SpamCop To Be Sold To IronPort?

Iphtashu Fitz writes "InfoWorld is reporting that SpamCop is about to be sold to IronPort Systems for an undisclosed amount of money. According to the InfoWorld article, the announcement will be made on Nov. 25, and will include IronPort investing $1 million in SpamCop to keep the service up and running. IronPort apparently makes use of the SpamCop DNS blocklist in their spam filtering products and this move is seen as a way to help support SpamCop and formalize their relationship. IronPort is reported as stating that the SpamCop blocklist data will remain freely available to the public."

undisclosed...?

[wrinkledshirt]

InfoWorld is reporting that SpamCop is about to be sold to IronPort Systems for an undisclosed amount of money...

Hey, I don't know about you, but no price is too small for that great selection of penis enlargement offers they must have at their fingertips.

Potential advantage of corporate backing

[bigberk]

Spamcop is one of the blocklists that has been under perpetual attack by spammers. Recently, spammers started a rather major DDoS against spamcop and several other services.

Antispam services that have limited operating resources (such as the now defunct monkeys.com and osirusoft.com) -- while extremely useful services, simply didn't have the means to withstand major attacks. Those two services had to be shut down because the owners could not deal with the onslaught. Spamhaus, and probably now Spamcop will be able to withstand attacks.

Kudos to any company that joins in on the spam fighting effort. Also worth mentioning are the good folks at Easynet, who have been running top-notch anti-abuse DNSBLs that are available to the public.

I use SpamCop for e-mail...

[rborek]

... and it's generally pretty well filtered.

However, I would never use the SpamCop blacklist for completely blocking e-mail - only filtering. Why? Any one "possible spam" message processed through its system lands the server on the blacklist - which means one user that sends out a spam message (or even a message that someone thinks is spam or unwanted) that is then processed as spam through SpamCop puts the mail server onto the blacklist. The server will not be removed for a minimum of 24 hours.

This means that systems that are active against thwarting spammers can still end up on the blacklist for 24 hours (or longer - you can report e-mail for up to 3 days after it was sent).

Re:I use SpamCop for e-mail...

[Zocalo]

Any one "possible spam" message processed through its system lands the server on the blacklist

That's not quite correct. SpamCop uses a fairly simple, but quite effective weighting system that combines the number of reports and the age of reports to decide whether to block an IP or not. You can find out the specifics here if you want, but in a nutshell a minimum of *two* reports are required for a listing of just 24 hours. All IPs will be delisted 48 hours after the last spam complaint, which can be upto 5 days after the last spam was sent, as you imply.

Yes, mistakes can and do happen (I've seen Amazon and a popular mailing list blocked), which is why SpamCop recommends you don't use it as a DNSBL, but despite that I have found it to be the most accurate blocklist of all. I use three DNSBLs on my server (SpamCop, Spamhaus and my own local one) with an SMTP error verbose enough to pick up bounces. I've seen just *two* false positives, one from a mailing list and another an advert from Amazon. A simple "amazon.com OK" in my mail config fixed that permanantly, but that's not really an applicable solution for a big multi-user server.

If that kind of filtering makes you nervous, then a better solution is to configure something like SpamAssassin to check the DNSBLs for you and assign a positive score to the hits. If you adjust your SpamAssassin scores to reflect your personal confidence in each enabled service then the results are superb. For the last three months I've been running with the three DNSBLs listed above blocking IPs outright and SpamAssassin checking about half a dozen more for a match amongst all its other checks, plus a few custom ones and adjusted scores. The results are stunning:

• Two minor false positives on the DNSBLs
• Zero false positives from SpamAssassin (you rock!)
• Three spams of the meaningless content type arrived in my inbox (fixed by tweaking some SpamAssassin scores)
• A few thousand legitimate emails received
• Probably a similar number blocked or removed - who cares?

Spam problem? What spam problem? ;)

Re:IronPort's Reputation?

[nbvb]

No way, the guys at IronPort are fantastic.

If I've ever met a group of people who understand the Spam Problem, it's them.

This is *fantastic* news! The guys at IronPort Systems make the best damned mail routers I've ever seen. Bar none.

Their SenderBase and Bonded Sender programs are really a lead into solving the SPAM problem.

Both products integrate directly into the IronPort C60 mail appliances and automatically apply what they call "reputation filters" which let you control SPAM. You can throttle based on the "reputation score" from SenderBase, as well as traditional methods.

The fact that BrightMail is integrated also is a major bonus.

Back to the original point, I'd definitely give IronPort a chance here. They're a GREAT group of people (I've met everyone from the CEO on down), understand e-mail, and really want to do the Right Thing.

Check them out at: http://www.ironport.com

Unfortunately, my company's rules won't let me give a public testimonial as a satisfied customer, but believe me, if I could, I would!!

Re:I don't know what to be: happy, sad, indifferen

[silentbozo]

SpamCop publishes a list, but whether it is used for scoring or blocking is completely up to the person receiving the list. For example, you state that you like SpamAssassin - one of the filters that is used by SA to score spam is the SpamCop blacklist. Also keep in mind that publishing this list is only one of the benefits that SpamCop provides. I use the reporting service to report spam (and incidentally, it's these reports that go into the creation of the blacklist.)

Funnily enough, SpamCop recently incorporated SpamAssassin for the pop/webmail service that they provide.

As for getting on and off, there is a deputy you can e-mail (a live human being), in addition to the standard set of webforms etc. SpamCop these days is a very benign service (for the most part). The fact that SpamCop is under almost constant attack by spammers trying to DDOS them, trying to overload their systems with fake accounts, etc. tells me that spammers consider SpamCop to be a major threat.

Dear Sweet Crap

[Dragoon]

I'm a former direct-mailer (spammer). Yes, Hate me.

We had 2 IronPort A60's that we would use to pound mail out like insane pixies who had too much sugar.

With SpamCop being owned by Ironport.. .dear lord, will this mean for an extended supscription one would get removed from spamcop?

This obviously would mean the dependance on spamcop to be a serious regulatory company, would be an idiotic assumption.

Ironport Sells 2 series of devices The A and the C

the A60 is the flagship of the outgoing mail genre, and the C60 is the flagship for blocking the incoming mail.

In basic sense, they sell the ultimate spam machine, as well as the ultimate anti-spam machine.

They're basically Gun Runners, and fairly evil. They will sell you one product to send huge mail campaings, and another to avoid them, its a damn protection racket.

How is this legal in the us?