive, what are you supposed to do, eat your spam?

      The only people who think Spamhaus is "arrogant", and that their "review process is clumsy" are spammers, or hosts that don't think they should have to do their part to keep the net clean. News flash, it's 2010 and you can't get away with being lazy in how you handle spammers.

  2. Anonymous Coward
    Paris Hilton

    "Internet access is a basic human right"

    Am I an old fuddy-duddy or is Internet access very far from being a "basic human right"?

    1. John Miles

      re: is Internet access very far from being a "basic human right"?

      As more and more things are becoming you have to do it on-line or they make it as hard as possible if you don't (e.g. applying for jobs, tax etc.) - I'd say it is getting closer to the stage where you require Internet access to function in our society/not be disadvantaged therefore closer to needing to be a "right"

    2. Rob Farnell

      While I agree with you that it isn't at the top of the rights pyramid

      Some Governments have put it in as a basic human right. I seem to remember that at least one Scandinavian country has done this.

      However, I think they get cold and lonely up there.

    3. The BigYin

      I agree totally

      Rights to free speech, movement, freedom from torture etc are basic human rights. The inalienable rights. Those we'd still have if we returned to the trees.

      Everything else is merely a benefit of our technological age.

      1. two00lbwaster
        Thumb Up

        Utter tosh

        If we returned to the 'trees', you'd be at the mercies of the person or group of persons that held the biggest stick(s).

        If they didn't like what you were saying they'd quite happily be rid of you. If you wandered into someone else's area, they might tortuture you and or kill you for doing so.

        All these basic 'Human Rights' are utter b.s.

  3. Matt K

    "Internet access is a basic human right"

    Eq - sadly some seem to think it is (based on a poll the BBC conducted in March).

    Me, I think we've still got some way to go on the others - y'know, life, liberty and security of person, equal protection of the law, freedom of movement, etc.

  4. jake Silver badge

    Agreed.

    "No internet user should be punished for the actions of another internet user,"

    I agree 100% ... I shouldn't have to burn bandwidth, CPU, disk and end-user time($$) on unsolicited email and other anti-social Internet traffic. Nor should my clients. That's why I block large swathes of IP space where anti-social traffic is known to originate. Including most of Latvia. And my clients are happy to follow my lead. Makes life easier over the long haul.

    Don't like me blocking your IP traffic? Clean up your act; become a friendly net.neighbor, and maybe we'll start exchanging packets again ... *IF* someone using my blocklist asks me to allow your IP space again.

    Internet balkanization? Absofuckinglutely. But here's the rub ... I'm in the rest of the world. The Internet version of the Balkans have chosen to become balkanized. Hopefully they are happy in their semi-isolation.

    I am not Spamhaus, nor do I use them, but they are not alone.

    1. Anonymous Coward 3
      Thumb Down

      re:Agreed

      "The Internet version of the Balkans have chosen to become balkanized. Hopefully they are happy in their semi-isolation."

      Last time I looked Latvia was in the Baltic States, not the Balkans (whence cometh, inter alia, Bulgarian airbags).

      1. staggers
        Thumb Up

        Balkanisation

        Um, you obviously didn't understand. He wasn't saying he thought it was in the Balkans.

        'Balkanisation' is a political term.

    2. David Eddleman
      Happy

      Precisely!

      My own servers & networks have large chunks of addresses blacklisted due to a high chance of crap coming from them. For example, China and Korea. I used to maintain a forum for my first employer and I set up large banlists there because of bots. I only had 1 legit user come out and ask why he couldn't register, and I added an exception.

  5. James 93
    Grenade

    basic human right = NO!

    I honestly hate it when people blame ignorance as a basic human right. I would say having the right to not be harassed by messages is more of a human right than to have internet access. If they cant sort it out boot them from it! im sure self respecting Latvian's will find another ISP that is willing to sort itself out.

  6. Anonymous Coward
    Anonymous Coward

    abuse @

    If you are an ISP or a domain owner, you are legally bound to maintain your records so you can be contacted and it is only decent to monitor your abuse@ email addresses. Go spamhaus, if they are the biggest ISP in latvia then maybe they should check their emails.

