Slashdot Mirror
UUNet Is The Number 1 Spam Host
An anonymous reader submits "Statistics for February have UUnet leading the Spamhaus top 10 worst Spam ISPs chart. The Register point out that ISPs like UUnet and Abovenet continue to host spammers despite advertising anti-spam AUPs." And the competition is probably wishing they had as much luck.
...goes around. I'm sure when spam block become so vicious that ISP's like this are blocked off they will either go under or change their mind
Rus
Cheap UK and US VPS
The easiest way to stop spam is as follows:
Step 1: Buy an aluminum baseball bat.
Step 2: Find spammer.
Step 3: Beat spammer with aluminum baseball bat.
Step 4: Sell what is left of spammer to Hormel, makers of spam.
Step 5: Deposit money into legal fund for defense against spam. (Baseball bat Distribution center)
UU carries 50% of the US's total Internet traffic and 90% of its e-mail. It makes an easy target.
It DOES generate buisness, thats one of the problems. Stupid people are out there on the internet trying to make there "members" larger.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
It's indeed possible to catch most of it with good filtering (I get over a hundred a day and catch about 95% of it -- but I'm using a webmail account so I don't have control over the filtering), but it's still clogging up the net and wasting everybody's bandwidth.
Sometimes I wonder if we'd "feel" a big difference in net responsiveness (browsing, file transfer, latency in online gaming, etc) if all spam stopped suddenly. Probably.
Treehugger? Treehugger... Treehugger!
Spammers can sneak into even the most STRINGENT anti-spam ISP network. A stolen credit card that works only once gets a spammer an account that can deliver many thousands of letters before they're shut down. UUnet isn't spam-friendly anymore than Rackspace is spam-friendly. Spam is going nowhere until good authentication techniques are implemented internet-wide.
Big ISPs which can afford to lose customers talk shit and do nothing. You know as well as I do that it's going to be us, the end-users, who have to be proactive about this. These ISPs don't give a fuck. They're probably run by cable school drop-outs.
I think it's pretty much been proven that this is wishful thinking. When a provider starts blocking large stretches of IP blocks owned by a particular ISP like UUNet, average users scream bloody murder. My prediction is UUNet will do nothing, and nothing will happen to UUNet. Sad but true.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
That may be part of it, but back when I worked as an abuse admin (in 1998) they didn't care much (we had a deal with them for our dial up customer to use their POPs in areas where we didn't have any) and near as I can tell that hasn't changed a bit. It's PC to have an anti-spam AUP, so they have one (and had one back then, too) but it's not profitable for them to enforce it.
problem is when it catchs important mail and then you have to check for 1 good in hundreds of bad ones
/ss
Its time for ISP's to take responsiblity for the shit that they host. Didint Gates say that spam will be dead by 2006? ( http://www.cbsnews.com/stories/2004/01/24/tech/mai n595595.shtml). Time to start breaking down doors Bill. I guess he could just use a backdoor in to the spammers running windows.
Do they use stolen credit cards regularly? I wouldn't think so. You can get away with spam a lot of the time without legal conseqences but credit card fraud is another matter. Wouldn't any spammer that did this sort of thing get caught fast? Or do they go through chained proxies to do it all and regularly get away with it?
Yes. They do. Therein lies the rub. Either:
1) Spamming does make money, because some idiots actually buy things from spammers;
2) People don't actually buy directly from spammers, but for marketers of some products (illicit, low yield) mainstream media just isn't an option, so the only way to make people aware that these products exist is through spam. (i.e. I may not buy herbal viagra, or dental insurance or an MBA directly from the people flooding my inbox, but now I know that I can buy these things online. If me and 100 of my neighbors search for these products later, at least a few will buy from the original spammer.
3) Professional spamming shops are doing a good job of convincing retailers that 1) and/or 2) are true.
Before this debate gets too out of hand, has anyone weighted amount of spam vs. size of network?
