Slashdot Mirror

s/internet/intranet/g

More and more people in Europe are nullrouting any Comcast netblock they get spam from. So Disney's damage to the Internet would be limited.

From the SPEWS FAQ:

Q45: What other major spam advisory lists and blocking systems are there? What are your opinions of them?

MAPS RSS: Nice when it worked. ORBS-type lists are better, you should not have to actually get proof of spam through a relay before blocking it. Due to abuse by spammers, open email relays no longer have any place on the Internet. Some may want to debate this, we won't.

A while ago, I made a SpamAssassin patch which resolves any URL found within an email and tests the resulting IP addresses against blacklists which are otherwise used to block unwanted email. A lot of Chinese bulletproof servers' IP addresses are listed on the Spamhaus Block List (SBL) and/or SPEWS as well as on certain *.blackholes.us lists.

Gee, I guess I missed that whole thing about SPEWS not being a list of Spammers, given that their faq explicitely states that they are a list of Spammers and Spammer Operations.

Quoting the SPEWS FAQ verbatim:

Q1: What is SPEWS?
A1: SPEWS is a list of areas on the Internet that several system administrators, ISP postmasters, and other service providers have assembled and use to deny email and in some cases, other network traffic, from.

Hmmm. I don't even see the word "spam" in that. Let's go a bit further down in the FAQ.

Q5: Why are network addresses listed if no spam has originated from them?
A5: They are listed because they have been set up by known spammers and spam support operations, most with a demonstrable repeated history of spamming or spamming services. They are also listed if they host websites advertised in spam, as this too falls under spamming services - these listings normally occur if the owners of that network address range do not remove the offenders.

Hmm, the very existence of question 5 seems to break your logic.

Walking into a crouded room and shooting each person one-by-one in the head when you know quite well who your actual target is, you dont get to call the others "Collateral Damage" Being in the same building as someone else does not make you guilty.

In some cases, it does. If you're a waitress at a restaurant that doesn't serve minorities, and minorities stage a boycott of the restaurant, its going to affect your tips whether or not you personally are a racist or not. Too bad for you.

SPEWS claims that they blocklist people who know what they're doing, neglecting to mention that such is in no way true- as they intentionally block people who are innocent. (Someone using an ISP which allows spam is not automatically "Well aware of what they are doing wrong")

I've never seen anyone affiliated with SPEWS claim that they only block people who know what they're doing. Everyone I've seen in the groups seems to be well aware that all end users affected by the blocks are not necessarily themselves the spammers. What I think you may be misinterpreting is that SPEWS does not block ISPs who don't know what they're doing (aka intentionally hosting spammers and ignoring abuse reports).

As for being the only one who has ever heard SPEWS say anything, I guess I'm the only one who knows what .org stands for. Or maybe you're just entirely wrong, it can probably work either way.

I congratulate you on your mastery of the .org TLD. For your next trick, please learn how to read a FAQ.

I have no idea what your point is with the "Duh". Yes, SPEWS admits that it purposely blocks the innocent in order to ruin legitimate businesses which are indirectly associated with Spammers. But since it states that directly, I guess saying "Duh" should make it okay to overlook the point.

Hint: "Duh" is typically a response to someone stating the obvious. That SPEWS is a boycott list of spam supporting ISPs, not a list of spam source IP, could not be more obvious.

As for your claims for success, wouldnt a successful blacklist (for what SPEWS is trying to do) perhaps be staying at about the same size at some point, rather than be growing constantly?

Huh? The spam problem has been escalating continually (and exponentially!). That SPEWS reflects this is not evidence that SPEWS is not effective.

You dont need to like spam to hate spews. There are plenty of lists which go out of their way to prevent listing the innocent. Lists more effective than SPEWS, I hear.

No, you don't need to like spam to hate spews. You just have to have bought the PR spin from spammers about SPEWS hook, line, and sinker. I post with the hope that the average slashdot reader may use his deductive reasoning skills to see past this smokescreen and realize that SPEWS is a

• dslreports.com has address 209.123.109.175. That address only appears in a level 2 listing. Very few people use level 2 listings, the "real" SPEWS are the level 1 addresses. What level 2 really means, is explained in their FAQ (Q22).
• SPEWS did not add dslreports.com to their blacklist (search the linked page for dslreports, it's not mentioned). This does not make it less annoying for the owners of dslreports.com obviously, but there are differences. E.g., if a spammers moves, the blacklisting will be moved too, for dslreports.com it obviously wouldn't (no, that doesn't mean I think dslreports should simply move and shut up, I know things like that cost money).
• The blacklist that SPEWS publishes is an *opinion*. Everyone is free to follow their opinion or not and use it to (over-)protect their property or not. If an ISP uses it (or any other blacklist) and doesn't clearly inform its customers about that fact, then this ISP is at fault.