    1. David Eddleman
      Thumb Down

      Bound?

      Bound by *what*? There's absolutely no legal or contractual obligations to check a mailbox. It's a nice thought but a lot of abuse mailboxes are automated and the only thing they do is send an alert when so many hits happen to a particular address.

      1. Anonymous Coward
        Flame

        Read it again

        He said it was only "decent" to check your abuse emails, not "bound."

        That was referring to your responsibilities to maintain proper records.

      2. Northumbrian
        FAIL

        Bound by due vigilance

        Spamhaus has the right to shove addresses on its block list.

        Spamhaus saw a plague carrier, issued a warning that they would slap on a quarantine notice, if no action was taken. The warning was ignored, so they slapped on the notice.

        When the Latvians said, "this ISP is to big be treated that way," Spamhaus could, with reason, have replied, "and we're too important to be ignored." That is definitely arrogant, but probably accurate - as the Latvians have just discovered.

        Moral: if someone can put you in quarantine, don't ignore emails from them, put them on a filter into an "Urgent" email folder. As an ISP that is, by its own account, that big and that important should have known.

  7. kanoop

    Well done Spamhaus

    Latvian ISP should sort out their act, not cry foul when their laissez-faire attitude to the menace of spam is exposed. Good on you Spamhaus.

  8. Anonymous Coward
    Anonymous Coward

    I can put any address I like in the abuse section of my IP range

    so I could put president@whitehouse.gov in the RIPE info as my abuse contact, and then start spamming away safe in the knowledge that spamhaus would block US government access to the internet. They should block the smallest IP/range that they can identify as originating spam and stop at that.

    Their actions are generally pretty overbearing and arrogant.

    1. Pet Peeve
      FAIL

      There's a bridge I'd like to sell you

      Do you trolls even THINK about what you write? Cripes, that doesn't make the slightest sense.

  9. Anonymous Coward
    Anonymous Coward

    Perhaps someone will explain as I'm a little confused

    I use blocklists/blacklists from organisations like Spamhaus to route dodgy emails away from my colleagues inboxes. I don't have any interaction with the source of the emails

    In this case, were people blocking all traffic coming from those Latvian IPs rather than shunting emails into the great steaming pile of electronic dung that they are?

    That bit aside, it does seem to me that whoever was in charge of handling abuse at the Latvian end should have done more to coordinate with blocklist operators before it went wrong.

    And it seems the Latvians have a wounded pride more than genuine cause to complain. Not understanding that being the biggest ISP in a small country could also equal one of the smallest in a larger context.

    1. Anonymous Coward
      Anonymous Coward

      Without checking facts...

      ... which I could perhaps do but since the article is a bit light on details anyway, here goes: Sometimes people, even by virtue of their job supposedly technically savvy people, will claim things like "can't access the internet" when their (users') email gets rejected with a "we don't like spamhaus listees here". That's one. Another is that spamhaus offers a "do not route or peer" list, in addition to their other lists of things to block. If network admins feed that into their routing configurations with a blackhole instruction, then that can cause pretty direct and curious failures beyond email rejections.

      And yes, as someone who has on occasion monitored USENET groups like n.a.n-a.e, I can attest that plenty of people who found themselves on blocklists saw fit to "fight" that by mouthfrothing fury-fueled emails. So this nic.lv flunky's reaction doesn't really surprise me. Such a reaction is not a brilliant idea because it easily leads to ending up (forever) on countless private blocklists. Good luck getting off those since you don't know you're listed and don't know who to ask to get off. Unwise, yes, surprising, no.

      Those latvians apparently let their contact info decay (sloppy), got bitten (happens), didn't believe it happened to them (oh well), and tried to bully spamhaus (that's gonna work). Now it's tears and complaints of high-handedness (like spamhaus is going to care), which even here in the comments appears to woe a few people who don't know what sort of flood of abuse shops like spamhaus deal with daily. I haven't had to deal with them, thankfully, but from what I've seen they're generally professionally detached and within the rules they put on their website. It's a clean operation in that respect, far more than some others I could mention.

  10. TeeCee Gold badge

    "we are one of the biggest internet providers in Latvia".

