UUNet Is The Number 1 Spam Host

An anonymous reader submits "Statistics for February have UUnet leading the Spamhaus top 10 worst Spam ISPs chart. The Register point out that ISPs like UUnet and Abovenet continue to host spammers despite advertising anti-spam AUPs." And the competition is probably wishing they had as much luck.

Spam doesn't matter to me

[(1337)+God]

Thanks to Mozilla + Bayesian filters.

Seriously, my life has changed for the better thanks to Open Source. I don't know what I'd do without it.

Re:Spam doesn't matter to me

[ssbljk]

problem is when it catchs important mail and then you have to check for 1 good in hundreds of bad ones

Re:Spam doesn't matter to me

[sporty]

Until the spam takes up so much bandwidth for you to download and filter.

Re:Spam doesn't matter to me

[ceejayoz]

The spammers seem to be able to circumvent the Bayesian filters nowadays - about half the spam now gets through Mozilla Thunderbird's. :-/

I suspect it's the practice of putting random words at the end of the e-mails that does it.

Re:Spam doesn't matter to me

[Pig+Hogger]

Spam doesn't matter to me
Thanks to Mozilla + Bayesian filters.

Are you sure? All your bayesian filters do is automatically "press delete" for you. But you **STILL** have to download the spam, and you **STILL** have to pay for the extra-bandwith you use to do so, and you **STILL** have to pay for the ISP's extra-bandwidth to carry all that spam for you in the first place, and you **STILL** have to pay for the disk space and your computer ressources that's are used to store the spam you don't see, as well as the ISP's ressources eaten-up by the spam.

Filtering is **NOT** the solution. Blocking spamsources at the origin **IS**.

Re:Spam doesn't matter to me

[koreth]

And without spam filtering, you'd still have to check for small numbers of good messages buried in a mountain of bad ones, only you'd have to do it every single day rather than just occasionally. This to me is a step forward, not a reason to avoid filtering.

Re:Spam doesn't matter to me

So how do you tell when you've gotten a good email that has been filtered? You still have to check.

Re:Spam doesn't matter to me

[RaymondRuptime]

I agree that blocking is preferable to filtering. Filtering is like solving gun violence by improving emergency room medicine.

However, as an interim step, it's better than not to have Bayesian filters and well-staffed ERs.

Re:Spam doesn't matter to me

[ssbljk]

all I want to say is that you can't trust filters 100%
it does not matter much to people who use e-mail to forward chain letters if they miss some message - but there are also people who run business which depends on e-mail (hey I don't mean on spammers) :) and they can't let themselves to miss it.

Re:Spam doesn't matter to me

[gklinger]

Sometimes I wonder if we'd "feel" a big difference in net responsiveness (browsing, file transfer, latency in online gaming, etc) if all spam stopped suddenly.

I was thinking about that the other day. Then I got to wondering how much CPU-time I was spending on spam filtering which led to my thinking about how much electricity I was using to filter spam. Then I started to think about all the electricity being used by computers moving the mail and routers between network points and so on. It didn't take long before my mind boggled.

Spam is often touted as being better than physical junk mail as it doesn't use all that paper. There are however, other costs. All that electricity has to be generated and that can't be good for the enviroment.

The next time someone says spam is a hassle but doesn't really cost them anything, remind them what went into getting that spam to them.

Re:Spam doesn't matter to me

[misleb]

all I want to say is that you can't trust filters 100% it does not matter much to people who use e-mail to forward chain letters if they miss some message - but there are also people who run business which depends on e-mail (hey I don't mean on spammers) :) and they can't let themselves to miss it.

I'd say I run about the same risk of accidentially deleting a non-spam message in a fenzy of spam deleting. You can't trust yourself 100% either. Alls I can say is that I love my Bayesian filter. :-P

Largest ISP?

[fewnorms]

Could this probably be because UUNet in my understanding is one of the largest ISP's?

Re:Largest ISP?

