Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoS Assaults Underway Against Spam Blocklists

Posted by CmdrTaco on from the the-attacks-keep-coming dept.

Hiawatha writes "The same sort of denial of service attacks that drove spam blocklist Osirusoft off the Internet are battering many other blocklist services as well." Apparently spammers aren't going to sit by and let people try to ignore their unwanted pitches.

9 of 797 comments (clear)

  1. Why does he think it's spammers? by seanadams.com · · Score: 5, Insightful

    Apparently spammers aren't going to sit by...

    Has anyone stopped to think that maybe it's not spammers who are doing this? I hate spam with a passion, but words cannot describe my pleasure in seeing these blacklists, especially SPEWS, shut down. They are pure evil in their methods, and largely ineffective against spam while causing massive inconvenience for ISPs and legitimate users of the network.

    All of these centralized blacklists have made so many enemies in their history that any finger pointing is simply laughable. They have made powerful enemies, including the large ISPs who happen to be the only ones that in a position to stem these attacks. This is not your normal DDOS: it is not only the originators of the DDOS, but the very network itself that wants them destroyed!

    1. Re:Why does he think it's spammers? by fmaxwell · · Score: 5, Insightful

      I hate spam with a passion, but words cannot describe my pleasure in seeing these blacklists, especially SPEWS, shut down.

      I will be equally happy when someone uses a DoS to keep you from posting comments with which I disagree. As you point out, a DoS is a valid way to suppress free speech.

      They are pure evil in their methods,

      How is it "evil" to publish a list of IP addresses that match a listing criteria? You don't want to block e-mail from Nigeria? Fine. Don't use nigeria.blackholes.us. You don't like SPEWS listing criteria? Don't use them. (I don't because I don't like their criteria).

      and largely ineffective against spam while causing massive inconvenience for ISPs and legitimate users of the network.

      Absolutely untrue. I use several of the blacklists for my domain and the quantity of spam blocked is tremendous with very little collateral damage. Without those blacklists, I would be seeing far more spam than legitimate e-mail every day.

      They have made powerful enemies, including the large ISPs who happen to be the only ones that in a position to stem these attacks.

      Yeah, the same large ISPs who, in many cases, were writing "pink contracts" for spammers and making money from spam. Those are the large ISPs that really hate the blacklists. And if it wasn't for the blacklists, more and more ISPs would be writing pink contracts.

    2. Re:Why does he think it's spammers? by nearlygod · · Score: 5, Insightful

      The problem is that they are not checked and updated (at least in my experience). My companyies IP (actually my ISP's entire C-block is blacklisted by one list and dispite trying for 6 months, I have had no luck getting removed. I have gotten zero responce from the blacklist dispite many attempts and following their removal instruction to the letter. No other blacklist has us listed and we have never had an open rlay or sent spam. So to me, this particular blacklist is evil and since they are the only one that I have had to deal with, I wouldn't be suprised if others have had the same experience.

      --
      The Tools Of Ignorance wanna be a tool?
    3. Re:Why does he think it's spammers? by TillmanJ · · Score: 5, Insightful
      Oh...I just noticed, the poster is a proud Republican...that explains it. Anyone who feels the need to brag about their conservatism generally has a soft spot for Joe McCarthy.

      Anyone who needs to point out someone elses political leanings in order to denigrate them generally has a soft spot for Chairman Mao.

    4. Re:Why does he think it's spammers? by hawkfish · · Score: 5, Insightful
      Anyone who needs to point out someone elses political leanings in order to denigrate them generally has a soft spot for Chairman Mao.
      Amusingly enough, this can be applied to Rush Limbaugh and most of the other right wing fruitcakes in the US. As it is written, "Choose your enemies wisely, for you will end up resembling them."
      --
      You will not drink with us, but you would taste our steel? - Walter Matthau, The Pirates
  2. Distributed blocklists by silentbozo · · Score: 5, Insightful

    Bad for them. The main reason for creating centralized blocklists was so people who reformed, or who kicked spammers off their blocks, could have their IPs relisted without having to worry that random admins had hardcoded filters into their routers. One central source for listing, one central source for delisting.

