Scam-Linked ISP Intercage / Atrivo Gets Shut Out

alphadogg writes with this excerpt from Network World: "The lifeline linking notorious service provider Intercage to the rest of the Internet has been severed. Intercage, which has also done business under the name Atrivo, was knocked offline late Saturday night when the last upstream provider connecting it to the Internet's backbone, Pacific Internet Exchange, terminated Intercage's service. Intercage president Emil Kacperski said Pacific did not tell him why his company had been knocked offline, but he believes it was in response to pressure from Spamhaus, a volunteer-run antispam group, which has been highly critical of Intercage's business practices."

So, a drop of spam-traffic?

[mi]

For a couple of hours?

Re:So, a drop of spam-traffic?

[gnick]

Yup. The end of TFA was the painful (albeit obvious) part:

Kacperski said Monday he was looking for a new service provider, but that he had no idea how long it will take him to get back online.

"I've got to basically start all over," he said.

Ugh. And the sad part is that, while he's scrambling to rebuild his "business", other people will be scrambling to fill in the void.

Re:So, a drop of spam-traffic?

[Rayeth]

Still though one wonders how someone can be running an ISP with 78% hostile traffic and not realize something is up.

Re:So, a drop of spam-traffic?

[Abreu]

Paid to look the other way?

Re:So, a drop of spam-traffic?

[BPPG]

I for one welcome this chance for other spam vendors to engage in a little competition. It will be a wholly new playing field if/when Intercage re-emerges online, after previously holding a dominant position. Hopefully the free-market nature of Internet business will only encourage the production of more quality spam. The recipients of spam can only benefit from this new development.

Re:So, a drop of spam-traffic?

[KillerBob]

They may have held a dominant position for hosting warez and porn sites, but this will barely make a dent in the spam scene, largely because most of it is coming from botnets.

Re:So, a drop of spam-traffic?

Maybe he could apply for a government bailout. After all, spam does account for a significant portion of our economy

Re:So, a drop of spam-traffic?

[osu-neko]

Still though one wonders how someone can be running an ISP with 78% hostile traffic and not realize something is up.

If there's a steady paycheck in it, I'll believe anything you say. ;)

Re:So, a drop of spam-traffic?

For a couple of hours?

For a day. They found a new upstream now, though, Unitedlayer, Inc., who obviously didn't pay any attention to the news (or just decided to ignore it):

http://cidr-report.org/cgi-bin/as-report?as=AS27595

            27595 INTERCAGE - InterCage, Inc.

                Adjacency: 1 Upstream: 1 Downstream: 0
                Upstream Adjacent AS list
                    AS23342 UNITEDLAYER - Unitedlayer, Inc.

Re:So, a drop of spam-traffic?

Yea, don't give them any ideas!

Next thing you know `traceroute intercage.com` will look something like this:
traceroute to intercage.com (128.102.0.99), 64 hops max, 40 byte packets
...
12 TKC-COMMUNI.hsa4.SanJose1.Level3.net (209.245.146.6) 36.243 ms 36.086 ms 36.397 ms
13 n254-border-rtr-nisn-sip.arc.nasa.gov (198.123.41.9) 36.087 ms 36.086 ms 36.403 ms
14 intercage.com (128.102.0.99) 36.432 ms 36.231 ms 36.891 ms

Re:So, a drop of spam-traffic?

[magus_melchior]

I for one welcome ...

What, no overlords?

Re:So, a drop of spam-traffic?

If this is true then it kinda makes sense, as United Layer is upstairs from PIE at 200 Paul......

Re:So, a drop of spam-traffic?

Wow - obviously doesn't know UnitedLayer

http://www.theregister.co.uk/2008/09/24/intercage_back_online/

Re:So, a drop of spam-traffic?

[sglines]

Hours?

traceroute to intercage.com (216.255.187.125), 30 hops max, 38 byte packets ...

9 UNITED-LAYER.ge-6-2-0.404.ar4.sfo1.gblx.net (64.214.131.174) 297.525 ms 187.031 ms 222.002 ms
10 Vlan804.br01-200p-sfo.unitedlayer.com (209.237.224.173) 100.860 ms 100.121 ms 99.907 ms
11 207.7.146.250 (207.7.146.250) 99.808 ms 256.817 ms 109.715 ms
12 216.255.187.125-custblock.intercage.com (216.255.187.125) 99.896 ms 99.812 ms 100.443 ms

Whois the offending provider?
  whois 207.7.146.250
[Querying whois.arin.net]
[whois.arin.net]

OrgName: Unitedlayer, Inc.
OrgID: LAER
Address: 1019 Mission Street
City: San Francisco
StateProv: CA
PostalCode: 94103
Country: US

Severs them right!