It's however pretty much the last resort that other people have to do anything about it. If an ISP does not experience any significant harm from hosting spammers (and in facts profits largely from it) and does not want to remove them because it's the right thing to do, what else can you do to tell the ISP to FOAD if you don't want to become a vigilante?

(putting on asbestos suit)

Haven't you heard of spews.org? If you use the Spews DNSBL list then you've got the thing you just asked for.

It will cut down on the amount of spam by a huge amount. And it does it early - as soon as the spammer tries to send mail, your mail-server takes the sending systems IP and runs it through the DNS check. If it's listed as a spammer, then it doesn't allow them to deliver the mail at all, which saves bandwidth. That's the good news.

The bad news is that if you do this, you're trusting someone you don't know (SPEWS is an annonymous group) to decide who is spamming, who should be listed, who shouldn't, etc. And since SPEWS does do the "escalation" that you ask for, it's just a matter of time before you find out that someone you *want* to receive email from is sending from a SPEWS listed IP.

For some people, that's acceptable. For others, it isn't.

Similarly, whether you use SPEWS or not, it's quite possible that you'll find yourself listed at some point. Since they escalate, it's quite possible that one spammer on a cable-modem account can get lots of other cable modem users listed. It's similarly possible that one SWBell DSL user can get a large number of other DSL users listed. And if you happen to be using one of those listed IP's, that could be you.

I'm not pro-SPEWS or anti-SPEWS. I think it's a good solution for some people. For others, there is too high a risk of legitimate mail being refused due to being listed. I personally don't use them - but I'm glad they exist, as I believe they do put additional pressure on spam-friendly ISP's.

The facts:

Spamhaus SBL record

SPEWS record

This particular spammer (Patrick de Bruin) used IP-address 202.9.156.34 for a while, in Dishnet netspace.

Good point.

The owner was Leo Kuvayev and the buisness was 2kservices.com also known as elkasys.com, memberpro.com and ecashservices.com

Not that it matters.. the guy has his own spews listing

Somebody should make a website listing all those numbers

• Register of Known Spam Operations
• SPEWS (spammers hate that site so much, it's not funny... well actually it is :)

Support your local SPEWS. The problem you describe is exactly what SPEWS was created to fight, and exactly why spammers spend so much time badmouthing it -- its brutally effective.

Heh, think of all the grief and legal expenses old Mr. Booker could have saved if he'd just filtered his email using SPEWS, they have these hoser scum nailed!

Heh, think of all the grief and legal expenses old Mr. Booker could have saved if he'd just filtered his email using SPEWS, they have these hoser scum nailed!

Anyways, I meant to say that 69.64.32.59 is listed in SPEWS and it is not listed in Spamhaus. Given that the wider-reaching SPEWS only lists a /24 in that vicinity, I find it higly implausible that Spamhaus would drop a /20.

[SPEWS] operate[s] on the "nuclear bomb" method: list spammers, plus anyone using a "spam-friendly" mailserver (a definition that can be stretched to cover almost anyone) or anyone who is simply suspicious." Oh, and you might also be listed if your new IP block was once used by a spammer. Don't worry, though. You can just wait a few weeks and lose massive amounts of buisiness because many customers can't recieve email from you and have no idea why - they just think you aren't responding. Or you can go onto NANAE and post a delist request, which will get you nothing but "Whiner! Eat your SPEWS, it's good for you!"

Oops, spoke too soon. SPEWS is blocking 217.199.160.0/19, which happens to include carrelet.net (melonman's provider). HostEurope apparently has a pink contract with Magic-Moments.com / MagicHosting.org. Looks justified to me.

Oops, spoke too soon. SPEWS is blocking 217.199.160.0/19, which happens to include carrelet.net (melonman's provider). HostEurope apparently has a pink contract with Magic-Moments.com / MagicHosting.org. Looks justified to me.

Umm... SPEWS is not blocking 217.199.0.0/16. In fact, I tried several searches and did not find any portion of that range being blocked.