UUNet is a large, large carrier with many networks globally. Are they the worst spammer because they have the most network entry/exit points, or are they unfairly attacked here because they are just large?
Check again. When WorldCom filed for bankruptcy they changed the name back to MCI.
A feeling of having made the same mistake before: Deja Foobar
At issue is the business model for interconnection agreements between carriers. When an IP carrier interconnects with another, the basic metric to see who pays whom and how much is the download/upload ratio of the connecting carrier. Peering (at-cost interconnects) is only granted to carriers with whom there is a level upload/download ratio.
So if you're an IP carrier with no or little hosting on your network, you mostly download from your interconnects. Therefore you pay more to interconnect with the big IP backbones like UUnet.
If you're UUnet, there is an economic incentive for you to host spammers, because it boosts your upload; therefore you pay less (or, in the case of UUnet, get more money) on interconnects.
If I was UUnet, I don't see why I would waste money on fighting spammers who (1) are my customers and (2) increase my bottom line by boosting upload at interconnects.
By considering all packets to be equal on the backbone, you're averaging "unwanted" traffic vs. "useful" traffic such as web traffic (aka porn). The side effect of this is, you're paying for spam with your Internet connection.
Oh the irony...
I particularly enjoy the "Ads by Google" in the banner at right of the article, for
Bulk Mailer
Reach 500,000 opt-in recipients
and Bulk Email List
Low Cost Bulk Email Marketing Full Email Reports.
They probably are, but resources that deal with abuse should grow proportionally with size, if you try to cut corners in that department, as in the case of UUnet, you end up with a bad reputation, and hopefully, a whole lot of IP address blocked. I know from experience when I was manually reporting spam, back in the day when the amount still permitted it, they took months of complaints sometime to drop a spammer, and it was usually due to being blocked by Spamhaus or Spews. Aren't the internet arm of Worldcom anyway? You see where they get their code of ethics.
Spam would not be a problem if all ISPs dealt efficiently with open proxies and spamvertised sites.
Yeah, spammers are also using HTML tags, eg viagra, which in a HTML-enabled email client will just show viagra, but this kills a lot of filter. these guys are trying out another approach to deal with this though.
Rock that crushes, Paper & Scissors that don't matter.
My experience with UUNet:-
1. In 2000 a spammer in Louisiana forges one of my domains in spam runs sent via UUNet - I get tens of thousands of bounces and hundreds of complaints.
2. I complain to UUNet - no action.
3. I phone UUNet security as the runs are being sent - no action.
4. Every weekend for 2 months this happens and I get sick of it.
5. I start to autobounce all this junk back to abuse@uunet.com.
6. Spammer sends a run using a different ISP.
7. UUNet gets really pissed that I bounce 1000 mails to abuse@uunet.com which didn't originate from their network (with some justification).
8. UUNet block all access from my class C to their servers.
9. The spam runs sent via UUNet continue....
Forward to 2004, I still can't send mail to uunet.com!
Filtering is **NOT** the solution. Blocking spamsources at the origin **IS**.
Hehheh, at the bottom of that page:
This site is protected by The Do-Not-Slashdot ACT 1996
I suffer from attention surplus disorder.
I am a UUNet/Worldcom customer and have multiple pipes to my network from their backbone. I think they have one of the best-performing backbones on the Internet.
Unfortunately, while I am happy with UUNet's performance and stability, I am even more unhappy with their apathy towards their network being clogged by spam traffic. And at least 40% of the bandwidth I pay for is consumed by unwanted UCE, so they actually profit from this crap. As a result, there's not much incentive for them to address it. And I have to grudgingly pass these expenses on to my customers.
But UUNet is not any different from other top-tier ISPs. They hide behind the "common carrier" metaphor, using it as an excuse to justify a large portion of the bandwidth they sell to others which is unuseable due to spamming.
I can't help but think if I ordered a telephone line, and 40-60% of the time I had "noise" interfereing with my ability to communicate, that the phone company would be obligated to resolve the situation. Unfortunately, with ISPs, there doesn't seem to be anyone at the top that really gives a damn, nor any incentive on their part to address the situation.