[johannesg]

Hopefully it will cut down on the amount of spam...

Re:Severs them right!

[Anonymous+Codger]

Nice typo in the title - very appropriate slip.

Re:Severs them right!

[EdZ]

I, uh, don't think that was a typo, as such.

Re:Severs them right!

[TheDreadSlashdotterD]

Whoosh!

Intercage...

...should have attached that new cover sheet to their TPS report.

That's why!

[courteaudotbiz]

I was thinking to myself "God! My EMail account must be in problem, I didn't receive any spam since the weekend", then I got this really great offer, a guy who is going to give me 20% of 5 million US dollars to help him recover a lost bank account. Well that's perfect, I'm the one who's finally gonna be rich!

Re:That's why!

[bonehead]

That's awesome! Just imagine all the penis enlargement pills you'll be able to order now!

Re:That's why!

[somersault]

Dear Mr.. Bonehead,

Please quit your suggestive advertising campaign for penis hardening and enlargement compounds or I shall be forced to complain to your ISP and have your account disabled.

Thankyou.

Re:That's why!

[oldspewey]

You're just going to go right ahead and buy penis enlargement pills with the money? You're not going to parlay it into something bigger first? I got an email just this morning informing me that SuperRoyalCasinoOnline.com is offering a 200% bonus on all deposits. That means you can buy three times more penis pills, with the potential for even bigger winnings.

Re:That's why!

[indifferent+children]

I got an email just this morning informing me that SuperRoyalCasinoOnline.com is offering a 200% bonus on all deposits.

That's nothing. I got an offer this morning of $700B, with little oversight and no accountability. All I have to do is prove that I recklessly lost hundreds of billions of investor capital.

Re:That's why!

[azav]

Nigerian Mortgage Enlargement Pills.

Re:That's why!

[spun]

Look, you commie, if we don't pay our CEOs hundreds of millions of dollars, how can we be assured that we're getting the best? Do you know how long it might have taken to rape you all for hundreds of billions of dollars and then stick you with the bill for the rape exam kit if we had to make do with substandard CEOs?

Re:That's why!

[HTH+NE1]

Do you know how long it might have taken to rape you all for hundreds of billions of dollars and then stick you with the bill for the rape exam kit if we had to make do with substandard CEOs?

Uh, about 23 minutes and 5 seconds?

Re:That's why!

[Culture20]

Further proof that Communism is more efficient. It took the U.S. Government two centuries to do what the Soviets did to Czarist Russia in just months. /kidding
In Soviet Russia ________

Re:That's why!

[Nimey]

I'm laughing, but I wish that was funny. :-(

Re:That's why!

[frosty_tsm]

In Soviet Russia ________

The economy bails you out?

Re:That's why!

[Danny+Rathjens]

India is getting there.
In capitalist India, CEOs beaten to death.

India's labour minister declined to criticise the attack, saying it "should serve as a warning for management."

http://timesofindia.indiatimes.com/CEO_death_warning_for_managements_Govt/articleshow/3518772.cms

Re:That's why!

From the article:

Around two months ago, workers of the company were dismissed. The CEO of the company was reportedly beaten to death by a group of dismissed employees inside the premises after a compromise meeting called failed.

I like it. Firm but fair justice for incompetent managers.

Re:That's why!

That all sounds great, but look at the details being proposed. As CEO you'd have to settle for a measly $400k salary if your company gets bailed out. Say what? Clearly it would be better for the company to go bankrupt than accept government handouts.

Re:That's why!

You're just going to go right ahead and buy penis enlargement pills with the money? You're not going to parlay it into something bigger first?

I think he was going to use the pills to parlay it into something bigger...

Re:That's why!

[dbrutus]

And I'm generally ok with that. Government bailouts should not be a first resort but an "oh crap, we'll never do regulation with perverse incentives like that again" corollary.

Re:That's why!

[powerlord]

Nigerian Mortgage Enlargement Pills.

Only buy them through the Canadian Poker GIRLS GIRLS GIRLS Pharmacy.

Its cheaper.

Do you write spam for a living?

[bigtallmofo]

I was thinking to myself "God! My EMail account must be in problem

I think I've seen some of your recent work in my inbox. "Is your manhood in problem? Click here!"

Spamhaus, really?

[ThanatosMinor]

I thought they were pretty much a passive organization that just lists domains and companies that are either irresponsible or actively take part in spam- or malware-related activity. It feels a little disingenuous to claim that they pressured a provider to drop a client.

Re:Spamhaus, really?