That may be part of it, but back when I worked as an abuse admin (in 1998) they didn't care much (we had a deal with them for our dial up customer to use their POPs in areas where we didn't have any) and near as I can tell that hasn't changed a bit. It's PC to have an anti-spam AUP, so they have one (and had one back then, too) but it's not profitable for them to enforce it.

Re:Largest ISP?

[koan_72]

They probably are, but resources that deal with abuse should grow proportionally with size, if you try to cut corners in that department, as in the case of UUnet, you end up with a bad reputation, and hopefully, a whole lot of IP address blocked. I know from experience when I was manually reporting spam, back in the day when the amount still permitted it, they took months of complaints sometime to drop a spammer, and it was usually due to being blocked by Spamhaus or Spews. Aren't the internet arm of Worldcom anyway? You see where they get their code of ethics.

Spam would not be a problem if all ISPs dealt efficiently with open proxies and spamvertised sites.

Re:Largest ISP?

[Arker]

(I know, I know. Spam is such a HUGE waste of time. You know what? Nobody has a gun to your head forcing you to use email. Sorry.)

EXCUSE ME? No one gave you permission to spam my email. It's theft, pure and simple. Theft of resources I've paid for, I own, and you have no rights to.

UUNet and Abovenet have been spammer friendly for ages, this is no news. The fact is they think they're big enough they're above the law, and act accordingly. They think they're too big to black-hole, and unfortunately they're right. If they aren't cut down to size the spammers will all end up at a handful of these huge companies and email will become completely unusable for any purpose. In the long run that will get rid of the spam problem, of course, but the cost is a bit high. Anyone who has a usable plan on how to cut these bastages down to size needs to speak up, and soon.

The internet infrastucture is far too important to allow any single entity to control such a huge chunk of it that they're immune to consequences.

Re:Largest ISP?

[zangdesign]

There is one other solution.

Block UUNet.

Give'm the death sentence. Sure, it's painful, but if enough people stop accepting traffic from UUNet and explain why, it should force them to enforce their policies.

Re:Largest ISP?

[chromatic]

You should have said straight out that you don't believe that I have the right to decide who can use my property. It would have saved time.

Re:Largest ISP?

[Arker]

It's not a slippery slope at all. Spam is email which is both bulk and unsolicited. The email system was never designed to accomodate such, and indeed cannot survive if it is allowed. If your email to me is unsolicited, that's fine - as long as it's not a bulk message being sent to thousands or millions of people at once. If it's a bulk message, that's fine too, as long as it's sent only to those that have solicited it. But when you combine both properties, sending in bulk to folks that have not explicitly requested to be on a mailing list to receive it, then it's spam.

Your numbers are, of course, incorrect. Spam mailers almost never pay for their bandwidth, the fact that you're trying to figure on that shows that you aren't actually familiar with the problem. They steal outgoing bandwidth almost without fail, and that's something pretty well impossible to stop. A spam-friendly ISP isn't one that allows them to send (this is not needed and rarely offered - spammers rely on throw-away accounts and zombied boxes taken over with trojans at no cost,) it's one that continues to host websites that are spam-vertised.

Re:Largest ISP?

[Arker]

I respectfully disagree. It doesn't matter one bit if it's commercial or not. It doesn't matter if I agree with the message or not. The key is it that it's unsolicited and bulk. This is key because once you allow unsolicited bulk emailings, you create a system where there is little to no extra cost to send to extra people, and it makes sense to send to as many as possible, Carry that somewhere near it's logical conclusions. Every business in the US sending one message a year to every email address is enough to destroy email as a useable media. Every nonprofit doing the same would have essentially the same effect. The point is that once you allow the use of email for unsolicited bulk mailing, you create an incentive to send so much email that no one will ever be able to find the messages they actually have their email accounts to receive.

I've been spammed by the Republicans, and the Democrats, by the Libertarians, by the Green Party and the Reform Party and the Socialist Workers Party and even by some group in Portugal whose dispatches I find difficult to decipher.

