Slashdot Mirror

SPEWS carefully documents the reason behind each listing. There is nothing arbitrary there.

I read this. And I'd read other people saying the opposite. So I used someone else's example, S3045. "Spamming". Wow. Careful documentation of the reason for a listing. Oh, and they dumped a few WHOIS records in there too. Phewee. And here I was thinking they might have skimped on the "careful documentation of the reason behind a listing".

it's not the providers job to delist themself

Frankly, I have no interest in subsidising a provider that feels that way.

if you run a anti spam filter, it is your job to make sure your data is accurate.

If you *USE* a DNSbl in your anti spam filtering solution, it is your job to make sure the data is accurate enough to meet the needs of your users.

The DNSbl operators have no obligation to any users other than those with a contract indicating such obligation. SPEWS owes no one anything. At least one postmaster somewhere owes SPEWS some very small debt of gratitude at a minimum. Not every DNSbl is right for every mail server. Using the presence of an IP on a DNSbl may not be adequate reason to reject an SMTP transaction, but sometimes it is the right thing to do.

Trying to pin bad system administration on a DNSbl operator is as pathetic as the poor workman who always blames his tools.

The most effective spam fighting effort is totally anonymous; they have to be, because that's the only way they can avoid being sued into oblivion by deep-pocketed croporations (it's outright ironic that in order to protect their freedom of speech - saying that so-and-so is a spammer, they have to register their domain in Siberia, of all places!!!)

Spammers are outright criminals and will stop at nothing to damage antispammers.

Plenty of people had a load of trouble from a spectacularly inept spammer.

For example, the author of this page (a page denouncing the spammer) had the spammer complain to the police which launched a criminal investigation that found nothing. After this failed, he barrages everyone who mirrors the page with complaints to their ISPs (this page get 5 DMCA takedown notices PER DAY).

When the police complaints did lead nowhere, he simply harassed various police departments.

Finally, seeing that the takedown notice make the mirrorers rotating the hosting of the relevant parts complained about, thus rendering it totally ineffective, he started to try to DDOs the sites hosting the pages.

Many of the mirrorers would never had been able to denounce that particular spammer if they had been doing so under their real identities; anonymity is particularly vital when dealing with criminals, or lawsuit-happy individuals.

Another example is this well-known spammer, threatening legal action against antispam fighters. If you follow the thread, you will find a frothing lunatic that demands the identity of several spamfighters who have to work anonymously in order to avoid the hassle of lawsuits from spammers.

In 2003, the same antispam outfit was sued by spammers. Even though the lawsuit was thrown out of court, it was not without considerable annoyance and expense to the antispammers involved.

Only absolutely positive anonymity can help protect antispammers against the spammers.

Let's see Spews block all Verizon DSL and Comcast cable modem pools. 90% of the spam my filter blocks comes from there, yet they are not liosted on Spews. Bunch of fucking pussies, just because Comcast and Verizon have real lawyers.

Well, "let's see." I just bounced a spam from:
c-24-131-50-213.hsd1.ga.comcast.net [24.131.50.213]

Comcast right?

Check here:
http://spews.org/ask.cgi?x=24.131.50.213

Says: "This IP address was found in SPEWS."

Looking at http://spews.org/html/S2963.html shows that all Comcast pools are listed, as are Comcast's SMTP servers.

Seem that SPEWS are not a "Bunch of fucking pussies" but you are a fucking fool*?

ac

* not quite as big a fucking fool as Comcast though.

Let's see Spews block all Verizon DSL and Comcast cable modem pools. 90% of the spam my filter blocks comes from there, yet they are not liosted on Spews. Bunch of fucking pussies, just because Comcast and Verizon have real lawyers.

Well, "let's see." I just bounced a spam from:
c-24-131-50-213.hsd1.ga.comcast.net [24.131.50.213]

Comcast right?

Check here:
http://spews.org/ask.cgi?x=24.131.50.213

Says: "This IP address was found in SPEWS."

Looking at http://spews.org/html/S2963.html shows that all Comcast pools are listed, as are Comcast's SMTP servers.

Seem that SPEWS are not a "Bunch of fucking pussies" but you are a fucking fool*?

ac

* not quite as big a fucking fool as Comcast though.

personally, I'm considering publishing a list of the IPs I block, and my reasons for doing so: as others weigh in (agreeing or dissenting), it could become the ultimate democracy...