I have investigated dozens of complaints about SPEWS blocking, and their accuracy is excellent. FWIW, I have also seen ISPs successfully remove themselves from SPEWS after reporting (truthfully) that all spammers were booted.

There are kooks on all sides. The point that he should have made is that being in SPEWS is greatly preferable to being stuck in the thousands of personal blocklists that would become much more necessary if SPEWS did not exist. SPEWS has well-defined removal criteria and is easily contacted via NANA*; independent operators might leave your IPs blocked forever and are often unreachable.

It's more difficult to persuade ISPs than you think. Plenty of major ISPs have "pink contracts" with spammers (including, often, those listed on ROKSO) or simply feign ignorance to the abuse taking place on their networks. That's why blocklists like SPEWS aim to deliver a direct economic hit to said ISPs by inconveniencing their non-spammer customers, forcing them to take their business elsewhere. The level of desperation involved in pursuing such an obvious collateral-damage approach shows just how resistant ISPs can be to curtailing abuse.

mind telling me if burtonhosting.com stuff is still banned? Just yesterday I was using http://spews.org/html/S2860.html to keep up...

Can anyone reach spews.org ?

People aren't free to choose if when they're being feed disinformation.

Boycott organiziers like SPEWS should be accountable for what they "say" via their lists. If, for example, they claim to list only spammers, and ISPs that support spammers, but they also list anyone who owns a rabbit, then they are publishing disinformation. It would be completely unfair to bunny owners, and they should be held accountable for that.

All large volume spammers are well known to the anti-spamming circles. Their information is listed on such resources as ROKSO (Registry Of Known Spam Operations), SPEWS (down due to DDOS by spammers on its nameservers) and Google Groups searches on newsgroups like news.admin.net-abuse.email or news.admin.net-abuse.sightings.

Then there're mainstream companies that have managed to fake legitimacy that target not the fly-by Viagra peddlers, but real businesses, politicians (you may recall the Howard Dean spam debacle from last week) and other legitimate advertisers and pretty much lie about the nature of their business ("we're strictly opt-in" while blatantly spamming to harvested addresses, etc.). These sort of companies buy full page ads on industry magazines. They're all over the place.

The chickenboning scam artists spammers are typically found by word-of-mouth or through "bulker's clubs", i.e. private web based bulleting boards spammers advertise their wares. Most of these clubs have anti-spammers as members though, so they rarely fly under the radar.

Yet another way to find spammers are contract job listing sites and reverse auction job sites (or whatever the hell they're called, where someone who wants a job done will advertise his need, then contractors will bid for it). There's a whole bunch of ethically challenged companies asking for bulletproof hosting and spamming services on them all the time.

Proletariat of the world, unite to kill spammers. Remember to shoot knees first so that they won't run away while you slowly torture them to death

Not that these folks are any better, but it appears that emailresults.net (WHOIS SPEWS results) and propulsive.net/surfplex.net are not related to each other.

Fighting spam as an individual will never work no matter how great filter algorithms you develop. Hell, even the blacklists won't work until the ISPs are forced, by guerilla action if necessary, to crack down on spammers and hard.

"The beneficiaries aren't necessarily the pasty faced, high school drop out industrial spammers we have gotten to know, but well known companies."

Been well known for quite a while now. Check out the famous spamdemic map. Real marketing takes work to make it successful, but mainsleaze bozos like Ameriquest slack off with these "shortcuts".

"Most of the ISPs are good to their word and are fighting it very, very hard," he said. "But as you get into the larger ISPs, especially those that are in any form of financial difficulty, the engineers, abuse staff and technicians all want the spammers off the network, but you have the sales staff looking at the money. ... The engineers will be fighting internally with the sales managers, but of course the sales managers always win."

Which is why these ISPs should not complain when I use some choice blackhole lists like SPEWS, Spamhaus, or SpamCop to protect my inboxes from these sleazoids. Anyone remember when Aegis thought they were invincible when they allowed spammers to run amuck on their system? And where are they now? :-)

[I am not a covert ops agent of the Lumber Cartel (tinlc).]

• Google
• Spamhaus
• Spews
• OpenRBL
• Google Groups

You're the admin. You're supposed to check for this. If the system isn't all that important, I may add patches without checking them on a test system, but if it's important, no patches get added until they are checked on a test system.

2) my fav, the disks stop spinning. This is lots of fun. Try it some time.