[Zerth]

While they don't do anything active, threatening to add you to their list for being the upstream of someone on their list is a little like saying "hey, nice knees. Shame if something happened to them". Enough people use Spamhaus, directly or indirectly, that being on their list can be equivalent to actively blocking them. It's not exactly a Usenet Death Penalty, but it'll cramp your style.

Re:Spamhaus, really?

[xrayspx]

They list netblocks in a blacklist that other people use to filter, and if an ISP doesn't deal with the issue with that one block, Spamhaus will threaten to expand beyond the block of the individual offender, which might be like a /27, and blacklist the ISP's block, which might be a /18 or something.

If a whole ISP is seen as a habitual offender and providing safe haven to unrepentant spammers, then SpamHaus will work their way upstream.

Re:Spamhaus, really?

[AnotherBlackHat]

Spamhaus, and most of the other anti-spam lists, are essentially boycott organizers.

They may not do much personally, but they are advocates for action.

-- Should you believe authority without question?

Re:Spamhaus, really?

[Yomers]

They are evil. If you'd ever try to run for example shared hosting service - you'd know that.

Re:Spamhaus, really?

[tbannist]

I have. They aren't.

beside spam

[ionix5891]

they used to host quite alot of warez, and their whole range is blocked on wikipedia...

Re:beside spam

guess that explains why the two warez sites I frequent suddenly disappeared.

Re:beside spam

[Vu1turEMaN]

a birdie told me that it was why katz.cd was down yesterday...

Re:i used them

or ask any question

Okay ... so not spam and not illegal. What then? Porn? Why would we hate you for that?

Easy fix for them

[$RANDOMLUSER]

I'm sure if they ask real nice on the news.admin.net-abuse.email and news.admin.net-abuse.sightings newsfroups, they'll be reconnected in no time :D

Re:Easy fix for them

[BattyMan]

No, it's news.admin.net-abuse.blocklisting anymore (n.a.n-a.email has been bot-spammed to uselessness),
and all they'll get there is (their fair share of) jeers and other verbal abuse.
At least for about as long as they (Atrivo)'ve been abusing the email system.
And those guys (Morley Dotes & Inigo Montoya) will know how long that's been.

"My name is Inigo Montoya. You spammed my father. Prepare to die."

Re:i used them

Okay ... so not spam and not illegal. What then? Porn? Why would we hate you for that?

He kinda answered that already...

However I dont do anything thats illegal here (haha you cocksuckers there in the usa).

We all know that blowjobs are not illegal in the US when performed by consenting (human) adults. Depending what kind of person you are his admission could raise further questions, I don't even want to think about it.

Some truth to it...

[SanityInAnarchy]

That's a good point, but when companies like AOL use Spamhaus, it means a huge number of email accounts are going to drop mail from anything in that list immediately.

So while Spamhaus does "passively" list people there, let's not fool ourselves -- when they update that list, they cause people to be blocked. If an entire ISP is blocked from communicating with most email accounts out there, then that ISP is going to feel the pressure.

Re:Some truth to it...

[geohump]

Spamhaus was not the central issue or cause of the disconnection. If you read the article, you will see that there was a paper that was researched and published with regard to Intercage/Atrivo activities. The fact that I/A ended up on Spamhaus was simply a reflection of their activities. Not the cause of their disconnection. The network operators who each independently made a decision to not accomodate I/A traffic did so based on the merits of their own knowledge, some of which came from that paper and the rest of which came from their own experiences, and a tiny bit coming from spamhaus which, as noted elsewhere in this thread has a reputation of its own. (good and/or bad. )

It's a slippery slope...

[JustDisGuy]

I dislike spam as much as the next guy, but when we start letting ISP's decide what we can do with our domains it's the beginning of the end.

A much better solution would be to devise and implement a secure authenticated email system. SMTP is so 60's...

Re:It's a slippery slope...

I dislike spam as much as the next guy, but when we start letting ISP's decide what we can do with our domains it's the beginning of the end.

Yeah, lets let the Govermint do it instead, they're much more trusted.

A much better solution would be to devise and implement a secure authenticated email system. SMTP is so 60's...

You go ahead and devise it, let us know when you've finished it and we'll take a look.

Re:It's a slippery slope...

[The+Moof]

Terms of Use exist for every hosting provider and ISP I've ever used. And they all say generally the same thing: "Don't do anything that's legally questionable."

So this comes off as more of "they're enforcing the terms" than "I'm bein' repressed!"

Re:It's a slippery slope...

SMTP is not the problem.

Authentication between sender and receiver doesn't belong in the envelope, and you can already do this using GPG or x509 certificates; however, this doesn't help spamming at all because you have to be able to send to people without having to know them first.