You mean like SPEWS?

Be warned: if you do this you will have all kinds of people accusing you of blocking email sent to some other network you've never heard of. Some people will threaten you with lawsuits, some may actually file against you.

The concept is simple: my email server, I can accept or reject any email sent for any reason. I can unplug the cable. I can reject any email that contains the letter 'e'. I can apply a randomizer and accept/reject messages whenever the computer feels like it. I can ask that guy down in Central America who claimed to be Moses which servers should be filtered out.

Personally, I have never received a single email that wasn't spam from any source within APNIC or RIPE, nor do I ever expect to. Any email coming from anywhere in those areas go straight to \dev\nul (or towards the nearest copy of the federal budget) without a second thought. I've never seen a legitimate email from Brazil either... hasta la pasta, baby.

But your miles may vary and probably do. What works and is appropriate for me may or may not for you. Your server. Do whatever the zork you want with it. I don't have any right or reasonable expectation to care nor would it matter to you if it was the most important thing in the world to me.

But don't send me an email from some internet cafe in Seoul to express your opinion, either for or against - I'll never see it.

Now if only I could get a plugin for Firefox that would indicate if I'm on a website hosted by a spam-tolerant company so I could make a point of never doing business with anybody who hosted with them.

Tell me, how often do you have to create a new tagged address, so it's such a burden to add one line to your aliases file? How often do you sign up to new e-mailing lists?

Almost never. I not only use this method for lists, but for website logins. And so far I've never had to actually create an account to disable that came from one of those. I have only done it once where a spammer used a non-existant account from my domain to send spam and I got a small spate of bounce messages. So I wouldn't have gotten the bounce messages, big deal.

And how adding a new filtering rule afterwards when you want to stop that address to deliver is less of a burden than creating a valid address? Keep in mind, your filtering rules will grow bigger and bigger, and they work on *each* e-mail you receive, causing more and more load on the CPU, too, just to process e-mails.

Again, in over a year of using the catch-all account, I have never had to actually put this into practice. I have the option of doing so, which is good enough for me. The management burden of my method is still much less than the approach you advocate, and I continue to dispute, based on my experience, that your assertion that this "happens every other day" is valid.

If you want some real protection, and you control your mailserver, then you should use blocklists, like Spamhaus ( http://www.spamhaus.org/ ), SPEWS (http://www.spews.org/ ), block entire countries that are spam cesspools

I never suggested that you couldn't also use other controls in parallel. My (hosted) mail server runs SpamAssasin, which I believe uses blocklists as well as other methods (I don't admin the whole server but I can manage my hosted account on it).

That would require me to not only create the account on the email server every time I want to sign up for something,

Your method requires creation of filtering rules when you want to disable accounts. Doubtfully less involving than just adding or removing a name into the aliases file.

but then go to my email client and configure it to receive the account as well.

Ever heard of aliases? You can create as many names as you want, and alias them all to be delivered to just one box, which you can check with your e-mail client. No extra configuration is required.

When you live in the real world, you have to make tradeoffs such as these.

When you live in real world, cases like one below happen every other day. E-mail admins stopped to use catch-all addresses YEARS ago, precisely because of such abuses. Your method will give people a lot more of headaches to try to clean up after a dictionary attack against their domains, than it will help them to deal with their daily spam loads. Tell me, how often do you have to create a new tagged address, so it's such a burden to add one line to your aliases file? How often do you sign up to new e-mailing lists? And how adding a new filtering rule afterwards when you want to stop that address to deliver is less of a burden than creating a valid address? Keep in mind, your filtering rules will grow bigger and bigger, and they work on *each* e-mail you receive, causing more and more load on the CPU, too, just to process e-mails. If you want some real protection, and you control your mailserver, then you should use blocklists, like Spamhaus ( http://www.spamhaus.org/ ), SPEWS (http://www.spews.org/ ), block entire countries that are spam cesspools and do not care, like China or Korea, and use your own local blocklist where you can add ISPs that refuse to deal with their spammers who keep bothering you, but are not listed in public blocklists above. That way you can have a pretty manageable 3-5 spams a day (if your e-mail addresses are well-exposed to such places as Usenet or web where spammers harvest their addresses most), or maybe even one-two a week (if you don't show your e-mail addresses too much).

