Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×

Perspectives on Spamhaus's Dilemma 420

The Illinois court that told Spamhaus to stop blocking the spammer filing suit against them — an order which Spamhaus ignored — is now considering ordering ICANN to pull Spamhaus's domain records. While Gadi Evron, whose blog posting is linked above, urges everyone to beat the judge with a clue stick, a guest writer on his blog counsels much greater restraint. Anti-spam lawyer Matthew Prince explains how Spamhaus got into its current pickle — apparently by following conflicting legal advice at two points in the process — and what they might have to do to get out. One spamfighter of my acquaintance says that Spamhaus's SBL and XBL blocklists knock out 75% of the spam at his servers before it hits and requires more CPU-intensive filtering. If ICANN is ordered to unplug Spamhaus from the DNS, and does so, is the Net prepared to deal with a 4-fold increase in spam hitting MTAs overnight?
This discussion has been archived. No new comments can be posted.

Perspectives on Spamhaus's Dilemma

Comments Filter:
  • Ghostbusters (Score:5, Insightful)

    by eldavojohn ( 898314 ) * <eldavojohn@gSTRAWmail.com minus berry> on Monday October 09, 2006 @02:00PM (#16367895) Journal
    One spamfighter of my acquaintance says that Spamhaus's SBL and XBL blocklists knock out 75% of the spam at his servers before it hits and requires more CPU-intensive filtering. If ICANN is ordered to unplug Spamhaus from the DNS, and does so, is the Net prepared to deal with a 4-fold increase in spam hitting MTAs overnight?
    I'm reminded of the part in the Ghostbusters movie when the man from the EPA shows up and demands that they shut down the containment unit which houses all the ghosts since it's in violation of EPA rules.

    Yeah, I know it's just fiction but it seems like this could be the same kind of thing.

    Excerpt from the movie:
    Dr. Ray Stantz: Everything was fine with our system until the power grid was shut off by dickless here.
    Walter Peck: They caused an explosion!
    Mayor: Is this true?
    Dr. Peter Venkman: Yes it's true.
    [pause]
    Dr. Peter Venkman: This man has no dick.
    Walter Peck: Jeez!
    [Charges at Venkman]
    Mayor: Break it up! Hey, break this up! Break it up!
    Walter Peck: All right, all right, all right!
    Dr. Peter Venkman: Well, that's what I heard!

    I think the problem that the Ghostbusters faced in the movie was that the guy from the EPA was a prick and didn't bother doing any follow up or open a channel of communication with the Ghostbusters. Now, Spamhaus might be violating rules at the same time they provide the public a valuable service. Has the United State's judicial system attempted any lines of communication with them aside from a cease-and-desist letter threatening them with $11.7 million?

    The Illinois court that told Spamhaus to stop blocking the spammer filing suit against them...
    Where does it say that e360insight is a spammer? I think that Spamhaus should have to present proof that e360insight is an illegitimate spamming business [spamhaus.org]. I think that's important. If e360insight is a spammer, I'm siding with Spamhaus. Since they have taken the roll of deciding who is spamming and who isn't, I think they could use more accountability [spamhaus.org] than what I find indicated on their website.
    • Re: (Score:2, Insightful)

      by n0dna ( 939092 )
      "Has the United State's judicial system attempted any lines of communication with them aside from a cease-and-desist letter threatening them with $11.7 million?"

      Yup, they would have allowed them to defend their actions in court. Spamhaus chose not to appear, and instead have a default judgement rendered aginst them.
      • Re:Ghostbusters (Score:5, Insightful)

        by eldavojohn ( 898314 ) * <eldavojohn@gSTRAWmail.com minus berry> on Monday October 09, 2006 @02:09PM (#16368053) Journal
        Yup, they would have allowed them to defend their actions in court. Spamhaus chose not to appear, and instead have a default judgement rendered aginst them.
        What court though? I mean, if some business that I slighted in China brings a lawsuit against me, I'm not going to fly half-way across the world to defend myself. If Spamhaus is offering the maintenance of this list for free, I doubt they make much money. Couple that with the fact that people choose to use the list, I don't blame Spamhaus for farting in their general direction.
        • Re:Ghostbusters (Score:5, Insightful)

          by ArsenneLupin ( 766289 ) on Monday October 09, 2006 @02:19PM (#16368189)
          I don't blame Spamhaus for farting in their general direction.

