Slashdot Mirror
Spamhaus Responds To Spammers' Lawsuit
ShaiHulud-23 writes "A suit was recently filed by EMarketersAmerica.org, a fledgling secret organization of spammers, against the Spamhaus Project, (and other anti-spam sites) seeking to prevent the publication of the anonymous plaintiffs' IP addresses in the Spamhaus Block List (SBL). The suit requested a response from the named defendants, and Spamhaus director Steve Linford has provided one, dismantling the spammers' case point by point."
Talk about clueless and groundless.
The original lawsuit was newsworthy because it was a cartel of spammers attempting direct legal action against a system which blocks their messages, claiming that Spamhaus restricts their free speech and free trade.
The Spamhaus response is just a followup to the earlier story, and is an interesting insight into the fraudulent dishonest mindset of spammers by pointing out the falsehoods in the suit.
This whole issue is newsworthy because it calls attention to the overall deceptive sleaze of spam in general, it is NOT a legitimate business. While the racketeering story posted earlier isn't quite the right solution, I do think that if the courts are made more aware of the shady (and sometimes outright illegal) business practices of spammers, more anti-spam suits will be won and more anti-spam laws will be passed. Spam is a crime that just hasn't been made illegal yet.
General Geekery
Spamhaus should depose the plaintifs, and get the names of EVERY one of the greasy little bottom-feeders that's given them any money for this frivolous litigation.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Ack, meant to hit preview, not submit... oh well... Other thoughts: How are RBLs any different from other anti-spam services like Brightmail, or even firewalls (IE: I host my own mail, and I've pretty much blocked all of China and Korea so far, along with a few dozen overseas ISPs). All these are done voluntarily. Does this mean an ISP in China has a right to sue me just because I decided to block their CIDR block for the constant flow of spam that came my way (usually thru open relays)? Does this mean companies like Brightmail should be sued, even if they only block specific emails, and not domains/IPs like RBLs do? Does this mean that any ISP or company can sue me since I block all mail from sources that don't resolve reverse DNS?
I'm a sysadmin for a large ISP. We sometimes are added to RBLs (happens when you have millions of users. Either the user knowlingly did it, or got hacked, or has a trojan). Does this mean we should have a right to sue the RBL company for adding us to their list?
It's better to burn out than to fade away
I think that's exactly the point, and why Spamhaus responded the way they did. No, common sense is the same in the States... at least among non-idiots. ;)
Let's just hope they get a good judge that immediately tosses this one out, and, yes, must pay reparations for wasting the court's time.
chris.
It's not at all obvious.
We are coming to a point in history where US law is converging to global law. Military might talks. Mind you, it doesn't work the other way.
The spam assholes of America are some of the least dangerous assholes though. The US is brim full of more dangerous assholes.
How small a thought it takes to fill a whole life
Seriously, I hate having my inbox clogged up as much as the next guy, but wake me up when something actually HAPPENS. I'm sick of hearing the two sides verbally piss on each other, I think we can all agree that's been done to death. How this rehashing of the same old crap is newsworthy to anyone is beyond me. Different face, same words.
/. readers are a part of one of these interest groups.
I'm with you as far as being tired of seeing this sort of thing go on for ages without any discernable progress. But you've got to understand, this is how things of this nature are hammered out. They say politics is the process of deciding who gets what in a society. This is just two different interest groups fighting for what they want. And, despite the negativity associated with the phrase "interest groups", they're not always evil.
As far as it being newsworthy or not, I think it is. You've heard it before, this is News for Nerds, and lots of
-- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
You can sue for anything, really you can.
You should be allowed to sue for anything.
Who should judge what is worthy? A judge of course, nobody else should be allowed to make the decision if the case should proceed.
I don't see a better solution.
A substantial portion of the fees you pay to your ISP are to cover mail server capacity and bandwidth devoted to receiving spam.
This entire lawsuit is ridiculous, in fact, laughable at some points. Emarketers actually says that Spamhaus hijacked their IP addresses, and used them for their own gain. Huh? They also state repeatedly that Spamhaus blocks their IP addresses at the source, rendering their mail servers useless, in essence.