And here is the real life example where your advice fails:

Aug 3 13:27:59 orca sendmail[3984]: j73ARuat003984: [vh@mydomain.tld]... User unknown
Aug 3 13:27:59 orca sendmail[3989]: j73ARuGB003989: [vi@mydomain.tld]... User unknown
Aug 3 13:27:59 orca sendmail[3985]: j73ARuGO003985: [vg@mydomain.tld]... User unknown
Aug 3 13:27:59 orca sendmail[3987]: j73ARu20003987: [vm@mydomain.tld]... User unknown
Aug 3 13:27:59 orca sendmail[3984]: j73ARuat003984: [vn@mydomain.tld]... User unknown
[SEVERAL THOUSANDS OF OTHER REFUSED DICTIONARY ATTACK ADDRESSES SNIPPED]
Aug 3 13:32:41 orca sendmail[4184]: j73AW2eP004184: [iqr@mydomain.tld]... User unknown
Aug 3 13:32:41 orca sendmail[4191]: j73AW3LQ004191: [iqs@mydomain.tld]... User unknown
Aug 3 13:32:41 orca sendmail[4188]: j73AW3lL004188: [iqm@mydomain.tld]... User unknown

It does little good, and is a terrific headache, since you have no way of knowing ahead of time which ISPs arein danger of being blocklisted.

Any hosting provider could inadvertantly host a spammer, heck I've been blacklisted because a client of mine was involved with spammers elsewhere outside my services and the client had not once used my servers as part of his spammer resources, how am I supposed to know that he is involved elsewhere though? I was never informed of it, just one day SPEWS has us listed and even has some of our secondary DNS servers listed, none of which had anything to do with propogating any actual spam.

And yet somehow, magically, we are supposed to just know our client is a spammer.

They never did explain to me why they didn't also list the guys cable company, his telco, his other utilities he used outside his spamming activities, I mean fair is fair, if you want to punish spammers just list every possible service company they deal with and be done with it.

What I've never understood is how a human-run operation that blacklists based on human decisions, and which by blacklisting an organisation can interfere with both their business and their reputation, isn't breaking about half a dozen laws that would subject them to more-or-less open-ended damage suits. Can any lawyer reading this please explain why this doesn't count under things like defamation legislation?

Isn't it ironic that, in order to preserve one's free speech, one has to move to the old archvillain Soviet-Union???

The whole subnet of 218.106.34.0/24 has no reported spam, our current ip is somewhere in there. We are being blocked by the 218.106.0.0 - 218.106.63.255 clause, which... also has no reported spam (as far as I can see it in the spews "evidence file"):
http://www.spews.org/html/S2171.html

I agree the spam is annoying, we get it too ;)

If I worked fro an ISP, I'd simply care that many of my users are infected with trojans.

91degrees, please pay attention.

RTFA: TELEWEST DID *NOT* CARE UNTIL *AFTER* THEY GOT 56 /18 BLOCKS LISTED IN SPEWS.

That's the bottom line. They are cleaning up their act because their customers are complaining. Their customers are complaining because they are listed in SPEWS. They are listed in SPEWS because Telewest has been completely ignoring their spam zombie problem for a LONG time.

SPEWS WORKS. You may not like their methods, but they get results when other gentler attempts have failed.

As a long-time NANAer (heck, I supported its initial RFD/CFV) I can tell you that SPEWS has very simple rules, they follow those rules, and anyone who has argued with you about SPEWS is in fact NOT SPEWS.

Try http://spews.org/. It's real.

SPEWS is not a "anti-spam firm". Check their website at http://spews.org/ for more explanation. And anyone too conserned about false positives should do their due dilligence when picking the DNSBLs they use and notice that SPEWS blocks fairly large netblocks. And there probably will be a lot of legitimate mail sent from bad neighborhoods. SPEWS is a very good tool for blocking spam and educating ignorant ISPs, but it's not suited for everyone.

I used to get filtered out by a few places -- mainly because I send from a Comcast owned IP address, and SPEWS although well intentioned, is monolithic and draconian, and flags ALL comcast IP addresses. I'm not complaining (too much) -- drastic times called for drastic measures. However, since I implemented Domain Keys (and probably more importantly since Yahoo! implemented it) I have not had a "your server is bad" email bounce.