You're the admin. You're supposed to be doing backups. Personally, if I think there's a good chance that the drives will fail when I'm doing something ( eg: greater than .5 percent) I make 2 back ups. Tapes can break. Also, I've not seen disks refuse to spin up with out powering off for a while (more than 5 minues). Frequently, you can get the disks spinning again by (gently!) tapping them with a screwdriver. If that doesn't work, sometimes heating them with a lightbulb will work. Heatlamps work too, but you need to be careful not to overheat the drive. I also try to get drives on critical systems replaced every 2 to 3 years. RAID helps here.

Keeping the network, hardware, OS, and applications up is important, but just as important is abuse response. There are a few hosting companies out there that do a wonderful job of keeping things ticking over, but fail absolutely at terminating abusive accounts. Hosting at one of these sites is inviting having your email blocked at the very least. Some sites block all traffic based on what's in the block lists. Part of due dilligence is checking the history of a host by checking at SPEWS, SPAMHAUS, SPAMCOP, News.Admin.Net-Abuse.email, News.Admin.Net-Abuse.Sightings, and other customer's experiences.

I can't find my link to the dead tree report I use to check out hosting companies at the moment, but there are several very nice writeups out there that focus on choosing a good hosting/co-lo company.

Sending out paper junk mail and making the recipient pay for it? Yes, absolutely there is a law against that.

Please cite it for me. I don't think you're right.

Feel free to try it. If companies could get away with this, do you seriously think that they wouldn't do it?

I'm not your legal council, go ask them. Postage due junk mail is absolutely illegal.

So...you'd limit my choices to "don't run an ISP" or "run an ISP and pay for a T1s worth of spam"?

You could always run an ISP without providing email accounts.

Brilliant idea! I'm sure such a business would be a great success. Tell you what, it's so brilliant an idea, I'm going to let you have first crack at it. Try it and let me know how it goes!

How about "run an ISP and eliminate spam by making it illegal"? That's what we're talking about, I thought.

Oh yeah, making spam illegal is really going to eliminate it. I doubt it.

Regardless of where the mail servers are, regardless of where the spam originates, there has to be some way to get their money from you to them. If those connected in that process were liable to be sued, get jail time, or better yet BOTH, do you really think they would risk it? Perhaps a few would...at first.

In any case, just because it's convenient for you to get the FBI to police your ISP instead of policing it yourself, that doesn't mean I'm going to agree with it.

So now it's my ISP, when it comes to responsibility? You seem confused on this point later, when it comes to rights.

They [your upstream provider] don't have any more control over it [spam] than I do.

Sure they do. It's their downstream providers that are providing a large portion of the spam, and it's their peers that are providing the rest. Your upstream provider has terms of service agreements which all of these entities.

You're good at offering the useless option, but your logic is bunk. "They could always nullify their peering agreements." Right. Then they'd go out of business, just like I'd go out of business if I decided to stop offering e-mail as a service. Incidentally, I am picky about who I choose to use for connectivity, and all of my upstreams are reputable companies with well funded abuse departments and good SPEWS records.

Using your logic, the big picture is: either accept spam, or everyone who doesn't like it should leave. Following this through to its logical conclusion, the internet would be a bunch of spammers' networks and nothing else. Positively brilliant solution there, chum. The companies who the Department of Commerce say are losing $10billion a year to spam ought to love that solution -- just don't use the internet!

When someone DoSes me, I don't complain to my upstream, I contact the ISP of the person doing it.

When someone DoSes me, I contact my upstream provider, to have them block that IP.

You have no interest in alerting the ISP to the offender? That seems inherently selfish and irresponsible, given the cooperative nature of the internet. If one of my users was attacking you, I would hope you'd have the good sense to alert me to this fact so I could take action.

Of course, you are completely missing this aspect of the internet -- it is a collaborative, cooperative entity. The more that we all do our part, the better it is as a whole. Spammers are the folks that are pissing in the communal pool, taking advantage of the cooperation to do their dirty business without any regard for their fellow netizens (especially the ones who have to pay the bills for all their traffic). I can't believe that anyone can't understand how wrong that is, but of course, there's always someone willing to make a quick buck if the only thing they have to do for it is hurt someone else.

That's exactly why we have laws. It's time to get a new one. I'm no fan o

The news link doesn't mention this, but Senator Bowen's bill was actually written by Greg Maddox of Spam Prevention Early Warning System (SPEWS) fame

It's odd that this would come up right now, but I've got a friend in the California state senate (he's a page), and apparently there's rumor that this bill may have been killed because some topless photos of Senator Debra Bowen have been floating around on the internet. It's ironic that the spam bill would be killed because of free porn spam.