Authentication between MTAs is also already possible using SASL; however, again, that doesn't help much because spam often comes via trusted peers, and you can't exclusively only accept mail from peers that you know before hand (see above).

The one thing we can do is prevent header spoofing by making sure that mail comes from where it claims to be from using using domain keys or the like.

Overall, spamming is a socioeconomic problem. There is no technical solution other than trying to shift the cost of spamming from the receiver to the sender.

Re:It's a slippery slope...

[eli867]

Uh, authentication isn't the problem. The bad guys are running the mail server, not hacking into it.

Re:It's a slippery slope...

[Kalriath]

Here we go...

Your post advocates a

(X) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(X) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Huge existing software investment in SMTP
(X) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

Emil Does know why they were disconnected.

[geohump]

Email discussion about this modern version/equivalent of the "Internet Death penalty" (IDP) has been ongoing in the email list for network operators for the past several days. One side's consensus in this case seems to be "Intercage/Atrivo" has been a problem for years, has never adequately responded to abuse complaints, and is responding with a protestation of innocence that has all the credibility of 'The check is in the mail", "I'll only put it in an inch", and "of course I love you".

There is the other side of the story with protestations of innocence. Unfortunately those cries are exactly what any party, guilty or innocent, would make. How to tell the difference?

And what next?

Will more ISP's/Hosters refuse to do business with "questionable" parties? Doesn't seem likely, but we can hope. Will the IDP be used on any other parties? Will there be damage to innocent parties? There are no easy answers or ready solutions for this issue.

Re:Emil Does know why they were disconnected.

[cpghost]

Will more ISP's/Hosters refuse to do business with "questionable" parties?

Some parties are always considered questionable, e.g. when they actively disrupt the Net. Those parties have always been cut-off, even in the pre-IP times: a misbehaving USENET host was quickly blacklisted and it had a very hard time to find peers. This is "technical questionability".

Other parties are sometimes considered questionable, e.g. when they provide content that is deemed questionable in some areas and cultures (say, e.g. pr0n). This is "social/cultural questionability".

Cutting someone off because of technical reasons is absolutely justifiable, because not cutting him off would disrupt the system itself. Cutting someone off because of social/cultural reasons is not necessary from a technical point of view, and is open to political debate.

Now, Net Neutrality is essentially a political (and economical) debate, and has nothing to do with the first category (technical constraints). Cutting off Intercage/Atrivo seems to me like belonging to the first category: they were actively disrupting the Net on the technical level, and they had to go. IMHO.

Re:Emil Does know why they were disconnected.

There is the other side of the story with protestations of innocence. Unfortunately those cries are exactly what any party, guilty or innocent, would make. How to tell the difference?

Well, there's the 10+ years of evidence of lots of spam and viruses originating from there, spammers continuing to operate after multiple abuse reports were sent in, spammers operating from different IPs in the same range after the owner said he disconnected them, and very little evidence of any legitimate traffic from the same place. If this is the place I'm thinking of, it has no known customers, no public advertising presence, and has had a blank website for two years, yet they send out a lot of traffic and seem to make a lot of money.

It used to be that if anybody was caught sending any spam or virus traffic, you shut them down until their traffic was clean. What Pacific is doing to Intercage is far from extraordinary. It was standard practice in the mid-1990s before spammers started bribing the big telcos to give them safe connections. It is still supposed to be standard practice, but money corrupts.

captcha: villain

Re:Emil Does know why they were disconnected.

[Renraku]

Not quite the same at all.

In P2P, the end users are to blame. In this, the end users are to blame, but the ISP SHOULD be cutting them off due to abuse reports, but is not.

Comcast will cut you off for abuse if they receive enough hate your way via email from the companies that you could potentially be ripping off, why not entire ISPs?

Re:Emil Does know why they were disconnected.

[Raenex]

Now, Net Neutrality is essentially a political (and economical) debate, and has nothing to do with the first category (technical constraints). Cutting off Intercage/Atrivo seems to me like belonging to the first category: they were actively disrupting the Net on the technical level, and they had to go. IMHO.

There is no clear dividing line. Spam is largely a social problem with some technical consequences. People don't like receiving spam (social), and the load causes problems for administrators (technical). Same with network neutrality: A few people running BitTorrent can ruin network utility for everybody else on the last mile. It's a technical problem to handle the traffic in a way that society perceives as fair.

Re:i used them

blowjobs are not illegal in the US when performed by consenting (human) adults

IANAL but I bet that's false in at least a few states esp. if its same sex partners

Re:i used them

[Nursie]

Get back to /b/ you moron

No, it's not.

No, it's not 'slippery' anything.