The class B in question is 64.151

I've got a /27 at 64.151.86

The spews listing is at http://spews.org/html/S2777.html

I'm not a spammer, and I've talked to my ISP in December, and though they have a spotty history (as servepath) they have moved clean machines to a new location (Spear street) and these IPs should not be on this list.

But there seems to be no way to get de-listed.

"There is a list called spamhaus I can't E-mail. Unless you know the individuals, you can't get to them to submit or complain. As much as I don't want to see government run a black list, a government would have checks and balances. These are kids playing God."

http://www.informit.com/articles/article.asp?p=344 239

(Below just a sample of the hundreds of purilent messages aimed at ISP's who request entries be removed from these blocklists)

"I have called for entire null routing of all ThePlanet's IPs until they clean up. If the rest of the world did so, the spammers would be gone by sunup. " -- referring to ISP theplanet.com

"you host with the planet of spam, a nasty unrepentant spam haus. They are block on sight here, and will remain so until they go chapter 7. Get a new isp or smart host, as planet of spam ip addresses (all of em) are tarpitted here." - more of the same

"1, 68.22.0.0 - 68.22.63.255, sbc.com / swbell.net / ameritech.net / pacbell.net

I'd say there's just two chances of that: No WAY, and No HOW. But there is perhaps a way to get the whole block unblocked.

Any chance you can talk one of the biggest spam-havens in the universe into totally cleaning up?" -- referring to a collateral blocklisting victims post to news.admin.net-abuse.email subject: "kindly unblock 68.22.232.249"

"yep your screwed, 68.248.0.0/13 is firewalled here for massive unending spam attacks. Smart host your mail or move to a new isp."

"Spews listing S684 (http://www.spews.org/html/S684.html) is out of date, and contains incorrect information.

CWIE should be firewalled at all ISPs until the universe implodes. You've knowingly and deliberately harbored spamemrs since at least 1996, to my *personal* certain knowledge.

FOAD"

">SPEWS, please de-list these Qwest IP addresses. Qwest encourages the responsible use of its networks, systems, services,

On what planet? On this one, Qwest assists spammers and other criminals in relentless abuse. Unplug your servers. Retrain your employees to do something useful like donating their organs.

William R. James"

Point your newsreaders to news.admin.net-abuse.email and observe * "kids playing god"*

Spews -- love it or hate it -- is all about making hosting spammers more expensive to ISPs.

Personally, I find that as a side effect it it an incredible tool for moving spam from my inbox to my junk mail folder.

This is how Hurricane Electric made their money prior to this. Do you feel safe giving them your credit card number?

http://www.spews.org/html/S2100.html

Looks like not only do they have multiple Spamhaus SBL listings including a few repeat offenders, they're under a SPEWS Level 2 (monitor, don't block) advisory.

The CAN-SPAM act is the YOU CAN SPAM act and its another example of big business buying politians to pass a bad law. Its their attempt to rewrite the definition of spam to mean something that they do not do and not unsolicited commercial email.

Now, I'm not sure exactly what the spammer's case is. What exactly did this guy do that was illegal? If he got the ISP to filter or refuse mail from them, as far as I can tell that's precisely in keeping with the intent of the act.

He got a major black list, that many ISPs use, to list them as a source of spam. Just the fact that they are protesting so loudly that they are meeting the rules of that bad law, tells me right off that they are a spam house.

I wish more spammers would get compliant with the act, so that I can ignore them even more efficiently. And I wish that the FTC would start stringing some noncompliant spammers up by their gonads until the rest of them come into compliance.

And I wish that more and more of the destributed black lists will target those that send out mail with "ADV:" in the subject line to tick off more and more spammers that supposedly adhear to that terrible piece of legislation. Spammers have tried to sue SPEWS before. They're still there. };-)

This case has marks of a SLAPP suit. Depending on what state he lives in, there may be effective countersuits, but I'm not a lawyer. When you find out where I can pitch in to buy the guy one, let me know.

Now that I agree with.

