Dutch ISP Files Police Complaint Against Spamhaus

judgecorp writes "Dutch ISP A2B has filed police complaints against anti-spam project Spamhaus, calling its CEO 'nuts' and accusing him of blackmail. Spamhaus added all A2B's addresses to a spam blacklist, when A2B did not obey the letter of its demands in blocking a spammer."

Incorrect summary

[TechLA]

A2B DID block the spammer, they blocked his ip. What Spamhaus wanted was stop routing traffic for the whole CyberBunker (who route traffic for The Pirate Bay etc) who are not spammers. They had a single customer that spammed, and A2B as upstream provider blocked that ip instead. What they didn't do was block the innocent CyberBunker completely, and after that Spamhaus added A2B - completely third party - to their blacklist. That's complete bullshit and blackmail.

Re:Incorrect summary

[Dexter+Herbivore]

Ah, that may explain it. If so, my comments below can be ignored. Instead, I'll say that this seems to be an over-reaction from both Spamhaus and A2B. Spamhaus for blacklisting, A2B for involving police when it seems unneccesary.

Re:Incorrect summary

If spamhaus starts blacklisting entities that do not spam, people will stop trusting and using spamhaus. Police or no, Spamhaus is harming itself when it oversteps its natural bounds.

Re:Incorrect summary

^ this

Re:Incorrect summary

[TechLA]

That's true, but Spamhaus lists are used in so many places that it can easily cause severe damage to hosting companies or ISP's when their customers are suddenly blocked or even cause direct damage to the customers as they're now listed in Spamhaus. They may hurt their own reputation (depending on how media spins the story), but along the way they can easily bring down a few innocent ISP's and their business. That's why it's stupid to put such a trust for single service. This isn't the first time Spamhaus has blackmailed companies either, in 2007 they blacklisted whole Austrian domain registry nic.at because by Austrian law they couldn't remove certain domains for other reasons than fake whois info. In the end Spamhaus went and blacklisted for nic.at for "Knowingly Providing a Spam Support Service for Profit", which seems like bullshit too.

Re:Incorrect summary

[gtbritishskull]

A lawyer.

Re:Incorrect summary

[Nadaka]

The district attorney is a lawyer, the correct one when dealing with criminal actions.

Re:Incorrect summary

[TheMMaster]

Thanks for that!

I rent a server at cyberbunker and I have had long email discussions with spamhaus as well, with them going so far as suggesting that I go an find a new ISP.

Especially since the IP space I got from them is just a regular PA, and the ranges whois informations has a record with my personal name, address and telephone number in it. Spamhaus doesn't understand how the Internet works and is trying to basically nuke the cyberbunker from orbit by going one provider up the chain until they can find someone that will turn off every route...

Whereas the original spam report for the range was just ONE /29 that has the correct whois information...

"Just pure spam and crime" that is rather offensive considering that I just run my personal email, xmpp and some other services there. You're just as bad as spamhaus.

At the time I made a /. submission about it, I'll reproduce it below since the submission was rejected at the time:
---------
"I run a small server for some minor projects of mine, a mailserver for my family and several friends at a hosting provider. A couple of weeks ago my father started to complain that some of his mails were no longer being received. Upon further inspection it turned out that my entire ISP's IP range (the entire /19) was put in the Spamhaus Blocklist (SBL). After sending a request to de-list the IP range I control (a /29 in their /19), I got the following response: "Due to the hosting policies of the owner of this IP address block, our users do not wish to accept traffic from these IPs. We suggest you look for other arrangements as to your hosting."

The "Hosting policies" of my ISP do not appear to differ greatly from other ISPs, they name spamming as a breach of their TOS and do disconnect spammers. The only major difference I can see is that they do not give out personal information or kick (non spamming) clients off of the web without being legally forced to, which is a requirement in the EU country they are based in to qualify as a telco (and be not responsible for the content of their customers' websites) This stance towards net neutrality is why I chose them in the first place. Vote with your wallet, right?

According to the Spamhaus website The SBL's primary objective is to avoid 'false positives' while blocking as much spam as possible. To me blocking an entire ISP's netblock for, according to the listing, a grand total of three consecutive /29's that were originally reported (and likely from the same customer) and an entire /24 that's labeled entirely as "trademark fraud replicas" does not seem to me to be "avoiding false positives".

The end result is that without sending a single spam or hosting any malicious content, Spamhaus labels me a spammer and even 'cybercriminal' according to the SBL listing all because they apparently don't like my ISP . My questions being: Did any one of you ever find yourself between this particular rock and hard place? Did you manage to get the issue resolved without switching ISPs? And perhaps: Is it really Spamhaus' place to decide what ISP I use considering I'm a good netizen?"
-----

Re:Incorrect summary

[scubamage]

This isn't criminal, this is civil. At least by US law, now how it flies in Holland may be completely different.

Re:Incorrect summary

[lewiscr]

Spamhaus has a policy of escalation. If the first blacklist doesn't work, widen the blacklist. Repeat until somebody notices. It worked for a while, it got customers like you to call your ISP to tell them to clean up their act.

I was blacklisted that way. I had a /29, and another /29 near me was blacklisted. I found out when the /24 was blacklisted, and my customers called to complain. I was lucky, I had a business relationship with the other /29, and we were able to get it de-listed in a couple of days. I spent most of those 3 days on the phone.

I've always found SpamHaus to be a bit draconian. From their point of view, they're a voluntary service, so they're free to shoot first and ask questions later. I however didn't find their service to be voluntary at all.

Re:Incorrect summary

[gtbritishskull]

What is criminal about it? A spam-blacklisting service is classifying someone as a spam-producer. Is that illegal? If they are incorrectly classified and it adversely affects their business, then they possibly have a valid civil suit. But I still don't see what Spamhaus has done to break the law. The only possible one I can think of would be libel, but that would be a big stretch.

Re:Incorrect summary

[St.Creed]

Forcing someone to cooperate "or else" can be construed as blackmail and can then be cause for a criminal suit - the fact that you can mitigate the attack does not remove the threat (just as buying a fire extinguisher doesn't mean being threatened by someone with arson is no longer a case for the police).

Re:Incorrect summary

[mattventura]

They ARE incorrectly classifying them. They ARE blackmailing them. Spamhaus wanted them to block a huge chunk of IPs belonging to innocent customers, but A2B instead just blocked the single spam IP. Spamhaus thought that this was reasonable grounds for classifying them as spammers, which is complete BS.

Re:Incorrect summary

[TheMMaster]

Maybe but in my case it was never resolved, as you can see spamhaus is now trying to cut *ME* off of the internet entirely.

They are trying to get upstream to cut off the cyberbunker entirely, that is blackmail. And by cutting off the cyberbunker my IP range becomes entirely unroutabe, this leaves me in a rather precarious situation.

Re:Incorrect summary

[Synerg1y]

If A2B can prove that they lost revenue by Spamhaus unjustly interfering with their business, they may have a case, but I can see Spamhaus arguing that blacklisting A2B is no different from putting a picket line in front of their building, which at least in the states falls under the 1st amendment and is perfectly legal. But just like people might have a problem with a picket line being outside a company for no just cause, as might there be a problem with blacklisting those who don't deserve it. Does seem like an over reaction though of 2 CEOs who haven't quite learned how to deal with things in a calm and professional manner to compromise.

Re:Incorrect summary

[Old+Wolf]

Sounds like ORBS all over again..

Re:Incorrect summary

[lewiscr]

That's exactly SpamHaus' intent. You're collateral damage, to make the 'net a better place.

I used to agree with the policy (before I actually seen it in action). Now, I think it's pretty irrelevant. Just blacklist the offending blocks, and move on.

Re:Incorrect summary

[gtbritishskull]

Blackmail...

"Whoever, under a threat of informing, or as a consideration for not informing, against any violation of any law of the United States, demands or receives any money or other valuable thing, shall be fined under this title or imprisoned not more than one year, or both."

How does Spamhaus "demands or receives any money or other valuable thing"? The only benefit they would see is that there is less spam on the internet. Which does not really benefit Spamhaus as much as society as a whole. And might actually hurt them because without spam there would be no need for spam blacklists.

Re:Incorrect summary

[gtbritishskull]

They ARE incorrectly classifying them.

I did not say they were not incorrectly classifying them. I am not intimate enough with the situation to make that conclusion. But, I am pretty sure that, whether right or wrong, they are not performing a criminal act (so A2B should talk to a lawyer, not the police).

They ARE blackmailing them.

I don't think that word means what you think it means. Generally (at least in the US, I am not as familiar with the Netherlands), for it to be blackmail you have to benefit from your demands. "Stop stealing or I will tell the police" is not blackmail. "Give me $100 or I will tell the police" is. From what I understand, Spamhaus is saying "Stop supporting spammers or we will blacklist you". I do not see how A2B submitting to Spamhaus's demands will benefit Spamhaus. If you see it differently, please educate me.

BTW... I am not trying to take a side between Spamhaus and A2B. I just do not see why A2B is trying to make this a criminal matter instead of a civil one.

Re:Incorrect summary

[anomaly256]

Someone earlier mentioned the ISP in question, Cyberbunker, routes traffic for The Pirate Bay - maybe the 'valuable item' is part of a 3rd party's agenda spamhaus is getting paid to implement.. [insert conspiracy theory here]

Re:Incorrect summary

[anomaly256]

Also, blocking the service IS taking away a valuable item from A2B - for an ISP that's oxygen. It's damaging and crippling. They were effectively attacked and continued to be attacked until they gave in to unreasonable demands. That IS blackmail. Valuable items need not be tangible physical goods - intellectual property is valuable, time is valuable, reputation is also valuable.

Re:Incorrect summary

[gtbritishskull]

The conspiracy theory argument in your first post is, surprisingly, much more valid than your second. Spamhaus could, in (conspiracy) theory, be benefiting if someone were paying them to take down TPB. So if that were happening then it could be defined as blackmail (but might just be extortion). But, just because they are denying A2B valuable items as you enumerated above, does not mean that they benefit from it. So... not blackmail.