Proofread link
Spam Prevention Early Warning System

MS Could make their software fight spam better by adding native support for the following two items:

1- Support for DNSBL/RBL style blocklists like ordb and spews in exchange 2000/ make a free addin for exchange 5.5

2- The equiv. of the BIND "Generate" directive to make it so that the MS DNS server can be used for blocklists.

Which is why I think SPEWS rocks.

Part of the pain is that ISPs have their IPA ranges listed more and more the longer the spammer stays. This causes pain and suffering on an ISP that is too clueless to respond to complaints or is in cahoots with the spammer. SPEWS attitude seems to be "As long as you take the spammers money, we don't want your traffic."

Personally, I think it's time and past to do more than just block the spammy ISP's mail. Time to block EVERYTHING from them.

For some insight into just how fast a major ISP can kick a spammer when it wants to,, see this thread in News.Admin.Net-Abuse.Email.

Time critical mailing will go out the window.

No problem. SpamHaus is a good resource. So is SPEWS. SPAMCOP isn't much help FINDING the spammer, but News.Admin.Net-abuse.email is always a good choice and News.Admin.Net-abuse.sightings is another.

No, the real problem isn't finding them, it's proving beyond all doubt it's them doing it that is the problem. A quick run through of their hard drives is always helpful.
Some spammers even fail to secure their machines so all it takes is a web browser to browse their hard drive. Hey, what can I say? Spammers are stupid.

So far as enforcing the laws already on the books, only 28 or 29 states have laws against spamming. What laws are you thinking of that apply everywhere? (Think non-US too.)

Spam isn't a technical problem, and can't be completely solved with technical means. However, technical means can make spammy's life a bit harder, and I'm all for that.

So, I am pleased by this ruling not only for what it means for google, but for what it may mean for DNSbls.

65.59.224.128/25 could be blacklisted [by SPEWS], but I happen to know that they have quite a few hosting customers, most of who know nothing about the other customers.. Legitimately blacklisted?? - -

ORDB has my ex-girlfriend's mail server listed. She develops and hosts sites. No spamming at all.

Servers are added to ORDB (FAQ) after they have been tested to be open mail relays.

So most probably your girlfriend's server was an open mail relay. Since open relays are exactly what ORDB claims to list, the listing was most probably correct.

An open relay is incorrectly configured mail server. Rather than to complain about the ORDB listing you should be grateful that they pointed out the flaw in your configuration before it was exploited by a spammer (or was it?).

It is also important to understand that ORDB only provides information of open relays. The owners of the recipients' mail servers decide whether they want to filter out mail originating from open relays.

The same applies to other blocking lists, such as SPEWS. The listing criteria are clearly stated on the SPEWS web page. They explicitly state that they escalate listings, i.e. they may also list non-spamming client's of the spammers spammers ISP (see Q16 of the SPEWS FAQ). Given this information, it is up to the owner of the recipients' mail server to decide whether to filter mail using SPEWS.

I am anything but pro-spam, but I'm happy to see the blackhole lists get kicked around a little bit. Some of my accounts get hit more than the average person, because they are well placed on many web pages, or have been in use for years and are now forwarded to my account when people leave the company. I average about 200 spam messages per day coming into my account.

$RANT_MODE="ON";

I also handle many networks, with many many machines. Some of our networks have other people's equipment on it, but I'm 100% positive that they don't spam from their machines. Since they frequently ask me to help with their configurations, or help with problems, I'm intimately aware of what they do.

If there are spam complaints, they filter through to me very quickly. Level3's abuse account gets most of them. They filter out most of the bogus complaints, and are quick to get with us about legitimate complaints. We did have one machine hosted on one network that was spamming, which we ejected from the network shortly afterwards.

On a monthly basis, someone will come to me saying that they've been blacklisted by one of the many lists for ambiguous reasons. Any incident that is legitimate is cleared up between us and our bandwidth provider, under the threat of having the IP or IP block blocked from all Internet access. Level3 Communications is very anti-spam. They'll cut you off for being a spammer. If we don't explain or handle an incident, we could very easily loose our lines. I have no problem with this.

