UUNet Is The Number 1 Spam Host
An anonymous reader submits "Statistics for February have UUnet leading the Spamhaus top 10 worst Spam ISPs chart. The Register point out that ISPs like UUnet and Abovenet continue to host spammers despite advertising anti-spam AUPs." And the competition is probably wishing they had as much luck.
Could this probably be because UUNet in my understanding is one of the largest ISP's?
Veni, Vidi, Velcro!
I know not where it comes from, but I know where it goes. About 500 pieces of it each day, most of it filtered. I have to wonder aloud, with such a deluge, do any of these fools pushing junk actually believe such an onslaught will generate business?
A feeling of having made the same mistake before: Deja Foobar
I think it's pretty much been proven that this is wishful thinking. When a provider starts blocking large stretches of IP blocks owned by a particular ISP like UUNet, average users scream bloody murder. My prediction is UUNet will do nothing, and nothing will happen to UUNet. Sad but true.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
UUNet is probably just trying to get as many customers as possible.
I'm not sure if this reasoning is sound if we're talking about regular accounts, unless spammers are paying for their bandwidth (a thing I expect they avoid doing at all cost).
A regular customer who checks email once a day should be a lot more profitable to a ISP than someone who sends spam all day long.
Of course things are probably different with commercial accounts... I'm not familiar with UUNet so I don't know if they are a commercial only ISP.
Treehugger? Treehugger... Treehugger!
On a slightly more serious note:
While I advocate extreme violence against spammers, I do feel that it is the responsibility of an ISP to stop spam at the source.
However, if the spammer is merely leasing an IP/Dedicated connection from the ISP, this involves placing restrictions on the actual line - which isn't called for.
In essence, if you are leasing directly from an upstream provider, they aren't so much an ISP in that case. If the customer was grandfathered in under an old contract, the provider could be left without any legal recourse against the person.
However, if a customer is in violation of their AUP and the AUP was agreed upon at the initiation of the transaction (leasing the line, buying the connection, etc), then the ISP should be held to enforcing that, be it by terminating service or installing filters, etc.
I suppose the most difficult thing is when someone leases a line to run a dedicated server serving legitimate mailing lists, etc.
This becomes a case of "How Draconian do you want your ISP to be?"
I know I can deal with the spam. I hate it, but I'd rather deal with spam than be incredibly restricted by my AUP.
problem is when it catchs important mail and then you have to check for 1 good in hundreds of bad ones
/ss
Do they use stolen credit cards regularly? I wouldn't think so. You can get away with spam a lot of the time without legal conseqences but credit card fraud is another matter. Wouldn't any spammer that did this sort of thing get caught fast? Or do they go through chained proxies to do it all and regularly get away with it?
Before this debate gets too out of hand, has anyone weighted amount of spam vs. size of network?
UUNet is a large, large carrier with many networks globally. Are they the worst spammer because they have the most network entry/exit points, or are they unfairly attacked here because they are just large?
Or... we might help accelerate that process. What if filtered spam was "returned" to the sender?
How do you identify the sender? The From: address is forged, the envelope MAIL FROM: is forged, the Reply-To: if forged, and in most cases, the originating IP address (the only one you can count on) is a virus infected zombie.
Granted this would put extra load on all of our own ISP email servers, but it would put a MUCH greater load on the ISP's who host the spammers.
No. All it will do is bombard some innocent victim (probably somebody who complained about spam to the spammer's ISP) with thousands - or millions - of emails that they were not reponsible for. That means that you are part of the attack,, part of the problem.
It's one thing to send out 1million spam messages on your server, but to have to deal with all of those emails coming right back at them...
Which is precisely why spammers forge all identifying information they possibly can, and why your plan will make spam worse, not better.
I love, love, LOVE getting tons of messages bounced back from when one of my domain names gets used as the From in spam. Or when I get MS virus' bounced back saying "You sent a virus" even though I'm not running microsoft.
