Slashdot Mirror

make spamming illegal in the whole US. Apparently it's ok to spam according to some US judges :
http://www.spamhaus.org/organization/statement.las so?ref=3

Whoever modded parent up as "insightful": Please get a clue.

A quick look at the ROKSO list will reveal just how much of the worldwide spam does originate from USA spammers. Take just them out and you will have done the world an unbelievable favour.

That link should be http://www.spamhaus.org/statistics/countries.lasso

What has China got to do with the spam problem? Most spam comes from the US.

As you can see, the most common hit is trawling for valid names. Second most common hit is people claiming to be the domain they're sending to. we've got postfix set to say 'F off' to any machine that lies in HELO, fails to use a FQDN or a ton of other mistakes.

After that, we've got the 400 series errors of cannot lookup sender addresses, followed by greylisting expirations, and finally, the two RBLs actually used on this machine, and finally open relay probes.

What's not listed is the multiplicitive effect of HELO and greylisting blocking, and that's pretty hard to determine. Someone will have to honeypot that one to get some numbers, but a HELO block stops a host from sending ANY spam to you. How many mailadmins out there see their (decently populated) servers only get a single email when a spamrun is in progress? Exactly. Same with greylisting. Spammers consider any error a permenant fail (for that run) because it's more time-efficient to just go on to the next email then to keep a retry queue. Since they never try to send the same email again, they never get through the greylist (since it's based on host:sender:recipient) tuples.

On my personal server, I don't even use RBLs anymore, they are too prone to false-positives for the tiny amount of spam they do catch. And politically, while vengance and retribution seems like a cunning plan, in reality the only people who ever suffer are the collateral damage. Deep-pocket ISPs with 2-3 year downstream contracts and painful early termination clauses keep a lot of collateral damage from being able to vote with their wallet. Plus, thanks to ARIN's inability to move forward with IPv6 in a reasonable fashion, or give portable netblocks to people, moving is exceptionally painful for basically everyone except the largest players (who are not generally colatteral damage). The big losers here are the joejob victims who get blacklisted, small businesses who lose contracts due to having their email blocked, medium buisnesses and small ISPs who have to play whack-a-mole on customer servers trying to find the exploit-of-the-week that allows formmail/mail relay/postmaster bounce spam. The winners are big fat companies like MCI, since they get spammer buisness, and lock their non-spamming customers into contracts that don't let them move when their service is impaired. (Nobody considers being on a blacklist grounds for early termination, or even downtime. OBVIOUSLY you did something wrong to get on it.) And of course, dedicated mail-hosts who are the last resort when you're locked into listed netblocks.

Of the winners and losers, who do you see posting to NANAE? What sides do they take on the RBL issue? Isn't it interesting to follow the money?

But avoid SPEWS like the plague. They have a wonderful policy of blacklisting entire 16-bit IP ranges because one machine in an enormous server park has been used to send spam.
They know this causes massive collateral damage to machines administrated by totally independent companies, many of them small and liable to suffer severe hardship because of this arbitrary action. That's precisely the idea: they keep hurting non-spammers to make them lobby the server parks to deal with the spammers.

SPEWS is a list of spam-tolerant ISPs.

The hardship cast upon smaller clients of the ISP is brought to them only by their indirect support of spammers through their direct support of spam-friendly ISPs.

Now if one wants a less aggressive blacklist, one can always look at Spamhaus.

sbl contains the spamhauses, xbl trojaned boxes/open proxies etc (you can of course also only use one of them). See http://www.spamhaus.org/xbl/index.lasso

Trying to keep spammers blocked when the ISPs are moving them around is called "whack-a-mole" and it is a pointless endeavor.

ISPs have a choice not to willingly host spammers. They don't have to become super-duper spamfighters in order not to get blocked. All they need to do is not host spammers. It's really not that hard! Just consider: if you're an ISP and someone calls up and says they want to be your customer, and you find out that they want to sell penis pills and horse porn, use your common sense! The ISPs that are willful spammer hosts at this point are the ones which have thrown their lot in with the spammers, and to hell with the rest of the net.

Want to know where the spammers are? Check this list. The ISPs with the worst spammer problems are Verizon Business, Serverflo, and SBC. If you choose to host with these ISPs, you are moving into a neighborhood where the "government" (the ISP) is already proven to be in bed with the Internet's largest native criminal element. If you do this, you should expect the rest of the world to treat you with some suspicion.