The last case with Level3 was a single spam complaint, sent through SpamCop. The message wasn't a spam at all. Someone had made a purchase online with an invalid credit card number. The Email simply stated that they had attempted a purchase (with IP and invoice number), and said if they still intended to make the purchase, they should contact the sales department at the store. I know the owner of the store personally, so I called him. He freaked out when I told him there was a spam complaint. This is a business man who is the most honest person I know. (If in Ft. Lauderdale, tell Glenn I say "hi"). I read the Email to him, and he confirmed that it was a legitimate message, and the card had been bad.. He immediately cancelled the order, and blacklisted the customer. The next day I got a forwarded Email which was an apology from the customer. She sends every Email off to SpamCop, and lets them sort them out. Nice, huh?

Now on to the abuses of the spews system. SpamHaus is /.'d right now, or I'd complain about them, but lets check who we can.

65.59.224.0/25 is one of our networks. A small backwater of our network. A few older machines live there, and not much happens. SPEWS has 65.59.224.0/24 blacklisted, as well as 66.166.136.128/24 which is no relationship to us (the wrong network size is theirs, not ours). Because I have machines on the first half of 65.59.224.0/25, I'm blacklisted. 65.59.224.128/25 could be blacklisted, but I happen to know that they have quite a few hosting customers, most of who know nothing about the other customers.. Legitimately blacklisted??

ORDB has my ex-girlfriend's mail server listed. She develops and hosts sites. No spamming at all.

65.59.224.11 is listed as herbalo.com. Funny thing is, it doesn't exist on our network.. I'll personally escort anyone from spews into the colo to prove it to them.. Oh wait, I forgot, these are anonymous people who don't exist in the real world and don't feel themselves accountable for blacklisting innocent networks.

AOL has blocked one of my own servers, as well as those of two different friends (on their own networks) for "potential spam".. One of them had a *WEB* proxy server, and aparently because it existed (on port 8000), he was blacklisted from sending

I am anything but pro-spam, but I'm happy to see the blackhole lists get kicked around a little bit. Some of my accounts get hit more than the average person, because they are well placed on many web pages, or have been in use for years and are now forwarded to my account when people leave the company. I average about 200 spam messages per day coming into my account.

$RANT_MODE="ON";

I also handle many networks, with many many machines. Some of our networks have other people's equipment on it, but I'm 100% positive that they don't spam from their machines. Since they frequently ask me to help with their configurations, or help with problems, I'm intimately aware of what they do.

If there are spam complaints, they filter through to me very quickly. Level3's abuse account gets most of them. They filter out most of the bogus complaints, and are quick to get with us about legitimate complaints. We did have one machine hosted on one network that was spamming, which we ejected from the network shortly afterwards.

On a monthly basis, someone will come to me saying that they've been blacklisted by one of the many lists for ambiguous reasons. Any incident that is legitimate is cleared up between us and our bandwidth provider, under the threat of having the IP or IP block blocked from all Internet access. Level3 Communications is very anti-spam. They'll cut you off for being a spammer. If we don't explain or handle an incident, we could very easily loose our lines. I have no problem with this.

The last case with Level3 was a single spam complaint, sent through SpamCop. The message wasn't a spam at all. Someone had made a purchase online with an invalid credit card number. The Email simply stated that they had attempted a purchase (with IP and invoice number), and said if they still intended to make the purchase, they should contact the sales department at the store. I know the owner of the store personally, so I called him. He freaked out when I told him there was a spam complaint. This is a business man who is the most honest person I know. (If in Ft. Lauderdale, tell Glenn I say "hi"). I read the Email to him, and he confirmed that it was a legitimate message, and the card had been bad.. He immediately cancelled the order, and blacklisted the customer. The next day I got a forwarded Email which was an apology from the customer. She sends every Email off to SpamCop, and lets them sort them out. Nice, huh?

Now on to the abuses of the spews system. SpamHaus is /.'d right now, or I'd complain about them, but lets check who we can.

65.59.224.0/25 is one of our networks. A small backwater of our network. A few older machines live there, and not much happens. SPEWS has 65.59.224.0/24 blacklisted, as well as 66.166.136.128/24 which is no relationship to us (the wrong network size is theirs, not ours). Because I have machines on the first half of 65.59.224.0/25, I'm blacklisted. 65.59.224.128/25 could be blacklisted, but I happen to know that they have quite a few hosting customers, most of who know nothing about the other customers.. Legitimately blacklisted??

ORDB has my ex-girlfriend's mail server listed. She develops and hosts sites. No spamming at all.