It is also possible that Spamhaus has had previous problems with CyberBunker being friendly to spammers (not necessarily being in league with, just not taking the appropriate steps to prevent spam). If that were the case, I think that Spamhaus would be within its rights, and probably have a responsibility to block them. If their ISP does not cooperate, then Spamhaus would have to take the appropriate measures to protect their reputation (as having a quality spammer blacklist) which could thus lead to blocking the ISP. Not saying this is likely or that I believe it is the case, but it is a counter scenario to your conspiracy theory that would instead have Spamhaus on the moral high ground.

Basically, I do not have enough information to condemn one or the other.

Re:Incorrect summary

[omnichad]

They have an agenda that has value to them, and they're forcing it on you "or else." So they're not receiving money. That doesn't mean it's not blackmail. This case isn't about spam. They blocked the spammer.

Re:Incorrect summary

[St.Creed]

I agree that according to that definition they are probably not going to be convicted. It has a different definition in The Netherlands however, the Wikipedia definition is closer to that of the Dutch laws on extortion.

So yeah they probably won't get convicted. Still, they could try something with the computer crime laws, they're much less evolved and have much more leeway for formulating complaints than the blackmail and extortion claims.

Re:Incorrect summary

[sosume]

How does US law apply here?

Re:Incorrect summary

[SmurfButcher+Bob]

Spamhaus does not block anything.

Spamhaus can block A2B all day long - and I will STILL get any email from that Netblock.

Care to guess why?

Spamhaus is a list, and *** I *** choose how to use it.

Re:Incorrect summary

[anomaly256]

Wow you really don't understand how it works do you. You don't get to choose if your upstream uses the list, or if someone else ont he other side of the world who wishes to email you something legitimate's ISP uses it, or if any of the relays along the way uses it.

Re:Incorrect summary

[gtbritishskull]

It was the quickest thing I could find on wikipedia. If danish law is different, please prove me wrong.

Re:Incorrect summary

In Germany, of which the laws might be closer to those of the Netherlands, than those of the US, there is another criminal form of blackmail, which doesn't require a monetary component. Well, the correct translation would be "Coercion", I guess. Rough translation of Â240 Strafgesetzbuch:
"(1) Anybody who, unlawfully coerces somebody to do something, tolerate an action or not do something by means of violence or threats can be punished with a jail term of up to three years or a fine.
(2) A coercion is unlawful, if the use of violence or threat to accomplish the aim can be considered condemnable.
(3) Attemped coercion can be punished.
[...]"
For comparison, the maximum jail term for full blackmail is five years instead of three for coercion.

Re:Incorrect summary

[Cramer]

Once you've listed the spamming block, then your job is done. UNLESS the ISP moves them to another block (evades the listing), you have no reason to escalate. Just because the ISP doesn't do what you want them to isn't a reason to start listing more and more of their customers -- who are not spammers. This isn't helping the anti-spam cause; it is, in fact, undermining the cause.

Things have certainly gone down hill there. They never choked BTI and we were Jeremy Jayne's ISP; every one of his netblocks were listed (often before they were even routed), but the company's ARIN assigned netblocks never were.

Re:Incorrect summary

[wshs]

They did block an IP. But then they gave the spammer a block of new IPs to use. They're trying to use legitimate customers as shields for their spam support service.

Re:Incorrect summary

[TheRealGrogan]

Know what finally saved my ass from the SPEWS database? It certainly wasn't the hoops I jumped through to try to get removed. It was my datacenter's IP subnets that were on the list, not my server... I hate spam of any kind and have never sent so much as a chain email to anyone in my life. It was like a nightmare. We moved our forum site to a new hosting provider and suddenly we found out we couldn't send mail to almost everyone. People couldn't register, or get forum notifications. The SPEWS list seemed to feed all kinds of other services, and we were brutally buggered.

SPEWS got DOS'd out of existence, by spammers and others who fought back. That was how the problem finally got solved. It took a while for things to sort themselves after those bullies were gone and I had to write to several (major) ISPs who still had us on their own lists but finally we stopped getting mail rejected.

Good riddance to bad rubbish. I hope the same happens to Spamhaus. Empire building and extortion and no way to get off the list makes me hate those block list services worse than the spammers. I sure as shit don't use them... I let SpamAssassin do more sensible things.

Re:Incorrect summary

[tehcyder]

This isn't criminal, this is civil. At least by US law, now how it flies in Holland may be completely different.

If I had a bricks and mortar store, and someone came and dumped a ton of shit on my doorstep or sprayed offensive graffiti over my front windows, I'd call the police before my lawyer. Except (apparently) in the US, not everyone's immediate reaction to a problem is "who can I sue".

Re:Incorrect summary

Spamhaus says A2B is lying and is very involved in routing for spam and crime:

"Exposed Dutch ISP Attempts False Police Report"
http://www.spamhaus.org/news.lasso?article=673

The Spamhaus news article goes on to detail the events and the badness A2B was routing, and ends saying "A2B Internet's tale of being "extorted" and hit with a "DoS attack" was a lie spun by an ISP whose financial interests rest with the rogue spam and crime hosts he sells transit to."

Re:Incorrect summary

[lee1]

So how is the summary "incorrect"?

Re:Incorrect summary

[TheMMaster]

The 'blackmail' in this case is 'We will keep all of A2B on the SBL unless you disconnect one of your paying customers from the Internet entirely'

They don't care that A2B doesn't send SPAM they just really dislike the cyberbunker and are abusing the power of their SBL to try and remove entities that they don't like from the Internet entirely.

Note that the cyberbunker will remove spammers, their ToS:

  This includes but is not limited to:
          * Any criminal activities, as defined by the law of:
                      o Customer's country of residence (natural persons) or company registration,
          * Mass sending of unsollicted e-mail (SPAM).
          * Sending floods of any kind to any other computer system or network which inhibits the correct behaviour of said computer system or network.
          * Harrassment of individuals.
          * Endangering the quality of service or network stability for other internet users in any way.

It's just that if spamhaus says that someone is doing 'something illegal' without specifying what it is, the cyberbunker isn't just going to disconnect them. Spamhaus *really* dislikes it when an ISP doesn't blindly follow their 'opinions' and most ISPs do because if they don't they get blackmailed like Cyberbunker was before and A2B is now.

Re:Incorrect summary

[TheMMaster]

Read spamhaus's own writeup on the matter.

When A2B refused to remove cyberbunker from the Internet entirely they indeed added just the one /21 on the SBL. This was not a network that was routed to the cyberbunker and just 'one of their networks' a range that had nothing to do with the case at all... I think the sentiment was quite clear.

Re:Incorrect summary

[sosume]

Dutch law says (autotranslated from this page http://www.wetboek-online.nl/wet/Wetboek%20van%20Strafrecht/317.html)

1 He who, with intent to himself or another unlawful to favor, by force or threat of violence or forcing someone to the issuance of any property which wholly or partly to this or to a third party or to enter into a debt or nullify an outstanding debts, or to the provision of information, is guilty of extortion, punishable by imprisonment not exceeding nine years or a fine of the fifth category.
2 The same penalty shall be the force he meant in the first paragraph, exercised by the threat that data through an automated work saved, unusable or inaccessible will be made or will be deleted.
3 The provisions of the second and third paragraph of Article 312 are applicable to this offense.

I'm not sure it's really applicable.

Moral outrage fight!

[1_brown_mouse]

GO!

Seriously, anti-spam organizations tend to be as self righteous as born-again and on the wagon alcoholic evangelists.

Isn't it time to kill email?

Re:Moral outrage fight!

[Smallpond]

If you don't like email, don't use it.

If you don't like spamhaus, don't use their blocklist. How hard is that?

Spamhaus lists IP addresses that send spam. If the ISP ignores complaints or moves the spammers to a different IP, then it will list the netblock or the whole ISP. Those of us who use their list appreciate it. It reduces the load on my email servers by thousands per day. Don't blame the messenger.

Re:Moral outrage fight!

[fyngyrz]

If you don't like spamhaus, don't use their blocklist. How hard is that?

The problem is, when entities upstream from users (both senders and receivers) are deluded into using Spamhaus, and that in turn screws up those user's email -- the users themselves have zero recourse. So it isn't a matter of simply "deciding not to use a list." Spamhaus and every operation like them are exercising power over people who are defenseless, and who never authorized any such interference.

Re:Moral outrage fight!

[Smallpond]

If you have a static IP and control over your DNS you can run your own mail server and do whatever you want. If you are on a cable modem and your ISP controls your domain, then you aren't really on the internet, are you? Just drink the kool-aid. Personally, I've never used my ISP's email service.

In any case, spamhaus lists are mostly automated. The data they use to list you might be supplied by your own ISP who are running the spamtraps and supplying the lists of dynamic addresses that aren't supposed to send mail.

When you see a whole ISP blocked, it isn't some arbitrary decision. I managed a server on XO, which had huge spam infestations at the time, and never had an email blocked. To get into ROKSO, you have to be actively moving spammers around to get around the blocks, and putting innocent victims on the blocked IPs so they will get unblocked. Don't forget that ISPs make money from spammers and it costs them money to block spam. The bad ones have no love of spamhaus.

Oh - and the email domains that I manage all filter on zen.spamhaus.org and I have no problems with what they block.

Re:Moral outrage fight!

[anomaly256]

When you send email, it doesn't necessary go directly from person A's PC to person B's PC. Any of the intervening machines can use an RBL - with or without your knowledge or permission. Even if you own your own mail server, I can promise an RBL somewhere along the line is still filtering what hits it. Even if you proclaim 'I do not choose to use this service!' - no one will hear you.

I've also had customers end up on the blacklist incorrectly for reasons as innocuous as some 3rd party contracted inexperienced low-level techie ticked the wrong box on their Exchange management interface when trying to fix an unrelated problem. Spamhaus lists aren't just automated - they're pro-active. They scan target MXs for configuration details and 'potential' problems, then if any single 1 POTENTIAL problem is seen, BAM blacklisted. And then getting them off the blacklist after such a silly otherwise-inconsequential mishap costs a buttload of time, and unlike the 3rd party contractor, my time is expensive.