    Presumably measured in terms of traffic. I wonder where they'd be without all those spam and DOS packets bumping their numbers up?

  11. Anonymous Coward
    Anonymous Coward

    Institute of Mathematics and Computer Science?

    Looks like the abuse department of NIC.LV is run by a bunch of thin-skinned academics so don't expect any acknowledgement that they might actually have made a mistanke. Or for that matter even knowledge of how the real world operates.

    I'm supporting Spamhaus on this one. Be polite or people might decide you're not worth talking to. Kinda like outside in The Blue Room.

    1. Northumbrian

      Academics

      I'm not any sort of expert on anti-spam measures, but I do know something about academics:

      It all depends on which academics were involved. If the university department involved has just been through some radical cuts (and I believe the Baltic states have been very badly hit by the current financial crisis) it's quite possible that the only person who really understood how the thing worked had just been made redundant by those in charge, who really hadn't the slightest idea what the department was doing.

      And/or the whole thing was passed on to the newest member of staff, who said they understood it, but didn't.

      And/or running this department was a job for 20 working staff and there were only 3 of them - they ignored emails because they needed to sleep.

      And/or there's a "who cares anyway?" culture in that department/university/country. "Oh, I never bother with abuse emails - they're more trouble than they're worth and usually just banging on about something we all have to put up with. Golf anyone?"

      And/or there's at least one abusive spammer actually in the department/institution who's cleverer than the people who supposedly run the operation, and they just re-direct the email into the "junk" box. Crime pays a lot better than universities.

      And/or no one in Latvia sees why this sort of thing merits that sort of response - they may regard spam busting as "Just these Health & Safety Nazis trying to ruin things for small countries in a difficult world."

      There's probably a Latvian equivalent of the Daily Mail claiming on the front page that. "EU bureaucrats are trying to block Latvian free access to the Internet" (and yes, I know Spamhaus is not only non-EU, but not an official body of any kind." - and they may know, but why waste good propaganda?) and inside that some poor businessman is overwhelmed by spam and someone should do something about it. Meanwhile they have a centre spread about how Latvian taxpayers are supporting idle academics just to keep some unnecessary geek fiefdom going, and to impose a lot of fancy rules on "the rest of us."

      I do not claim that any of these things is actually happening - I have no knowledge of the workings of this ISP in particular or of Latvia in general. But human nature, and the behaviour of human organisations - especially in times of stress - is rather easier to generalise about.

  12. Conrad Longmore
    Thumb Down

    microlines.lv

    microlines.lv is almost all evil:

    http://blog.dynamoo.com/2010/07/evil-network-microlines-microlineslv.html

    But they're not the only scumware outfit running out of Latvia.. Sagade Ltd is another one.

  13. Joe User
    Flame

    Two notes for twit NIC in Latvia

    1. Reply to your abuse complaints in a timely manner and you won't have this problem!

    2. You might be the biggest mouse in the broom closet, but in the end, you're still a mouse (in the broom closet).

  14. Alan Brown Silver badge
    FAIL

    Spamhaus doesn't block ANYTHING

    Let's be clear here - it's not as if Spamhaus went into a data sentre and cut all the lines out of Latvia.

    They publish a list of badhat IP ranges and admins who WANT to use the list decline to allow traffic from the IPs on it.

    I seem to remember a similar furore when the Undernet network banned all of Malaysia from chatting on their (volunteer provided) network because of sustained abuse and a refusal of the 2 major ISPs there to do anything about the issue....it turned out that Undernet was the last of a long list of IRC networks to ban the country in-toto because of abuse issues.

    If Latvians want to turn a blind eye to abuse coming out of their networks then they'll get a wakeup call - Ukraine had something nearly identical happen 6 years ago, but where's the big song-and-dance about that? or the one for Romania in the 1990s?

    The Striesand Effect has some interesting echos in cyberspace. Latvia may get itself out of the Spamhaus lists but as a direct result of picking a fight with Spamhaus their Internet horizons are permanently diminished to the tune of at least a few ten-thousand admins who have added the IP ranges into permanent local firewall lists.