But as for your subject line, Ive been a regular reader of the newgroup news.admin.net-abuse.email for years and years. Just filter it is tantimount to saying just hit delete. That news group has acronymed that to JHD for years. One individual once put it like this. "Saying JHD to an anti-spammer is almost the same as running up a tall hill in a full suit of armor in a thunderstorm, holding your sword up high and screeming at the top of your lungs, ALL GODS SUCK!"

I think you've got them mixed up with SPEWS, which seems to have a whole slew of fanatics posting in NANAE.

The company making the charges is listed on ROKSO and SPEWS and sparked similar controversy with a Slashdot article last year. The defendant, Jay Stuler calls it a "frivolous lawsuit designed to harass and intimidate" and is asking for PayPal donations to help him fight it. More at Spamfo and DSL reports

It would help a lot and free up quite a bit of bandwidth if Comcast would get all the spammers and zombie computers off their networks.

Microsoft buy comes with strings attached Sunbelt Software of Clearwater, Fla., on Friday confirmed reports that it has exclusive rights over certain aspects of the anti-spyware programs Microsoft gained in its acquisition of Giant Company Software on Thursday.

• "Sunbelt Software of Clearwater, Fla., on Friday confirmed reports that it has exclusive rights over certain aspects of the anti-spyware programs Microsoft gained in its acquisition of Giant Company Software on Thursday."

which is one of the oldest SPEWS records and thus means that these spammers have been known for quite some time.

... uuh, finally?

I have but one word for this behavior: cowardism

How about three words.. cease and desist? If they didn't have one against them already, you had to bet someone would be sending one soon. And frankly I'm suprised such an idea made it past their legal dept (if it even went before legal). I appreciate and welcome their desire to get in this fight.. but the plan of attack was a rather bad one, imho. When handling swine try not to sink to their level.. then you're sure to get covered in mud as well.

-'fester

Bleh!

Now imagine several thousands or millions of Spamcast customers using Windows-powered set-top boxes. First thing spammers will do is get such a thing and examine it for possible exploits. Legitimate customers won't even get the idea that their set-top box could catch a virus or a trojan which could do harm to anyone. Most of them won't ever update their set-top box top fix known security holes. Why should they? Would Spamcast tell them to do so? Or even Microsoft?

So it won't take very long until the world gets hammered by the worst and biggest spam cluster the Internet has ever seen.

Vigilante lawfare outfits like RIAA and MPAA can torment users and ISPs at will.

Definitely stinky-cheese spammers too!

Have not heard of it running under Linux, but check the SPEWS website (where I first heard about it) since they have links to similar Linux apps.

Except the more agressive (and popular) anti-spam organizations do take a "shoot first, ask questions later" policy.

No, they don't. Most, like SpamCop list the origin of the spam. Not the spamvertized website, but the IP address of the sending mail server. The place where the spam is actually coming from, whether or not it's a joe-job.

One of the few blacklists that lists web addresses (well, their respective IP addys) is SPEWS, which generally lists only after persistent spamming has been ignored by the hosting ISP. That's hardly "shoot first, ask questions later."

Give us the CIDR blocks of the whole ISP that the spammer is using

Look here

Comcast (hereby referred to as Spamcast) has ignored their massive spam problem for years now. Fortunately for me the solution was to firewall all of their dynamic space from my mail server.

Apparently Spews thought nuking the dynamic users wasnt enough, and blacklisted all of their dynamic space plus most of their corporate servers as well.

One of these days Spamcast will wake up and realize that a huge chunk of the internet has blackholed them. I only wonder how many months or years it will take for the clue to sink in.

Nearly all web server operators pull spammer sites offline as soon as they realize what has hit them to cut off the money chain before the transaction even happens.

Unfortunately, not true. There are plenty of businesses happy to host a spamvertized website. China is notorious for it. Yahoo refuses to pull the site of a paying customer unless the spam was sent through Yahoo's mail servers.

Heck, if every ISP was white-hat, we wouldn't need SPEWS

Personally, if it were my universtiry, I would prefer they started to use a RTBL. The fact of the matter is, if the likely spam isn't sorted out first, I have to try to discern the stuff entirely by hand. And although I can easily pick out Viagra ads, I have relatives and the occasional acquaintence who send mail that looks awfully like spam. Didn't want to type a subject. Used "hello" as the subject. Didn't configure their mail client properly, so their "replyto" looks crazy. Without some initialy spam filtering, I would miss at least some of these -- in fact, I'd probably miss more mail with no filtering than with a judicious blackhole in front of me.