I don't send spam. Some asshole blocks me because somoene in the same IP block as me did. I have no way of knowing who spammed who. I can't do anything about anonymous spammers. I get hundreds every week. AND MOST OF THE SPAM I GET OBVIOUSLY ORIGINATES IN THE USA.

You clean up your act. How many Americans have been prosecuted for sending billions of spam emails -- two or three perhaps. You know who they are and and where they live. Blaming the spammers in other countries they outsource to is pointless. If China, say, were to shut down every spam relay, how long would it take before you were getting exactly the same amount of spam from another country? Maybe a week.

Spam is driven ultimately by profits. If you stopped people from profiting from spam, by prosecuting and fining your home-grown spammers in Boca Raton for a start, there wouldn't be a problem.

The ROKSO list of known spammers. How many from Hong Kong? Two. From the USA? 83.

Known Spam Operation: Country
Alan Ralsky: United States
Alex Blood / Alexander Mosh / AlekseyB / Alex Polyakov: Ukraine
Alexey Panov - ckync.com: Russia
Ameritech Advertising / Scott Ramaglia: United States
Amichai Inbar: Israel
Amir Gans: Israel
Andria Petito / Tranzact Media: United States
Anton Gorodov / Gorodetsk - srx / s-rx: Russia
AWG aka youngjoo aka qline: Japan
Bill Waggoner: United States
BlueStream Media: United States
Boris Mizhen: United States
Brian Fabian / Gregory Parsons: Canada
Brian Haberstroh / Atriks: United States
Brian Kos / BK Ventures / Internet Promos: Canada
Brian Kramer / Expedite Media Group: United States
Brian Walter: United States
Bubba Catts: United States
Calvin Ho / Optin Global Inc.: United States
Charles Earle IV - World Mail Direct: United States
Charles F. Childs / Ultra Trim / MegaTrim / Grant Gold: United States
Chris Smith / rizler.com: United States
Christopher J. Brown / Swank AKA Dollar: United States
Chuck An / iomega: United States
Daniel Khoshnood: United States
Daniel Lin: United States
Daniel Mankani: India
Dave Patton / lightspeedmarketing: United States
Dean Schlenker - eGo Direct Mail / Cyberside Marketing: United States
Drew Auman / thebulkclub.com: United States
Dzenis Softic: Bosnia
Eddie Davidson: United States
Eddy Marin - Oneroute: United States
elogic.cc: United States
emailspidereasy.com: China
Eric Reinertsen: United States
Estrela Marketing / Adam Taub: United States
EvoClix / Larry Tasman / Greg Numark: United States
eXcuria - inkjet cartridge spammers: United States
fairgamemail.us: United States
Flavio Vale - MKT Solutions: Brazil
Fred Lusky and Scott Maslowe / Netbenders and Lakeshore Development: United States
FXstyle - Tin Lok Wu aka Clayton Wu: Hong Kong
Gaven Stubberfield: United States
George Kokinos / Miles Marketing: United States
George Ryan: United States
Georgi Kara Yacoubain: United States
Glen and Stacey McCausland: United States
Glen Hannifin: United States
Heik & Agnaldo Rosa de Almeida: Brazil
Henry Perez: United States
hispeedmedia.com / adprosolutions.com: United States
Hong Chen / YonHen Internet Marketing Center: China
Howard Minsky / TheAdStop.com / ad360.com: United States
James Botkin: United States
Jason M. Pitts / AKA "J_Data" mortgage spammer: United States
Jeffrey P Goldstein / Gregory Greenstein - emailhello.com / impulse marketing: United States
Jeffrey Peters - JTel / CPU Solutions

Spamhous! http://www.spamhaus.org/statistics/networks.lasso/

The "proper" solution would be to find the jackass repsonsible for all this shit and beat him with in a inch of his fucking life.

One down, 124 to go.

Not that I'd ever advocate anyone doing anything illegal, of course. But I just can't seem to be able to shed any tears for Mr. Kashnir. I doubt many are.

Seems like he should be charged under the DMCA too.

He is in the UK, And US laws do not apply here... Unless they are Illinois laws!!!