My favorite part though, is where, after you move to remove a false-positive-flagged customer from Spamhaus, they warn you 'if this happens JUST ONE MORE TIME from this IP, the blacklisting will be permanent with no means for dispute'

They are fascists. Fascists performing a job everyone wants nd needs, but still fascists pushing their ideals onto people who don't necessarily want them. There has to be a better way.

Re:Moral outrage fight!

[Smallpond]

I've also had customers end up on the blacklist incorrectly for reasons as innocuous as some 3rd party contracted inexperienced low-level techie ticked the wrong box on their Exchange management interface when trying to fix an unrelated problem.

Good. People who leave open relays are exactly the people I don't want to get mail from.

Re:Moral outrage fight!

[lee1]

Any of the intervening machines can use an RBL - with or without your knowledge or permission

I also run my own mailserver and find that zen.spamhaus blocks so much of the spam that I was able to stop using spamassassin, whose extra load was not worth the few spam emails that got through to it. I don't generally see "intervening machines" - the email comes right from the sender's institution or email provider (gmail, etc.) to my server. It might go through a few machines inside the sender's organization, but if one of those uses spamhaus that's that organization's decision. Spamhaus mainly blocks mail coming from dynamic IPs, which is where is spam is coming from.

Re:Moral outrage fight!

[mcvos]

The problem is, when entities upstream from users (both senders and receivers) are deluded into using Spamhaus, and that in turn screws up those user's email -- the users themselves have zero recourse.

Of course you've got recourse! Use a different ISP. It's really that simple. Vote with your feet.

Re:Moral outrage fight!

[fyngyrz]

Not sufficient, because it isn't just your ISP that uses these lists. Say a domain, 'foobar.com', is incorrectly listed. Perhaps spammers have used their domain as a return address. Spamhaus or someone like them blacklists them. Now people who should be receiving email from foobar.com aren't; foobar.com's ability to do business or simply communicate is impacted; and they can't fix this by changing ISPs -- they may not even be aware of it, all they may see is an unexplained decline in sales or responses. But even if they ARE aware of it, it is very difficult to fix: there IS spam with their return address on it out there, though they aren't sending it.

General blacklists are bad ideas. They can't be made to work well in the general case, and further, they are wide open to targeting error and abuse. If someone is abusing the mail system, they need to be positively id'd using forsenic techniques beyond a reasonable doubt, and then brought to justice. And "justice" is not, and will never be, a bunch of geeks running rampant, exerting lynch mob mentality upon anyone they decide will be convenient for their cause.

I should be able to decide who makes it into my mailbox, and who I want to mail. If I abuse that somehow (stalking, advertising w/o opt-in, etc.), the law should be brought into it. Not Spamhaus. And in the meantime, the user should be empowered to use whitelist or blacklist or both at the level of their *own* mailbox. That's one of the most important jobs of every mail client author there ever was or ever will be. There are people I always want to hear from; there are people I never want to hear from; and there are people I've not made a decision about. But it is MY decision to make. Not anyone else's, barring actual legal issues.

Re:Moral outrage fight!

[Intrinsic]

I should be able to decide who makes it into my mailbox, and who I want to mail. If I abuse that somehow (stalking, advertising w/o opt-in, etc.), the law should be brought into it. Not Spamhaus. And in the meantime, the user should be empowered to use whitelist or blacklist or both at the level of their *own* mailbox. That's one of the most important jobs of every mail client author there ever was or ever will be. There are people I always want to hear from; there are people I never want to hear from; and there are people I've not made a decision about. But it is MY decision to make. Not anyone else's, barring actual legal issues.

*Cry me a river* You have a choice. dont use ISP that are known to harbor spammers,and dont spam yourself and you wont have a problem. If you dont like the way black lists work then choice and ISP that dont use the black lists you dont like and quit complaining about it. Take action. Because your complaints are not worth anything simply because there are enough people that value the service and use it. If that was not the case the service wouldn't be in existence. Technology will always be better at solving issues with spam then the law every will as technology reflects the will of the people to get problems solved where law can get bogged down by people who have power to change it for selfish ends. Im glad the spam services are there and I think the burden of proof should always be on the the person or network who has been accused of spamming countless times to either put up or shut up. People that complain about this just dont like the fact that they dont have control over the decision making process. Which by the way is a big problem in the US and possible other countries.

It's all about the Opinion

[Nom+du+Keyboard]

Spamhaus publishes their Opinion about who are spam problems. It's a lot like Slashdot posts, which are the various contributor's Opinions. You can individually choose to believe, or not believe, any post(s) that you wish. And other ISP's can choose to accept, or reject, Spamhaus's Opinions about who and where troublesome spammers are. An Opinion is a very long way away from the accusation of Judge, Jury, and Executioner and only a fool would have made that unwarranted leap.

Re:It's all about the Opinion

[TheCarp]

Right, except that many people just configure their mail servers to take that opinion as gospel, and spamhaus certainly makes it easy to do so and encourages it.

So legally, you are indeed right. However, the end result is that their opinion carries a lot of weight, mostly because many many people just blindly apply it.

So, in effect, they become judge jury and executioner, in that, once their opnion is that you have transgressed, you will instantly be blackballed all over the internet. They have become little more than a bully, which is too bad because, I mostly like them and mostly agree that this is the right way to operate.

Of course.... I JUST posted my experience with them (or I should say, the experience that I came back from vacation to find one of my co-admins had):

http://slashdot.org/comments.pl?sid=2474882&cid=37703752

Re:It's all about the Opinion

[Solandri]

Once you make your opinions public, you can be charged with libel and malicious defamation of character in most countries. Especially in a case like this where many ISPs use Spahaus' lists so there are real, direct socio-economic consequences for wrongly blacklisting someone. (Not saying that's what happened here.)

Re:It's all about the Opinion

[Nom+du+Keyboard]

Right, except that many people just configure their mail servers to take that opinion as gospel, and spamhaus certainly makes it easy to do so and encourages it.

What other people do is not Spamhaus's responsibility. If I were to post here to Slashdot for everybody to take all of their money and throw it into the ocean to support world peace, I'm not responsible that somebody actually did that. Put the blame where it actually lies, and it doesn't lie with Spamhaus.

Re:It's all about the Opinion

[macraig]

Spamhaus publishes their Opinion about who are spam problems. It's a lot like Slashdot posts, which are the various contributor's Opinions.

What a quaint mis-framing by using the word "opinion" rather than what it actually is: a declaration. It's much more affirmative than a mere "opinion".

This, BTW, is precisely why ALL blacklists are a crappy idea that ultimately always lead to this scenario. Crowdsourcing this sort of privacy/security function to anonymous people with unverified credibility leads to the well being poisoned with deliberate or unintended misinformation. They are even vulnerable to ill-intentioned people with axes to grind and a willingness to wreck significant swaths of the Internet to exact their vengeance.

Re:It's all about the Opinion

[sjames]

If you misrepresent your opinion with malicious intent or with reckless disregard for truth and you cause damage as a result, you can be in quite a lot of trouble legally.

Re:It's all about the Opinion

[TheCarp]

Um right, so we pretty much agree then, except that you refuse to accept the use of the "judge jury and executioner" analogy except in the most strict sense. Ok Fine.

Is the problem that their opinions suck? Or is that that people listen to them? Actually, the problem is that their opinions suck AND people listen to them.

If their opinions sucked and people ignored them, we would have no issue and nothing to talk about.

If their opinions were good and people listened, we would have no issue (other than a philosophical one)

There exists a problem in that spamhaus issues opinions that are not grounded in good reasoning and legitimate evidence, and mail admins use that decision as is in their own setups automatically.

Generic and pedantic enough?

Re:It's all about the Opinion

[Spazmania]

the end result is that [Spamhaus'] opinion carries a lot of weight, mostly because many many people just blindly apply it.

Mostly because Spamhaus rarely lists address ranges that aren't involved in spamming and network abuse, and even more rarely for long. Spamhaus EARNED its reputation for cautious listing at the same time others like SORBS earned reputations for over-zealousness.

That's why I'm surprised to see Slashdot folks taking these accusations seriously without any posted evidence. When Spamhaus lists an IP block, they document it publicly including their reasons. Sometimes it's because an organization has been caught moving spammers around inside their IP block. Sometimes there are other reasons. Usually they're pretty good reasons.

Where's the copy of that posting?

I know back when I ran an ISP, Spamhaus was the one I -didn't- have problems with.

Re:It's all about the Opinion

[zmooc]

It's not an opinion. Whether mail is spam or not can be objectively decided and thus is not an opinion. Therefore any statement on whether someone sent spam is not an opinion either. It's either a fact, a lie or a mistake.

And since spamming is illegal, claiming someone sends spam is defamation, which is illegal in many countries, including the Netherlands and the rest of the EU, where spamhaus has registered offices. Therefore they're probably not that far away from losing in court at all.

Re:It's all about the Opinion

[SydShamino]

If you know that people listen to your opinion and do what you say, and you say things that can harm someone else, you can be held accountable. See any cult or mob leader who knows his followers hang on his words. They just say "it would be a shame if something happened to that ISP" and suddenly its servers are underwater wearing concrete shoes.

Plenty of leaders have been convicted for crimes based on this chain of events.

Re:It's all about the Opinion

[TheCarp]

Hmmm I must admit, I came back from a vacation to find all this out.... do they keep a historical record of all this after a block is removed?

I have been meaning to investigate more, but, since it was a solved issue by the time I got back, and I have been busy with other projects, I only spent an hour or so looking for more information and finding little to nothing. If there is a "right place" to go look, I would love to know. Apparently we were on the "SBL" list.

My co-admin sent me a URL reference but, when i go there it just tells me that this is no longer in the SBL, with no other info.

Thats really the thing, I am not an ISP, I am running a co-located server with some people. I am a unix admin, I know how to run a mail server, but, I am not active and following these things as "mail admin" is a hat that I need to put on in earnest about once a year, at most.

