Email Servers Will Choke, Says Spamhaus

Rub3X writes, "The legal battle between antispam organization Spamhaus and e360 Insight is heating up. Spamhaus has a user base of around 650 million, and its lists block some fifty billion spam emails per day, according to the project's CEO Steve Linford. Spamhaus CIO Richard Cox says the immediate issue is that if the domain is suspended, the torrent of bulk mail hitting the world's mail servers would cause many of them to fail. More than 90% of of all email is now spam, Cox says, and he doubts that servers worldwide would be able to handle a ten-fold increase in traffic." Others estimate Spamhaus's blocking efficacy as closer to 75%; by this metric spam would increase four-fold, not ten-fold, if Spamhaus went unavailable. The article paraphrases CIO Cox as saying that the service will continue "even if there is a short-term degradation."

I say let the spam come

[pembo13]

It would be interesting if all email server admins suddenly opened the flood gates for a day or two. Maybe then the general population will gain a better appreciate of the scale of the matter.

I still think they 3360 guys just look and smell like spammers. That spamhaus aggrees just adds to this conclusion. Here's what seems to amount to the spam histroy of the "plantiff".

Re:I say let the spam come

[jemenake]

It would be interesting if all email server admins suddenly opened the flood gates for a day or two. Maybe then the general population will gain a better appreciate of the scale of the matter.

Which is why I'm surprised Spamhaus doesn't just "simulate" what life would be like without them... before we're without them. Dispense with the predictions of how much spam will increase and what fate will befall the servers. Just shut off your service for a bit and wait for everyone to offer you their firstborn. Enron did it with California's electricity and it worked like a charm.

Re:I say let the spam come

[Jekler]

Most users probably don't remember the rate of spam before filtering was common for a number of reasons:

1. The rise in internet usage since the year 2000 indicates, at best, only 1/3rd of the internet population could remember the rate of spam before filtering was common.
2. The rise of email usage indicates a large population of the people who were connected pre-filtering weren't using email.
3. The current volume of spam per person is at least triple what it was pre-filtering.

Most of us who were using the internet before spam filtering became so common have not seen what today's volume of spam would look like unfiltered. Assuming spam per person has tripled, anyone who was getting 20 spam per day pre-filtering would be looking at 60 spam per day now.

It would be a much deserved wake up call if spam filter companies were to shut down operations for a few days. It's obvious that the bodies overseeing this case think of Spamhaus as little more than a novelty. I think Spamhaus needs to send a crystal clear message, and perhaps the most effective way to do that would be to show the world how green the other side of the fence really is.

Re:I say let the spam come

[dheltzel]

I'm surprised Spamhaus doesn't just "simulate" what life would be like without them

It's easy to explain why they don't do this. They know that only clueless email admins rely only on an RBL for Spam control. Only the "Spamhaus faithful" would get clobbered with the extra Spam and they would have to switch to a different method or lose their jobs. This would be a sure way to kill off your customer base by proving empiracally why a single point of failure in Spam detection is a bad idea.

I've seen as much bad behavior from the RBL maintainers as I have from the spammers, so I only use an RBL as a final check to hold email that is on an RBL but otherwise passes through the filter. The (very few) held emails are almost always legitimate. The only reason I even bother to hold them is to keep an eye on what's going on and kill the final few Spam emails. The system I use for my employer has an almost perfect rate of rejection. Most of our users get fewer than 10 Spam messages a year! I get a lot of questions from co-workers about how to deal with Spam in their personal accounts because we do such a great job of dealing with it in their work accounts.

I know the Spamhous fanboys will take offense at this post. My only comment is that you are free to use an RBL as your only Spam control if you wish, just as I am free to use what I consider to be better methods. Good luck to you if Spamhous ever goes dark for any reason -- you're gonna need it.

Re:I say let the spam come

[jcr]

So, who has standing to file a complaint against this spammer?

He lied on the jurisdiction issue, and if that takes Spamhaus off the network, then millions of us suffer economic damage from the result of his perjury.

Anyone in Illinois want to register a class action against the son of a bitch?