  15. TkH11

    It's eastern europe

    What is it with Eastern European countries and their dodgy illegal practices?

    1. Arctic fox
      Grenade

      With regard to spamming, which..........

      ............country is the largest source of unsolicited e-mails on the face of the planet? I'll give you a clue, it is not an east european country or an asian country. It is the good old US of A whose legislators still refuse to pass any SERIOUS legislation against the spammers yet at the same time want to retain US control of the internet. When one considers that somewhere between 85 and 90 % of all e-mail traffic in world is spam it is a shame that the country that insists on retaining the power won't take the responsiblity of actually doing something *efffective* about it.

    2. shurimuri

      look in the mirror

      Before blaming Eastern Europe look at the statistics of the most spamming countries:

      http://www.spamhaus.org/statistics/countries.lasso

  16. Anonymous Coward
    Anonymous Coward

    nic

    nic.lv is stupid and arrogant. Just try subscribing to their Latvia GIX updates list (it's so 1991!). I have had to deal with them. And I have had my IPs blocked by spamhaus because one of users on my network contracted worm and it was sending out spam via direct SMTP. If anything I appreciate them blocking my IPs as it helped to discover and track down that infection on our network

  17. tmortimer

    Rude, but right

    I'm one of the Spamhaus researchers that supposedly doesn't give their last names. :-) I usually avoid public comment, but after reading this article, decided to delurk. For the record, the following is my personal point of view; I am not speaking for Spamhaus.

    I wasn't involved in the microlines.lv SBL listings. Nonetheless, when we received the broadside from nic.lv, I read it and winced. I wish that my colleague had not lost his temper. However, after reviewing the SBL listings involved and all of the correspondence, I think that except for the somewhat intemperate language, my colleague was completely justified in the actions he took and the SBL listings that he opened. I also suspect that I might not have been able to hold my tongue in face of statements that appear to me to assert that this ISP has the right to expect the rest of the Internet to accept its email despite its utter failure to deal with the abuse on its network.

    I have occasionally lost my temper when communicating with with lax or abusive ISPs and web hosting companies. Most of them had tolerated considerably *less* abuse than the Latvian ISP and hosts of microlines.lv did, and had ignored warnings for a considerably shorter period of time. Further, most of them had their Whois records in order, making it possible to determine accurately who owned the abused IPs and who was the upstream provider responsible for abuse on those IPs.

    Nic.lv and the host were seriously deficient in their management of abuse issues on this network. As a result, innocent internet users were recipients of significant quantities of criminal spam, and some were probably infected by the malware spread by that spam and hosted on these IPs. Since they would not deal with the problems that their users were causing, their IPs were rightly blocked to protect as many Spamhaus users as possible, until they dealt with the problem.

    I hope that we do a better job in the future of keeping the tone our communications professional. However, organizations that ignore complaints while criminal spammers and malware distributors take over their network *should* face SBL listings of their IP space. They do not have the right to expose the rest of us to that level of abuse. And if they attempt to assert such a "right", they should expect to be told that there is no such right, and that they need to keep a reasonably clean network if they are to expect others to communicate with them.

  18. Allan George Dyer
    Flame

    @David Eddleman and everyone else who indiscriminately block countries

    The number of complaints you get does NOT match the number of legitimate correspondents you've blocked. Take a fairly obvious scenario: potential customer checks your website for your contact address, sends email enquiry, email gets blackholed by your rules, potential customer does not receive reply and buys from your competitor. It is only the rare and persistent user that reports the problem.

    Living in Hong Kong I occasionally have to deal with such indiscriminate blocking, and I wish you guys would make things a bit easier...

    i) Make your blacklists as specific as possible.

    ii) Don't blackhole, respond with a 550 error at the end of the SMTP DATA phase. This does not cause backscatter - you are using the TCP connection to the actual sender, if it is legitimate, then the user gets an error message and knows their message has not been delivered. If you reply OK at the end of the DATA phase, you are promising to deliver the message, and later blackholing it is a violation of the SMTP protocol.

    For this case, I think Spamhaus has acted correctly - they used their standard procedure, contacted the abuse addresses and escalated when they didn't get a response. However, did they use the official language(s) of Latvia when they sent the messages?

