UUNet Is The Number 1 Spam Host
An anonymous reader submits "Statistics for February have UUnet leading the Spamhaus top 10 worst Spam ISPs chart. The Register point out that ISPs like UUnet and Abovenet continue to host spammers despite advertising anti-spam AUPs." And the competition is probably wishing they had as much luck.
It DOES generate buisness, thats one of the problems. Stupid people are out there on the internet trying to make there "members" larger.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
I think it's pretty much been proven that this is wishful thinking. When a provider starts blocking large stretches of IP blocks owned by a particular ISP like UUNet, average users scream bloody murder. My prediction is UUNet will do nothing, and nothing will happen to UUNet. Sad but true.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
That may be part of it, but back when I worked as an abuse admin (in 1998) they didn't care much (we had a deal with them for our dial up customer to use their POPs in areas where we didn't have any) and near as I can tell that hasn't changed a bit. It's PC to have an anti-spam AUP, so they have one (and had one back then, too) but it's not profitable for them to enforce it.
On a slightly more serious note:
While I advocate extreme violence against spammers, I do feel that it is the responsibility of an ISP to stop spam at the source.
However, if the spammer is merely leasing an IP/Dedicated connection from the ISP, this involves placing restrictions on the actual line - which isn't called for.
In essence, if you are leasing directly from an upstream provider, they aren't so much an ISP in that case. If the customer was grandfathered in under an old contract, the provider could be left without any legal recourse against the person.
However, if a customer is in violation of their AUP and the AUP was agreed upon at the initiation of the transaction (leasing the line, buying the connection, etc), then the ISP should be held to enforcing that, be it by terminating service or installing filters, etc.
I suppose the most difficult thing is when someone leases a line to run a dedicated server serving legitimate mailing lists, etc.
This becomes a case of "How Draconian do you want your ISP to be?"
I know I can deal with the spam. I hate it, but I'd rather deal with spam than be incredibly restricted by my AUP.
problem is when it catchs important mail and then you have to check for 1 good in hundreds of bad ones
/ss
Do they use stolen credit cards regularly? I wouldn't think so. You can get away with spam a lot of the time without legal conseqences but credit card fraud is another matter. Wouldn't any spammer that did this sort of thing get caught fast? Or do they go through chained proxies to do it all and regularly get away with it?
Yes. They do. Therein lies the rub. Either:
1) Spamming does make money, because some idiots actually buy things from spammers;
2) People don't actually buy directly from spammers, but for marketers of some products (illicit, low yield) mainstream media just isn't an option, so the only way to make people aware that these products exist is through spam. (i.e. I may not buy herbal viagra, or dental insurance or an MBA directly from the people flooding my inbox, but now I know that I can buy these things online. If me and 100 of my neighbors search for these products later, at least a few will buy from the original spammer.
3) Professional spamming shops are doing a good job of convincing retailers that 1) and/or 2) are true.
Before this debate gets too out of hand, has anyone weighted amount of spam vs. size of network?
UUNet is a large, large carrier with many networks globally. Are they the worst spammer because they have the most network entry/exit points, or are they unfairly attacked here because they are just large?
Or... we might help accelerate that process. What if filtered spam was "returned" to the sender?
How do you identify the sender? The From: address is forged, the envelope MAIL FROM: is forged, the Reply-To: if forged, and in most cases, the originating IP address (the only one you can count on) is a virus infected zombie.
Granted this would put extra load on all of our own ISP email servers, but it would put a MUCH greater load on the ISP's who host the spammers.
No. All it will do is bombard some innocent victim (probably somebody who complained about spam to the spammer's ISP) with thousands - or millions - of emails that they were not reponsible for. That means that you are part of the attack,, part of the problem.
It's one thing to send out 1million spam messages on your server, but to have to deal with all of those emails coming right back at them...
Which is precisely why spammers forge all identifying information they possibly can, and why your plan will make spam worse, not better.
They probably are, but resources that deal with abuse should grow proportionally with size, if you try to cut corners in that department, as in the case of UUnet, you end up with a bad reputation, and hopefully, a whole lot of IP address blocked. I know from experience when I was manually reporting spam, back in the day when the amount still permitted it, they took months of complaints sometime to drop a spammer, and it was usually due to being blocked by Spamhaus or Spews. Aren't the internet arm of Worldcom anyway? You see where they get their code of ethics.
Spam would not be a problem if all ISPs dealt efficiently with open proxies and spamvertised sites.
Filtering is **NOT** the solution. Blocking spamsources at the origin **IS**.
I am a UUNet/Worldcom customer and have multiple pipes to my network from their backbone. I think they have one of the best-performing backbones on the Internet.
Unfortunately, while I am happy with UUNet's performance and stability, I am even more unhappy with their apathy towards their network being clogged by spam traffic. And at least 40% of the bandwidth I pay for is consumed by unwanted UCE, so they actually profit from this crap. As a result, there's not much incentive for them to address it. And I have to grudgingly pass these expenses on to my customers.
But UUNet is not any different from other top-tier ISPs. They hide behind the "common carrier" metaphor, using it as an excuse to justify a large portion of the bandwidth they sell to others which is unuseable due to spamming.
I can't help but think if I ordered a telephone line, and 40-60% of the time I had "noise" interfereing with my ability to communicate, that the phone company would be obligated to resolve the situation. Unfortunately, with ISPs, there doesn't seem to be anyone at the top that really gives a damn, nor any incentive on their part to address the situation.
Perhaps this would hurt spammers the only place that counts - in the pocketbook. When a message is confirmed as spam then have a filter extract all the urls from the message and place them in a file. Have an hourly cron job visit that list of urls and download using wget everything at that url and all of it's subfolders - and delete the files after downloading - and bypass the proxy if you have one - these are all wget options. Have the hourly cron job keep only the last 10,000 or so urls so that there is some semblance of only downloading current spam urls.
This process, if followed by millions of spam haters (perhaps we could have a public spam url website that would let people fetch a hundred urls at a time to work on that we could upload our own spam urls to), would apply the slashdot-effect to all the spammers. Bandwidth costs money for them - it's the only way to make 'em stop.
I agree that blocking is preferable to filtering. Filtering is like solving gun violence by improving emergency room medicine.
However, as an interim step, it's better than not to have Bayesian filters and well-staffed ERs.
The spammyness of your web hosting ISP can be a major factor. When you sign up with a host company, either dedicated or shared, you are assigned an IP address from their "pool". If you get an IP from a former spammer life is not good!
I got an IP address that was blacked listed by SPEWS once. Much of my email would not work and the web host company would not change my IP. They suggested I contact SPEWS. I later learned that the host company was a spammer magnet and I was not alone. I switched companies and all is well.
Jeff
How do you know that the company or site named had any thing to do with the spam? If putting an URL in a mass-mailing is enough to get the owners of that URL punished (financially or legally), then you will see joe-job spam used as yet another means to harrass uninvolved third parties.
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.