But it does sound good on paper.
riding round the world on an old motorcycle
Filtering is **NOT** the solution. Blocking spamsources at the origin **IS**.
And without spam filtering, you'd still have to check for small numbers of good messages buried in a mountain of bad ones, only you'd have to do it every single day rather than just occasionally. This to me is a step forward, not a reason to avoid filtering.
I am a UUNet/Worldcom customer and have multiple pipes to my network from their backbone. I think they have one of the best-performing backbones on the Internet.
Unfortunately, while I am happy with UUNet's performance and stability, I am even more unhappy with their apathy towards their network being clogged by spam traffic. And at least 40% of the bandwidth I pay for is consumed by unwanted UCE, so they actually profit from this crap. As a result, there's not much incentive for them to address it. And I have to grudgingly pass these expenses on to my customers.
But UUNet is not any different from other top-tier ISPs. They hide behind the "common carrier" metaphor, using it as an excuse to justify a large portion of the bandwidth they sell to others which is unuseable due to spamming.
I can't help but think if I ordered a telephone line, and 40-60% of the time I had "noise" interfereing with my ability to communicate, that the phone company would be obligated to resolve the situation. Unfortunately, with ISPs, there doesn't seem to be anyone at the top that really gives a damn, nor any incentive on their part to address the situation.
The issue of spammers is fairly unrelated to the different major bandwidth suppliers. We have three different providers here and spammers rarely request or care which network we put them on. They just want to get their 1.5 day's of major spamming done before we shut them down. The issue is what is going on at data centers to stop spammers quickly and what is being done on the internet to make spamming unprofitable.
./revolution
Perhaps this would hurt spammers the only place that counts - in the pocketbook. When a message is confirmed as spam then have a filter extract all the urls from the message and place them in a file. Have an hourly cron job visit that list of urls and download using wget everything at that url and all of it's subfolders - and delete the files after downloading - and bypass the proxy if you have one - these are all wget options. Have the hourly cron job keep only the last 10,000 or so urls so that there is some semblance of only downloading current spam urls.
This process, if followed by millions of spam haters (perhaps we could have a public spam url website that would let people fetch a hundred urls at a time to work on that we could upload our own spam urls to), would apply the slashdot-effect to all the spammers. Bandwidth costs money for them - it's the only way to make 'em stop.
I agree that blocking is preferable to filtering. Filtering is like solving gun violence by improving emergency room medicine.
However, as an interim step, it's better than not to have Bayesian filters and well-staffed ERs.
all I want to say is that you can't trust filters 100% :) and they can't let themselves to miss it.
it does not matter much to people who use e-mail to forward chain letters if they miss some message - but there are also people who run business which depends on e-mail (hey I don't mean on spammers)
/ss
The spammyness of your web hosting ISP can be a major factor. When you sign up with a host company, either dedicated or shared, you are assigned an IP address from their "pool". If you get an IP from a former spammer life is not good!
I got an IP address that was blacked listed by SPEWS once. Much of my email would not work and the web host company would not change my IP. They suggested I contact SPEWS. I later learned that the host company was a spammer magnet and I was not alone. I switched companies and all is well.
Jeff
How do you know that the company or site named had any thing to do with the spam? If putting an URL in a mass-mailing is enough to get the owners of that URL punished (financially or legally), then you will see joe-job spam used as yet another means to harrass uninvolved third parties.
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
I was thinking about that the other day. Then I got to wondering how much CPU-time I was spending on spam filtering which led to my thinking about how much electricity I was using to filter spam. Then I started to think about all the electricity being used by computers moving the mail and routers between network points and so on. It didn't take long before my mind boggled.
Spam is often touted as being better than physical junk mail as it doesn't use all that paper. There are however, other costs. All that electricity has to be generated and that can't be good for the enviroment.
The next time someone says spam is a hassle but doesn't really cost them anything, remind them what went into getting that spam to them.