Re:It's all about the Opinion

[Spazmania]

I seem to recall it being a little tricky to get to the data after it's delisted. I'll grant you that Spamhaus should do better there.

Re:It's all about the Opinion

[snowgirl]

Eh..... this is grey waters... I honestly think that Spamhaus is making an assertion of fact to a third party, and could be liable for defamation. It's well enough into the grey area that it would have to be settled by the court.

Re:It's all about the Opinion

[Eggplant62]

Compare Spamhaus with your local reporter who focuses mainly on restaurant reviews. Every week, he visits a new restaurant and writes a review. Some restaurants may end up with a good review and get lots of traffic as a result. Some may end up with a bad review, causing lots of people to avoid their restaurant, thus losing business. Same principles apply here. It's like saying, "We tried to talk to the owner to get things fixed, but we couldn't. We're now leaning on the waitress, to see if she will help us contact the owner. We may have to talk to the cook and enlist his help, too."

Re:It's all about the Opinion

[Hentes]

True, but here in Europe free speech is limited by e.g. libel laws. If the ISP can demonstrate that the claims were false and caused them damage then they have a chance to win.

Re:It's all about the Opinion

[wvmarle]

Spamassassin in default configuration uses Spamhaus as one of several RBLs, but just being listed on Spamhaus is not enough to be blocked. It adds 2-3 points to the spam score, and 5 points are needed. Other RBLs are used as well, as is other scoring. It is just one of many bits. Relying on a single RBL to block mail without further thought is a bad idea of course.

Re:It's all about the Opinion

[Zontar+The+Mindless]

What other people do is not Spamhaus's responsibility.

So it's okay for me to shout "Fire!" in a crowded theatre, since I'm not responsible for others' reactions to what I say? Thanks!

Re:It's all about the Opinion

[TheMMaster]

But if this opinion is automatically taken as fact by 2/3rds of the Internet's email servers and you go to an ISP and say: "We want you to remove this and this customer from the Internet or we will be of the opinion that all your outgoing email is unwanted SPAM." the this kind of changes the picture.

This isn't about some SBL, Spamhaus is not taking anything less than Complete removal from the Internet for CB3ROB I think that this goes slightly further than an 'opinion'

Re:It's all about the Opinion

[mcvos]

Who decides that their opinions suck? Good ISPs tend to be pretty knowledgable on spam issues, and they consider Spamhaus an authority on the subject. It's ISPs who decide that Spamhaus's opinion matters. You may decide that Spamhaus's opinions suck, but apparently there aren't a lot of ISPs that consider your opinion very authoritative on the subject.

It's like claiming that Einstein's opinion on quantum mechanics sucks. You lack the credibility that Spamhaus has.

Re:It's all about the Opinion

[Spazmania]

I'd rather have the data so that after doing the emergency minimum to be delisted, I can go back, scrutinize it and figure out how tighten my process so I don't get listed again.

I'd always rather have the data.

Re:It's all about the Opinion

[Intrinsic]

Crowdsourcing this sort of privacy/security function to anonymous people with unverified credibility leads to the well being poisoned with deliberate or unintended misinformation. They are even vulnerable to ill-intentioned people with axes to grind and a willingness to wreck significant swaths of the Internet to exact their vengeance.

Ohh, boy. its not like I havent heard this argument before. If we take your supposed logic to its end, who should be the ones to verify these so called anonmous people you talk about? The supposed business community? There only interest is to continue business as usual, they dont have any interested in removing spam from the network. Its a false claim that the system can be abused by someone with an axe to grind simply because there are checks and balances to prevent that. You can request to be removed from the blacklist once you clean up your act. I swear to god does the business community think they have a god given right to send email unsolicited? Get over yourselves if your organization is allowing spam though ,you dont have any rights, get your network straightened out and stop complaining to people who dont care about the reasons.

Re:It's all about the Opinion

[macraig]

Go back and read the prior part of my comment that you didn't quote: NO ONE "should be the ones", because no one should be using such blacklists, period. People cannot even agree on a precise definition of "spam" - one man's spam is another man's opportunity - so consensus blacklists can never work effectively.

Private blacklists or Bayesian filters that one creates for personal use might still be useful; presumably you have no disagreement with yourself about what is and is not spam. I once had a Bayesian system that reached 99.985% accuracy because I could maintain that consistent definition of spam. If I had tried to do that using a list involving anyone else, the accuracy would have plummeted.

Re:It's all about the Opinion

[Intrinsic]

Go back and read the prior part of my comment that you didn't quote: NO ONE "should be the ones", because no one should be using such blacklists, period. People cannot even agree on a precise definition of "spam" - one man's spam is another man's opportunity - so consensus blacklists can never work effectively.

LOL nice way to try and re-frame what spam is. There is no ambiguity here. You only want to change the definition of spam to suite your own purposes. Let me link to you the wikipedia article that has become the accepted definition of what spam is.

Spam is the use of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately.

ISP's, people that receive email, and network providers all have agreed on this definition. You dont have to like it, but you are playing within this frame work that we have all agreed to. If you want to change the definition I suggest you go somewhere else and start your own Almost-Spam group and get people on board with what you think it is. Dont go around telling people that spam is some fuzzy thing that nobody agrees on because I can tell you right now you are full of shit.

Re:It's all about the Opinion

[macraig]

... that we have all agreed to.

Nice way to mis-frame what simply isn't true, unless you define "we" more narrowly than all the people who influence blacklists. ISP employees and network admins might "all" agree on a narrow specific definition of spam, but when you leave the Halls of Technologia and query the common folk, you'll discover that the layman's definition of spam is "any e-mail that I didn't want to receive". What do you suppose happens when those people contribute to blacklists, either directly or indirectly?

Outside of where you work, your definition is the one that's full of shit.

Re:Nuts?

[Mitchell314]

. . . and exactly how is that a bad thing? :P

Responsibility goes both ways

[imemyself]

Yes, ISP's need to be responsible and take action against spammers, and yes, ISP's who continually fail to do so on a significant scale over a long period of time are fair game to block, but in this particularly instance it sounds like Spamhaus's actions may have been abusive and rather arrogant. I use Spamhaus's blocklist myself, but organizations like Spamhaus and Cisco SenderBase need to take some responsibility to ensure that they are not unduly effecting legitimate businesses and networks. Taking large-scale blanket actions that effect many legitimate sites undermines the anti-spam industry as a whole, because it makes it more difficult for people to rely on anti-spam products/services.

Re:Responsibility goes both ways

[silas_moeckel]

It seems like there gripe was the primary ISP was refusing to do anything about it they then move to the feeder ISP's until they fix it. By routing there traffic they are aiding spam. Ever expanding there blacklist to push companies to do something is the only method they have.to get something done. By the time they are complaining to a providers providers it's been a issue for a long time. That dutch ISP should never have to block one of it's clients, clients IP's they should have required them to act or terminated there contract. They might have "tough" spam rules but I've run a few med to large hosting providers, you do not just play whack a mole and let them sign up for another box you make sure you do not do business with them again.

This is not hard all it takes is a packet sniffer or a flow scanner to see if it's just a spam server vs a legit box that got hacked. At this point I catch catch most spammers from simple switch ACL's this is not hard.

Re:Responsibility goes both ways

[Nom+du+Keyboard]

...organizations like Spamhaus and Cisco SenderBase need to take some responsibility to ensure that they are not unduly effecting legitimate businesses and networks. Taking large-scale blanket actions that effect many legitimate sites undermines the anti-spam industry as a whole, because it makes it more difficult for people to rely on anti-spam products/services.

Spammers hide among legitimate businesses and hosting providers often don't do enough, unless their feet are continually held to the fire, to weed them out. Spamhaus can't cut off the account of the abusers at the various hosting providers, so they do the next best thing and make it in the best interests of those hosting providers to clean up their acts. Just take a moment to think about where we'd be without Spamhaus.

Re:Responsibility goes both ways

[realityimpaired]

Just take a moment to think about where we'd be without Spamhaus.

Actually, just about where we are right now. Most major mail providers don't use Spamhaus at all... it certainly doesn't affect delivery to GMail or Yahoo or anything like that. They use heuristic analysis of the messages (stuff like Spamassassin), coupled with Greylisting, forced delays in the server greeting, and throttling based on number of recipients. And it works. I don't get any spam at all to my inbox. None. And I've had the same address for nearly 6 years, now. And I don't use Spamhaus, SORBS, or any of the other lists like that, because you don't need them once you've set up your mail server properly. (and yes, I have set up my own mail server, which is sitting on a 100mbit pipe in colocation, with multiple domain names pointing at it, some of which are more than 10 years old).

Lazy sysadmins use spamhaus like it's gospel. Ones that know what the hell they're doing realize they don't need spamhaus at all.

Re:Responsibility goes both ways

[wmbetts]

Yahoo uses spamhaus

Re:Responsibility goes both ways

[mvdwege]

Bovine faeces.

Most antispam appliances and services default to using Spamhaus.

Re:Responsibility goes both ways

[Intrinsic]

.. I use Spamhaus's blocklist myself, but organizations like Spamhaus and Cisco SenderBase need to take some responsibility to ensure that they are not unduly effecting legitimate businesses and networks. Taking large-scale blanket actions that effect many legitimate sites undermines the anti-spam industry as a whole, because it makes it more difficult for people to rely on anti-spam products/services.

Umm, no they dont. The dont have a responsibility to ensure they are not unduly effecting legitimate business. The only responsibility they have is to block organizations that have been known to host spammers. If your business gets affected guess whos fault it is? Either you or your ISP's failure to deal with the situation.

Quis custodiet ipsos custodes?

[fightinfilipino]

seems like an interesting question here. Spamhaus in essence can withhold an ISP's goodwill in the community, which is arguably a part of an ISP's "property" (and of any business, really). if that theory holds up, what Spamhaus is doing could be considered extortion. A2B could also seek some sort of libel claim against Spamhaus, but how likely would such a claim be enforced over international borders?

is there anyone watchdogging Spamhaus' watchdog efforts?