Blacklists, my friend. Here's my current list:

rsync-mirrors.uceprotect.net : Level 2 - Fast local blocking
combined.njabl.org - For dynamic IPs and other
dnsbl.sorbs.net - For open relays
relays.ordb.org - For open relays
list.dsbl.orgM - Various types of Unsecured servers
dnsbl.tqmcube.com - dynamic IPs, spam trap
bl.spamcop.net - Spam trap
sbl-xbl.spamhaus.org - Known spammers, exploited servers
l2.spews.dnsbl.sorbs.net - Spam friendly ISPs
dnsbl.ahbl.org - Realtime composite

About four of those are composites, and contain blocks for dynamic IPs. Each link goes to the usage page for the blacklist, and if you want, you can just block dynamic IPs by using the correct subdomain.

Many of the arguments stated in those articles lack evidence or credibility

I think the Internet is fine as it is.

Spamhaus knows...

http://www.spamhaus.org/rokso/listing.lasso?-op=cn &spammer=Wayne%20Mansfield

Yes, they got a judgment against Spamhaus. Judgments are meaningless if they aren't enforceable. Good luck enforcing it in the USA, since Spamhaus does not do business in the USA and has no assets in the USA to seize.

For high redundancy there are over 40 public SBL mirrors located in many nations around the world. Each SBL mirror is independently run as a free service to the Internet community and all respond in realtime to public queries of sbl-xbl.spamhaus.org. The SBL DNS mirrors are located in: Argentina, Belgium, China, Denmark, France, Germany, Greece, Italy, the Netherlands, Russia, Singapore, Spain, South Africa, Venezuela, the UK and USA.

I hope it's like you say, because in the media it came more like this: ...

Funny. However, I think this is probably just delay in the media picking up the Spamhaus story. For instance, the last three stories about this on Slashdot concern with reactions and commentary, by different users and reporters, on a single Spamhaus press release. Both Steve Linford and Richard Cox have been asked to comment, and to the best of my knowledge, they've just repeated what can already be found in Spamhaus' answer to the proposed order:

Spamhaus.org's Spam Advisory List, the Spamhaus Block List, blocks 50 Billion spams per day across the Internet, therefore the effect of suddenly not blocking such a large amount of spam would mean that volume of unwanted junk hitting mail server queues all over the world. That in itself has a technical effect we can not properly estimate but would certainly cause very serious problems in most countries.

Technical issues aside, the vast majority of those 50 Billion spams are highly illegal, spam for drugs, extreme pornography, scams and bank phishes. The effect of 650 million email boxes (Spamhaus' userbase) suddenly receiving such a barrage of illegal spam, scams and bank phishes is, in my opinion, extremely dangerous. For this reason alone we believe that ICANN suspending spamhaus.org is almost certainly a no-starter.

What I'm saying is, I don't really think it is Spamhaus whining over and over about impending doom. They said their piece. Now it's the media slowly picking it up, with every new article coming through as if Spamhaus made yet another dramatic warning about the fate of a world without them.

But then again, what do I know? I just can't understand how some people can take a stand against Spamhaus. IMO they are the best asset the Internet has right now for keeping spam at bay; I know my job would be considerably harder without them, and my users would waste a lot more time digging through the junk. So Spamhaus gave the finger to some judge, and that was not the smartest thing to do. Fine. They probably should apologize to that judge or something. It doesn't change the fact that the judge should not have any authority over them. And I'd also say we should be helping them, not adding to their worries right now.

http://www.spamhaus.org/faq/answers.lasso?section= Legal%20Questions

>> The Spamhaus Project Ltd ("Spamhaus") is a non-profit limited liability company

Kinda hard to put these kinda guys "out of business"...

I'm starting to wonder about the sanity of Spamhaus' lawyers -- or if they really have lawyers at all.

No, they don't need lawyers. They're not in court; for the simple reason that it's a US court which has no jurisdiction over the UK. I suggest you read their response:

http://www.spamhaus.org/legal/answer.lasso?ref=3

1. This case is at the wrong court, it should go to a federal court instead.

No, they're not saying this. Even if it went to a federal court, it still wouldn't have any jurisdiction over a UK company. Note that e360's activities (while legal in the US) are undoubtably illegal in the UK.

2. (to the federal court) We agreed that you had jurisdiction over this, but we're going to pretend that we didn't say that.

No, Spamhaus have quite rightly never agreed that an Illinois court has power over a UK company. David Linhardt had to lie to the court in the first place to con the judge into believing that Spamhaus is an Illinois company.

3. What? You've decided that we broke the law? Well, you shouldn't punish us because we're really nice people.

No, they haven't broken the law - the only law broken in this affair is David Linhardt breaking UK law by spamming British citizens, which is why they haven't filed the case in the UK, which would be the proper place to do it if they had any chance of enforcing a judgement against Spamhaus.

