Interesting Spamhaus links

By Sys Admin

October 9, 2008

Yesterday was eventful. Halfway through the day we were informed that 7 of our servers had been placed on a Spamhaus blocklist. Upon investigating it seems we were a victim of the Spamhaus "bad neighbourhood" policy.

What actually happened is that a nearby server in the datacentre had been caught by a Spamhaus honeytrap, and had sent their marketing newsletter to an email address monitored by Spamhaus. Since this was the second incident in less than two months, Spamhaus decided to list the whole netblock, which included 7 of our servers.

When I contacted Spamhaus to ask them to remove our well-managed, non-spamming servers from the listing, I was informed that we were listed for "policy reasons", and that we should seek another datacentre provider. They then refused to accept any other emails from us, listing "unacceptable content" as the reason. They weren't really interested in our issues, they were attacking our provider, trying to put them out of business.

Eventually our provider got a lawyer involved and we were removed from the listing later that night.

A couple of interesting things emerged from this. The first thing we did was to stop using any Spamhaus blocklists on our own servers - and noticed no increase at all in the amount of spam getting through. That is, the Spamhaus blocklist is rubbish. As everyone knows, the spam problem is nothing to do with UK companies sending out mailing list newsletters to emails which may not have subscribed. The problem is related to spam from China, Russia, Eastern Europe and an increasing number of third wold countries, and even more so to the botnets of hacked Microsoft Windows machines.

There are in any case perfectly adequate legal remedies against spammers in the UK. Spamhaus targetting the senders of business newsletters does nothing to help us at all.

The second thing is that I started to wonder about Spamhaus, who are they, who owns them, how are they financed, what gives them such authority to attack legitimate businesses in such a draconian way, to attempt to influence consumer choice of provider, why are they so rude and unhelpful? It was relatively simple to find at least some of the answers.

So here are some interesting links relating to Spamhaus and the people who run it. I cannot vouch for the veracity of it all, but it does raise lots and lots of questions about this unmonitored, Swiss registered organization that possesses such internet power that they can even shut down national domain registries.

The first one discusses Steve Linford and the Spamhaus Project

http://www.superprovider.de/forum/steve-linford-spamhaus-fraud-t120.html

This one relates to John Blasik (AKA John Reid, AKA Richard Cox) and his criminal history

http://www.bolenreport.net/feature_articles/feature_article027.htm

This discussion illustrates the way they work and the effect they can have

http://blog.devost.net/2007/01/28/spamhaus-irresponsible-net-citizens/

A short blog discussing Spamhaus and the abuse of power

http://it.toolbox.com/blogs/adventuresinsecurity/abuse-of-power-17210

This one discusses the Spamhaus block of the Austrian domain registry.

http://wnagele.com/2007/06/19/spamhouseorg-vs-nicat/

There are lots more in the same vein. Including those about the 11.3 million dollar decision against them by a US court in 2006.

For us, suffice it to say we won't ever use Spamhaus again, and will discourage anyone else from doing so.

More News

Comments (0)

No comments.

Add Comment

Dojo Learning - Online training, untangled