These guys are technically clueless. If you are going to sue someone for technical reasons, at least know what the hell you are talking about. I mean, is it just file the suit and hope for a clueless judge or something?
If this article confuses you, don't worry. It was posted yesterday in a much clearer fashion.
Thats a rather illogical argument. If Spamhaus was blindly blocking every IP address in the 100.x.x.x range, then even though they have never heard of the people in that range, they could still be harming them. It's quite easy to harm people you have never heard of.
Yeah, but read the claim: ...efforts are calculated to disrupt and destroy...
This suggests intentional, directed harm. And since Linford claims that he did not know EMarketersAmerica before the suit, it was impossible for him to have directed his actions intentionally against the plaintiffs.
Sure, he could have harmed them unintentionally before since he did not know them. But the spammers claim otherwise.
Sorry, that is not the same. Getting email about enlarging your none-existent dick is not the same as forced sex.
Nor is unsolicited commercial bulk email the same as a certain "meat" product made by Hormel. However, being forced to sort out graphic, unwanted emails from the real stuff is to having to cope with some man trying to force himself on me, as unsolicited commercial email is to Hormel's answer to the hungry American. Therefore, the use of the word "digital" to preface the phrase. (Also, date-rape as opposed to stranger-rape, as it is as much about people's f'ed up sense of what rights a person has over their own experience than about violence.)
Sorry to have confused you. Hope this helps.
Don't you wish your girlfriend was a geek like me?
If I sign up for Yahoo and check the boxes saying I want to receive email about something, it is not spam, no matter how much I whine about it. If I can respond to the email and request to be taken off a list and actually be taken off of it, then it isn't spam. Not all commercial email is spam.
Let's be very clear on this. Your first statement is correct. Your second statement, however, seems to claim that it's not spam if the remove address works, which is 100% bullshit.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Be a good citizen and remove the popup ad from your mirror of the SpamHaus letter. If you must, slap a banner ad or a few sponsored links on the page, but yank the damn popup as it's diametrically opposed to the spirit of offering a mirror.
--Got Lists? | Top 95 Star Wars Line
This will be a very interesting lawsuit. First of all, it's true that the state of FL has no jurisdiction over an individual in the UK. Second, the UK looks more dimly on spam than the US does (hard to believe, eh?). Third, this lawsuit looks like it will be VERY public. The defendant should be able to call this a slam dunk. No FL judge will probably be high enough to touch this either.
The spamhaus guy certainly dissects emarketer's absurd lawsuit, but unfortunately that is a technique better suited for Usenet flamewars. (At risk of overstating the obvious...) It isn't gonna cut it in Federal Court. Spamhaus will ultimately have to file a coherent legal briefing - which I hope Slashdot links to when it becomes available.
Unfortunately, many court cases are more about who has deeper pockets than who is right...so if Spamhaus doesn't get this court case dismissed immediately, they could be in big trouble.
If they DO go to court, they run the risk of ending up with one of those old, crusty judges - the kind that has never actually used a computer, having his(or her) secretary print out his email every day instead. In which case the proceedings could drag on and on...and Spamahaus would probably be SCREWED.
Spamhaus isn't a US entity, and Steve Linford isn't a US resident, and it's highly likely that the court has no jurisdiction over his actions, so it may be much cleaner for him to say "no thanks" and not be part of the suit. That means he may not get to play the Discovery game (or at least he'd need a real lawyer rather than me advising him.) But any of the US-based defendants certainly can go file discovery motions as part of their response, even if the result of them is to demonstrate that they're not part of the suit or that they didn't do the actions they're accused of or that those actions aren't a tort.
You can have *so* much fun with discovery in this - not only should they be able to get the names and real addresses and phone numbers of all the spammers that the plaintiff alleges are part of his organization, but also
and any other information you can think of that the spammers would probably rather NOT have exposed to public view. And be sure to get all of them in electronic form, and delivered to all the defendants, because even if Steve Linford and Spamhaus aren't under US or Florida jurisdiction, they're certainly parties to the case, and it'd be a real shame if there were no particular way to impose confidentiality rules on the non-US defendants for use of that data.