You **CAN** convey **EMPHASIS** with just bold or CAPITALS.
nearly all spams contain a link to somewhere. I just filter out the domains those links go to since no legitimate e-mail will contain a link to those domains. You also can't hide the destination of a link if you don't leave the harvesting solely up to an automated system.
Takes care of most of the spam. And it costs spammers money every time they get a new domain so I can deal with what little spam gets through before the filter is updated. I've put hundreds of domains in my Mercury Mail filter which equals thousands of dollars worth of domains that are now useless for sending spam through my mail server. And it doesn't matter how distorted the header or body is. The domain can't be distorted or it won't work as a link.
Ben
Work Safe Porn
Perhaps this would hurt spammers the only place that counts - in the pocketbook. When a message is confirmed as spam then have a filter extract all the urls from the message and place them in a file. Have an hourly cron job visit that list of urls and download using wget everything at that url and all of it's subfolders - and delete the files after downloading - and bypass the proxy if you have one - these are all wget options. Have the hourly cron job keep only the last 10,000 or so urls so that there is some semblance of only downloading current spam urls.
This process, if followed by millions of spam haters (perhaps we could have a public spam url website that would let people fetch a hundred urls at a time to work on that we could upload our own spam urls to), would apply the slashdot-effect to all the spammers. Bandwidth costs money for them - it's the only way to make 'em stop.
I agree that blocking is preferable to filtering. Filtering is like solving gun violence by improving emergency room medicine.
However, as an interim step, it's better than not to have Bayesian filters and well-staffed ERs.
The MCI / UUnet thing is mostly internal politics but also a little bit business related. You can get 2 internet circuits or 2 frame relay connections from the company and have it go over 2 different networks for diversity. One would run on the MCI network, the other would run on the UUnet network. This gear is supposed to be completely separate.
Also they dont monitor your traffic, can you imagine the logs that would create. They only contact you about spam (or whatever else) if someone complains to them about something coming from your IPs.
The spammyness of your web hosting ISP can be a major factor. When you sign up with a host company, either dedicated or shared, you are assigned an IP address from their "pool". If you get an IP from a former spammer life is not good!
I got an IP address that was blacked listed by SPEWS once. Much of my email would not work and the web host company would not change my IP. They suggested I contact SPEWS. I later learned that the host company was a spammer magnet and I was not alone. I switched companies and all is well.
Jeff
The major ISPs charge in a metered fashion. That means all their customers pay by the MB, GB, etc. A spammer who uses bandwidth to send spam is going to pay for all that data - but so will the end user in the ISP's system. The ISP knows that spam is an issue, but it provides them with zero-maintenance traffic, constantly running up the user's 'meter'. In a capitalist society, profit is always the motive. The ISP doesn't just charge you what the bandwidth costs them... They add a percentage that equals profit. [Begin technically inaccurate but wholly educational example] XISP has a fixed cost of 10 cents per Gigabyte of traffic, upstream or down. They charge 12.5 cents per Gig. Spammer_X sends out 20GB of spam. He pays the ISP $2.50 for that privilege. Since cost was $2, they made 50 cents. Now, assume that the mail is primarily directed at ISPs who lease lines from XISP, and who pay that same 12.5 cents per Gig. If they get 60% of the downstream covered, they'll be able to make another $1.50 off the traffic they originated. So for transferring 20GB across their own network, they made $4 on something that cost them $2. THAT is why the "Common Carriers" take their time getting rid of spammers. The longer they can let the guy spew his mail, the more 'incidental revenue' they can scrape together.
Self-referential sigs are rarely entertaining.
How do you know that the company or site named had any thing to do with the spam? If putting an URL in a mass-mailing is enough to get the owners of that URL punished (financially or legally), then you will see joe-job spam used as yet another means to harrass uninvolved third parties.
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.