Surely, only small users make use of Spamhaus via DNS? I always assumed that big ISPs and corporate customers will use their Datafeed service. If spamhaus.org goes offline, then surely all that would happen is that users' databases would stop being updated. I agree that this would cause an increase in spam, but only slowly as the data aged, not in one sudden spludge as would happen to those using the DNS service?

It would be interesting if all email server admins suddenly opened the flood gates for a day or two. Maybe then the general population will gain a better appreciate of the scale of the matter.

I still think they 3360 guys just look and smell like spammers. That spamhaus aggrees just adds to this conclusion. Here's what seems to amount to the spam histroy of the "plantiff".

I read your link, and interesting as it is, the case still doesn't hold water.

There was no defamation of character, and here's why.

If I state that I think xyz is a moron. That's stating an opinion.
Someone else hears that opinion and says - hey, I think xyz is a moron too. I don't want to listen to xyz.

Spamhaus has been evaluating e-mail for a long time. They've developed their own methods for determining what they think is spam, and what isn't. If they think what you're sending is spam, they add your sender information to their blocklist.

Now, company abc, has determined that they believe in Spamhaus's opinion, enough that it becomes their own opinion.
They instruct their e-mail servers to check the spamhaus blocklist for each e-mail coming in, and if Spamhaus thinks it's a spam, then they drop the message.

Essentially, all we have here, is a publicly available list of opinions made by Spamhaus.
Whether or not you agree with these opinions, is up to you.
If a company in the US wants to try and mess around with what apears to be a free speech issue, then go ahead - see where it takes them.

Now - as far as jurisdiction goes, Spamhaus's request basically stated that Illinois had no jurisdiction. If the court systems failed to agree with Spamhaus, and not move the venue, then Spamhaus stuck to their determination that Illinois had no jurisdiction by not appearing.

This, I believe, was the correct thing for them to do. Don't back down when you know you're right.

If, by some odd turn of events, that I cannot even fathom at this time, Spamhaus ends up in court, all they'll have to do is drop the list of messages sent by the plaintif into the evidence pile, and let the Judge see what was sent by e360, and the case will be closed with prejudice.

That's a big if, because I believe that Spamhaus will not back down, and e360 will never see anything from their case, and will continue to be blocklisted.

Now, what would really be interesting, is if Spamhaus took their evidence, and presented it to a court some place where e360 sent their e-mails, a place where spamming is illegal. Let's see how fast e360 uses the "jurisdiction" statement.

In this case, Spamhaus would actually have a leg to stand on, in that e360 did themselves, send their messages to people in countries where spamming is illegal.

--- BTW: Have you read the information in the FAQ on Spamhaus's site? ---

http://www.spamhaus.org/faq/answers.lasso?section= Legal%20Questions/

It's very enlightening and entertaining.....

The reality is that if Spamhaus gets around the court order by switching domain to maintain the blocking, the judge would very likely then rule us in criminal contempt. We don't want a criminal record for the sake of fighting spam. We normally help fit the spammers with criminal records, not the other way round.

Basically, ICANN says that they've not been ordered to act and suspend the spamhaus.org domain, and even if they had they couldn't do it "because ICANN does not have either the ability or the authority to do so".

They also state that ICANN is not party in the lawsuit and is not involved in it.

They end their posting by stating that only spamhaus.org's registrar or the Internet Registry have the ability and authority to suspend an individual domain name.

They close their posting by stating that this comment was made in response of the community's interest (in the ICANN's position on the matter).

read this:

http://www.spamhaus.org/legal/answer.lasso?ref=4

spamhaus know that the US courts can't touch them.

ICANN Know it too: "ICANN cannot comply with any order requiring it to suspend Spamhaus.org"
announcement

How much spam will the SBL block for me? ... Additional systems such as the Spamhaus XBL (Exploits Block List) should be used to block spam from spammers who use criminal methods to spam. These spammers use open relays, open proxies, PCs they have infected with viruses.

Spamhaus.org is so good that up till now I have not had to block the country which is the largest source of spam in the world, the US. However if spamhaus goes down for any significant length of time (I'm talking more than 12 hours) then I see no choice but to list the whole of the US. So, in the guise of allowing email to flow more freely the US is removing the one thing which stops me from restricting their email even more. Oh the delicious irony.

