Slashdot Mirror
IronPort Arms Both Sides In Spam War
securitas writes "We all know about IronPort's recent acquisition of SpamCop. What may not be common knowledge is that IronPort's Senderbase has 'the reputation as the fastest way to send millions of junk e-mail messages' and is popular with spam factories. Founded by two former Microsoft executives - Hotmail's Scott Weiss and ListBot founder Scott Banister - IronPort claims its customers are not spammers but legitimate marketers. Critics say that this is a clear conflict of interest. Playing spam from both sides might be likened to a pharmaceutical company enabling the spread of a disease in order to sell the cure. SpamCop founder Julian Haight - who had to sell the company in order to remain solvent - is quoted as saying of IronPort's anti-spam measures: "I am not sure all its standards are tough enough." The story was originally reported by the New York Times' Saul Hansell. Abbreviated mirror at IHT."
in business ethics while employed at Microsoft, I am incapable of believing that the owners of Ironport would ever do anything to hurt the general public simply to make an obscene profit.
Yes, I know a lot of what I write makes it sound like my tinfoil hat is loose but hear me out:
IronPort buys SpamCop
Worms hammer anti-spam sites
Because IronPort is now "spammer friendly", SpamCop doesn't suffer these DDoS attacks.
SpamCop's for-fee competition and free lists are ran off the net by IronPort supporters.
Not suprisingly, IronPort's products don't block mail from their customers.
IronPort and it's spammer customers profit.
Trolling is a art,
The analogy needs to be furthered a bit: this would be like a pharmaceutical company not only spreading that which they themselves sell the cure for, but above it all, that cure being phony, so that the market for the cure is maintained. Think, do you think IronPort's spam protection measures will stop their own supported spam? This reminds me of a bond-type plot where evil villains pay an evil company to let them continue ravaging the world. Even though this obviously would only last so long in the pharmaceutical industry, I'd call it a feasible, profitable, and despicable practice for the e-mail industry, with all the sources of spam floating around.
Nothing like having your SPAM and eating it too!
"Talk minus action equals nothing" - Joey Shithead, D.O.A.
"Talk minus action equals
Since IronPort has access to SpamCop's filters now, they could hypothetically engineer a method around them or just kill the product entirely - or make it so that only they could bypass it, and any other spams sent from elsewhere would be blocked.
Arming the wolf with the shepherd's crook? More like giving him an M-249.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
Playing spam from both sides might be likened to a pharmaceutical company enabling the spread of a disease in order to sell the cure.
Or it could be compared to Chaplin's film The Kid :
The Tramp rescues a baby abandoned by its despairing mother, brings it up to become his partner in a window-repair business - although it is the Kid's business to break the windows first
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
So IronPort make both Spam mailers and anti-spam products.
Will they use their spam mailer expertise to make better anti-spam products, or use their anti-spam expertise to make better spam emailer products?
Why do I think I know the answer aleady.....
Spamcop could improve what is already good filtering, by automatically blocking crap from IronPort's SenderBase clients.
"All your SenderBase are belong to us."
I said this before and I'll say it again...
There is a huge incentive for IronPort to stay on the legitimate side of things. Spamcop rocks (thanks Julian!) - but only because of the constant vigilance of the many users who report instances of spam. This is a human-based review system of millions of junk messages... without the users, there is no Spamcop, and Ironport bought nothing. They can't afford to risk being the bad guy here or they risk losing the reviewers !
"Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech."--Benjamin Franklin
It's kind of like the diet industry. You try the newest hottest spam killer that will guarantee getting rid of all the spam, like trying the newest hottest diet that will guarantee getting rid of all the kilos. You lose the spam like you lose the kilos, and then, after a few months, it all comes back twofold. So you try the next newest hottest spam killer, the next newest hottest diet, blah blah, it comes back threefold. Then you try the next...(ad nauseum)
When life hands you lemons, grab the salt and pass the tequilla...
His comment was about Bonded Sender, not SpamCop.
--
Have you read the Moderation Guidelines Addendum
Hotmail helpdesk #1: Dude, spam is big business.
..
Hotmail helpdesk #2: Ya, I bet someone could make a killing off an anti-spam service.
Hotmail helpdesk #1: Sure, but spammers are legitimate marketers too.
Hotmail helpdesk #2: Dude I know, their just trying to get their message out.
.
.
2000 - IronPort founded
.
Quack, quack.
I guess a few bugs still need to be worked out.
I should buy some cement.
Everyone in the Microsoft thrall volunteered. Weiss and Banister signed their names in blood to Microsoft contracts. At some point, Dark Lord Ballmer will come with the Blue Screen of Death and collect from them. That is the way of things, at least until Frodo Torvald is able to throw the closed-source ring of power back into Mount Redmond where is was forged ...wait, it's time for my medicine again, isn't it?