Re:Quis custodiet ipsos custodes?

[Nom+du+Keyboard]

is there anyone watchdogging Spamhaus' watchdog efforts?

If You think that this needs to be done, then why don't You do it?

And then who should be watching over You?

Re:Quis custodiet ipsos custodes?

[Nom+du+Keyboard]

is there anyone watchdogging Spamhaus' watchdog efforts?

You seem to have a basic misunderstanding of Cause and Effect. Spamhaus can't actually withhold anything. They can suggest to others that those other parties might want to withhold their goodwill of an abuser, but by itself Spamhaus is completely powerless. It is only when other people agree with them that the group as a whole acts against those who abuse us through our technology. And that group action is entirely legal.

And Heaven help is if it ever does become illegal.

Re:Quis custodiet ipsos custodes?

[fightinfilipino]

no need to be hostile, i was simply asking a question. i'm unsure myself whether Spamhaus DOES need its own watchdog. that's why i'm asking.

and it's always good to question authority. i know Spamhaus has a lot of credit on /. but power and abuse go hand in hand. if A2B has a legit complaint, and Spamhaus responds poorly, who checks Spamhaus?

Re:Quis custodiet ipsos custodes?

[fightinfilipino]

is there anyone watchdogging Spamhaus' watchdog efforts?

You seem to have a basic misunderstanding of Cause and Effect. Spamhaus can't actually withhold anything. They can suggest to others that those other parties might want to withhold their goodwill of an abuser, but by itself Spamhaus is completely powerless. It is only when other people agree with them that the group as a whole acts against those who abuse us through our technology. And that group action is entirely legal. And Heaven help is if it ever does become illegal.

the problem is that Spamhaus either 1) has their word taken at face value by other ISPs and e-mail services, who automatically block whomever Spamhaus says needs blocking, or 2) has the ability to destroy a person's or company's reputation and goodwill, which can be just as bad in the long run.

i've got no misunderstanding of cause and effect. in this case, Spamhaus apparently believed that the only acceptable remedy in the A2B situation was for an entire datacenter to be blacklisted, and the effect was that a lot of innocent non-spammers got denied e-mail services along with the scummy spammer. Spamhaus is the cause, and a scorched-earth practice was the effect. i'm not understanding why people don't have a problem with this when so many are vocal about similar actions by the DHS to block domain names on sketchy grounds. the effect of a Spamhaus blacklisting has as much severity as a DHS unilateral block.

Re:Quis custodiet ipsos custodes?

[HiThere]

It doesn't need a watchdog, it needs deconstruction. It's a centralization of power without accountability, and such almost always leads to corruption. Spam, itself, is one example of this. But to fight corruption with more corruption is the wrong answer. Spamhaus is the wrong answer. I'd sooner use whitelisting. (Greylisting is better. And a combination of whitelisting and greylisting better yet.)

But Spamhaus is the wrong answer. It has become corrupt long since. And it's *because* it's a source of power without accountability.

Re:Quis custodiet ipsos custodes?

[Tacvek]

Where the hell does Spamhaus get the authority to dictate routing policy?

  If Spamhaus feels that Cyberbunker is harboring spammers, and is being uncooperative, I can see Spamhaus adding all of Cyberbunker's blocks to the blacklist.

I can even see Spamhaus contacting A2B and asking A2B to tell Spamhaus what addresses from A2B's blocks have been assigned to Cyberbunker, such that Spamhaus can block Cyberbunker without blocking the rest of A2B.

But SpamHaus instead demands that A2B stop routing all traffic from Cyberbunker. That goes beyond preventing spam, and is plain abuse of Spamhaus's influence.

Re:Nuts?

[www.sorehands.com]

Yeah, they blocked one IP used by a spammer. How many spammers use one IP address? They use one IP address, then when that is blocked, switch to another, and another, and another....

Re:Nuts?

[del_diablo]

Please think of the colleratar damage.
1 spammer down, and an entire datacenters services.

I rather doubt the ISPs claims.

[spottedkangaroo]

Choosing to use and trust Spamhaus is a completely voluntary activity by companies that don't wish to receive spam. It is usually only one of many strategies people use to try to block spam. Most use it simply as advice for scoring, some us it to block smtp from hosts completely. Whatever.

If spamhaus gets it wrong too often (and they do make mistakes) then people will stop using it. There's little any authority can do about it though. Spamhaus publishes its opinion and others choose to follow it. Are they going to make laws against publishing opinions? The only way really to fight this would be to show that spamhaus is failing somehow in its mission. Personally, I suspect that if spamhaus says it's a spam haven, that it very probably is. If it is not, they'll eventually get delisted. End of story. My ISP has been listed before. It was not a mistake on their end, but on mine. It was a simple matter to fix the problems and get delisted. At the end of the processes I was thankful for the free opinion publishing service they provide.

Re:I rather doubt the ISPs claims.

[Cramer]

There are laws (in the US at least)... slander and defamation. All of the customers now incorrectly listed as "spammers" have a case if they want to push it. (in the US at least, where spamhaus won't even show up. :-))

Re:I rather doubt the ISPs claims.

[spottedkangaroo]

If spamhaus honestly believed it, I doubt they have a case.

Re:I rather doubt the ISPs claims.

[mcvos]

If I understand correctly, Spamhaus doesn't list ISPs as spammers. From http://www.spamhaus.org/news.lasso?article=673: "The SBL lists 4 categories of abuse: spam sources, spam hosts, spam services and spam support services." and A2B was listed as a spam support service, not a spam source or spam host. I expect that ISPs can choose to use that information to not block them but only the direct spammers.

Of course if you want to discourage spam on the internet, you also want to discourage people from accepting spammers as customers. That's probably what the "spam support service" category is for.

Re:Nuts?

[immortalpob]

You're right, they should just block 0.0.0.0/0 and block all spam 100%!

Re:Is this really a police matter?

[shentino]

If Spamhaus is using its currently intact credibility as leverage, that very much is not appropriate.

Re:Is this really a police matter?

[sjames]

And tough luck for A2B and Cyberbunker? I'm sure news of Spamhaus's demise will cheer them greatly at their own bankruptcy hearings.

manditory spamhaus alternative question

[Vernes]

ARE there alternatives?

Good

[xrayspx]

They are hugely annoying to deal with if you send any volume of mail at all. I worked at a job in which we sent tens of thousands of order status emails per day (were there upsell attempts? Of course there probably were, but the thrust of the mail was "thanks for ordering, have a confirmation number"), and all it takes is a couple of people marking them as spam to get Spamhaus to start blacklisting you, your upstream ISP, your dogwalker's busdriver's cousin's hairdresser, etc.

I know they claim that they only blacklist IPs which send to honeypot email addresses, but I find that claim to be dubious at best, considering the IPs I've had blacklisted in the past.

Re:Good

[xrayspx]

That's what I said above: "We only automatically block IPs which send mail to our honeypot addresses", and I know for a fact that the only mail sent from said IP was in response to user action, with a user buying something, getting a password reminder, uploading something, etc. I know I'm not full of shit, so why were those specific ranges blocked?

I've wondered if the honeypot addresses weren't super-obvious or guessable.

This is not to say that the company I was with at the time wasn't a huge bunch of borderline-spammers, but in talks with Spamhaus they specifically told me they only (repeatedly) blocked my IPs because they got mail from those IPs. What they blocked was not a network where users lived, it was hosted web-farm only, so it's not like someone's desktop was turned into a spambot either. I really think they just had it in for us.

Re:Good

[mcvos]

One risk with honeypots: if somebody knows the honeypot address, they can fill in that address on your website, check the box that they want email, and then you're in trouble.

No idea if Spamhaus has a mechanism to prevent this. It shouldn't be too hard to compare their honeyport addresses to the addresses in your database, weren't it for the fact that they probably want to keep their addresses secret, and you're probably legally required to keep them secret.

has anyone asked Cyberbunker?

[Wizel603]

I would love to hear from Cyberbunker on why they are providing hosting to a spammer. Oh wait, I just found their AUP that's linked from their website:

Mind Your Own Business

CyberBunker does not poke around on your servers. Customers are allowed to host any content they like, except child porn and anything related to terrorism. Everything else is fine. CyberBunker has adopted a policy not to mind our clients business. Our famous "Mind Your Own Business" policy.

I'm sure glad they are up front.

Re:has anyone asked Cyberbunker?

[St.Creed]

Not only that. I'll quote their entire policy:

Disaster Free Hosting

CyberBunker will keep your servers online "no matter what". Cyberbunker will protect your servers from hurricanes, earthquakes, crashing airplanes, (nuclear) bombs, floods and anything else that could interrupt the hosting of your servers. However the biggest threat usually is the hosting provider that takes your servers offline if they receive complaints from others. As long as your hosting fee is paid CyberBunker will do anything in its power to keep your servers up. In addition CyberBunker protects your servers also from others who might want to take your servers down like the DMCA, your competitors,authorities, burglars, governments and terrorists.

Impenetrable Hosting Facility
The CyberBunker data center is located in a nuclear bunker that was designed to survive a nuclear war. Even without war the bunker remains impenetrable. In 2007 City Hall accompanied by the local police and fire brigade made an attempt to enter the building without authorization. Their attempts were futile. City hall paid the for the damages caused by the hydraulic tools used by the fire brigade in an attempt to open the first set of blast doors. The doors were damaged but still closed. Even with the right access codes the doors still could not be opened anymore. In 2008 City Hall paid € 24500.- in damages to CyberBunker in order to get the doors operational again. There are 3 sets of blast doors, one set next after the other, on all entrances.

Concealed Location
The physical limitations to enter the building are not the only reason why customers choose to host their servers at CyberBunker. CyberBunker offers a unique routing system in order to confuse parties that are eager to discover the physical location of the servers. Many known and unknown customers use our services to have their servers online without revealing the actual location. Sometimes it happens that one of our customers is exposed by the media. e.g. see: TorrentFreak. And even then we are able find a suitable solution in order to conceal the location of the servers again.