It looks like they are - from Spamhaus' answer page:

Spamhaus firmly stands by its position that Linhardt is a spammer, Spamhaus has large samples of spam advertising Linhardt's website www.bargaindepot.net, sent to Spamtraps and non-existent users, including spam sent to some of Spamhaus own investigators, plus many complaints from Internet users ready to testify they never opted-in to any such list and were being spammed by Linhardt. (see samples of e360 spam below)

I think you should wait before changing anything. I don't think spamhaus.org.uk, or any other name besides spamhaus.org, will ever resolve the Spamhaus RBLs.

From Spamhaus' response to the proposed order (proposed, people, by the spammer's counsel, no judge has ordered ICANN anything), it seems they'll intend to contest this. They mention they don't think that ICANN suspending them can actually happen, for reasons I in fact agree with (go read them at their site). They also mention that "one U.S. government agency has begun working on a response."

However, if worse comes to worst, they probably won't switch to any other domain name. They state: "... if Spamhaus gets around the court order by switching domain to maintain the blocking, the judge would very likely then rule us in criminal contempt. We don't want a criminal record for the sake of fighting spam. We normally help fit the spammers with criminal records, not the other way round."

Which I read as, if this order is enforced, and ICANN caves in and all that, there will be no more Spamhaus, period.

Which would really piss me off. The whole episode already already seems like a bad dream to me. To see Spamhaus destroyed by some spammer scum would be just depressing. One thing's for certain, though: it'll be a cold day in hell before any site I manage will exchange traffic with this spammer.

Like most spam shops, they hop IP addresses (and organization names) from multiple providers, as they get continually kicked by the more reputable ones.

See the entries in SpamHaus's database.

The technicality of how to advise the millions of spamhaus.org users of which new domain to switch to was conveniently not addressed (no, we don't need a cheap bulk email program thank you).

they have recently registered spamhaus.org.uk

Registered on: 14-Sep-2006
Renewal date: 14-Sep-2008
Last updated: 03-Oct-2006

www.spamhaus.org.uk currently points to the same ip as www.spamhaus.org

I think they did it just in case that the USA decides to kill their .org domain... even though it is registered to an entity in the UK.

Although unlikely that they would lose the org domain...remember now that we're talking about a country that kidnaps german citizens in europe and deports them to afghanistan, so don't hold your breath on the "unlikely" part.

Now what they need to do before they lose the ORG domain is to post an announcement on the front page and make everyone using the .org domain to switch and use .org.uk instead, and after a few weeks of the announcement to start redirecting http://www.spamhaus.org/ to http://www.whitehouse.org/

Yep... i said whitehouse DOT ORG not dot gov :P

Guys, I know that everyone (oddly enough, especially Europeans) want to make this into a Europe v. U.S. issue, but it isn't.

A. First, Spamhaus argued that this case belongs in U.S. Federal Court. That's mistake number one; you don't tell a judge that your case belongs in a certain court, and then refuse to show up. Even odder, they say this, "But, to ensure this doesn't happen we are working with lawyers to find a way to both appeal/contest the ruling and stop further nonsense by this spammer." The question is, why didn't you guys work with lawyers before hand?

Take a look at http://www.spamhaus.org/legal/answer.lasso?ref=3 . Spamhaus makes a compelling case there as to why the court should not have jurisidction over them. So why would you _not_ present this evidence in court; especially after you've already told a court that they DO have jurisidiction over you.

B. Look at Spamhaus.org (or a mirror, if you can now). What logos does Spamhaus display on their "About Spamhaus" page. I'll cut and paste the organization names, about whom Spamhaus says, "Spamhaus works with many Law Enforcement agencies and cyber-crimes teams worldwide, assisting investigations and compiling evidence on illegal spam operations. Our main working partners are:"

1. Federal Bureau of Investigation
2. National Cyber-Forensics and Training Alliance
3. United States Postal Inspection Service
4. National White Collar Crime Center
5. Internet Crime Complaint Center
6. Department of the Treasury
7. Internal Revenue Service

When you work with this group of U.S. government services, and claim that they are your first line of working partners, it's difficult to argue that U.S. courts should have no standing over you.

C. Spamhaus does business in the U.S.! :

Spamhaus makes this claim, which I do think is one that would require discussion in court:
"
Claim: An Illinois court has jurisdiction over Spamhaus in the United Kingdom because Spamhaus does business in the State of Illinois.

