Slashdot Mirror
On Futureproofing Spamhaus
BMcWilliams writes "Spamhaus director Steve Linford announced a new funding plan Tuesday. According to Linford's announcement, large ISPs and big corporate users of the Spamhaus zone transfer service (renamed the Spamhaus Data Feed Service) will be required to pay an annual subscription fee ranging between $190 and $14,500.(The free public-query mirrors will continue to exist.) The point of the new plan is to ensure that 'the millions of users who rely on our anti-spam systems can be assured we'll be here for as long as spammers plague the Internet'."
Maybe they should send an email to everyone requesting those $$$ :)
Won't these costs just be forced down onto the customers? Sure, it funds Spamhaus, but why is this a good thing for a user who doesn't have to deal with spam? I get maybe one spam e-mail a day.
Wheel in the sky keeps on turnin'.
Is this a Self-Elimating Business Model?
The point of the new plan is to ensure that 'the millions of users who rely on our anti-spam systems can be assured we'll be here for as long as spammers plague the Internet
As they eliminate spam, spam becomes less profitable, thus decreasing the need for them. Not only that, but the less spam, the less people will request their services, as they can do it in-house. What do you guys think?
Lets get it out of the way now....
1. Block spam
2. ????
3. Profit.
There. Are you trolls happy?
Since when has this country used intellectual elite as a pejorative term?
Make it a paid for service, so you can't sue for being on the list
or to provide money as a cushion against suits? and hurt in one, if you're a corporate bulk user (not bulk like that) you'll pay, for something that saves your company money.
Blah blah sig blah blah blah irony blah blah
In the meantime, thanks largely to ineffective spam laws passed by governments, we're having to step up the fight against spam with more resources....
Not that the gov't can do much anyway, but, it could do more. I think the fees are reasonable and I hope they are accepted and paid graciously.
Happy Trails!
Erick
http://www.busyweather.com/
This story makes me think of GRsecurity. Remember? It's dying because the developer didn't have any funding? Maybe Spamhaus caught wind of this, and is trying to avoid a similar fate.
Only the purest of souls seek enlightenment. Everyone else just wants power.
Just as soon as this $54Mil bank transfer goes through for this poor Nigerian widow.
If Spamhaus eliminated Spam, Steve Linford would be the first one dancing. He'd probably get a knighthood, but I think he'd prefer a good night's sleep.
MS claims that Hotmail receives 2 Billion spams a day. (That's 2x10^9 to you friends across the puddle). I don't see that going away, more's the pity.
********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.
I'll admit that I don't know how Spamhaus operates. However, it doesn't detract from what I said. Costs will still be forced upon me for something that I may have no use for. The government does it, but now it may be done from the private sector?
Wheel in the sky keeps on turnin'.
Spamhaus advises organizations set up a zone transfer if they're receiving 200,000+ e-mails per day. I doubt the average user (or small organization, corporation, etc.) will be receiving that much e-mail in a day (at least for now...)
Don't they mean, as long as e-mail exists; in it's current form, anyway?
Even then a lot of businesses may actually save money through reducing bandwidth costs due to spam. I hope they don't force those savings onto you... :)
Q.
Insert Signature Here
homer: Ooh, I see. Get us addicted then jack up the price!
it is only after a long journey that you know the strength of the horse.
You raise a good point, and yet I doubt that the cost of subscribing to SpamHaus will be passed down to you. The article mentions the maximum price as $14,500. Which would be for a company say (in relation to your example), the size of AOL.
:P
Even if a small ISP who can't afford to simply swallow the cost passed it down to customers, you'd only be seeing a tiny increment on your monthly bill . And by tiny I am thinking in the figure of 10 or 20 cents. Do the math.
Small ISP "FooNet" has 1000 customers. They qualify for the lower brackets of SpamHaus subscription. Lets say the subscription costs $190 (from the article). Each user will only be paying $0.19cents more a month. Multiply that by 12, and thats an addition of $2.28 dollars a year for some very good spam protection.
Now that I think about it, where do I sign up?
--
The last digit of pi is four.
If a corporate IS department is running their own mail servers, it would be wll worth the money. Transfer the lists into the server and check all incoming mail instantly instead of the latency caused by going to Spamhaus. The bandwidth and time saved for someone like GM, GE, Siemens,..... Thats a lot of money saved. $14,500 is pocket change to them anyway, and if it saved $50,000 over a year, thats a good return. I'd bet it would save a lot more than 50K though.
The fact that it keeps Spamhaus a viable concern is another plus.
Professional Politicians are not the solution, they ARE the problem.
I may be an idiot, but it seems to me that most organisations could justify any of the amounts listed by doing some simple cost benefit analysis.
My understanding is that Spamhaus allows you to blackhole IP blocks that are known to tolerate\encourage spam.
