Spamhaus: MCI Makes $5M A Year In Spam Profits

An anonymous reader submits "According to a new Spamhaus report, MCI makes $5 million a year hosting spammers and illegal spamware. MCI/UUNET has long topped the Spamhaus spam supporting ISPs list, with nearly 200 active SBL entries. MCI even took on spammers such as iMedia, when they were terminated by Savvis in their half-hearted response to leaked pro-spam memos."

illegal spamware?

[dougmc]

and illegal spamware.

What's illegal about spamware? I thought it was spamming that was illegal, not software that could be used for spamming.

And in any event, one person's `spamware' may very well be another person's tool of choice for sending out mail to a large (and yet legitimate) mailing list.

Re:illegal spamware?

[Secrity]

Spamming in the US is not illegal, sending spam illegally is illegal. Selling spamware IS illegal in Virginia and UUNet has a large presence in Virginia.

The Virginia law says:

18.2-152.4. Computer trespass; penalty. ... B. It shall be unlawful for any person knowingly to sell, give or otherwise distribute or possess with the intent to sell, give or distribute software which (i) is primarily designed or produced for the purpose of facilitating or enabling the falsification of electronic mail transmission information or other routing information; (ii) has only limited commercially significant purpose or use other than to facilitate or enable the falsification of electronic mail transmission information or other routing information; or (iii) is marketed by that person or another acting in concert with that person with that person's knowledge for use in facilitating or enabling the falsification of electronic mail transmission information or other routing information.

Re:illegal spamware?

[timmyf2371]

That's kind of a harsh law, sounds akin to making filesharing software illegal because of the actions of its users.

Re:only $5 million

[Stevyn]

Their gain of $5 million is costing companies many times that. That's why it's bad.

Re:only $5 million

[ssimontis]

Still, this article shows several things. Lots of people complain that we can't do anything to stop spam without getting several countries to cooperate. While this might be true in the long run, we can still shut down all the spammers in the United States. One of the biggest ways we can stop spam is forcing ISPs to stop supporting it. I am not sure what could be done, but perhaps a large-scale boycott could have an effect?

Impose an E-embargo against MCI

[Gary+Destruction]

ISPs should impose an E-embargo against MCI because they support spammers. All mail and traffic from MCI should be blocked until MCI stops helping spammers.

One simple suggestion

[brian.glanz]

If as TFA reads "MCI is the only American, and indeed only Western network, where this spam support activity is 'not against our policy'," then Congress should rule their (in)activity explicitly against the law. Most ISPs already agree as a matter of their own policy. Yes, the spammers will go elsewhere, but the U.S. should first clean our own house. Writing this law (or lines in a law) seems like a no-brainer.

BG

MCI Doesn't care about $5M revenue sources

[skoda]

MCI is a $27 billion company. (according to http://global.mci.com/about/investor_relations/fun damentals/).

Corporately, they don't care about $5M revenue streams. If it's not a homerun, billion dollar profit potential, it's not going to be developed.

I doubt MCI is actively pursuing SPAM as a business venture. Not unless they believe it's going to generate billions in the next five years. Otherwise, this is a non-story, about MCI making a few pennies because they aren't 100% vigilant.

Making Money

[Bonhamme+Richard]

Note: I'm stealing this for Richard Marcinko's Rogue Warrior's Strategy for Success. Don't sue me Dickie, I gave you credit.

To paraphrase an anecdote used as an example in Dickie's book :

Johnson and Johnson's Corporate credo lists J&J's responsibilities in this order 1) to the consumer 2) to the employees 3) to the community 4) to the shareholders (meaning to making money.)

When Tylenol (a J&J product) was tampered with in Chicago, resulting in the deaths of several people, the local police advised J&J that it was an isolated incident, and that a recall was not necessary.

J&J recalled anyway (a $350 million process) and consumers flocked back to Tylenol when it was reintroduced to the market with new tamper proof packaging. Since consumers had proof that J&J cared about them, J&J ended up making money.