    Perhaps each country's NIC or CERT should produce fill-in-the-blanks abuse report templates in their local language(s)?

    1. jake Silver badge

      @Allan George Dyer

      "Living in Hong Kong I occasionally have to deal with such indiscriminate blocking,"

      It's not indiscriminate. It just looks like it from your side of things ... from my side of things, it's kind of like Internet Judo ... "Bad" ISP throws a punch, I side-step it. "Bad" ISP throws another punch, I let it go again, but slap it on the way by. "Bad" ISP throws a third punch, and "bad" ISP finds itself on its arse, unable to communicate with me for the duration.

      "and I wish you guys would make things a bit easier..."

      And I wish the guys running the systems you're connecting thru' would stop allowing their systems to be a spam/malware sewer.

      Again, I'm not spamhaus, nor do I use them, but I do protect my users.

      1. Allan George Dyer
        Badgers

        Evidence?

        You have assumed that the "the guys running the systems [I'm] connecting thru' {are] allowing their systems to be a spam/malware sewer". Show me the evidence of that for any Hong Kong ISP, and I'll take the evidence to OFTA and HKCERT, and do my best to get them shut down. Or you can send the evidence direct, check their websites: http://www.ofta.gov.hk/, http://www.hkcert.org/

        Of course, I believe there are individual computers in HK that are botnet zombies, but that is difficult for an ISP to police if no-one reports it. I think that a user education message, "clean your computer and keep it clean, or you loose your internet connection" can work well at the individual level, because that is where the responsibility lies. If you just block an entire country, the local CERT doesn't know which users to talk to.

        I'm not Spamhaus either, but I don't think they've ever blocked the whole of Hong Kong. Have you?

        Anyway, if we agree to differ on whether blocking a whole country is indiscriminate, do you have any comments on my three suggestions for improvements: specificity; not blackholing; and providing abuse report templates in multiple languages?

        1. jake Silver badge

          Meta vs. micro, and the spammer mindset ...

          "I'm not Spamhaus either, but I don't think they've ever blocked the whole of Hong Kong. Have you?"

          Clearly, sir, you are unclear on the concept. I was discussing shielding my networks from IP ranges delivering spam/malware, regardless of country of origin. You, on the other hand, seem to be taking it personally.

          "Anyway, if we agree to differ on whether blocking a whole country is indiscriminate"

          Where did I write that I was blocking any "whole country"?

          "do you have any comments on my three suggestions for improvements:"

          Sure! I can comment on anything, if you ask :-)

          "specificity;"

          My blocklists are very specific ... but then, being IP address ranges they would be, wouldn't they?

          "not blackholing;"

          Why not? Seriously. When abuse comes from specific IP space, I drop IP packets from that IP space on the floor. I've been doing that since January 1, 1983[1]. I am protecting *my* network resources, which don't exist to make *your* network owners a profit.

          "and providing abuse report templates in multiple languages?"

          I'd love to. Are you offering to provide this service? Or are you suggesting that I should spend *MY* money to provide it?

          [1] Prior to that, I was doing similar things with NCP traffic ...

          1. Allan George Dyer

            Jake, Did you read the comment you were replying to?

            I even titled my comment, "@David Eddleman and everyone else who indiscriminately block countries", and you took issue with my description of this practice as "indiscriminate".

            When I get a problem reported to me, I investigate, sometimes I end up in contact with an admin that admits, "we block everything from Hong Kong/China/Asia because we get so much spam from there and our users don't have any legitimate contacts there". They are wrong - there's at least one legitimate contact, the one with the problem I'm investigating, and their users don't know what they are blocking on their behalf. If an admin (such as yourself) told me, "we blocked a /24 because of a spam source" I'd have strong words with my ISP - if they continued to allow their IP range to be abused by some customers, I'd take my business elsewhere, and publicise why.