If you step back and work out the cost of bandwidth to accept all of that spam, versus the cost to pay Spamhaus to blackhole it, it probably works out in favour of paying for Spamhaus.
Here in
"$190 and $14,500"
This takes the sound bite "prices may vary" to a new level.
the byproduct of years of oppression by the white man
You're confusing Spamhaus with SpamCop. Only the latter has an affiliation with IronPort.
You are confusing Spamhaus with SpamCop...
Spamhaus has no affiliation with IronPort!
Several people have posted that I've confused Spamhaus with SpamCop. Sorry. It was careless on my part. My appologies to Spamhaus.
SMTP has a security hole: any connecting client can assert any sender address. This flaw has been exploited by spammers to forge mail. The result: your mailbox fills up with bounces to messages that you didn't send. Close the hole, and we can easily block spammers by sender domain.
SPF closes the hole by using a DNS record that says which hosts can send email with a from address in the domain. The record is a simple TXT record that looks something like this:
What most of you don't know is that this is a Microsoft technology. Remember when Bill Gates said that he'd solve the spam problem in two years and you all laughed? Read this for the all the technical details. As it is an internet draft, this is completely patent free and anybody can use it.
ust move to a state that has anti-spam laws, like North Carolina. North Carolina statures allow for 10 dollars per spam. California allows for 500 dollars per spam. Either way, with millions of pieces of spam per day intercepted by their service, they should stand to gain quite ludicrously on the deal. If they can track down 20 of the top spammers, and one of them has insurance, SpamHous will suddenly have far more money than it will know what to do with. Sadly indentured servitude is not a viable option for the other 19, as the US has bankruptcy laws. Still, assuming the congress hasn't passed any laws saying that people CAN SPAM, the plan is perfect.
ROFL.
Good luck finding a lawyer who will take on a case with a $10 or $500 virtually impossible payout.
Good luck finding a spammer who has insurance, hasn't declared bankruptcy a few times already, or wouldn't make all his net worth (if any) disappear as soon as he was caught. Not that he's going to get caught because you'll never find a lawyer dumb enough to take on a case based on such an ineffective law.
More laws are needed? We currently have several hundred civil-oriented anti-spam laws on the books and not a single one of them has paid off or curtailed spam in the slightest. The same thing happened with anti-UCE-faxes and those were even easier to track and pursue and they still didn't do a thing.
Perfect plan? I think not. When 200+ laws don't work, thinking that passing civil law #201 will make the difference is the definition of hopeless.
Passing yet another law has about the same effect on stopping spam as buying a book does in mysteriously making you an expert on that books's subject. You have to read the book. You have to enforce the law. Right now, spammers break lots of criminal laws that aren't being enforced. Passing more laws without beefing up law enforcement is like sptting in the wind and calling it rain.
One can wonder whether additional funding will have the effect of actually having the records reflect the realities. The trouble is that I know of at least one record (SBL6024) that is filled with errors and despite several attempts at having Steve correct them, all that happened was a bunch of insults in response.
/29 belonging to Wild Rhinos nameserver moved to their record (SBL14379) - or similar. I know it would not delist anything (that's not the issue) but it would correct the information and that's what's important here.
All content in that record except *one* line is completely wrong and/or severely outdated. The bad content reflects an old customer long gone (booted late 2002) whose IP-ranges were mixed up with Dynamic Pipe. All that remains valid is a single nameserver (freya.wildrhino.com) belonging to a different customer/alledged spammer: Wild Rhino.
If the info should be correct that entire record should be removed and the
But Steve does not want to admit his mistakes here, and one can wonder just how many other records in his system are equally flawed, mislisted or plain false. If the incorrectness is rampant throughout, one can wonder just what these businesses would be buying. I think Steve needs to learn a bit about humility and responsibility before he starts making money big-time on this. Because making money off lies and false pretenses has always been the domain of those he claims to hate the most: SPAMMERS.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
Gee, I leave my tinfoil hat off for just one lousy week and there's not just one but multiple world governments. I was just getting to grips with overthrowing a few national governments.
Do I get to choose which world government I'm under? Given the choice I, for one, would like to welcome my new illuminati overlords.
Recycle PCs and build a wireless community network www.hillsborough.org.nz
They already have access to all those emails desperately trying to give away $3.5M . They have all the funding they'll ever need....
I have no sig yet I must scream.
I've got a 14-character alphanumeric obscure email address that I've never given anyone - but at least I don't get spam!
Do you get any email at all?
Spam is all about the signal to noise ratio, you know.
Spamhaus is selling access to two lists.
One of them, the SBL, is a list used to apply pressure to ISPs. It doesn't stop that much spam. It's a political tool, just the same as the MAPS RBL was.
The other, the XBL, is extremely effective at stopping spam. But Spamhaus doesn't run the XBL. They're just downloading the (freely available) CBL and BOPM lists, then selling access to them for thousands of dollars a year.