Some of these groups had my deepest sympathy. I still made sure each and every one felt the pain that comes with spamvertising. Why? Simple. If there isn't a consistent and reliable pain to be anticipated anytime you spam, commercial or not, then there is every incentive to send ads to everyone as often as possible until email becomes completely unusable. But, as long as some of us stand on our right not to be spammed, complain about it and insist politely but forcefully that those who spam us pay the price as outlined in the AUPs they agreed to, then the cost of Spam is not zero and this does not happen.

So no, I don't agree at all. UBE is Spam. Period. I don't care if they're political, commercial, or trying to raise money for crippled orphans. If you allow UBE you create the incentives that end e-mail as a usable system very shortly afterwards.

The trouble when you come to UUnet and Abovenet is that when you complain, they ignore you. Normally that means go to their upstream - well guess what, they have no upstream, for all intents and purposes they're it. If everybody else on the planet got together and blackholed them, it might work, but it would cause the rest of us almost as much pain as them. They're that big. They know it, and so unlike all the other ISPs they don't give a flying f$ck what their customers do, or what you think about it.

Got a solution to that problem? I'd love to hear it.

I know not

[ackthpt]

I know not where it comes from, but I know where it goes. About 500 pieces of it each day, most of it filtered. I have to wonder aloud, with such a deluge, do any of these fools pushing junk actually believe such an onslaught will generate business?

Re:I know not

[Kenja]

"I know not where it comes from, but I know where it goes. About 500 pieces of it each day, most of it filtered. I have to wonder aloud, with such a deluge, do any of these fools pushing junk actually believe such an onslaught will generate business?"

It DOES generate buisness, thats one of the problems. Stupid people are out there on the internet trying to make there "members" larger.

Re:I know not

[pangian]

Yes. They do. Therein lies the rub. Either:

1) Spamming does make money, because some idiots actually buy things from spammers;

2) People don't actually buy directly from spammers, but for marketers of some products (illicit, low yield) mainstream media just isn't an option, so the only way to make people aware that these products exist is through spam. (i.e. I may not buy herbal viagra, or dental insurance or an MBA directly from the people flooding my inbox, but now I know that I can buy these things online. If me and 100 of my neighbors search for these products later, at least a few will buy from the original spammer.

3) Professional spamming shops are doing a good job of convincing retailers that 1) and/or 2) are true.

Re:I know not

[ackthpt]

I just wish they would enforce that new law. The federal government took the time to make most harsher state laws moot, and now they arn't even doing anything to enforce their bullshit laws.

As one critic voiced it, on the BBC this morning, the current administration doesn't do anything until it's crisis. I wish that weren't true, maybe they are actually gathering up a pile of this trash and getting ready to haul in about 500 people, which should scare the bejeezus out of most of the rest. If Bush wants votes, this would probably be a good way to demonstrate how much he cares about the average american. [some figure in the news today puts the number of americans on the internet at 150 million, how many of that do you believe think spam is a problem?]

Re:I know not

[ackthpt]

A couple points of your hypothesis I'll contest.

1) I think the number of emails going out to generate the same return is going up as most people are wise to it.

2) The agent (Ralsky as one example) charges for the spam, probably could care less or is simply unable to meter success. All transactions are cash up front.

As the volume needs to increas and blocking comes into play there should be a cap. As my spam volume is still increasing, but the rate of increase is slowing I think we're approaching that cap.

Re:I know not

[Fnkmaster]

I think you're right. Even if nobody buys Viagra from a spam email, the first place anybody thinks of to get Viagra is online - why bother going to see a doctor, you can just Google for Viagra and buy online! It's interesting, the real benefit from a lot of spam would seem to be for the manufacturer who benefits from the brand-building and the awareness of an online market created (thus also benefitting those who rank high in Google results).