Love or hate SPEWS and other kinder, gentler RTBLs, they're better than the present choice. It would certainly reduce the load of these email servers to where it could be more easily handled. And, if nothing else, they couldbe used to prioritize mail. Use Spam Assassin or something else to do some initial tag and filter so that mail coming from Asian IPs or originating from mail servers on cable/ADSL networks gets put into the "slow" processing queue while everything else gets sent down the faster pipe.

</spouting with little to no knowledge>

Some have said that 'blanket measures' (such as listing entire countries as spam and abuse sources) taken by the AHBL are wrong, and that only the "bad" ISPs (those harboring spammers) should be targeted for such listing.

I would point out that the "bad" ISP, in this case, IS being targeted. The fact that it is Spain's national ISP is secondary to the fact that Telefonica.es (and its broadband/dialup counterpart, rima-tde.net) is a huge and (apparently) unceasing source of spam, port probes, and other network abuse.

Speaking as a mail server owner/operator, I rank Spain as only a few steps below China, Korea, and other Pacific Rim ISPs as spammer havens and nests of virus-compromised 'spammer zombies.' I've lost count of how many times I've seen spam attempts from IP ranges controlled by Telefonica, Rima, and their clones hit our filters. The abuse flowing from them is responsible for at least 10-15% of the accumulated weekly entries in our reject logs.

I would also like to point out a few other things. First off: NONE of the DNSBLs, such as AHBL, SPEWS, or Steve Linford's Spamhaus actively block ANYone.

What DNSBLs do is publish AN OPINION, in the form of their listings of IP addresses or address ranges, as to which parts of the Internet are supportive of spammers and network abuse. It is up to EACH INDIVIDUAL SYSADMIN, or anyone else who connects to the Internet, to choose whether to believe that opinion by configuring (or not) their equipment to check incoming mail-transfer requests against said DNSBL.

Let me say it again: DNSBLs, BY THEMSELVES, DO NOT BLOCK E-MAIL OR ANY OTHER TRAFFIC! SYSADMINS DO.

Yes, SysAdmins. Those like myself, who are fed up with the unending abuse of our private property by spammers, abuse that is supported by unethical or uncaring ISPs who, apparently, don't give an aerial intercourse through a toroidal pastry what their users do as long as said user's check doesn't bounce.

I'm currenly using the DNSBLs compiled and mainted by Spamhaus, and several from Blackholes.us to help protect our tiny little corner of the 'net from spammers. No one compelled, ordered, cajoled, coerced, bullied, or hassled me into using any of them. I chose to do so because of the positive things said about them by other SysAdmins, and because my own experiments revealed an 80%+ drop in our spam load received once I implemented their use by our servers.

Am I blocking entire countries? Yes, several. China, Korea, Taiwan, Hong Kong, south America (the 200/8 subnet, to be exact), pretty much every IP range controlled by LACNIC, most of France, and the .ru top-level domain (just to name a few) have all made it into my local 'Deny' lists, all because I never seem to get anything but spam and other abuse from all of them.

My servers, my bandwidth, my rules. And it's just exactly that simple for anyone else who connects to the 'net, no matter if they're an AOL user, trying to protect their single E-mail box, or the CTO of a worldwide conglomerate with 100,000+ E-mail boxes to worry about.

Telefonica got themselves into this mess by ignoring spam complaints. They have no one but themselves to blame if other admins choose to drop packets from them, no matter if they're doing it with their own local list or with the AHBL's help.

If the AHBL thinks listing the entirety of Telefonica will get their attention, and perhaps give them some badly-needed motivation to clean up their act, great!

One other thing. Slashdot posed the question at the beginning of this article "...or has something gone terribly wrong?"

Yes, it has. Spammers are still being allowed to abuse a resource that anyone, from a three-year old kid to a century-old adult, should be able to enjoy WITHOUT THE THREAT of losing their inbox to spam.

That sure seems "terribly wrong" to me.

Last year, the dipshit that ran SPEWS decided he didn't want to play anymore and closed up shop. His method of announcing this was to blacklist the world!

Wrong. SPEWS is alive and well.

