Slashdot Mirror
On Futureproofing Spamhaus
BMcWilliams writes "Spamhaus director Steve Linford announced a new funding plan Tuesday. According to Linford's announcement, large ISPs and big corporate users of the Spamhaus zone transfer service (renamed the Spamhaus Data Feed Service) will be required to pay an annual subscription fee ranging between $190 and $14,500.(The free public-query mirrors will continue to exist.) The point of the new plan is to ensure that 'the millions of users who rely on our anti-spam systems can be assured we'll be here for as long as spammers plague the Internet'."
Heh... I love it, it shows that not too many folks understand about how Spamhaus operates, and may be relying on distant memories of the Mail Abuse Prevention System (MAPS). Both organizations, Spamhaus and MAPS, have operated on a free-to-all, volunteer-run system, accepting donations where they could be had to fund themselves. Back in July 2001, MAPS moved to a fee-based for all (except for educational and single operator systems, which could sign a waiver and have free access) model, while Steve Linford kept MAPS in its free-for-all state, where it continues to operate today.
However, several large users, including world governments, have voiced their opinions that they love what Spamhaus has done, however, how can they rely on a free service that may not be in operation in a year or two due to legal shenanigans like what Richter is pulling against Spamcop??
That, in a nutshell, is what's happening here. No one has ever paid to use Spamhaus other than through voluntary contributions. This changes nothing, the blocklist service and website will still remain free to all comers, and those that have large userbases that want to depend on Spamhaus as a going concern can help by paying a fee for use of a zone transfer service to their own database or dns servers.
Simple, ain't it?? The little guys win, the big guys win, the spammers lose.
If Spamhaus eliminated Spam, Steve Linford would be the first one dancing. He'd probably get a knighthood, but I think he'd prefer a good night's sleep.
MS claims that Hotmail receives 2 Billion spams a day. (That's 2x10^9 to you friends across the puddle). I don't see that going away, more's the pity.
********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.
Yeah I am really worried the 15 grand is going to be passed onto me from my multi-billion dollar ISP.
I expect I will need to refinance my house to keep my internet connection.
Spamhaus is providing a service that cuts costs for ISP's (due to savings in resources not needed for the handling of spam) so it only makes sense to throw some cash thier way in return.
Penny pinching of the magnitude you are posting is ammusing. Next you will be saying the free coffee provided to the programmers at most ISP should be cut due to the large toll it provides on the cost to end user services (which is much more than 15 grand) or workers should provide for thier own toilet paper and soap. Cut the company softball team too! The 35 dollar's I pay for broadband is too high!
I miss the Karma Whores.
Don't they mean, as long as e-mail exists; in it's current form, anyway?
Even then a lot of businesses may actually save money through reducing bandwidth costs due to spam. I hope they don't force those savings onto you... :)
Q.
Insert Signature Here
You raise a good point, and yet I doubt that the cost of subscribing to SpamHaus will be passed down to you. The article mentions the maximum price as $14,500. Which would be for a company say (in relation to your example), the size of AOL.
:P
Even if a small ISP who can't afford to simply swallow the cost passed it down to customers, you'd only be seeing a tiny increment on your monthly bill . And by tiny I am thinking in the figure of 10 or 20 cents. Do the math.
Small ISP "FooNet" has 1000 customers. They qualify for the lower brackets of SpamHaus subscription. Lets say the subscription costs $190 (from the article). Each user will only be paying $0.19cents more a month. Multiply that by 12, and thats an addition of $2.28 dollars a year for some very good spam protection.
Now that I think about it, where do I sign up?
--
The last digit of pi is four.
Are you suggesting that ISP customers are entitled to a service for nothing?? If customers are unhappy with a (probably tiny) increase in ISP charges to address the problem, they can always switch to a cheaper ISP ... and
learn to enjoy their spam.
I get maybe one spam e-mail a day.
And how many extra spam e-mail do you think you would you receive if AOL stopped using the Spamhaus RBL?? (If AOL doesn't use the RBL the question is moot anyway.)
If a corporate IS department is running their own mail servers, it would be wll worth the money. Transfer the lists into the server and check all incoming mail instantly instead of the latency caused by going to Spamhaus. The bandwidth and time saved for someone like GM, GE, Siemens,..... Thats a lot of money saved. $14,500 is pocket change to them anyway, and if it saved $50,000 over a year, thats a good return. I'd bet it would save a lot more than 50K though.
The fact that it keeps Spamhaus a viable concern is another plus.
Professional Politicians are not the solution, they ARE the problem.
1) Everybody has a use for this. If you are part of an organization that uses a paid for spamhaus, then you have a use for it.