A company engages in behavior that everyone else finds unacceptable (theft of service and abuse of resources.)
This company's suppliers receive complaints, and terminate the company's connection for breach of contract.
Company goes to different suppliers.
New suppliers cut them off.
Eventually there are no more suppliers.

This is the *definition* of how the free market is supposed to work.

Atrivo had *many* chances to fix their behaviour. They instead just moved to a different ISP.

They're now out of ISPs, which means they're out of business, which is good for everybody.

If they don't want to be disconnected, they shouldn't have abused their services.

A much better solution would be to devise and implement a secure authenticated email system.

Spam is a social problem, not a techincal one. Any attempt to solve it with a technical solution is doomed to fail.

How is this different from net-neutrality?

[Em+Ellel]

Ok, for the record I am happy they are offline, but the devil's advocate in me does make me wonder about impact of this on net-neutrality.

Consider this, a bandwidth provider cuts off certain traffic because it disproves of this traffic and feels most of it is illegal and it is bad for their business.

Is it Pacific Internet Exchange cutting off access to Intercage because they believe most of the sites (70+ %) involves spam or some other illegal acvitivy?

Or is it Comcast cutting off access to P2P protocols because they believe most of it (98+ %) involves copyright infringement or some other illegal activity?

I am all for getting rid of the spam and malware, but something about this method is setting off red flags.

Or maybe I am over-thinking it.

Re:How is this different from net-neutrality?

[Phizzle]

You insensitive clods! Where will the people get their p3n1s pi11s now?!?!

Re:How is this different from net-neutrality?

[frosty_tsm]

Differences:

Comcast does it secretly, Pacific did it publicly (or at least, obviously).
Comcast targets a lot of individuals, Pacific cut off a provider who couldn't / wouldn't police their network.
Comcast has the public's hate. Pacific is seen as doing the public a favor.

Not saying these are valid reasons, but they are reasons to contemplate. There are probably more that I didn't think of.

Re:How is this different from net-neutrality?

[dbitch]

Because they've gotten hammered in Nanog over hosting Intercage/Attrivo. And you can say all you want about the Congress-critters and their "regulation" about net neutrality, but unless they want to make their own US-only internet, they're going to have to play by the rules of the big dogs (those who own ASes, many of which aren't in the US). And the big dogs on Nanog aren't happy about it, and last month some threatened BGP-blackholing (therefore completely making them disappear) for their particular ASes.

When you run your own AS, you ARE Shiva the Destroyer, as far as the "Internet" is concerned. You can make other places just *poof* disappear.

Really, this is just the modern equivalent of the UDP - nobody will enter into this lightly but it is effective.

Read Nanog - despite the fact that there are some serious asshats on that list, it's like a pulse of the Net. Stuff like the Sitefinder announcement and this were posted there first.

Re:How is this different from net-neutrality?

So do I have the right to block a DDoS attack on my network, or is would that be the actions of an anti-net neutrality zealot making a value judgment on the "worth" of the data being exchanged?

Re:How is this different from net-neutrality?

You are over thinking it. I still want a $1/spam settlement policy mandated for spam. If everyone sends similar amounts, net wash, no money changes hands. If an innovative ISP finds a way to reduce $1M worth of spam from originating from their network, they get a cool $1M settlement from all the other ISPs that don't find such a solution. The benefit, we don't have to worry about having our account terminated for sending 1 bad email, but, if you tried to send 100M a day from your ISP, they couldn't withstand the hit to the bottom line (unless all ISPs were this bad).

The google's and hotmail's and aol's of the world can then just sit back and collect $x00M of dollars, because they have reasonable outbound filters. The ISP that just has 50% spammers, well, they get to pay billions a day, or die.

Re:How is this different from net-neutrality?

[ciscoguy01]

Ok, for the record I am happy they are offline, but the devil's advocate in me does make me wonder about impact of this on net-neutrality.
Consider this, a bandwidth provider cuts off certain traffic because it disproves of this traffic and feels most of it is illegal and it is bad for their business.
Is it Pacific Internet Exchange cutting off access to Intercage because they believe most of the sites (70+ %) involves spam or some other illegal acvitivy?

It's not that at all.
Pacific Internet Exchange cut off Intercage because Spamhaus listed Intercage, Pacific, and all of Pacific's legit customers if any, so none could send or receive email.
Net neutrality? Nope. Nothing to do with that. If Pacific wanted to stay in business they had to avoid being listed by SBL. Once listed they had to resolve that problem or they would have no legit customers left. So it's pure self interest on the part of Pacific. As it should be.
Intercage has apparently arranged new connectivity, that new ISP will now be listed by SBL and have to get rid of Intercage of avoid it. The circle continues. You cannot cash spammers and miscreant's checks and stay in the ISP business. Not anymore. Those days are over. Hooray for Spamhaus.