While the Osirusoft DNSBL that many people used to get access to SPEWS data was taken offline, SPEWS is still up and going strong. (Thank God.)

And as for "blacklisting the world", it was the only practical way to get people to stop using the list. If he hadn't inattentive sysadmins would still be trying to do lookups years in the future.

Oddly enough, I couldn't find any records of an incorporation under Ideaflood Inc, but I'm not sure how good the sites I was checking are. I wanted to get a list of their directors. (Gee, maybe a dodgy Nevada corporation, what a shock!)

Ah, bonus! Looks what's running in near them:

66.28.153.9 server9.ideaflood.com
66.28.153.10 server10.ideaflood.com
66.28.153.11 server11.purefuck.com
66.28.153.12 server12.ideaflood.com
66.28.153.13 server13.sexmuseum.com
66.28.153.14 server14.ideaflood.com
66.28.153.15 server15.ideaflood.com

I don't know about the rest of ya'll but this really doesn't surprise me in the least given my experience with them. I subscribe to Sysadm Mag. Ever since I subscribed I've been getting spam for all their other magazines. The spam always comes from email-publisher.com, better known as the spammers at topica.com. Why CMP is using a known spammer's services I have no idea. I've tried unsubscribing to no avail. If it wasn't for Sysadm Mag and a few of their other nice mags I'd tell them to stick it.

Run it like SPEWS. You don't get blocked unless the problem has been going on for a while or the people are known spammers.

You omitted an option. 2.5: peer policing. Other networks deciding they're not going to put up with your sh*t and drop your packets. Viz: SPEWS, SpamCop, Spamhaus, etc.

SPEWS listed over 9 million Comcast IP addresses a few weeks ago due to ongoing mishandling of network abuse (the entry reads "Poster child of how not to run a broadband network company". This may have had some impact.

I've been going rounds myself with an indivdual manning a /16 for which no postmaster or abuse record exists, and IP WHOIS contacts fail. He still doesn't seem to understand just why this is a problem. However several of the issues were cleared up after customer mail started being blocked by sites referencing RFC-Ignorant.

Spammers can sneak into even the most STRINGENT anti-spam ISP network. A stolen credit card that works only once gets a spammer an account that can deliver many thousands of letters before they're shut down.

UUnet isn't spam-friendly anymore than Rackspace is spam-friendly.

Spam is going nowhere until good authentication techniques are implemented internet-wide.

Large portions of UUNet have been listed by the various anti-spam blacklists, such as Spamhaus, and all of UUNet is blacklisted in SPEWS. These providers are the scum of the Earth. They will delay, misdirect, and outright lie to keep their sweet large contracts with the spammers, at the expense of all their other customers.

Do you want to put your faith in a business that is indirectly lining the pockets of spammers?

There must be accountability on the web. Period.

Breaking News! Ding Dong, Foonet's Gone!
Perhaps the blackest of the black hat networks is finally gone, raided by the FBI.Foonet [CITHosting] was home of spammers, packet kiddies, script kiddies, carders, and other illegal activities, as documented in the links below.

SPEWS's rapsheet on Foonet
Usenet postings in regards to Foonet
GBLX yanks Foonet's pipe
Foonet hosting carders (credit card thieves) and here
More on foonet's hosting of spammers, and possible traceroute forging
Foonet's Page
theWHIR article

But if the FBI had wanted to be bad-ass, they would have just taken the machines from the start, Steve Jackson Games style. I'd like to know more before saying that their civil rights were stepped on.

I haven't seen this story picked up on any other news outlet yet
Maybe you looked at the wrong sources :-) Anyway, if you are interested in knowing more, have a look at the records at SPEWS . ciao, .mau.

Now imagine every household being connected to the Internet with a permanent broadband connection. Most people use unpatched Windoze boxes and don't get the idea that their infrastructure could do any damage to the Internet. With broadband access and powerful PCs, they don't even notice any abusive performance loss or bandwidth consumption. Not to speak of Windoze Media Center, which barely requires any IT knowledge to operate a PC.

So broadband access for every household might be a good idea, but only if infrastructure is safe enough (e. g. require routers/firewalls) and ISPs' abuse staff would be able to prevent trojaned customer boxes ASAP from polluting the Internet.