65.59.224.11 is listed as herbalo.com. Funny thing is, it doesn't exist on our network.. I'll personally escort anyone from spews into the colo to prove it to them.. Oh wait, I forgot, these are anonymous people who don't exist in the real world and don't feel themselves accountable for blacklisting innocent networks.

AOL has blocked one of my own servers, as well as those of two different friends (on their own networks) for "potential spam".. One of them had a *WEB* proxy server, and aparently because it existed (on port 8000), he was blacklisted from sending

Hurricane Electric are possibly not the best of choices to use. They are, by repute, a big spam-friendly hosting outfit and appear to be widely blacklisted, SPEWS blacklist (NB: thats just one spews record that lists HE.net space) quite a bit of their space, the SBL has a few listings for them, they're also listed by blackhole.us.

So, when considering Hurricane.net bear in mind you may well have problems with email being rejected and even complete blackholing of connectivity to/from some sites.

Anti-spam activists go to a lot of trouble to help locate and identify people and groups responsible for flooding the net with spam (or who provide spamware to misinformed laypeople). These same good-doers are often sought out by spammers, sued by groups of them, have their privacy invaded (release of home phone, address) in effort to scare them into shutting up.

I am not kidding here. Take a look at some of the projects that scare the hell out of professional spammers:

spamhaus keeps an exhaustive list of major spam operations.

SPEWS lists areas of the Internet that have frequently be used for spamming, including detailed evidence files and histories of ISPs that turn a blind eye to spam.

Spamware vendor list has a listing of sites that sell spamming software -- without which we would have little or no spam.

Heh, In Soviet Russia: SPEWS ROCKS!!

Rackspace?

Probably the only chunk of netspace that's even more blocked than AOL. Check their SPEWS records - Rackspace is blocked on my box because they've been in the spam-hosting business for as far back as I can remember.

Despite months of 550s, I still get dreck from Rackspace-supported spammer S1514 every day or so

Common knowlege who they are. It's a gang of Russian child & animal pr0n spammers known as "Seanamedia" & "top555" & "VXhosting" and many dozens of other names.

Good luck ever suing them. Spending that $100 towards a trip to Russian and on some "boys" there who don't care much about breaking geekneck would work better.

That being said, you might be able to get their hosting partners at Eltel.net to rat them out, but I doubt it as bossman Dmitry Samarin (sam@eltel.net) may in fact be part of their operation. He's quite the liar too, so be ready with a big shovel.

If you want to find them in the USA, try their long time US hosting partners and allround scum: Henry Chen, Michael Huang & Joey Odesser of "Surfxpress" (jodesser@sxpress.com) - these twerps are in Hackensack, NJ. BTW, NJ also has "boys" there who don't care much about breaking geekneck - only cost more.

As I find with most big spamming outfits, they are blacklisted all over the place. SPEWS seems to have the most info, but Spamhaus and others have some too. Check these and the links within for enough to get your man, or get your $100 for an out-of-work dotcommer /.er!

spammer info 1
spammer info 2
spammer info 3
spammer info 4

Me? I don't need the $100, I'd blow it all on $5 hookers and crack anyhow.

Common knowlege who they are. It's a gang of Russian child & animal pr0n spammers known as "Seanamedia" & "top555" & "VXhosting" and many dozens of other names.

Good luck ever suing them. Spending that $100 towards a trip to Russian and on some "boys" there who don't care much about breaking geekneck would work better.

That being said, you might be able to get their hosting partners at Eltel.net to rat them out, but I doubt it as bossman Dmitry Samarin (sam@eltel.net) may in fact be part of their operation. He's quite the liar too, so be ready with a big shovel.

If you want to find them in the USA, try their long time US hosting partners and allround scum: Henry Chen, Michael Huang & Joey Odesser of "Surfxpress" (jodesser@sxpress.com) - these twerps are in Hackensack, NJ. BTW, NJ also has "boys" there who don't care much about breaking geekneck - only cost more.

As I find with most big spamming outfits, they are blacklisted all over the place. SPEWS seems to have the most info, but Spamhaus and others have some too. Check these and the links within for enough to get your man, or get your $100 for an out-of-work dotcommer /.er!

spammer info 1
spammer info 2
spammer info 3
spammer info 4

Me? I don't need the $100, I'd blow it all on $5 hookers and crack anyhow.

Common knowlege who they are. It's a gang of Russian child & animal pr0n spammers known as "Seanamedia" & "top555" & "VXhosting" and many dozens of other names.