Anonymous Hosting
Most of our customers desire to stay anonymous. In some cases we do not even know who our customers actually are. We have no idea and we simply do not care. Who ever you are, it is our business to keep you online.

Mind Your Own Business
CyberBunker does not poke around on your servers. Customers are allowed to host any content they like, except child porn and anything related to terrorism. Everything else is fine. CyberBunker has adopted a policy not to mind our clients business. Our famous "Mind Your Own Business" policy.

Bold = my emphasis.

This is an open invitation to spammers, neo-nazis, phishing scammers, botnet operators, usenet providers (teh binareez) and torrent servers (torrentfreak, notably) to come and play ball. It's their business model to protect the customer. Given their attitude, they're likely to be in quite hot water once one of their customers actually does run a childporn network or an assassination ring and it turns out in court that their business model is "we never ask questions".

Anyway, I'm starting to understand the Spamhaus attitude: it's probably frustration.

Re:has anyone asked Cyberbunker?

[Wizel603]

ISP's need to learn to grow a back bone.

Please tell me that horrible pun was intentional.

Re:has anyone asked Cyberbunker?

[skr95062]

So according to the AUP above Cyberbunker is in effect claiming to be one of those"bullet proof" hosting facilities, they do not care what you do so long as it has nothing to do with kidde porn or terrorism. If you have an account with them you can run a server that does nothing but send SPAM 24/7/365 and Cyberbunker will never shut you down. This would also imply that if the IP you are using gets blocked you can get another one and another one and another one and so on and so on. If the upstream provider for Cyberbunker does not have the balls to pull the plug on them, then sorry but tough shit. Just because your customer is willing to throw money at you to keep the connection live does not give you the right to just look the other way. Yes, you can take the money, but you had better be prepared for the consequences of your actions. If you wind up on someones blacklist don't come crying to me about it, fucking deal with it. This type of thing happened a couple of years ago to a place, they were hosting a C&C farm for a BOT NET, amongst other things. The upstream provider one day, after waring them several times, just pulled the plug and the place fell off of the internet. Yes, some innocents got caught up in it but if you want to deal with shady operations shit like that happens. This is what A2B should have done to start with, IMHO.

Re:has anyone asked Cyberbunker?

[shutdown+-p+now]

This is an open invitation to spammers, neo-nazis, phishing scammers, botnet operators, usenet providers (teh binareez) and torrent servers (torrentfreak, notably) to come and play ball.

What's wrong with neo-nazi websites? Do you really want your government to take them down on sight? If so, then how do you define "neo-nazi"?

Re:has anyone asked Cyberbunker?

[St.Creed]

Privacy isn't bad, and lots of people got something to hide. But to me, there is a difference between local provider XS4All that says "we comply with the law, but safeguard your privacy to the best of our ability. We don't allow spam, botnets or phishing however." and CyberBunker who rolls out the welcome mat for specifically that type of business.

FYI, XS4ALL was the provider that hosted the Fishman affidavit and defended the people who put that up (myself included) in court until the High Court where they won, which took years. They support Bits of Freedom and the EFF. They were born out of the hacker scene and still have some ties with that.

To contrast: Cyberbunker looks like it was founded by scriptkiddies that can hardly use LOIC and will probably fold at the first real challenge. They're owned by ZYZTM (www.zyztm.com) that ties back to someone living in Goes near the bunker. Probably a very small outfit.

Seems to me they're poseurs who make sure that spammers and phishing pondscum know they will find safe harbour there but if the law really drops by, I doubt they'll stand up to the challenge. In the meantime they will fulfill the function of "useful idiot" for any politician looking to strengthen the laws against computer crime and laws that violate our privacy. They basically help noone and do us all a big disservice - privacy advocates most of all.

Re:has anyone asked Cyberbunker?

[mvdwege]

1. They're open advocates of an ideology that outright calls for mass murder. That's incitement to a crime. That's what's wrong with neo-nazis.
2. Yes, I want my government to take down their sites, just as I would like them to take down any site that openly incites to violent crime.
3. The swastika's, Hitler veneration, and calls for extermination of Untermenschen are a bit of a dead giveaway.

Mart

Re:has anyone asked Cyberbunker?

[shutdown+-p+now]

They're open advocates of an ideology that outright calls for mass murder. That's incitement to a crime. That's what's wrong with neo-nazis.

Incitement to crime is when one actually advocates mass murder; displaying a swastika is not such an incitement in and of itself.

In practice, most neo-Nazi writings do not incite directly (care to find a website that explicitly "calls for extermination of Untermenschen"?). Heck, even "Mein Kampf" doesn't do so, even though it already had the entire Nazi theory of racial superiority laid out already. And did you miss the fact that most of neo-Nazis today deny Holocaust, even among themselves? If they genuinely believe their ideology calls for mass murder, why would they deny its successful implementation?

Re:has anyone asked Cyberbunker?

[bloodhawk]

There is a big difference between someone having a beef with your website resulting in your ISP capitulating and an ISP that makes it their policy to protect those that actively are violating the laws and rights of others. What really needs to happen here is the Law needs to grow a back bone and do something about businesses like CyberBunker so that the legitimate rights to privacy are not impinged by future crusades looking to shut down scum like them.

Re:has anyone asked Cyberbunker?

[mvdwege]

The very ideology is about mass murder. You can't display a swastika in earnest without advocating mass murder. Stop apologising for genocidal maniacs.

Re:has anyone asked Cyberbunker?

[shutdown+-p+now]

The very ideology is about mass murder.

Can you concisely sum up what you believe to be Nazi ideology, for starters?

For that matter, I mentioned "Mein Kampf" in my previous post. That book is like a Bible to many (though not all) Nazis, so knowing what's in there is quite important to fully understand them. Have you read it?

You can't display a swastika in earnest without advocating mass murder.

You should let Hindus and Buddhists know that, I'm sure they'll be delighted to know they're advocating mass murder.

Stop apologising for genocidal maniacs.

The issue at stake is freedom of speech and freedom of conscience. When "genocidal maniacs" actually murder people - or incite someone else to do so - that's a crime that we already know how to deal with; you don't need "hate speech" laws for that. But when some loonie makes up a web page with Hitler portrait, swastika, and 14/88, it's just a loonie being one - no harm done.

Re:has anyone asked Cyberbunker?

[shutdown+-p+now]

Yes, I know. It's probably one of the silliest censorship laws in Europe (the only thing that's more silly is some Eastern European countries banning communist symbols). Consequently, I don't see some organization that helps circumvent it as immoral - if anything, quite the opposite.

Re:has anyone asked Cyberbunker?

[_0xd0ad]

wow, and you basically make it sound like PRIVACY is a bad thing.

Got something to hide? You must be EVIL!

Privacy != put it public on the web

If you put something public on the web, it's liable to be noticed. People are liable to complain. And at that point, it's no longer "private".

CyberBunker's policy appears to be "don't worry about people reporting you for doing anything, because regardless of that we'll still do our very best to pretend not to notice if you're doing anything you shouldn't be."

Re:has anyone asked Cyberbunker?

[mcvos]

This isn't about privacy. It's not even about free speech. It's about harassment and crime. That's what they condone and support.

If you want an ISP that will defend your free speech all the way to the high court (against dangerous organizations like Scientology, for example), then you go to XS4all. If you want an ISP that will let you spam or run botnets, you go to one with this kind of policy.

Re:has anyone asked Cyberbunker?

[mvdwege]

No, I'm not going to niggle about details. If you want to know what Nazi ideology was about, go visit the remains of Buchenwald or Auschwitz instead of nitpicking.

And I think I have read quite a bit more of (neo-)Nazi literature than you; a lot of it in the original German even.

Mart

Re:has anyone asked Cyberbunker?

[shutdown+-p+now]

So you're not going to niggle about details when putting people in prison for being neo-nazis? just someone saying that they are is good enough?

extortion

[synapse7]

Spamhaus seemed like one of the less shady and even more trustworthy blocklists(blacklist, whaterver). I have seen some (maybe it was backscatter) that wanted $100 to get off the list sooner than the standard 30day TTL, usually you don't have to worry about anybody using these lists. However, one time I did run into somebody that subscribes to a service that enlists multiple blocklists and was using one of these shady ones, luckily it was only a single client.

Re:Is this really a police matter?

[fyngyrz]

FTFY: What you're actually saying is that Spamhaus should be allowed to destroy multiple senders and receiver's email capability without law enforcement intervening.

The thing is, they have no right to do this, and nowhere to GET a right to do this -- and THAT is why law enforcement should be provided with a means to show up at Spamhaus's door and arrest the lot of them.

I never signed up for Spamhaus to be my "Internet Mommy." They're presumptuous abusers of other people's rights. Just as bad as spammers, and for the same reason: direct interference with my email.

A mailadmin writes...

[buglista]

I don't expect this will get modded up, because I'm only a mail admin with years of experience, and what do I know. Vive la web 2.0 etc.

Spamhaus don't list people unless they've got a very good reason - that's why the majority of email providers, and likely your mail feed is using SBL. Steve is not crazy, and incidentally, business details are not subject to data protection provisions under the EU directive, so it is absolutely fine to say you kicked a spammer.

Lie down with the dogs, get up with the fleas. Woohoo, you made your sales quota, but don't expect me to accept your email.

Re:Nuts?

[TheMMaster]

I rent a server and a /29 in the cyberbunker, as far as I'm concerned spamhaus is trying to strongarm my my upstream providers upstream provider. I had nothing to do with any of this, but I stand to lose my ip range and services THAT I PAID FOR.

It's NOT reasonable from spamhaus to expect an entire ISP to be blackholed for ONE spam complaint 2 levels below.

Re:Nuts?

[HiThere]

Ah, you say you work for Spamhaus?

ISPs policing the internet

[Old+Wolf]

Here's what these people seem to say.

When it comes to piracy - "ISPs shouldn't be policing the internet!"
When it comes to spam - "ISPs should be policing the internet!"