2) Spamhaus recommends organizations that get 200,000+ emails a day sign up for the service. Conservatively, I think, we can estimate that would mean 100,000 users ( some get considerably more, most not at all ). At the high end, it's 14,500 a year. So, 14500/100000 = 14.5 cents a YEAR per user. I'll give you a fiver, if you shut up about the cost for the next 30+ years about it.
3) Say I'm way off, and the number is more like 20,000 users. That puts us at about 73 cents per year per user.
If you really can't afford that, how the hell are you able to sit here on the internet and gripe about it?
4) Spam, annually, costs you way more. Or, more accurately, they cost your provider more, which in turn, gets passed on to you. So what they are doing is a cost saving measure.
So, in closing, let me say this: Stop bitching, you are wrong.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
I may be an idiot, but it seems to me that most organisations could justify any of the amounts listed by doing some simple cost benefit analysis.
My understanding is that Spamhaus allows you to blackhole IP blocks that are known to tolerate\encourage spam.
If you step back and work out the cost of bandwidth to accept all of that spam, versus the cost to pay Spamhaus to blackhole it, it probably works out in favour of paying for Spamhaus.
Here in
This will be fine if/when everyone upgrades their DNS & MTA software to accept and use those standards. In addition, there are competing standards/proposals too, so which is the right one to choose?
As an aside, I don't think that making it an RFC necessarily makes it patent free.
Complexity is Easy. Simplicity is Hard.
There are a lot of things that ISPs do that you may not need. Do you have all 6-7 email addresses that a lot of them allot. Do you use your 25 mb of free web space?
Of course if your ISP's rates go up you could always switch ISP's. I don't think these are large fees for these ISP's that need the service, especially AOL. And the reason you don't get spam at AOL is because they are already doing a lot of spam filtering.
I was just about to blast you for your apparent refusal to spend a whole five seconds thinking this through, but I see that you have an AOL address, so I'll assume your question was asked with all sincerity.
There are several ways you benefit from this:
- First is that you might already be benefiting. Since you currently get spam, that means that spammers have your address. Getting only one a day probably means that your ISP already is using spam filtering. How do you know that Spamhaus's databases aren't part of it?
- Good spam filtering helps keep costs down, lowering your bills. A network engineer at a major ISP told me that if they removed their spam defenses, they'd promptly crash; they don't have the capacity to handle the doubling or tripling of mail traffic that would result. $15k per year is nothing compared to tripling your ISP's mail handling and storage capacity.
- People will see your messages. If I turned off my filters, less then one in ten of the items in my inbox would be real mail. Without good filtering, I'd accidentally delete a lot of real messages, especially ones from unknown correspondents.
- The people you want to communicate with will still use email. Some people, especially marginal internet users like grandparents and small children, are already starting to abandon email as a medium, despite our best efforts at keeping the spam out. Without good tools like Spamhaus's lists, more and more people will just give up on their spam-choked inboxes.
So basically, if you use email at all, it's worth supporting the fight against spam, even if you don't personally get any at the moment.ust move to a state that has anti-spam laws, like North Carolina. North Carolina statures allow for 10 dollars per spam. California allows for 500 dollars per spam. Either way, with millions of pieces of spam per day intercepted by their service, they should stand to gain quite ludicrously on the deal. If they can track down 20 of the top spammers, and one of them has insurance, SpamHous will suddenly have far more money than it will know what to do with. Sadly indentured servitude is not a viable option for the other 19, as the US has bankruptcy laws. Still, assuming the congress hasn't passed any laws saying that people CAN SPAM, the plan is perfect.
ROFL.
Good luck finding a lawyer who will take on a case with a $10 or $500 virtually impossible payout.
Good luck finding a spammer who has insurance, hasn't declared bankruptcy a few times already, or wouldn't make all his net worth (if any) disappear as soon as he was caught. Not that he's going to get caught because you'll never find a lawyer dumb enough to take on a case based on such an ineffective law.
More laws are needed? We currently have several hundred civil-oriented anti-spam laws on the books and not a single one of them has paid off or curtailed spam in the slightest. The same thing happened with anti-UCE-faxes and those were even easier to track and pursue and they still didn't do a thing.
Perfect plan? I think not. When 200+ laws don't work, thinking that passing civil law #201 will make the difference is the definition of hopeless.
Passing yet another law has about the same effect on stopping spam as buying a book does in mysteriously making you an expert on that books's subject. You have to read the book. You have to enforce the law. Right now, spammers break lots of criminal laws that aren't being enforced. Passing more laws without beefing up law enforcement is like sptting in the wind and calling it rain.
I've got a 14-character alphanumeric obscure email address that I've never given anyone - but at least I don't get spam!
Do you get any email at all?
Spam is all about the signal to noise ratio, you know.