            Thanks for your answers...

            specificity - good, but many other admins are not so discerning.

            not blackholing - please refer to my original comment. I was referring to the practice of accepting an SMTP message, then blackholing it, which violates the RFC and prevents legitimate senders knowing their message has not been delivered. However, to extend that into a general principle: we should not respond to abuse of the network with measures that prevent legitimate users knowing that their communications have been disrupted.

            multi-language abuse report templates - no, I'm suggesting that each local CERT could do it for the local languages. We're on a global network, so we need better ways to communicate with admins that don't speak the same language.

            NCP - I guess you mean Network Control Program, not NetWare Core Protocol

            1. jake Silver badge

              @Allan George Dyer

              Not arguing with you ... Just providing additional perspective.

              I have dropped two /24s. Twice. They needed killing. You can probably guess who ;-)

              Admins who reply to me and act on abuse reports are never blocked ... even if it takes a week's worth of back and forth email to get to the heart of the matter.

              That said, dropping received email is not blackholing, and a waste of bandwidth. When you're in my DENY tables, your mail servers can't even see my network. Any & all IP packets from you are dropped on the floor with no reply. THAT is blackholing.

              Disagree on multi-language abuse reports. Like it or not, just as Arabic drove early science, Latin (Koin Greek, Aramaic, et al) drove early Christianity, Deutsch drove later science (etc., I won't continue. You are quite welcome), American English is the lingua franca of teh intratubes.

              Yes on NCP ... I'm an old fart. I'm surprised you knew it was "Program", not "Protocol".

  19. Anonymous Coward
    Thumb Up

    Latvia is not the victim here

    No one takes blocking swaths of address space lightly. However, when ISPs harbor customers who are preying on others, ignore repeated notices and fail to exercise due diligence, the question becomes "Who has the greater right - the ISP and their criminal customers or the rest of the users on the Internet".

    I applaud Spamhaus for their actions and would tell the Latvians to either clean up their customers and act responsibly or prepare for a lot more blocking against their net space. Without Spamhaus and companies like them, unscrupulous providers would operate with complete immunity.

    1. Anonymous Coward
      Anonymous Coward

      ..and another thing

      Since when did where the email address of an upstream abuse contact was have anything to do with the IP blocks of a hosting provider? Is this article just badly written or have Spamhaus not heard of BGP?

  20. Anonymous Coward
    Unhappy

    Well..

    Sorry, but the Latvians are right - Spamhaus are a bunch of self-aggrandizing pricks - language barriers my arse.

    I'm just glad I've never had anything we use blacklisted by them.

    On the flipside though, most people don't use their most knee-jerky blacklists precisely because they are so inclined to cause collateral damage, so it's perhaps a bit excessive to claim that Latvia was cut off from the Internet. "Latvians prevented from mailing hopped up beardy portion of society by hopped up beardy blacklist" might be more apt.

  21. Anonymous Coward
    Anonymous Coward

    Hey, they lost a lot of money!

    Latvia is one of the countries where you can pay and perform your illegal activities with almost total impunity. Their ISPs reacted that way I guess because they were losing a lot of spammers' money.

    Spamhaus is a service one decides to use or not, thereby it is free to block whatever it finds better to block - it is up to its users, especially the paying ones, to complain if it blocks legitimate addresses.

    NICs should monitor their ISPs being compliant with Internet rules, not complain when they are caught with the hands in the honey.

  22. Anonymous Coward
    Anonymous Coward

    spamhaus etc

    I have impression that spamshaus and the likes are helping out much less than they pretend to. And just to remind of their existance they choose its prey for showcase. The smaller the country, the safer the showcase.

    I suppose, Ukraine and Romania were blocked only because in respective time Internet there was in the cradle so potential damage to be expected - low. Or may be they just did not knew where these countries are or how big they are, which is not a big suprise knowing how poor is the general education in the West.

    I'd may be trust them if I'd hear about loud cases of blocking some "too bit big to be blocked" country's significant ISP, except highly politicized cases. But I did'nt.

  23. Arctic fox
    Flame

    Ban it.

    All, and I mean all cold-calling advertising by phone, fax, snailmail or e-mail should be made a criminal offence. The sheer scale of the unsolicited advertising industry is now a major problem for society all over the world and cannot be said to have any form of upside whatsover. The large majority of it ranges from at least dodgy (usurious loan offers etc) through to a large amount of directly criminal behaviour.