Re:How is this different from net-neutrality?

[Em+Ellel]

It's not that at all.

Pacific Internet Exchange cut off Intercage because Spamhaus listed Intercage, Pacific, and all of Pacific's legit customers if any, so none could send or receive email.

Net neutrality? Nope. Nothing to do with that. If Pacific wanted to stay in business they had to avoid being listed by SBL. Once listed they had to resolve that problem or they would have no legit customers left. So it's pure self interest on the part of Pacific. As it should be.

Intercage has apparently arranged new connectivity, that new ISP will now be listed by SBL and have to get rid of Intercage of avoid it. The circle continues. You cannot cash spammers and miscreant's checks and stay in the ISP business. Not anymore. Those days are over. Hooray for Spamhaus.

You see a difference where I see the biggest similarity in these scenarios. Both Spamhous and MAFIAA blackmail their victims into doing what they want by threat of financial impact. Comcast being sued by people that control their content is probably a much bigger financial threat than Spamhous blocking email.

Just to illustrate the point:

PirateBay has apparently arranged new connectivity, that new ISP will now be targeted by MPAA and have to get rid of PirateBay to avoid it. The circle continues. You cannot cash copyright pirate's checks and stay in the ISP business. Not anymore. Those days are over. Hooray for MPAA.

-Em

Re:How is this different from net-neutrality?

[ciscoguy01]

Just to illustrate the point: PirateBay has apparently arranged new connectivity, that new ISP will now be targeted by MPAA and have to get rid of PirateBay to avoid it. The circle continues. You cannot cash copyright pirate's checks and stay in the ISP business. Not anymore. Those days are over. Hooray for MPAA.

Oh, hardly.

Piratebay clearly doesn't host any copyright materials, their role is the same as google's, that of a search engine. They don't cash any checks. Aren't they all essentially volunteers?
They are being wrongly attacked by MPAA. Some day some court will figure that out. But realize that the courts are run by lawyers. Clearly MPAA has much more money to pay lawyers than Piratebay (and Spamhaus) who both give their services away for free. That is likely why there has not been such a court opinion about Piratebay's role. They are outgunned.

Pacific, and now the new host have a high involvement with Intercage, they are cashing checks. They DO get paid.
Spamhaus only provides an opinion of reputability. In Spamhaus' opinion Intercage and their associates are disreputable and should be avoided. That some subscribers to the FREE SBL database want to take Spamhaus' opinion and use it to tag or even filter their mail, well that is those SBL user's right. Nobody has to accept email from anyone.

And sure, SBL is designed to make the upstream providers feel the pain and get some backbone. "Stop helping spammers and crooks destroy the internet and the utility of email or we'll put you in the same category." Spamhaus gets no money for doing so like MPAA does. MPAA has hundreds of millions of dollars to fund their lawyers and legal attacks.

Spamhaus however is influential. They only gain their influence by their user's opinion that their SBL list is useful and not too dangerous to use to filter mail. Apparently they have that reputation and are thus influential. A heavy mallet to be used on spammers and crooks. And Spamhaus is clearly not in it for the money. Pure intentions, not like MPAA at all.

Re:How is this different from net-neutrality?

[Raenex]

Piratebay clearly doesn't host any copyright materials, their role is the same as google's, that of a search engine. They don't cash any checks. Aren't they all essentially volunteers?

No, they aren't just like Google, and yes, they do gain financially. Their primary reason for existence is to point to illegal copies of copyrighted works, hence the name "Pirate Bay". They don't try to hide their purpose -- they flaunt it. Google is a generic search engine.

As for money, they are very secretive about their operating costs and revenue. They get money in from advertisements. On a site as big as theirs, do you seriously think they don't come out ahead? Why all the secrecy?

From Wikipedia:

"Investigations by some journalists suggest that the site is making money on a level that far exceeds its operating costs. This leads some to opine that the Pirate Bay is more engaged in making profit than supporting people's rights.[19][20][21] Operators of the site have insisted that these allegations are not true, stating, "It's not free to operate a Web site on this scale," and, "If we were making lots of money I wouldn't be working late at the office tonight, I'd be sitting on a beach somewhere, working on my tan."[22] In response to claims of annual revenue exceeding $3 million made by the International Federation of the Phonographic Industry (IFPI), Peter Sunde argues that the site's high bandwidth, power, and hardware costs eliminate the potential for profit. The Pirate Bay, he says, may ultimately be operating at a loss.[23]. No figures have been publicly released by Pirate Bay, however, to support these claims."