In fact, it would seem possible that some of the egregious violators may just be setting up phantom shops to spamvertize, which can be easily shut down, renamed, etc. while they keep a separate "clean" operation for harvesting search hits.

Or maybe spam just works and people really are buying from spammers.

It's all about the allmighty dollar

[teutonic_leech]

... or does anyone really think that these guys are NOT aware of this?

Not likely to happen anytime soon...

[Saeed+al-Sahaf]

...goes around. I'm sure when spam block become so vicious that ISP's like this are blocked off they will either go under or change their mind

I think it's pretty much been proven that this is wishful thinking. When a provider starts blocking large stretches of IP blocks owned by a particular ISP like UUNet, average users scream bloody murder. My prediction is UUNet will do nothing, and nothing will happen to UUNet. Sad but true.

Re:Not likely to happen anytime soon...

[ilctoh]

Correct. It is the ISP's responsibility to prevent SPAM at its source, not merely block users from it. Users are also responsibile for using available filtering technology, and being careful about giving out their email address (especially on personal web pages). Perhaps the most useful thing that any ISP can do right now is to provide an easily accessed and located "Anti-Spam Information Page", with instructions and suggestions for users of that ISP to control SPAM.

Re:grasping for customers

[MikeCapone]

UUNet is probably just trying to get as many customers as possible.

I'm not sure if this reasoning is sound if we're talking about regular accounts, unless spammers are paying for their bandwidth (a thing I expect they avoid doing at all cost).

A regular customer who checks email once a day should be a lot more profitable to a ISP than someone who sends spam all day long.

Of course things are probably different with commercial accounts... I'm not familiar with UUNet so I don't know if they are a commercial only ISP.

Re:How to stop spam.

[laymil]

On a slightly more serious note:

While I advocate extreme violence against spammers, I do feel that it is the responsibility of an ISP to stop spam at the source.

However, if the spammer is merely leasing an IP/Dedicated connection from the ISP, this involves placing restrictions on the actual line - which isn't called for.

In essence, if you are leasing directly from an upstream provider, they aren't so much an ISP in that case. If the customer was grandfathered in under an old contract, the provider could be left without any legal recourse against the person.

However, if a customer is in violation of their AUP and the AUP was agreed upon at the initiation of the transaction (leasing the line, buying the connection, etc), then the ISP should be held to enforcing that, be it by terminating service or installing filters, etc.

I suppose the most difficult thing is when someone leases a line to run a dedicated server serving legitimate mailing lists, etc.

This becomes a case of "How Draconian do you want your ISP to be?"

I know I can deal with the spam. I hate it, but I'd rather deal with spam than be incredibly restricted by my AUP.

So why are there still customers?

[lavalyn]

Large portions of UUNet have been listed by the various anti-spam blacklists, such as Spamhaus, and all of UUNet is blacklisted in SPEWS. These providers are the scum of the Earth. They will delay, misdirect, and outright lie to keep their sweet large contracts with the spammers, at the expense of all their other customers.

Do you want to put your faith in a business that is indirectly lining the pockets of spammers?

Re:So why are there still customers?

[Pig+Hogger]

4. The SPEWS people are generally regarded as a bunch of hypocritical zealots. Very few people use them and very few people care what they say.

Only a spammer would talk like that.

Re:So why are there still customers?

[AndroidCat]

Entire countries, where the country has an ISP monoculture. Besides SPEWS is only a tool. You can either whitelist ranges, or you can add them where you think SPEWS isn't firm enough.

I see the 10% figure waved frequently by sock-puppets on nanae. I also see an amazing pulse in the anonymous coward posts on spam issues. Interesting.

Re:Clue

[neiffer]

This is what makes acts like the CANSPAM act so silly. Does anyone really think we'll be able to deal with it, legally or otherwise, until we have the technology implimented to do so?

Do they use stolen credit cards regularly?

[enosys]

Do they use stolen credit cards regularly? I wouldn't think so. You can get away with spam a lot of the time without legal conseqences but credit card fraud is another matter. Wouldn't any spammer that did this sort of thing get caught fast? Or do they go through chained proxies to do it all and regularly get away with it?