Re:ISPs policing the internet

[stickyboot]

Sounds right. Both the act of policing piracy and receiving spam are extremely invasive on a very personal level, that is why people seem to take that stance.

Re:ISPs policing the internet

[mcvos]

ISPs should be offering the best possible service to their customers. If their customers don't want to receive spam (and most don't), then ISPs would do well to block spam. Spamhaus provides valuable advice for this.

A surprising number of customers don't seem to object very much to having access to illegal movies, though.

Wrong blame

[mrball_cb]

You're blaming the wrong entity. If you're concerned with this, you should be complaining to your ISP _whom_you_pay_ that they use Spamhaus. You have control of your service, go buy it from someone who doesn't use Spamhaus. Spamhaus isn't screwing with your Inbox, your ISP _whom_you_pay_ is screwing with your Inbox by their choice to use Spamhaus.

Don't get me wrong, I think Spamhaus is one of the best things since sliced bread. Why does your ISP _choose_ to use Spamhaus? Because the extra cost and resources involved with NOT using Spamhaus would impact their bottom line and they would have to charge you more.

Before all the botnet takedowns, RBL's used to account for blocking about 80-85% of inbound connections. Now it's down to less than 50%.
$ emailstats
Webmail System Statistics for 2011-10-12

  TotalIncoming: 187662
                      RBL: 100601
                  Spams: 19439
              Viruses: 192
            Accepted: 67430
LocalDelivered: 53243
          Forwarded: 14187
      PercentGood: 35.9316

ICE

[Calydor]

Considering only the information readily available via. summary and article, how is this any different from what the DHS are/were doing with ICE, taking out ... was it 86,000 sites to hit one target? When that happened Slashdot was up in arms about the insanity, was that just because DHS is loathed and Spamhaus generally isn't? Am I missing some important detail (other than DHS = Government, Spamhaus = vigilante freelancers) that puts this all in perspective?

Re:ICE

[mcvos]

Reputation. Spamhaus has an excellent record on identifying and blocking spammers and services that support spam. DHS not so much.

Re:Good.

[Eggplant62]

You don't realize how SMTP or the Internet works, my friend. A2B is about to suffer from a death by a good number of admins simply adding their network addresses to private firewall and routers settings. You see, what I do at the border of my network is my business. I consult Spamhaus for their opinion regarding the reputation of email traffic. My mail sever is set to query the Spamhaus DNS servers whenever another mail server connects to deliver mail. It's not by default that my server is set that way; I took action to make it so. Spamhaus is simply a consultant in this relationship. They watch for spammy mail. It's their list and if A2B didn't follow the requirements to be removed, then others like me may have problems receiving your email, again by our choice. Now, I'll take a few minutes to ensure that A2B's network blocks are listed in my own border router's rules file so that any traffic received there is simply tossed on the floor, not that I would expect much traffic. But then, that's just me. I can't predict the behavior of any other system admin out there. Your move.

Re:Good.

[jafiwam]

Yup, pretty much. Spamhaus is simply a service that admins may use for advice on what to block.

It's up to the admins to agree with what they do and not use them if they get out of line.

That said, any admin that does use Spamhaus is a complete idiot. But, it's quite within their rights to be a complete idiot about administering their own mail servers.

Re:Is this really a police matter?

[jafiwam]

Spamhaus does not have any credibility anymore. They have been doing this shit for years. Back when similar operating lists were new, they were decent. Now they are not. They were removed from my mail filtering systems years ago because I got tired of the lying bullshit they pulled.

Re:Good.

[omnichad]

It's not a consultant if your server is set to blindly follow whatever they say. And if you've ever tried to remove yourself from Spamhaus without spending lots of money, then you wouldn't understand how unreasonable they can be.

Re:Good.

[Dan541]

Then don't use spamhaus. It's a voluntary service after all.

Why not???

[www.sorehands.com]

If Cyberbunker refuse to terminate spammers, then it should be blocked. This is like the porn affiliate program PerfectGonzo who ignored spam lawsuits, did not terminate a spamming affiliate until over a year after being brought to their attention, and only terminated one account of the spamming affiliate, not the 14 others. If Spamhaus blocked 1 IP address, how long would it take to change to another IP address? The failure to show Cyberbunker's record for dealing with spam is very telling -- if they promptly terminated spammers, it would have stated so.

Re:Why not???

[TheMMaster]

Where are the spam lawsuits against the Cyberbunker, A2B or the spammer in question?

There aren't any, this is spamhaus acting as judge, jury and executioner. This isn't merely about a spam blocklist anymore, this is spamhaus trying to make all of the cyberbunker's IP space unroutable by using blackmail tactics against A2B.

"That's SMTP of all your paying customers, would be a shame if something were to happen to it..."

Re:Why not???

[mcvos]

Not quite. Spamhaus is the advisor. They advise ISPs to block an IP range, and it's up to individual ISPs to decide what to do with that advice. Some ignore it, but many find Spamhaus's advise so valuable that they automatically implement their advice. But it's still the ISP's choice and responsibility.

Don't like it? Then sue the ISP. But they're not required to accept your traffic if they decide it's not in the interest of their paying customers. Your only recourse is suing Spamhaus for libel if they lied about your behaviour. But if they document their cases well, and can prove that the category they put you in conforms with their published policies, then I doubt you'll have much chance there. And of course you'll have to sue them in the country they're based in.

Misleading language in this story

[merc]

This story really rubs me the wrong way. They make it sound like Spamhaus has their fingers on the Internet's routing tables and at any whim can block or unblock networks that they don't like. This is simply not the case.

Spamhaus is no different from an op ed journalist or a food critic: All offer opinions about varying matters of public interest. Spamhaus, in this case, publishes an opinion in the form of a list of IP network ranges. In their opinion these networks can or may be responsible for transmitting spam or malware on the Internet.

PEOPLE ARE FREE TO USE OR NOT USE THIS INFORMATION AT THEIR DISCRETION.

But why is it that when the nutters at the Westboro Baptist church want to prance up and down the street and hold viotriolic hateful signs that all of a sudden we're so quick to point out that free speech is so vital for our society? Instead of bikeshedding over whether someone has a right to form an opinion about some Dutch ISP, how about instead we talk about how the spammers are themselves infringing on the propery rights of others by crapping on the internet? Lets stop pretending that the Internet is a public resource, it's a collection of private networks.

In any case, I have been a Spamhaus subscriber for scoring mail on my network and I appreciate the work that they do. I'd hate to imagine what the spam fighting landscape might look like today without Steve Linford and Spamhaus' efforts.

Re:Nuts?

[DarwinSurvivor]

Well, except for the small percentage on IPv6.

Re:Is this really a police matter?

[ScrewMaster]

FTFY: What you're actually saying is that Spamhaus should be allowed to destroy multiple senders and receiver's email capability without law enforcement intervening.

The thing is, they have no right to do this, and nowhere to GET a right to do this -- and THAT is why law enforcement should be provided with a means to show up at Spamhaus's door and arrest the lot of them.

I never signed up for Spamhaus to be my "Internet Mommy." They're presumptuous abusers of other people's rights. Just as bad as spammers, and for the same reason: direct interference with my email.

The problem with that approach is that the only power that Spamhaus devolves from the ISPs and server operators who use it. They don't directly block anything. They can't, that's not how it works. They're playing a dangerous game: if they make themselves too risky to use, admins will stop using them and whatever "power" they have will disappear.

Re:lol try SORBS instead

[Cramer]

Indeed. One email to a spamtrap, ever, gets an IP listed forever. There are no thresholds, volume limits, or expiration times. And they offer zero proof. The only way to be delisted is their nice money-laudering-esq, quasi-extortion "charity donation" scam. No reputable charitable entity will even speak their name.

Spamhaus should be shut down

[drauckerr]

Almost everyone running a website, including me, has run into problems with spamhaus. Spammers change IP addresses and move on. Spamhaus does not monitor their block list to determine whether an IP is no longer a source of spam. The result is, every time I upgrade my server, being assigned a new IP address, I must once again lose hours of my time appealing to Spamhaus and their ISPs to unblock my IP address. Well, I'm done with it.

My website publishes public information. Every month, thousands of business owners create an account so they can update the information related to their business. When an account is created, my system sends a verification email. If that email is blocked, the business owner is unable to activate the account and, consequently, can not update their information. Currently, that is exactly what happens to everyone in ATT territory (everyone in several southern states). And as far as I'm concerned, it's not my problem. They chose ATT, which chose to use an inaccurate block list. Let them spend their time fixing their problem.

If you use an ISP with an inaccurate block list, don't be surprised if the only mail being blocked is legitimate mail. The spammers move on to other IP addresses, it's the legitimate business owners who don't have the time or inclination to do so for the few customers that don't get their mail.

Re:Good.

[omnichad]

Spammer? No. I remember them wanting me to do this or that that was fairly expensive for a small hosting service. Not paying money to them, but it costing us more money than we could reasonably spend. In the end, we updated our server and then got a new static IP. The only emails we ever sent out were opt-in to a subscriber list of 3,000 or less.

Spamhaus runs many lists

[Onymous+Coward]

Just a point of clarification.

Spamhaus runs several DNSBLs: SBL, PBL, XBL.

I use their XBL. It works great. Don't be confused thinking there's just one "spamhaus list", saying things like "anyone who uses spamhaus is a <insulting term>".

People should know what they're getting into when they subscribe to a DNSBL. DNSBLs are best used as part of a scoring system, rather than as an ultimate authority.

Regarding Spamhaus's SBL:

The SBL database will normally include IPs identified to Spamhaus's best ability as likely direct spam sources, spammer hosting/DNS, spam gangs and spam support services.

I believe Spamhaus knows what they're doing, and it's not simply escalating netblocks to create and enlist collaterally damaged networks to bring pressure. I bet Cyberbunker is complicit in providing a haven to spam operations. And -- this needs confirmation -- I hear that A2B gave Cyberbunker new addresses after Cyberbunker was listed, which makes A2B complicit.

Re:Good.