-jcr

Re:I say let the spam come

[arivanov]

I have.

Here is the result:

Spamhaus gives only further sub-5% improvement on top of greylisting with a positive feedback loop at delivery/user report level. With relay level content filtering feeding into the feedback loop that will be down to under 3%. Greylisting on its own does 90%+.

The CPU cost of greylisting is not that much higher compared to DNS blacklists (and on a large site you can dynamically gate greylists into a local DNS greylist zone for distribution). In fact it is less if you form temporary firewall reject lists from your greylisting database.

So the answer is: technically Spamhaus is full of shit and the floodgates will not open. On most well managed sites it will be just another day. A bit more SPAM, but not a lot. At most it will make admins tune feedback loops into grey/black lists a bit better.

Move along people, nothing to see here. Spamhaus should stop dragging the rest of the internet into the stupid internet governance battle which is not for them to fight in the first place. I already commented on their position on this issue in past Slashdot posts on it.

Spamhaus should stop talking BS and move their operations to the same domain as their legal country of residence.

Re:I say let the spam come

[grub]

Most of us who were using the internet before spam filtering became so common have not seen what today's volume of spam would look like unfiltered.

So much of it happens server side the end users would have no idea as to the amount. My home mail server which handles a handful of users gives me these stats. and this is just for the 8.5 hours of "Today":

(spamhaus) Listed at Spamhaus: 655
(sorbs.net) Listed at dnsbl.sorbs.net: 146

So that's just over 800 pieces of crap for today (so far) Those are server-side filters, not client side.

Two lists needed

[Ed+Avis]

Maybe some legal problems could be avoided by having two lists. One, a list of spammers. The second list is people who are not spammers (cough) who have threatened or engaged in legal action to be removed from the first list. In other words a list of plaintiffs in court cases. Mail server admins could choose whether to use one list or both for blocking mail.

Buggy post

[TapeCutter]

Meanwhile the rest of the planet will treat an unenforcable court order from this judge about as seriously as they would a court order from the judge in this case.

GP was missing the link above.

Spamhaus have their problems

Most of the comments I've read so far seem to be in favour of Spamhaus, and while I agree that they do some good work, they are not all good. Specifically, they seem over keen to blacklist address ranges without providing any proof, and very reluctant to unblock these.

I work for an ISP providing dedicated server hosting & colocation. Recently a couple of our customers contacted us saying that they had appeared on the Spamhaus blacklist, and were consequently having trouble sending e-mails. They claimed that they had not involved in any spamming activities, and that this listing was therefore incorrect. We found out that Spamhaus had blacklisted a range of our IP addresses (specifically a /27 subnet), and their explanation was that we were hosting someone from their ROKSO list.

While it was indeed true that we were hosting a server for this person, Spamhaus had a) blocked an address range larger than the IP addresses involved with this spammer, and b) would not offer any proof that the spammer had been using the server we host for him to involve in any spamming activities. When we contacted them, they refused to unblock this range unless we suspended the account of this spammer (again without providing any proof of activities conducted from our network that would breach our TOS), even though they acknowledged that the range they were blocking involved innocent customers. For us to suspend him at the request of Spamhaus would have been US breaking our contract with him, as there was no indication that he had violated our AUP (which DOES prohibit involvement with spam).

When we refused to break our contract with our customer at the request of a third party (perfectly acceptable position imho!), Spamhaus said that if they blocked any of our customers in future, they would blacklist our entire network (which is a considerable amount of addresses). This is unacceptable in my view, they are essentially trying to hold us to ransom without providing any proof of activities. When talking with some other ISPs, we heard of similar stories. In one case, the ISP concerned suspended the spammer's account and contacted Spamhaus to have their blacklist removed, and were told that "due to under-staffing, Spamhaus would not be able to remove the blacklist entry for a couple of days. however, if they would like to make a donation to spamhaus, they would remove the entry much sooner".

To reiterate my earlier point, Spamhaus does provide a valuable service, there's not much doubt of this. But they way in which they are organised leaves a lot to be desired!