Slashdot Mirror
Scam-Linked ISP Intercage / Atrivo Gets Shut Out
alphadogg writes with this excerpt from Network World: "The lifeline linking notorious service provider Intercage to the rest of the Internet has been severed. Intercage, which has also done business under the name Atrivo, was knocked offline late Saturday night when the last upstream provider connecting it to the Internet's backbone, Pacific Internet Exchange, terminated Intercage's service. Intercage president Emil Kacperski said Pacific did not tell him why his company had been knocked offline, but he believes it was in response to pressure from Spamhaus, a volunteer-run antispam group, which has been highly critical of Intercage's business practices."
For a couple of hours?
In Soviet Washington the swamp drains you.
I was thinking to myself "God! My EMail account must be in problem, I didn't receive any spam since the weekend", then I got this really great offer, a guy who is going to give me 20% of 5 million US dollars to help him recover a lost bank account. Well that's perfect, I'm the one who's finally gonna be rich!
I was thinking to myself "God! My EMail account must be in problem
I think I've seen some of your recent work in my inbox. "Is your manhood in problem? Click here!"
I'm a big tall mofo.
Nice typo in the title - very appropriate slip.
No sig? Sigh...
I thought they were pretty much a passive organization that just lists domains and companies that are either irresponsible or actively take part in spam- or malware-related activity. It feels a little disingenuous to claim that they pressured a provider to drop a client.
I, uh, don't think that was a typo, as such.
they used to host quite alot of warez, and their whole range is blocked on wikipedia...
I'm sure if they ask real nice on the news.admin.net-abuse.email and news.admin.net-abuse.sightings newsfroups, they'll be reconnected in no time :D
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
He kinda answered that already...
We all know that blowjobs are not illegal in the US when performed by consenting (human) adults. Depending what kind of person you are his admission could raise further questions, I don't even want to think about it.
That's a good point, but when companies like AOL use Spamhaus, it means a huge number of email accounts are going to drop mail from anything in that list immediately.
So while Spamhaus does "passively" list people there, let's not fool ourselves -- when they update that list, they cause people to be blocked. If an entire ISP is blocked from communicating with most email accounts out there, then that ISP is going to feel the pressure.
Don't thank God, thank a doctor!
Email discussion about this modern version/equivalent of the "Internet Death penalty" (IDP) has been ongoing in the email list for network operators for the past several days. One side's consensus in this case seems to be "Intercage/Atrivo" has been a problem for years, has never adequately responded to abuse complaints, and is responding with a protestation of innocence that has all the credibility of 'The check is in the mail", "I'll only put it in an inch", and "of course I love you".
There is the other side of the story with protestations of innocence. Unfortunately those cries are exactly what any party, guilty or innocent, would make. How to tell the difference?
And what next?
Will more ISP's/Hosters refuse to do business with "questionable" parties? Doesn't seem likely, but we can hope. Will the IDP be used on any other parties? Will there be damage to innocent parties? There are no easy answers or ready solutions for this issue.
Get back to /b/ you moron
Ok, for the record I am happy they are offline, but the devil's advocate in me does make me wonder about impact of this on net-neutrality.
Consider this, a bandwidth provider cuts off certain traffic because it disproves of this traffic and feels most of it is illegal and it is bad for their business.
Is it Pacific Internet Exchange cutting off access to Intercage because they believe most of the sites (70+ %) involves spam or some other illegal acvitivy?
Or is it Comcast cutting off access to P2P protocols because they believe most of it (98+ %) involves copyright infringement or some other illegal activity?
I am all for getting rid of the spam and malware, but something about this method is setting off red flags.
Or maybe I am over-thinking it.
RelevantElephants: A Somatic WebComic...
It's one thing to expand a block of the ISP is letting the offender move around within an expanded block, e.g. 1.2/16 has a customer 1.2.3/24 who asks to move to 1.2.4/24 after being blacklisted.
However, if the real offenders are nicely sequestered in 1.2.3/24 then expanding the blacklist does not cause any more harm to the offenders and just makes people mad at you. It would be like Mexico canceling its extradition treaty with the United States because Texas executed someone after denying them their consular rights. It may be effective but it's not the right tool.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
And yes, I make more money than any of you will probably ever do.