PINKY: Gee, Brain, what do you wanna do tonight?
BRAIN: The same thing we do every night,Pinky!
Try to take over the world!
{Pinky and the Brain theme}
BRAIN: Email messages, Pinky, is our new tool! We will take over computers with trojan horses, send spam from there, and then we will sell everyone Anti-Spam... for what it's worth !
PINKY: What if they don't buy your anti-Spam, Brain?
BRAIN: Even better ! We will scare the people off the internet, leaving their connected PCs behind! This in turn will give us more hosts from which to send Spam. We will then have taken over the world!
PINKY: Egad, Brain, Brilliant! Oh, oh, wait, no, no -- why would they be scared of us? We're so small, um, we're practically the size of mice, Brain!
BRAIN: We *are* mice, Pinky.
PINKY: Oh, right. Well, there you are then. Nya-ha-ha!
Quem a paca cara compra, paca cara pagará.
I use Squirrelmail, and one of the options is to use Spamcop (report as spam)
/dev/null'ing everything.
In he last few days, when you process your spamcop response, I have noticed that instead of sending the notices to the usual "abuse@comcast.net" it is simply
I was wondering about this.
Has anyone else noticed funny things going on in SpamCop?
* Carthago Delenda Est *
I see this as a single-minded business. SPAMcop wants to remove spammers by hunting down the true origins of mail it is told are illegitimate, or through filters. OTOH, it is owned by a company that teaches and sells mass-marketing schemes. This mass-marketer has competition, and thats exactly what SPAMcop will be going after. Bingo! You have a great model to improve your scores by showing actual tallies of improved responses from people using your lists or methods.
However, there will be an easy way to detect this: If the companies that are sending the spam are ignored by SPAMcop and also part of their enterprise, we have the feared result. At the moment, I haven't seen any evidence of this posted anywhere. But I'm only one person.
mug
I think big business is starting to learn what step 2 is, and it's kind of frightening.
- Create inconvinience/problems.
- Sell products which eleminate the problem.
- Profit!
What a shame the tech industry is becomming.CAn'T CompreHend SARcaSm?
You mean kind of like Verizon selling my phone number to telemarketers, and then trying to sell me anti-telemarketing services for a premium price?
"IronPort claims its customers are not spammers but legitimate marketers."
To me, any marketing related mail is spam. Another user may want to be marketed things that he is interested in, but not me, and I suspect the same of most users of any type of anti-spam solution.
Don't Tread on Me
The reason oil companies do research on non-oil fuel is to get a patent on those things and prevent anyone else from using them.
EvilCON - Made Famous by
When it's something like file sharing, everybody's keen to jump on the "don't blame the technology" bandwagon. After all, file sharing can be used legitimately, right?
How is this any different? There are legitimate needs to send bulk mail aren't there? It's not only used by spammers is it?
The only difference I can see is that spam is something techies collectively hate, and copyright is something a lot of people are ambivelant about. Let's be fair and apply the same standards! Arguments don't stand or fall based upon whether we like the people involved.
Specially at M$ where its not enough to M$ to win but YOU have to lose.
The only thing I'm happy about is that even Bill Gates will eventually die, just like the poorest Afghani. There is some comfort in that. Nobody lasts for ever.
But if there is an after-life, I hope he has to use his own products to run a support-site for his own products for the rest of eternity.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
http://www.dilbert.com/comics/dilbert/archive/dilb ert-20031129.html
And good God, he's an AOL user!
EvilCON - Made Famous by
Sounds like when that one phone company (I think it was AT&T) was selling technology to block telemarketers to consumers, and selling technology to get around technology to block telemarketers to telemarketers.
And, as they say, hilarity ensues...
There are only 10 kinds of people in this world... those who understand binary and those who don't
Gee.. and they have my email address...
Would they? Could they?...give their collected mail addresses to their 'partners'/'customers'?
10 Send report of spam to spamcop
20 spam cop 'parters' spam you
30 goto 10
There are some legit companies that use it. A place I used to work used it for sending user-configured news and stock alerts. Interestingly enough, the box is a rebranded dell running freebsd. I have my suspicions they are using qmail on it also just because of the way it behaves. Everything is hidden behind a nice little interface though, so you have to boot with a floppy to poke around, which I never got around to doing.
:) It is a good product though, you would have serious trouble getting that kind of performance out of a standard mailserver using the same hardware.
The boxes are $30k each last I checked. On a revenue of $10 million, that's likely under 300 machines if you include a support contract. Not selling many of them...
Need Free Juniper/NetScreen Support? JuniperForum
Yes, because only spammers send high volume email in a short period of time.