Yeah, it seems like a lot of data. But the plaintiff's suit doesn't just claim something fuzzy like libel (where he might have had a chance suing in the UK, though probably less likely here) or restraint of trade, it claims that the defendants engaged in activities that caused damages to the plaintiff by interfering with the plaintiff's legitimate activities, and that means that the actual activities that the plaintiff claims to have engaged in and the defendant's actions which allegedly i
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
All I want to know is, how the hell am I supposed to tell the difference? I get e-mails from RedHat, because I signed up for their newsletters. I get them from Yahoo, because I signed up for their services.
/dev/null sort them out. If an e-mail "marketer" is using some obscure loophole in some bogus website EULA, then they're not white hats. They're just not the deepest shade of black around.
But how are you, the consumer, supposed to tell if one of your "white hats" is actually one of Yahoo's "marketing partners?" Seriously, every spam I get comes with a disclaimer that says I "opted in." I remember one especially infuriating one that listed about a dozen different ways to opt in, and at least half of them were so vague as to make it impossible to say, "no I didn't."
My philosophy is, if I'm not absolutely sure I signed up for something, then kill them all. Let
You want the truthiness? You can't handle the truthiness!
Start by disbarring the lawyer for abuse of his position as an officer of the court. Follow with criminal case for perjury. Top off with civil suits for libel and harassment.
It is pretty clear that some of the information in the lawsuit is made up. Completely, from whole cloth. For example, the claim that Spamhous's DNS registration information is incorrect seems to be an utter falsehood. The claim that the defendants converted IP addresses and servers to their own use is ridiculous.
Some Florida lawyer could make a lot of money by going after this guy with a class action suit where all of us who receive spam claim damages from his harassing our legitimate efforts to stop spam. Not to mention what Spamhaus should be able to collect for defending itself against this frivolous lawsuit.
I am also very curious what ramifications can be made from the fact that the group behind this apparently chose to incorporate entirely to issue this lawsuit. If so, it would seem to me that their corporate registration is fraudulent. If so, they should be prosecuted for that. Further, they should also lose the normal liability protection of the corporation and be eligible to be listed as co-defendants in the civil suits mentioned above. IMO. IANAL.
True, it's hard to enforce laws outside of your borders, but where economic and military power come into play, there are ways to get your point across....
Your Servant, B. Baggins
You are reading comments into the rebuttal that aren't there. If you can't see the difference between "directed his actions intentionally against the plaintiffs" (your words) and "could not be harming the Plaintiff in any way" (the rebuttal's words), then clearly you shouldn't be debating law...
All I'm saying is that the "could not be harming the Plaintiff in any way" phrase that is repeated over and over again in the document is just plain wrong, and if that is the text the are using in their official legal response to the lawsuit, it isn't going to go in their favor. Because, to repeat myself, you can harm people you don't know. Their rebuttal needs to take this into account if they want a judge to side with them.
I am anything but pro-spam, but I'm happy to see the blackhole lists get kicked around a little bit. Some of my accounts get hit more than the average person, because they are well placed on many web pages, or have been in use for years and are now forwarded to my account when people leave the company. I average about 200 spam messages per day coming into my account.
/.'d right now, or I'd complain about them, but lets check who we can.
$RANT_MODE="ON";
I also handle many networks, with many many machines. Some of our networks have other people's equipment on it, but I'm 100% positive that they don't spam from their machines. Since they frequently ask me to help with their configurations, or help with problems, I'm intimately aware of what they do.
If there are spam complaints, they filter through to me very quickly. Level3's abuse account gets most of them. They filter out most of the bogus complaints, and are quick to get with us about legitimate complaints. We did have one machine hosted on one network that was spamming, which we ejected from the network shortly afterwards.
On a monthly basis, someone will come to me saying that they've been blacklisted by one of the many lists for ambiguous reasons. Any incident that is legitimate is cleared up between us and our bandwidth provider, under the threat of having the IP or IP block blocked from all Internet access. Level3 Communications is very anti-spam. They'll cut you off for being a spammer. If we don't explain or handle an incident, we could very easily loose our lines. I have no problem with this.