This statement is false. Spamhaus does no business in the State of Illinois. Spamhaus has no office or agent in the State of Illinois nor any affiliation with any Illinois resident or entity. Spamhaus is a British organization and is not subject to Illinois County Court jurisdiction. Spamhaus advises Mr. Linhardt to re-file his case in the proper venue, a law court in the United Kingdom.
"

Consider that Spamhaus has a public mirror (perhaps several) in the U.S., over which Spamhaus has tight control. Furthermore, consider that Spamhaus sells a Datafeed service to U.S. residents. On http://www.spamhaus.org/datafeed/pricecalculator.l asso , prices are listed in Dollars, not Euros.

Given that they sell this service, and given that they manage servers in the U.S., it is difficult to argue that they don't do business in the U.S., and certainly is an issue for substantive debate. Not something you can win by default, and certainly something that a non-technical Judge would (fairly) decide without a defense.

Summary: The Judge, in this case, made a good decision. A company brought forth a fairly legitimate looking claim, one which may be somewhat feeble but had some legal grounding. The defense argured that it was not within Illinois's jurisidction, which *is* true, and then argued that it belonged in Federal court. The illinois judge said, "fine". Spamhaus then proceeded to ignore the federal court.

What did they expect?

They should have argued from the begining that this did not belong in U.S. courts at all, and the proper jurisidiction would be Britain. That *might* have been a lengthy discussion, because Spamhaus does, indeed, offer services within the U.S. for pay, as well as free listing services; and being listed on a spam list may or may not interact with libel laws.

Either way, I think Spamhau

Guys, I know that everyone (oddly enough, especially Europeans) want to make this into a Europe v. U.S. issue, but it isn't.

A. First, Spamhaus argued that this case belongs in U.S. Federal Court. That's mistake number one; you don't tell a judge that your case belongs in a certain court, and then refuse to show up. Even odder, they say this, "But, to ensure this doesn't happen we are working with lawyers to find a way to both appeal/contest the ruling and stop further nonsense by this spammer." The question is, why didn't you guys work with lawyers before hand?

Take a look at http://www.spamhaus.org/legal/answer.lasso?ref=3 . Spamhaus makes a compelling case there as to why the court should not have jurisidction over them. So why would you _not_ present this evidence in court; especially after you've already told a court that they DO have jurisidiction over you.

B. Look at Spamhaus.org (or a mirror, if you can now). What logos does Spamhaus display on their "About Spamhaus" page. I'll cut and paste the organization names, about whom Spamhaus says, "Spamhaus works with many Law Enforcement agencies and cyber-crimes teams worldwide, assisting investigations and compiling evidence on illegal spam operations. Our main working partners are:"

1. Federal Bureau of Investigation
2. National Cyber-Forensics and Training Alliance
3. United States Postal Inspection Service
4. National White Collar Crime Center
5. Internet Crime Complaint Center
6. Department of the Treasury
7. Internal Revenue Service

When you work with this group of U.S. government services, and claim that they are your first line of working partners, it's difficult to argue that U.S. courts should have no standing over you.

C. Spamhaus does business in the U.S.! :

Spamhaus makes this claim, which I do think is one that would require discussion in court:
"
Claim: An Illinois court has jurisdiction over Spamhaus in the United Kingdom because Spamhaus does business in the State of Illinois.

This statement is false. Spamhaus does no business in the State of Illinois. Spamhaus has no office or agent in the State of Illinois nor any affiliation with any Illinois resident or entity. Spamhaus is a British organization and is not subject to Illinois County Court jurisdiction. Spamhaus advises Mr. Linhardt to re-file his case in the proper venue, a law court in the United Kingdom.
"

Consider that Spamhaus has a public mirror (perhaps several) in the U.S., over which Spamhaus has tight control. Furthermore, consider that Spamhaus sells a Datafeed service to U.S. residents. On http://www.spamhaus.org/datafeed/pricecalculator.l asso , prices are listed in Dollars, not Euros.

Given that they sell this service, and given that they manage servers in the U.S., it is difficult to argue that they don't do business in the U.S., and certainly is an issue for substantive debate. Not something you can win by default, and certainly something that a non-technical Judge would (fairly) decide without a defense.

Summary: The Judge, in this case, made a good decision. A company brought forth a fairly legitimate looking claim, one which may be somewhat feeble but had some legal grounding. The defense argured that it was not within Illinois's jurisidction, which *is* true, and then argued that it belonged in Federal court. The illinois judge said, "fine". Spamhaus then proceeded to ignore the federal court.

What did they expect?