The moral of the story is that caring about your consumers may be less profitable in the short run but that in the long run companies that put the consumer first do better. It's obvious to me that MCI does not put the consumer first. Point 4 on the J&J credo is point 1 in MCI's strategy. MCI just lost one customer.

Not surprising.

[jwcorder]

Aren't we talking about the same MCI/Worldcomm that cooked their books 2 years ago? So bad accounting practices don't seem to be the only questionable business in which they participate.

Non Unique

[discordja]

Why is this news? Almost every bandwidth provider in the country will house spammers so long as they aren't breaking any laws. Internap, the largest bandwidth provider in the states, houses a good number of spammers even tho it's "against policy" to send unsolicited email. If the almighty dollar is involved don't expect companies to be "moral."

God doesn't care if you don't say "bless you!"

[MorboNixon]

As a former employee of UUNet, whom, in turn, got bought out by Worldcom, which was once and now is again called MCI...*breath*...I can say that my pop.net POP3 account I had when I employee there remained active for at least 4 years after I left in 2000. It only got deleted after I stopped checking it for over a month.

What does this mean? Well, speaking from experience, they don't have nearly as many people monitoring this stuff as they should. So, my guess is that this SPAM abuse is the result of neglect. However, as with most any telecom/IT company, Marketing and Sales drives the business, the techies are beholden to the machinations of the Marketroids and Salesbots. This could be their bright idea.

Re:God doesn't care if you don't say "bless you!"

[WoBIX]

They're not the only ISP that doesn't pay attention to accounts. A friend with a dial-up account back in the mid nineties closed her account when she moved. She discovered that she still had email access to it, and even dial-up was still available. Her boyfriend shared the dial-up info with a bunch of their friends and they all had free net access for several years. Last I checked it was still active.

I bet it costs MCI more than $5M

[sbaker]

Yeah - they may inadvertently make $5M from spammers - but I bet the cost of spam to them is a LOT more than that. It follows that this is not an intentional part of their business model - but merely the residue of spammers that they've been unable to eliminate.

Re:only $5 million

[thogard]

If 5 mil is nothing to them, then we need to get them to stop.
The only way to do that is nail them where it hurts most, their stock price. The only way to do that is blacklist them and let wall street know its going to happen and make sure that it does happen.

What needs to happen is that on Apr 1, we make fools of them by taking down their entire network. This is going to take massive planning because they run such a major part of it. The real problem is most name servers are still on it as well as many of the main web sites.

So for this to work, everyone running mail servers will need to to have a RBL type blacklist in place that gives out the same message that is clear and to the point. Then Web sites should return pages explaining the issue clearly. The idea is full up every ISP call centers with questions to the point that anyone paying MCI will be screaming at them. The result is that mci will either get their act together with the spamers or the net will prove that a permanent blacklist won't be so bad.

This is very difficult to do in a corporate environment. however sometime the big bosses can be convinced by letting them know just how much the spam and viruses are costing and don't forget the fraud. Remind them of the people who siphon millions out of large companies to help their new buddies in Nigeria.

Re:New mail protocol

[thogard]

Your problem is someone else feature. SMTP allows things such as anonymous mail which was considered important in emails early days. The real problem is someone sees anonymity as a business venture and the suckers fall for it. If you remove that, then the spamers will just lead longer paper trails which will cost them slightly more but wont stop anything. After all these guys are going out and paying cash for T3 setups fees and monthly fees in advance for a circuit they expect to get a few days use out of. They will be happy to comply with any sill new rules an advanced email system will provide.

X.400 fixed all the problems. You can buy a pateneted solution today that fixes all your email problem but it costs several tens of thousands of dollars per year in license fees alone to run an x.400 system.

No suprising considering MCI's past.

[PocketPick]

They've also had some of the highest fines when it comes to violating the do-not-call list.

Example

Re:Explain to me

[timmyf2371]

It's rather simple - filesharing gives people something for nothing whereas spam annoys people and wastes their time.

Not saying I agree with this "philosophy" by any means though.