  24. Henry Wertz 1 Gold badge

    Bayesian filter

    @Alan Brown, I have heard this argument and it's true but it's splitting hairs. It's true, spamhaus doesn't block anybody -- but it's a list of IPs that users of the list then block. Not that I'm complaining, I think spamhaus provides an important service. Just my 2 cents.

    That said, my ISP now (within the last few years) wants to charge $5 for spam filtering. I said forget it. Rather than do ANY IP filtering, I use a bayesian filter only (I am using spamprobe) -- the filter gets better spam (for more accurate identification) than if I prefiltered by IP, and it avoids the problem of someone like spamhaus being overzealous in who they block (or pedantically, who *I* block based on their list.)

    1. Anonymous Coward
      Anonymous Coward

      Yes, well, no.

      It's splitting hairs but fairly important. Spamhaus doesn't decide to act on the things they list, making blaming them for loss of service into blaming them for something they have no control over. In fact, if you'd sue them to force them to unlist you, you'd end up blocklisted in private blocklists with a snarky message telling you to sod off until the heat death of the universe. That's only unfair if you fail to realise that the internet is nothing but the continued co-operation of the operators that run all the internetworks that combine into "the internet". Failing to do the thing the rest of the internetworking world expected of you does that to you. Oh well.

      Personally I have *no* spam filter on my email and I get very little spam, but then I'm very careful who I give that email address to. Speaking of failing the community: I do get some spam from a bunch of moreso than usually idiotic recruiters. *Everything* has been sent back through the appropriate contact, which is abuse at uk.uu.net. To no avail. Why am I not surprised?

  25. Nigee

    However

    The Lativian response tends to support the notion that old habits die hard in that neck of the woods - shoot the messenger it's so much easier than fixing the problem.

    Being a small country it makes one wonder who personally knows who, do I detect sect 13 of the Old Mates Act being invoked?

  26. Anonymous Coward
    Headmaster

    that's an idd request...

    "...independent adjudicator to mediate... in an unjust way."

    Then again, given the Latvians' unenviable position, perhaps an unjust mediator would be the only one to resuly in a favorable outcome.

    Yes, I'm being pedantic.

  27. Anonymous Coward
    WTF?

    Better than UCE-Protect

    UCE-Protect are another smaller blacklist, they they regularly automatically block entire address ranges. They then demand money from the non-spammers to be de-listed, suggesting they pay up or change ISP, which is often not an option. Scamming idiots.

    At lease spamhaus has a legitimate removal procedure.

  28. shurimuri

    opinion

    This is what happens when 2 bullhead roosters meet on the narrow bridge.

    Mistakes (IMHO):

    Both sides - aggressive communication, excessive self-esteem (we can not be wrong; even if we are, we do not admit it and do not say "sorry").

    Latnet/LatnetServiss - seems that not enough attention/action to the repetitive information about abuse from the same sub-ISP;

    SpamHaus - finding IP's of upstream provider using abuse e-mail domain - why?; probably you could afford a bit more non-automated communication and warnings before escalating and blocking upstream provider - you care about false positive rates, don't you?

    The whole story reminds me old joke about US warship and lighthouse ( http://www.youtube.com/watch?v=U33Xg91HAlo )

  29. Robert Carnegie Silver badge

    In other news, Malwarebytes...

    Malwarebytes when I last looked (last Christmas?) had an interesting relationship with the SystemRescueCD distro of Linux with PC fixing tools.

    (1) SystemRescueCD was often recommended by Malwarebytes user forum staff as a problem solver.

    (2) Malwarebytes software forbade you from opening SystemRescueCD's web site.

    Apparently because SRCD's site was in an address range that also contained some bad citizens, so MB blocked them all.

    This put me off from trying every Linux "live CD" that I get my hands on.

    I want a method of checking the bloody things. Maybe boot them into a sandbox VM and then virus-check them from the outside?

    I believe SRCD is just some French bloke anyway. Of course Knoppix is just some German bloke. Ubuntu... I think the bloke is from South Africa, or something?

This topic is closed for new posts.