Re:How is this different from net-neutrality?

[Em+Ellel]

Piratebay clearly doesn't host any copyright materials, their role is the same as google's, that of a search engine. They don't cash any checks. Aren't they all essentially volunteers?

Deliberately or not, you are misunderstanding the situation. Let me draw clearer parallels:

* PirateBay pays their ISP for bandwidth - so their ISP is indeed cashing their checks
* Intercage pays their ISP for bandwidth - again "cashing their checks" as you put it.

* MAFIAA exerts financial blackmail pressure on PirateBay's ISP
* Spamhaus exerts financial blackmail pressure on Intercage's ISP

* PirateBay's ISP drops them. How dare they!!!
* Intercage's ISP drops them. Hooray ?!?!?!

So, what we are saying is that its ok for ISPs that simply carry the traffic to use their own judgment on content passing through their network and for financial gain block certain sites/protocols. That's the absolute opposite of net neutrality - no?

-Em

Re:How is this different from net-neutrality?

[nelsonen]

There is a difference between a business deciding it doesn't want one specific customers business, and Comcast, which is most locations a government protected monopoly, messing with traffic is pretty much is mandated to carry.

Businesses always have the ability to refuse customers, as long as it doesn't break any laws. And I have seen no suggestion that PIE or anyone else who has refused their business is breaking any laws.

Comcast was not providing what their "contract" said it should, and got caught.

Re:i used them

In the state of Mississippi all forms of sodomy are illegal. But its legal to marry a 13 year old girl if she isn't a virgin. WTF!

That's not really fair

[davidwr]

It's one thing to expand a block of the ISP is letting the offender move around within an expanded block, e.g. 1.2/16 has a customer 1.2.3/24 who asks to move to 1.2.4/24 after being blacklisted.

However, if the real offenders are nicely sequestered in 1.2.3/24 then expanding the blacklist does not cause any more harm to the offenders and just makes people mad at you. It would be like Mexico canceling its extradition treaty with the United States because Texas executed someone after denying them their consular rights. It may be effective but it's not the right tool.

Re:That's not really fair

Even worse, 90% of the time an IP gets on the list without actually being a source of spam or virus email.

These blacklist companies simply troll the DNS pointer records looking for blocs that are missing a static tag, and add them en mass.
They also will blindly blacklist any IP at the request of their customers. spamhaus claims to be non-profit but that's a pretty far stretch.
Some of these companies will even refuse to process more than one removal request per week from an ISP, and for 'repeat offenders' will often require a 'donation' to get removed faster.

Basically, the blacklists are simply extortion, plain and simple. They don't provide any real service, and cause a lot of problems for people who never had a single piece of junk or virus'd email leave their IP.

Re:That's not really fair

[xrayspx]

You're right, it's not fair. The idea is that it's supposed to put pressure on the ISP to kick out the offenders, by making all their other customers complain that they can't deliver mail. If an ISP has 50 angry customers and can make it all go away by getting rid of one customer, then they're apt to do just that.

I disagree even more with blacklisting peering partners. Just because Pacific peers with some other ISP doesn't mean that Pacific should know or care about anything regarding the other ISPs business. For them to get blacklisted as an incentive to de-peer strikes me as pretty lame.

I'm certainly not SpamHaus's biggest fan. I do get why they do what they do, and I get why people use their list as a blackhole, though it's not for me.

Re:That's not really fair

[Kalriath]

Actually, no. Only SORBS does that - they're a bloody racketeering operation they are (even if you did nothing wrong, the SORBS admin will only delist you if you donate $50US to "an approved charity").

Re:That's not really fair

[isdnip]

It worked the way it was supposed to! This is one reason why some misguided "neutrality" proposals fail -- they would prohibit blocking spammers.

The whole idea is that you're not allowed to host spammers or malware. If you do, your ISP is kicked off. If some ISP provides you with upstream, they are kicked off. Anybody who hosts spammers directly or indirectly is kicked off, taking their customers with it. Not nice to customers, but customers should not sign up with spam-friendly ISPs.

Free market law of the jungle, maybe, but the only way to prevent "pink contracts" from spreading.

I think it's obvious what you do

[davidwr]

And yes, I make more money than any of you will probably ever do.

Spam, porn, mercenary/terrorism-for-profit, warez-for-profit, drugs, organized crime, developing/hosting tools or services used by any of the above

However I dont do anything thats illegal here

That leaves porn. Or something illegal in the USA but not where you are.

Not since 2002 or so

[davidwr]

Back in 2002 or so the United States Supreme Court told the cops to get out of people's bedrooms.