Good luck ever suing them. Spending that $100 towards a trip to Russian and on some "boys" there who don't care much about breaking geekneck would work better.

That being said, you might be able to get their hosting partners at Eltel.net to rat them out, but I doubt it as bossman Dmitry Samarin (sam@eltel.net) may in fact be part of their operation. He's quite the liar too, so be ready with a big shovel.

If you want to find them in the USA, try their long time US hosting partners and allround scum: Henry Chen, Michael Huang & Joey Odesser of "Surfxpress" (jodesser@sxpress.com) - these twerps are in Hackensack, NJ. BTW, NJ also has "boys" there who don't care much about breaking geekneck - only cost more.

As I find with most big spamming outfits, they are blacklisted all over the place. SPEWS seems to have the most info, but Spamhaus and others have some too. Check these and the links within for enough to get your man, or get your $100 for an out-of-work dotcommer /.er!

spammer info 1
spammer info 2
spammer info 3
spammer info 4

Me? I don't need the $100, I'd blow it all on $5 hookers and crack anyhow.

Common knowlege who they are. It's a gang of Russian child & animal pr0n spammers known as "Seanamedia" & "top555" & "VXhosting" and many dozens of other names.

Good luck ever suing them. Spending that $100 towards a trip to Russian and on some "boys" there who don't care much about breaking geekneck would work better.

That being said, you might be able to get their hosting partners at Eltel.net to rat them out, but I doubt it as bossman Dmitry Samarin (sam@eltel.net) may in fact be part of their operation. He's quite the liar too, so be ready with a big shovel.

If you want to find them in the USA, try their long time US hosting partners and allround scum: Henry Chen, Michael Huang & Joey Odesser of "Surfxpress" (jodesser@sxpress.com) - these twerps are in Hackensack, NJ. BTW, NJ also has "boys" there who don't care much about breaking geekneck - only cost more.

As I find with most big spamming outfits, they are blacklisted all over the place. SPEWS seems to have the most info, but Spamhaus and others have some too. Check these and the links within for enough to get your man, or get your $100 for an out-of-work dotcommer /.er!

spammer info 1
spammer info 2
spammer info 3
spammer info 4

Me? I don't need the $100, I'd blow it all on $5 hookers and crack anyhow.

They aren't, they publish rather extensive proof why they list an IP address or range.

I could show you unanswered emails, but they would be too easily faked to be relevant.

From the SPEWS FAQ:
Q41: How does one contact SPEWS?
A41: One does not. SPEWS does not receive email

I am surprised your mailserver didn't inform you that spews.org does not answer at port 25.

The fact that you suggest booting a client AT ALL due to a technical error goes to show how ignorant you are. If a client is intentionally spamming we give them the boot right away. If they are an open relay, even if due to incompetence, they fix it or we fix it. Suspending their account would be stupid. We would lose the client.

Not suspending the client means you are spamming lots of people. My clients don't like spam, hence I use SPEWS to stop the spam from your IP range(s).

No, we kindly inform them of the problem, like people over the age of 15 interested in making money and retaining good business relationships.

That decision is rather bad for your relationship with other providers. The Internet is a collection of networks, if you only care about your income and knowingly and willingly allow open servers to send spam, don't expect others to spend bandwidth and CPU time to filter the few legitimate messages from the flood of spam.
Once again, I remind you that I am not listed by SPEWS, just like 99.8% of the Internet.

Lebed huh? He's in SPEWS too!

Maybe the SEC, FTC, DEA, FBI, CIA, should just download the SPEWS database and step though it one by one. Spammers are probably also pump&dumpers, fraudsters, druggies, criminals, terrorists... spamming seems to be the "gateway drug" of the information age.

One more, though I know it's lame to reply to myself _twice_... Here he is on SPEWS.

Conclusion: he's a spammer, he goes in for the pump-n-dump game, he makes death threats to the families of anti-spammers, he is in fact well in contention for Biggest Douche in the Universe.

Holy... sh...!!!

"Contention for?!" I say give thim the Biggest Douche in the Universe prize right now!!

See what Spamhaus has on him?!

And he works with my spamming "mate" Aussie spammer Dean Westbury?!

I want to be there when this loser picks up the award!!

Conclusion: he's a spammer, he goes in for the pump-n-dump game, he makes death threats to the families of anti-spammers, he is in fact well in contention for Biggest Douche in the Universe.