They should have argued from the begining that this did not belong in U.S. courts at all, and the proper jurisidiction would be Britain. That *might* have been a lengthy discussion, because Spamhaus does, indeed, offer services within the U.S. for pay, as well as free listing services; and being listed on a spam list may or may not interact with libel laws.

Either way, I think Spamhau

Found this in Google cache

http://www.spamhaus.org/organization/alert-2006091 61.html
http://www.spamhaus.org/rokso/listing.lasso?-op=cn &spammer=William%20Stanley%20/%20Ironserver.com

Found this in Google cache

http://www.spamhaus.org/organization/alert-2006091 61.html
http://www.spamhaus.org/rokso/listing.lasso?-op=cn &spammer=William%20Stanley%20/%20Ironserver.com

Spamhaus doesn't think that ICANN would be so stupid as to take the somain name away. ALso, it appears that Spamhaus has been planning all along to file an appeal. This was a smart play; they ignored an obviously bogus case, and now they can get an appeals court to smack it down, which will set a heavier precedent and make future lawsuits against them much harder. Very clever. There also may be a SLAPP countersuit available now too.

Google groups

(from http://www.spamhaus.org/legal/answer.lasso?ref=3)

Spamhaus has released a final warning about an increase in junk email, as they prepare to lose their domain to an Illinois court ruling.

Pinging www.spamhaus.org [216.168.30.71]:

Ping #1: Got reply from 216.168.30.71 in 79ms [TTL=57]
Ping #2: Got reply from 216.168.30.71 in 84ms [TTL=57]
Ping #3: Got reply from 216.168.30.71 in 79ms [TTL=57]
Ping #4: Got reply from 216.168.30.71 in 79ms [TTL=57]

Variation: 5.0ms (+/- 6%)

Here it is.

Spamhaus is the good one, it's SPEWS that has those problems IIRC.

From here: (and elsewhere with a trivial search). http://news.com.com/5208-7350-0.html?forumID=1&thr eadID=21191&messageID=184631&start=-91

And yes, Spamhaus is a a non-profit corporation, yes, but it pulls in millions and millions of dollars a year from internet providers in PROFIT which is paid out to the executives every year.

That is libelous nonsense. The post, which sounds like it was written by a spammer, probably refers to Spamhaus' Data Feed service for ISP's and large organizations. You can easily see with the price check on that page that the costs per year, even for large sites, are nowhere near such amounts and are simply designed to cover the costs of the operation (including their free public DNS query servers). Don't believe something just because some kook posted it in a discussion forum.

Link to Court Order

Spamhaus is still on the air !

Therefore, here is the blog posting text:

ICANN ordered by Illinois court to suspend spamhaus.org
gadi - October 7, 2006 on 4:12 am | In Web, Commentary, Culture, Networking |

Information about this court ruling can be found on Spamhaus's web site, here:
http://www.spamhaus.org/archive/legal/e360/kocoras _order_6_10.pdf

Apparently, at this stage, it is only a proposed ruling. But I am no lawyer.

This story has been discussed before, when Spamhaus, which is located in the UK, was sued in the US by a spammer.
http://blogs.securiteam.com/index.php/archives/608

They refused to come before the court as "they do no business in Illinois, and are located in the UK.

Legal issues aside, imagine what would happen if Spamhaus was forced to present itself before courts all over the world, where they don't even do business. They are a volunteer organization and spammers will stop at nothing to get at them.

After this court ruling, Spamhaus.org was under a DDoS attack, in my opinion for the purpose of preventing users from reaching the information it provided about the court ruling.
This was done along-side a Joe Job, sending fake email appearing to come from Spamhaus's CEO, Steve Linford. This email provided disinformation about the court ruling, claiming that anyone who uses the Spamhaus service can be facing legal action. This was false.

This court order (potential court order) to ICANN is the one of the most dangerous things that could potentially happen to the Internet, and it needs to be squashed. Next, we would see the court going after Spamhaus mirrors, Registrars or RIRs.

ICANN, while being composed of good people who do try and do good, does very little as an organization where it comes to stopping abuse. A lot of this abuse involves millions on millions of domain names. These are used for spam, phishing, CP, botnets and a lot of other such activities.

IF ICANN can now potentially be used to:

1. Attack an organization that keeps a lot of the Internet sane. Not just spam-free, but rather actively helps the fight against CP, phishing, etc.

2. Circumvent International law, forcing a foreign entity to answer the call of a court around the world, which ruled wrongly on business they don't actually do.