Ever since then, just about anything goes as long as it's between consenting adults, doesn't cause permanent harm, and doesn't involve other illegal activities like using illegal drugs.

They apparently found a new supplier

If the comment under the story is to be believed they already found a new provider. Time to expand the range of IP addresses blocked by default?

SMTP is so 60's

[symbolset]

So is manned spaceflight.

It's not supposed to be a completely free market

[davidwr]

Utilities are supposed to act like common carriers even if they have no legal obligation to do so.

Once they stop acting like common carriers, the slippery slope has begun.

Common carriers can only terminate you for violation of contract, not because they are being threatened with a boycott.

If you are going to blacklist an ISP, blacklist it for either not enforcing its TOS or not having an effective one, not because they currently happen to have a problem customer.

If you are an ISP, don't make long-term contracts, and keep your TOS up-to-date so you are within your rights to boot customers who engage in behavior that is generally regarded as both harmful and not protected by law or common-law understanding of what constitutes human rights.

Granted, the latter will vary by country: Neo-Nazis and Scientologists are protected by human-rights laws in the United States, while the common behavior of both groups is specifically illegal in some European countries and no ISP in those countries should be expected to host them.

this was long coming

[ionix5891]

A bit over a week ago Brian Krebs, who writes the "Security Fix" blog in the Washington Post, went public with a number of allegations about Atrivo and its activities. As a result, many of Atrivo's own upstream connectivity providers disconnected them.

Re:PUMP IT UP!!

What kind of clinically retarded individual buys a stock with a share price of three one-hundredths of a cent?

Illegal activity should involve the police, period

[davidwr]

Let the police determine what is and what is not illegal.

In the case of civil torts, like some copyright, spam, and the like:
If it's within your country, use the court system. That's what it is there for. If the RIAA knew with a high degree of certainty that I was hosting songs, they could get an injunction against me then get me tossed in jail for contempt if I violated it.

If it's in another country, then you might have to take the law into your own hands. If I'm Comcast and some ISP in another country is sending my customers a bunch of spam, or some web-hosting company in another country is hosting fake bank web sites and it's impacting my customers, then with my customers prior approval to act on their behalf it's okay for me to blacklist the spammers or if necessary, their ISP. Blacklisting the ISP is probably a bad idea if it will hurt innocent third parties, and it may lead to a tit-for-tat blacklisting war.

NANOG Discussions

[cpghost]

Check out the NANOG thread on this here: http://www.merit.edu/mail.archives/nanog/msg11573.html.

Re:Illegal activity should involve the police, per

[erroneus]

Law enforcement won't get involved unless someone hacks Sarah Palin's email again.

We already have authenticated email

[CustomDesigned]

I reject email that doesn't have an authenticated HELO or MAIL FROM via SPF or heuristic default policy. While this cuts down on zombie spam, there is still a steady stream of spam from fully authenticated throwaway domains. These are automatically blacklisted after 20 spam, or sooner if I do it manually. But new authenticated spam domains are registered daily (I see at least 6 new ones every day).

So while it is nice that spammers can't abuse someone elses domain to send me spam when email is authenticated, no authentication system is going to stop spam. If I required all email to be encrypted, spammers would encrypt their spam.

I suppose...

[Eggplant62]

...this explains why my spam numbers are down by half this week.

Last week, average was about 350 daily rejects. This week, 150.

Nice.

Misinformation Abounds...

Intercage are not spammers. They are an ISP that hosts Esthost. Esthost has been known for their malware (not spam) and have been cleaning up. Pacific Internet Exchange decided to give them a second chance but Spamhaus decided to block a /22 of PIE's even though only bandwidth was given to Intercage. This is extremely unfair of Spamhaus to punish 100's of PIE's innocent customers that spam isn't even coming from. Spamhaus seems to have a personal vendetta against Intercage even though they have nothing to do with spam. PIE disconnected Intercage because of business to business issues, not because of Spamhaus' unfair blacklisting. BTW, Intercage is already back online with United Layer, we'll see how long that lasts...

Re:Misinformation Abounds...

[darkonc]

A guy with a ski mask over his head and what appeared to be burglary tools comes to my back door and asks if he can pay me $500 to rent my ladder for a couple of hours. He then offers me another $250 to help me place it against my neighbor's window and quietly go away. No problem, and easy $750 in one night.

The next day, the police are asking about a breakin next door the previous night. I tell them nothing because "I had nothing to do with any burglary".

Spamhaus seems to have a personal vendetta against Intercage even though they have nothing to do with spam.

So is Intercage paying you to post this, Esthost, or PIE?

Re:PUMP IT UP!!

a recent millionaire, thx!