The last case with Level3 was a single spam complaint, sent through SpamCop. The message wasn't a spam at all. Someone had made a purchase online with an invalid credit card number. The Email simply stated that they had attempted a purchase (with IP and invoice number), and said if they still intended to make the purchase, they should contact the sales department at the store. I know the owner of the store personally, so I called him. He freaked out when I told him there was a spam complaint. This is a business man who is the most honest person I know. (If in Ft. Lauderdale, tell Glenn I say "hi"). I read the Email to him, and he confirmed that it was a legitimate message, and the card had been bad.. He immediately cancelled the order, and blacklisted the customer. The next day I got a forwarded Email which was an apology from the customer. She sends every Email off to SpamCop, and lets them sort them out. Nice, huh?
Now on to the abuses of the spews system. SpamHaus is
65.59.224.0/25 is one of our networks. A small backwater of our network. A few older machines live there, and not much happens. SPEWS has 65.59.224.0/24 blacklisted, as well as 66.166.136.128/24 which is no relationship to us (the wrong network size is theirs, not ours). Because I have machines on the first half of 65.59.224.0/25, I'm blacklisted. 65.59.224.128/25 could be blacklisted, but I happen to know that they have quite a few hosting customers, most of who know nothing about the other customers.. Legitimately blacklisted??
ORDB has my ex-girlfriend's mail server listed. She develops and hosts sites. No spamming at all.
65.59.224.11 is listed as herbalo.com. Funny thing is, it doesn't exist on our network.. I'll personally escort anyone from spews into the colo to prove it to them.. Oh wait, I forgot, these are anonymous people who don't exist in the real world and don't feel themselves accountable for blacklisting innocent networks.
AOL has blocked one of my own servers, as well as those of two different friends (on their own networks) for "potential spam".. One of them had a *WEB* proxy server, and aparently because it existed (on port 8000), he was blacklisted from sending
Serious? Seriousness is well above my pay grade.
Pleadings aren't made under oath, so nothing contained in them can be perjury. If you deliberately state facts you know to be false, however, you could run into civil liability for abuse of process.
MHO. YMMV. Any resemblance between this post and real persons, or reality in general, was accidental.
What would be much more interesting is a lawsuit from the ISPs that gets hit by the punitive overlisting (the 'escalated listing') that SPEWS and SpamHaus practices.
These affect in most cases upwards of 99% completely innocent customers of the victimized ISPs, who in some cases don't even host the spam emailers or the spamvertised sites; they are simply providing 'other services' (payment services, bandwidth for steaming etc.) for companies that may be using spam elsewhere in other parts of their business, and yet they get branded 'Spamhaus!' and gets blacklisted.
As there is absolute no additional spam-stopping effect of this overlisting, its only purpose seem to be to blackmail the ISPs to stop a non-spam-related business relationship with companies that SPEWS/SpamHaus disapproves of in order to exact revenge or similar stupid action.
The 99% innocent victims are being pressured to switch ISP, which may result in multi-million dollar expenses (like when they need to move all their servers elsewhere) that nobody but themselves can possibly be expected to cover, and sometimes the ISP even demands damages for prematurely terminated contracts.
As these blacklists are part of the de-facto standard blacklist published by osirusoft, a listing by SPEWS/SpamHaus practically guarantees severe email connectivity problems, which makes it effectively a sender block, not just a receiving block. This means that this type of listing actually prevents millions of innocent users from sending mail, despite the fact that they've never sent anything remotely like spam, and probably hates spam as much as everybody else.
Last time I checked blackmail was very much illegal and it would be good to see how the legal system judges this practice, especially considering that most people have no idea that their ISP may be preventing them from receiving email from ordinary people who are unfortunate enough to have an ISP that's being victimized by a SPEWS/SpamHaus overlisting, despite clearly not being a source of spam.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
My first thought of this lawsuit is:
"maybe we can get them to abandon their project if we sue?"
If this were to somehow get sent to trial, it would cost $$$ to defend, even if it's just paying for a plane ticket to the US and a lawyer for a few hours to say "ha ha, this is all voluntary on the ISP's side!". So maybe these jerks are trying to take a page from all the large patent lawsuits out there and sue someone small just to intimidate them?