    If they succeed in negating the value of centralized blocklists, guess what - admins will go back to blacklisting blocks manually. Those IP blocks will become useless once enough people add them to their blocklists, and there won't be any easy way of redeeming them.

    Anyone who wants to get internet access better get a clause in their contract guaranteeing that the IPs they get weren't abused by someone in the past, or else they might be getting a useless connection.

  3. indeed by Trepidity · · Score: 5, Insightful

    Even if you happen to like the blocklists and agree with their methods, it's clearly irresponsible to assume they're being attacked by spammers -- there are a lot of non-spammers who would love to take them out.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  4. Re:ever tried to get off SPEWS? by mrex · · Score: 5, Insightful

    Go to nana-e, and they'll tell you that robots from space run SPEWS

    Spammers with unbalanced ethics:lawyers ratios have already attempted to make life hell in court for blocklist owners that they could track down. I know of no instances where the spammers won, but the costs and hassles associated with defending yourself from a lawsuit exist whether one wins or loses.

    Who can blame SPEWS for planning ahead for this? Answer: spammers who are really pissed off.

    , and there's no way to get a hold of them. They start with Class C's, then progress to banning class A's.

    That's the whole goal of SPEWS. SPEWS is not a list of spammers, its a Spam Prevention Early Warning System. Listing individual spammers addresses has not been entirely effective, as spammers simply find providers who are willing to lie for them, thus SPEWS was created to punish ISPs who are unresponsive to legitimate abuse reports. SPEWS exists to counterbalance the profit those ISPs may make from spammers with loss of profits from those who want to use the internet for a legitimate purpose.

    Some of the crazies who post on nana-e even have the whole country of Brazil banned on their private lists.

    I add a very very large score via SpamAssassin to any mail that comes from Brazil, Mexico, China, Taiwan, Korea, and several other nations who appear to be becoming spam havens. What's your point? I have, in many years on the net, never received an e-mail I wanted from those countries.

    SPEWS had information too on DNS blackholing (i.e. preventing your users from going to internet sites) and on HTTP blocking.

    Uhhhh...yes...and? Is there something immoral about administering the ISP you are responsible for in the manner you see fit? It's my business, I can do as I damn please. If I want to filter out every website except my own, that is my right. My customers vote with their business, they do not get a direct say in how I run my outfit. Every business owner understands this concept when it is put into their terms, yet spammers seem to be very against this right when it comes to ISP owners. Gee, wonder why.

    If it was anyone else (the government) who was advocating this, people would be outraged.

    So? Very often it is acceptable for an individual to do something that a government cannot. For instance, if the government tried to convince me to go to XYZ Church, I would be outraged. For an individual to do so is nothing short of normal.

  5. A Defensive tool, not censorware by mercuryresearch · · Score: 5, Insightful

    I'm getting a bit tired of people applauding DOS attacks on blocklists. Many of us run small mail servers for ourselves and/or small companies where EVERYONE who recieves email is in agreement that blocking spam is the right thing to do. When everyone chooses to do this, it's not censorship. Seriously -- the volume of spam is overwhelming, and in a small business there is no one delegate managing email to, and it's consuming precious bandwidth. Spam is the problem, not block lists. No spam, no blocklists, simple as that.

    My server has seen as many as 500 spams a day directed at it -- for just two email accounts releated to my business. I had little choice but to elect to use drastic measures and escalate them until the spam became manageable -- and the best defense due to bandwidth issues (we run on just 128K because that's all that's available to us) is blocklists. The problem has been so bad that I maintain an internal block list that uses iptables to simply not route packets from IP blocks (/24) for any email that gets through the first layer of blocklists that sendmail checks.

    Osirusoft in particular was very, very useful to me, because they maintained a number of DNS mirrors of other blocklists, so you could pick and choose how drastic you wished your blocking to be. I will miss their service greatly -- and can already notice it as my spam has doubled since it was removed from my sendmail config.

    Without blocklists, email for my small business at least would be useless. I know that I've lost business using them, but I'd lose more business/time/money without -- there's no friggin' way I'm going to search through (and accept the bandwidth hit from) five hundred messages to find the few legitimate ones and still have time to get real work done.