Spam, porn, mercenary/terrorism-for-profit, warez-for-profit, drugs, organized crime, developing/hosting tools or services used by any of the above
However I dont do anything thats illegal here
That leaves porn. Or something illegal in the USA but not where you are.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Terms of Use exist for every hosting provider and ISP I've ever used. And they all say generally the same thing: "Don't do anything that's legally questionable."
So this comes off as more of "they're enforcing the terms" than "I'm bein' repressed!"
SMTP is not the problem.
Authentication between sender and receiver doesn't belong in the envelope, and you can already do this using GPG or x509 certificates; however, this doesn't help spamming at all because you have to be able to send to people without having to know them first.
Authentication between MTAs is also already possible using SASL; however, again, that doesn't help much because spam often comes via trusted peers, and you can't exclusively only accept mail from peers that you know before hand (see above).
The one thing we can do is prevent header spoofing by making sure that mail comes from where it claims to be from using using domain keys or the like.
Overall, spamming is a socioeconomic problem. There is no technical solution other than trying to shift the cost of spamming from the receiver to the sender.
Uh, authentication isn't the problem. The bad guys are running the mail server, not hacking into it.
Back in 2002 or so the United States Supreme Court told the cops to get out of people's bedrooms.
Ever since then, just about anything goes as long as it's between consenting adults, doesn't cause permanent harm, and doesn't involve other illegal activities like using illegal drugs.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
So is manned spaceflight.
Help stamp out iliturcy.
Utilities are supposed to act like common carriers even if they have no legal obligation to do so.
Once they stop acting like common carriers, the slippery slope has begun.
Common carriers can only terminate you for violation of contract, not because they are being threatened with a boycott.
If you are going to blacklist an ISP, blacklist it for either not enforcing its TOS or not having an effective one, not because they currently happen to have a problem customer.
If you are an ISP, don't make long-term contracts, and keep your TOS up-to-date so you are within your rights to boot customers who engage in behavior that is generally regarded as both harmful and not protected by law or common-law understanding of what constitutes human rights.
Granted, the latter will vary by country: Neo-Nazis and Scientologists are protected by human-rights laws in the United States, while the common behavior of both groups is specifically illegal in some European countries and no ISP in those countries should be expected to host them.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
A bit over a week ago Brian Krebs, who writes the "Security Fix" blog in the Washington Post, went public with a number of allegations about Atrivo and its activities. As a result, many of Atrivo's own upstream connectivity providers disconnected them.
Let the police determine what is and what is not illegal.
In the case of civil torts, like some copyright, spam, and the like:
If it's within your country, use the court system. That's what it is there for. If the RIAA knew with a high degree of certainty that I was hosting songs, they could get an injunction against me then get me tossed in jail for contempt if I violated it.
If it's in another country, then you might have to take the law into your own hands. If I'm Comcast and some ISP in another country is sending my customers a bunch of spam, or some web-hosting company in another country is hosting fake bank web sites and it's impacting my customers, then with my customers prior approval to act on their behalf it's okay for me to blacklist the spammers or if necessary, their ISP. Blacklisting the ISP is probably a bad idea if it will hurt innocent third parties, and it may lead to a tit-for-tat blacklisting war.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Check out the NANOG thread on this here: http://www.merit.edu/mail.archives/nanog/msg11573.html.
cpghost at Cordula's Web.
I reject email that doesn't have an authenticated HELO or MAIL FROM via SPF or heuristic default policy. While this cuts down on zombie spam, there is still a steady stream of spam from fully authenticated throwaway domains. These are automatically blacklisted after 20 spam, or sooner if I do it manually. But new authenticated spam domains are registered daily (I see at least 6 new ones every day).
So while it is nice that spammers can't abuse someone elses domain to send me spam when email is authenticated, no authentication system is going to stop spam. If I required all email to be encrypted, spammers would encrypt their spam.
...this explains why my spam numbers are down by half this week.
Last week, average was about 350 daily rejects. This week, 150.
Nice.
Here we go...
Your post advocates a
(X) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(X) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Huge existing software investment in SMTP
(X) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
The next day, the police are asking about a breakin next door the previous night. I tell them nothing because "I had nothing to do with any burglary".
Spamhaus seems to have a personal vendetta against Intercage even though they have nothing to do with spam.
So is Intercage paying you to post this, Esthost, or PIE?
Sometimes boldness is in fashion. Sometimes only the brave will be bold.