3. Shoot itself in the foot, forcing the formation of a sort of alternate root (we will keep using Spamhaus, folks, no matter what) or a move to a different TLD or a ccTLD. It will no longer be a relevant body. Hey, everybody is talking about how to keep Spamhaus alive. That's an idea that floats around a lot.

It will be a precedent which will open a can of worms, and there will be no end to it. This court ruling needs to be attacked with all possible force, by ICANN, the community, the news and everyone else who cares.

I still have faith in ICANN's good people, and I still have faith in the law enforcement officers who use what Spamhaus freely gives to the world. I also have faith in the judges of the Illinois court, and believe they will make the right call.

This Illinois court will meet with a clue stick and clue up, they don't currently seem to be very tech-savvy to me.
I am not sure at all ICANN can ignore such an order when it comes. ICANN will prevent this legal action, or something else will be done. Otherwise, maybe it IS time for an alternate root, as the alternate evil seems very shiny right now.

This is all yet to be determined, and mostly my opinion beyond the URLs provided. This, however, needs to be addressed. It is serious.

For now, what would be very nice is to see every ccTLD that "cares" provide with a free, courtesy domain name, and point to Spamhaus's IP addresses. Spamhaus.co.il, Spamhaus.jp, etc.

I am rather inflamatory in this post, but to be honest, the world isn't going to end, I will still go to Spmahaus's website even if I have to go to .co.uk instead of .org.

Gadi Evron

One spamfighter of my acquaintance says that Spamhaus's SBL and XBL blocklists knock out 75% of the spam at his servers before it hits and requires more CPU-intensive filtering. If ICANN is ordered to unplug Spamhaus from the DNS, and does so, is the Net prepared to deal with a 4-fold increase in spam hitting MTAs overnight?

The Illinois court that told Spamhaus to stop blocking the spammer filing suit against them...

One spamfighter of my acquaintance says that Spamhaus's SBL and XBL blocklists knock out 75% of the spam at his servers before it hits and requires more CPU-intensive filtering. If ICANN is ordered to unplug Spamhaus from the DNS, and does so, is the Net prepared to deal with a 4-fold increase in spam hitting MTAs overnight?

The Illinois court that told Spamhaus to stop blocking the spammer filing suit against them...

From this on Spamhaus' own site:

"In order to terminate some persistent spam operations the SBL team occasionally needs to escalate a listing and it is in the application of an escalation that 'collateral damage' can occur. Once a known spam operation is blocked, the SBL team then attempts to open dialogue with the ISP providing service to the spammer and assists the ISP with collating evidence to terminate the spammer. In rare instances the ISP turns out to be knowingly assisting the spam operation for profit. In these cases the SBL Team may deem the ISP itself to be the 'Spam Support Service' and may escalate by listing the ISPs corporate resources (such as corporate mail servers), determined on a case-by-case basis to focus action on the ISPs executives and always with the primary objective of avoiding blocking legitimate customers."

I've seen this been threatened with clients, who were not themselves spammers. Beyond that, even the mere notion that "the SBL Team may deem the ISP" to be a "Spam Support Service" and the concept that blocking the ISP's other customers is to "focus action on the ISPs executives and always with the primary objective of avoiding blocking legitimate customers." (my emphasis added) smacks of non-accountability. These aren't objective standards; they are tactics.

I much prefer the Cloudmark collaborative model to Spamhaus' "We're right, you're wrong, and we're judgment proof" approach. {Prof. Jonathan}

The crux of their argument is that they are a British company, doing business in Britain, and thus are not subject to US jurisdiction.

That's apparently only part of it. There is also the fact that they were not served notice of the court's actions in a way recognized as legal in either the UK or any part of the USA. Process cannot be served by email.

I was thinking that it would have been good for someone to file a Friend of the Court brief to bring to the court's attention the fact that it did not have jurisdiction. That would have allowed the judge a good way of dismissing the suit. But the more I have read about this case, the more the actions that the U.S. District Court for the Northern District of Illinois has taken in this matter suggest that replacing the judge with one who is competently knowledgeable about the way the world works today is really what is important.

Call me picky and I'm sure it doesn't mean anything legally but it would be a little more convincing if www.spamhaus.org didn't use american spelling.

http://www.spamhaus.org/legal/answer.lasso?ref=3

organisation isn't spelt with a zed.
I saw realize elsewhere on the site.

How is this smart? If they had simply responded to the lawsuit, this probably would have been over in a heartbeat. Instead, they are basically thumbing their noses at a legal system that they believe is beneath their consideration.