The company I work for is looking at using one of these boxes to send our opted-in newsletters. IronPort may be popular with spammers, but I have to agree that there are perfectly ethical reasons to send out millions of emails per day (per hour in fact!) The IronPort systems are by far the fastest mail servers around.
I don't know, isn't it a "traditional" mail sender/relay? Most spam these days comes via open proxies etc. A spammer operating with his own mail server like SenderBase would be blocked by all anti-spam lists fast and would not be effective for long.
And lets not forget proper uses for the box. I sure would like an appliance box for handling the daily newsletters and etc. Sure it's fun to sit and tweak Postfix on a Linux box but if you were to setup a new system it might not be cheaper to build an entire system yourself, with the tuning, tweaking and scriptwriting, and the following maintainance like updates fixes etc.
Senderbase.org is an invaluable site for fighting spam, not a way to send junk email; it is a scourge for spam factories.
Larry
It's a database that identifies high-volume email sources. So you could say Senderbase is pretty much neutral.
These are also the people who came up with Bonded Sender - a whitelist with an economic incentive to keep senders honest. So they're hardly new to the anti-spam world.
The controversy seems to be over IronPort's hardware: they sell mail servers. Big friggin' whoop.
I don't know if they still do, but for years, Cincinnati Microwave made both radar guns and radar detectors. They generated a technology war with better and better radar guns and more sensitive detectors. They seemed to have been very successful with this strategy.
Ironport's website mentions transaction confirmations as one of the uses, and that is certainly legit... when I order stuff online, I like to get an email confirming it, telling me it's been shipped, ect.
There are legitimate advertising emails. I buy alot of electronics, so I regularly get emails from companies I've bought stuff from in the past, and I'm glad I have - they have alerted me to some good sales.
To me, there is a huge difference from me getting an email from Compgeeks, TigerDirect, eCost, or another company that I've bought stuff from (and could opt out of if I want to) and getting emails to BUY DISCOUNT VIAGRA, or MEET CHRISTIAN SINGLES, or the like. If IronPort is doing the former, then that's fine by me. If the companies are using their stuff to do the latter, then there is a problem
I have blog like everyone else
Hi, this is Julian, the long-time owner of SpamCop.net. I must say I was a bit dissapointed in the NYT coverage of this.
;)
7 1.207.query.bondedsender.org has address 127.0.0.10l .spamcop.net has address 127.0.0.2
.. and here I was coming to slashdot to read the news and relax. Little did I know I'd be spending the next half hour writing this rebuttal ..
First of all, I was not *forced* to sell SpamCop to remain solvent. I am proud of the fact that I have been profitable since 1999. If anything, this deal makes SpamCop a charity case within Ironport. I still get paid of course
The NYT article quotes me as saying (referring back to my dead-tree version): "After a while, I found that this had become a job, and I had to find a way to make money from it". That quote was taken out of context - I was referring to my 1999 decision to take SpamCop commercial, not my 2003 decision to sell the *profitable* company to ironport.
It is true that the akamai bill is not cheap. But I think I would have survived the same way I have always done without selling the business. And that leads to my next point - I'm not cashing out. I will be with the company for the forseeable future, doing what I have always done - fighting spam! I sold it to ironport because I felt they would support my goals. They offered me a nice lump of cash, help with the non-spam-fighting part of the job (sysadmin, administrivia, lawyering, DDoS protection, etc.) and most important, a credible promise to let me keep it on-track.
The very fact that I am here talking about this, and expressing my doubts about bonded sender to the NYT should indicate that I'm not just rolling over here.
I don't control the bonded sender program and likewise the people who control it won't be calling the shots where SpamCop is concerned.
Oh, and BTW, I know ironport boxes are good for spamming. They're also good for sending (and also receiving) tons of legitimate mail. Noone with ironport has ever claimed that "our customers aren't spammers". Some might claim our *bonded sender members* aren't spammers, but that's a whole other kettle of fish.
Are we arming both sides? Sure! But as with all arms dealers, the real point is that we make the best weapons on the market! Don't like spam from ironport customers? Use the spamcop blacklist! If this were really some big conspiracy, would spamazon's IP be in both the spamcop blacklist and the ironport whitelist?
$ host 207.171.188.101
101.188.171.207.in-addr.arpa domain name pointer mm-outgoing-101.amazon.com.
$ host 101.188.171.207.query.bondedsender.org
101.188.1
$ host 101.188.171.207.bl.spamcop.net
101.188.171.207.b
(Note, the blacklist changes quickly over time, it was listed when I wrote this)
-=Julian "10 hot comments" Haight=-
Also note the "Spam Farmers" post, where AT&T is promoting "viral marketing" as a benefit to developers of their new mMode service.
--
make install -not war