[TheMMaster]

I do not send spam emails, I never have once in my life. Yet I cannot get my netblock removed from spamhaus RBL because they don't like my ISP.

Also, I *know* that spamhaus has taken money from other parties, ISPs, to make sure that this type of 'escalation' would never happen to them. This will be presented during the court case in Holland.

Re:Good.

[TheMMaster]

That is all nice and good, until they start pressuring upstream providers to STOP ROUTING, this is not about being on some spamlist but about removing a datacenter/ISP from the internet entirely.

They use the pull they have by being used by 2/3rds of the internet's email servers to blackmail ISPs to comply.

Re:Good.

[omnichad]

Wow...so I forgot a little bit of what they wanted done. I'm really bad about picking out trolls here, but what do you have against me and why are you assuming I'm lying?
 
Computer power has nothing to do with sending out email. And you actually misquoted me. I didn't have to upgrade my hardware. I think I had a backscatter problem (trying to stay RFC-compliant) that once fixed via a software update/upgrade, they wouldn't take us off the list without going through something like senderscore or something. I don't remember the details. I just remembered it being far easier to get a new IP than dealing withthem.

Re:Nuts?

[mcvos]

Why do you support an ISP that supports spammers? By doing so, you're helping to keep spam alive.

Drop them, and move to a more respectable ISP.

Re:Is this really a police matter?

[mcvos]

I never signed up for Spamhaus to be my "Internet Mommy."

Then what are you complaining about? If you don't use Spamhaus as your internet mommy, then you can still receive all the spam you want.

Re:so does slashdot just remove comments

[mcvos]

I think in the entire history of Slashdot, only one post was ever removed. I forgot if it was due to a lost lawsuit or a lawsuit that would likely be lost and be very expensive.

Because!

[www.sorehands.com]

Because their spamming customers are the ones who send the spam.

It is clear, from their own admissions, that Cyberbunker is a spam supporting service. Its no matter what service means that when Cyberbunker receives spam complaints, Cyberbunker will ignore the complaints.

See the Cyberbunker "Mind your own business" policy:

http://cyberbunker.com/disaster-free-hosting.html

"Most of our customers desire to stay anonymous. In some cases we do not even know who our customers actually are. We have no idea and we
simply do not care. Who ever you are, it is our business to keep you online."
---
"CyberBunker does not poke around on your servers. Customers are allowed to host any content they like, except child porn and anything related to terrorism. Everything else is fine. CyberBunker has adopted a policy not to mind our clients business. Our famous "Mind Your Own Business" policy."

Re:Because!

[TheMMaster]

let's not forget their abuse policy

Abuse:
  This includes but is not limited to:
          * Any criminal activities, as defined by the law of:
                      o Customer's country of residence (natural persons) or company registration,
          * Mass sending of unsollicted e-mail (SPAM).
          * Sending floods of any kind to any other computer system or network which inhibits the correct behaviour of said computer system or network.
          * Harrassment of individuals.
          * Endangering the quality of service or network stability for other internet users in any way.

They will keep customers online unless the law tells them to take them offline.

Weren't we all outraged when the 'three strikes and your out' laws basically meant that three COMPLAINTS means someone could lose their Internet access without appeal, and without a trial?

But if spamhaus does it it's fine? Really?

More than moral outrage: the wrong answer

[whitroth]

Spamhaus, and the other similar site, do more than "just" block IP addresses. A few years ago, when I lived in Chicago, one of them blocked not my IP, but the ENTIRE RANGE of my ISP - that is, they blocked the mailhost for RoadRunner Chicago, which was *the* major ISP for all of the city of Chicago. Frequently, on the CentOS mailing list, my email bounces, because my email, coming out of my hosting provider, is blocked. My provider - hostmonster/bluehost - has *thousands* or tens of thousands of domains' email coming in and out of a given named mailserver, which asserts one IP... and if one or more of those (usually WinDoze) folks get infected and send out crap, *everyone's* mailserver is blocked.

Their approach is *wrong*, It imagines that everyone has a static IP, and their mail coming out of that, not the reality of today.

                    mark

Re:More than moral outrage: the wrong answer

[Intrinsic]

You may think its the wrong approach, but they have the right to black list your ISP. Nobody is forcing people to use Spamhaus as a spam filter service.

Im sorry i have no sympathy for people that complain about a service that is voluntary. If your ISP is hosting a spammer, the whole domain should be blocked until its resolved.

Really???

[www.sorehands.com]

I don't see their "abuse policy" that you post.

What I do see on http://cyberbunker.com/disaster-free-hosting.html is:
"As long as your hosting fee is paid CyberBunker will do anything in its power to keep your servers up. In addition CyberBunker protects your servers also from others who might want to take your servers down like the DMCA, your competitors, authorities, burglars, governments and terrorists. "

Re:Really???

[TheMMaster]

look here the 'cyberbunker.com' guys are not the actual guys who own and operate the actual physical building that they have named the cyberbunker. Cyberbunker.com just rents some space from cb3rob which actually owns the building (and has it's own hosting company/network business)

It is confusing, I agree and perhaps it was done on purpose but I know for a fact that the guys running cyberbunker.com are actually different people.

Re:Really???

[www.sorehands.com]

But the issue is the services provided by the Cyberbunker guys, not cb3rob.net guys. There is no talk about the cb3rob.net guys here and the policy of the cb3rob.net do not apply to the Cyberbunker guys as they are not the same people.

Email provider, not ISP

[billstewart]

Once upon a time, your ISP was also usually your email provider. Hasn't been the case for a long time, though many people still find it convenient to use their ISP's mail for some purposes, but probably most people today either use a separate email provider for most of their mail, or use an ISP that outsources their email service to an email provider instead of running their own (e.g. mx.little-isp.net actually points to big-email-provider.net.)

So you either do or don't want to use an email provider that uses a specific RBL as part of their email filtering. Spamhaus has always had the reputation of providing high-quality conservative lists, as opposed to some RBLs that exclude all home IP connections (which are 99% zombie spammers and 1% home Linux users), or some lists that are extremely aggressive and non-responsive (e.g. SPEWS.)

My main email provider lets me choose a bunch of lists that can go into SpamAssassin weightings or just be used absolutely. For instance, I don't want any email from Nigeria or Korea, so those are on the hard-block list, but I do know people in South Africa and Japan, so those are only SpamAssassin weights.

Bogus Arguments on Civil vs. Criminal

[billstewart]

Sure, in that case you would. But if you owned a bricks and mortar store, and the Better Business Bureau listed you as having a reputation for selling spoiled food or stolen goods, you wouldn't call the police on the BBB - you might sue them, or you might whine about how the BBB are a bunch of extortionists.

Calling the police is a more extreme reaction than sueing somebody. It's something you do if you think somebody needs to go to jail.

Re:Good.

[Coren22]

Spamhaus listed my work's IP, they indicated that it was due to detecting that one of our computers was going out to a C&C machine on HTTP to get orders. Not because of spam, because only our email server can send email, and it wasn't spamming, but because of a normal thing like a Trojan infection. If you are relying on these idiots, stop, they don't respond to spam, but the possibility of spam, which means they catch lots of legitimate corporations.

Re:Good.

[Coren22]

Untrue.

http://yro.slashdot.org/comments.pl?sid=2474962&cid=37716920

Here's the 3rd-Party Agenda Spamhaus is paid for:

[billstewart]

Spamhaus is implementing the agenda of a whole lot of third parties - it's their customers, who don't like receiving spam.

DOS wasn't SPEWS's main problem

[billstewart]

SPEWS's main problem wasn't that they got DOS'd, though it didn't help them. Their main problem was that they had a reputation for providing low-quality results, blocking way too much legitimate email, and it was nearly impossible to contact them in case you were inappropriately listed. So if you were an email mailbox provider using them as a direct blocking service, you'd be getting huge numbers of false positives, and have to track down complaints from your users about lost mail. At best, they were useful as input to SpamAssassin. (I don't know if they're still operating the same way these days; I gather Michelle sold them or something, but haven't followed the details.)

Spamhaus's reputation over the years has been that they're really conservative, and almost never have false positive problems. That doesn't mean that they don't occasionally list ISPs who have some spammer customers and some non-spammer customers, but they're not in the Nuclear Overkill business the way SPEWS was.

Re:Good.

[Dan541]

Spamhaus is a voluntary service. Here is a good one http://www.spamhaus.org/drop/ .

Nobody has EVER been forced to use Spamhaus and unless a law is passed tat makes it mandatory to use them, they will always be 100% voluntary. Allot of people choose to use Spamhaus because they are the best around.

Re:Good.

[Dan541]

However, I should add that I don't recommend rejecting traffic on just Spamhaus alone. It's best to use multiple blacklist providers to help eliminate false positives. It also lessens the control of any single blacklist operator.

Re:Good.

[bmo]

>Backscatter

You get a backscatter problem when you send indiscriminate emails to addresses that do not exist with forged "from" headers. Because the bounces go not to you, but to random unaffiliated ISPs. That's the definition of backscatter.

Goddamn proof that you are a spammer or you sold to spammers. By your own words.

Read this. This is Steve Linford's reply to all this.

http://www.spamhaus.org/news.lasso?article=673

Notice that it's entirely reasonable and that my original assumption that the Dutch ISP was catering to crime was spot on.

>dutch host affiliated with RBN

Yeah. Nice guys.

By the by, I have 642 spams over the last 2 days in my spam folder just for one account. Without the filtering based on Steve Linford's hard work and the hard work of others, my email would be useless.

I have a reason to be pissed at spammers.

--
BMO

Re:Good.

[bmo]

>normal thing like a Trojan infection (on the mail server)

>normal

I seriously hope you're not a sysadmin.

--
BMO

Re:Good.

[Intrinsic]

If you say so then it must be true. Internet person with no authority.

Re:Good.

[Coren22]

I did not say the email server had a Trojan. It was a client machine, that because it was not an email server, could not send email. There was no spam, just a random desktop that got infected and because of proper firewalls was blocked from sending email.