Um, are these results weighted?

[netik]

Before this debate gets too out of hand, has anyone weighted amount of spam vs. size of network?

UUNet is a large, large carrier with many networks globally. Are they the worst spammer because they have the most network entry/exit points, or are they unfairly attacked here because they are just large?

Re:Um, are these results weighted?

[Mesaeus]

UUnet is not being attacked because of the number of spam originating from its networks, but because of the large number of KNOWN spamgangs STILL residing on their network after literally thousands upon thousands of complaints. Some of the spammers haven been there for over TEN MONTHS now.
This leaves us with two possible scenarios to explain this :

1) UUNet is a spamhaus and will host spammers as long as they pay.
2) UUNet is dead set against spam, however somehow their abuse department has never read all the complaints, including ten month old ones. Maybe they got "lost in traffic or stuff". Or maybe those poor abuse department people are overworked ? Or just plain DEAD ? After all this silence you start to wonder...

Re:What comes around...

[taustin]

Unfortunately, UUNet is Worldcom, and they handle something like 50% of all internet traffic at some point. They could block the entire rest of the internet easier than we could block them.

Re:What comes around...

[taustin]

Or... we might help accelerate that process. What if filtered spam was "returned" to the sender?

How do you identify the sender? The From: address is forged, the envelope MAIL FROM: is forged, the Reply-To: if forged, and in most cases, the originating IP address (the only one you can count on) is a virus infected zombie.

Granted this would put extra load on all of our own ISP email servers, but it would put a MUCH greater load on the ISP's who host the spammers.

No. All it will do is bombard some innocent victim (probably somebody who complained about spam to the spammer's ISP) with thousands - or millions - of emails that they were not reponsible for. That means that you are part of the attack,, part of the problem.

It's one thing to send out 1million spam messages on your server, but to have to deal with all of those emails coming right back at them...

Which is precisely why spammers forge all identifying information they possibly can, and why your plan will make spam worse, not better.

Re:ATTBI.COM!!!!!!

[drinkypoo]

Comcast is a joke, and not a funny one, hence many people have not been transitioned from attbi.com addresses to comcast.net ones.

Re:What comes around...

[chimpo13]

I love, love, LOVE getting tons of messages bounced back from when one of my domain names gets used as the From in spam. Or when I get MS virus' bounced back saying "You sent a virus" even though I'm not running microsoft.

But it does sound good on paper.

Re:Give spammers their own IP range

[bigberk]

UUNet should give known spammers on their network their own IP range

Are you kidding me? UUNet should boot known spammers from their network. Sheesh. ISPs get bad reputations precisely because they do what you describe (tolerate spammers and try to manage around them).

This is a problem with all top-tier providers

[humankind]

I am a UUNet/Worldcom customer and have multiple pipes to my network from their backbone. I think they have one of the best-performing backbones on the Internet.

Unfortunately, while I am happy with UUNet's performance and stability, I am even more unhappy with their apathy towards their network being clogged by spam traffic. And at least 40% of the bandwidth I pay for is consumed by unwanted UCE, so they actually profit from this crap. As a result, there's not much incentive for them to address it. And I have to grudgingly pass these expenses on to my customers.

But UUNet is not any different from other top-tier ISPs. They hide behind the "common carrier" metaphor, using it as an excuse to justify a large portion of the bandwidth they sell to others which is unuseable due to spamming.

I can't help but think if I ordered a telephone line, and 40-60% of the time I had "noise" interfereing with my ability to communicate, that the phone company would be obligated to resolve the situation. Unfortunately, with ISPs, there doesn't seem to be anyone at the top that really gives a damn, nor any incentive on their part to address the situation.

Re:Give spammers their own IP range

[Sylver+Dragon]

Actually, the idea is a great one, which will never work. Stick all of the spammers in a known IP range, great. Now everyone simply rejects all mail from that IP range, and the world is happy. Problem is, eventually, some ISP is going to get it in thier head that they can squeeze a few more dollars out of the system by offering a "premium" spamming package. This gives the spammer an IP outside the listed spammer range, and allows them to spam to thier black heart's content.
As good as it sounds to put all of the spammers in a box, which we can each shut the lid on, it won't hold. The ISP's will see too much money to be made from allowing spammers outside the box, and then we end up back where we are now.
Nope, the only solution to this problem is going to be a technological one. Fortunatlly, the technology we need has been around since the first days of man, the club. Applied liberally about the head and sholders of every confirmed spammer in the world, we should see a drop in the amount of spam we see.

Re:What comes around...

[pinheadcelt]

!THWACK!

No, you weren't paying attention. Nowadays, lots of spam comes from zombied machines. While these tend to be run by idiots, they're still an innocent third party.

OTOH, I can see sending this back to the corporate mail servers of some of the large ISPs hosting these zombied machines and refusing to cut them off from the 'net.

I've seen zombied machines left on the net for *months*. I'm still seeing my servers hit from machines that were infected *last year*. This is pure laziness on the part of the ISPs hosting these morons. Their accounts should have been yanked long ago. I won't mention names (**comcast** cough cough), but this smacks of gross negligence.

I work at a Data Center.

[readpunk]

The issue of spammers is fairly unrelated to the different major bandwidth suppliers. We have three different providers here and spammers rarely request or care which network we put them on. They just want to get their 1.5 day's of major spamming done before we shut them down. The issue is what is going on at data centers to stop spammers quickly and what is being done on the internet to make spamming unprofitable.

Slashdotting spam domains ...

[thrillseeker]

nearly all spams contain a link to somewhere

Perhaps this would hurt spammers the only place that counts - in the pocketbook. When a message is confirmed as spam then have a filter extract all the urls from the message and place them in a file. Have an hourly cron job visit that list of urls and download using wget everything at that url and all of it's subfolders - and delete the files after downloading - and bypass the proxy if you have one - these are all wget options. Have the hourly cron job keep only the last 10,000 or so urls so that there is some semblance of only downloading current spam urls.

This process, if followed by millions of spam haters (perhaps we could have a public spam url website that would let people fetch a hundred urls at a time to work on that we could upload our own spam urls to), would apply the slashdot-effect to all the spammers. Bandwidth costs money for them - it's the only way to make 'em stop.

Major Consideration in Choosing a Web Host

[JeffHeatonDotCom]

The spammyness of your web hosting ISP can be a major factor. When you sign up with a host company, either dedicated or shared, you are assigned an IP address from their "pool". If you get an IP from a former spammer life is not good!

I got an IP address that was blacked listed by SPEWS once. Much of my email would not work and the web host company would not change my IP. They suggested I contact SPEWS. I later learned that the host company was a spammer magnet and I was not alone. I switched companies and all is well.

Jeff

Two words: JOE JOB

[Mal-2]

How do you know that the company or site named had any thing to do with the spam? If putting an URL in a mass-mailing is enough to get the owners of that URL punished (financially or legally), then you will see joe-job spam used as yet another means to harrass uninvolved third parties.

Mal-2

One has to wonder...

[buss_error]

The Register point out that ISPs like UUnet and Abovenet continue to host spammers despite advertising anti-spam AUPs."

Gee, isn't it deceptive trade to say one thing and do another? Is failure to enforce a published contract, saying that everyone has to abide by it fraudulant?

On the email servers I manage, UUNet, Level3, Shaw, Cox, and Above.net are all almost completely blocked. The bounce message says "This site does not accept email by default from your current ISP. Please call xxx-xxx-xxxx to request whitelisting."

I love it when spammers call and try to get whitelisted. Like I've never heard of SpamCop, SpamHaus, SPEWS or News.Admin.Net-Abuse.Sightings...