          They just should be careful enough to widely publish their new .co.uk address before the hammer hits, so that we can reconfigure our MTA's in time.

          Indeed, a fart is not really a fart if it doesn't smell...

          • Re: (Score:3, Informative)

            by The Mgt ( 221650 )
            They just should be careful enough to widely publish their new .co.uk address before the hammer hits
            It's spamhaus.org.uk [spamhaus.org.uk].
            spamhaus.co.uk is an unrelated site flogging antivirus software
          • by Ungrounded Lightning ( 62228 ) on Monday October 09, 2006 @04:29PM (#16370379) Journal
            Reconfigure your MTAs NOW.

              - Use IP numbers or
              - host a domain resolution for spamhaus in a local name server and configure your MTA to hit that first. (Have your nameserver serve as an unofficial secondary pointing to their primaries, and squirrel a dump of their name service just in case the court gets their primaries shut down.)

            Then ICANN can pull the record and it won't do squat.

            For your convenience (from nslookup):

            > server 204.74.101.1
            Default Server: udns2.ultradns.net
            Address: 204.74.101.1

            > set type=soa
            > spamhaus.org
            Server: udns2.ultradns.net
            Address: 204.74.101.1

            spamhaus.org
                            origin = need.to.know.only
                            mail addr = hostmaster.spamhaus.org
                            serial = 2006100802
                            refresh = 3600 (1H)
                            retry = 600 (10M)
                            expire = 2419200 (4W)
                            minimum ttl = 3600 (1H)
            spamhaus.org nameserver = udns2.ultradns.net
            spamhaus.org nameserver = udns1.ultradns.net
            spamhaus.org nameserver = ns8.spamhaus.org
            spamhaus.org nameserver = hq-ns.oarc.isc.org
            ns8.spamhaus.org internet address = 216.168.28.44

            (I'm presuming that the spamhaus.org domain contains the
            servers in question. But if not, perhaps someone who
            actually administers an MTA using their services can
            follow up with the necessary info.)
        • Re: (Score:2, Insightful)

          by n0dna ( 939092 )
          I don't actually blame them either, but you do have to be prepared to accept the consequences of your actions.

          If China had the ability to make your life miserable, you maybe ought to consider hiring a lawyer. You can't run something like Spamhaus without understanding that you are stepping directly on the spammer's bottom line, and you have to expect the need to defend yourself legally. Ignoring legal proceedings is an option, but not a defense. Had they chosen to fight it, they could have made the argument
        • Re:Ghostbusters (Score:4, Interesting)

          by harlows_monkeys ( 106428 ) on Monday October 09, 2006 @02:52PM (#16368725) Homepage
          What court though? I mean, if some business that I slighted in China brings a lawsuit against me, I'm not going to fly half-way across the world to defend myself

          That's a perfectly reasonable attitude, provide you are aware that the chinese business will, therefore, win their lawsuit in a chinese court. If you have no assets anyplace that a chinese court could get to, then you are fine. Just don't miscalculate, ignore them, lose to a default judgement, and then remember that you do have stuff in China!

          Also, you have to be careful HOW you ignore them. For example, if you start to defend yourself on the merits, and then say "screw this...you don't have any jurisdiction over me, so bugger off" and THEN start ignoring them, that initial defending on the merits might be seen as conceding jurisdiction to the court. That's bad, because then when the winner comes to your country to collect, there is a decent chance your country's courts will recognize the debt as a valid debt, and then it is a simple matter for that Chinese business to get a judgement in your country to enforce the debt.

          The bottom line: ignoring a court anywhere in the world is not something to take lightly. You need to at least get a lawyer with experience in the laws of your country to tell you HOW to ignore the foreign court so that you won't accidently open yourself up to a nasty surprise.

    • In a nutshell: I agree, the Illinois has no dick.
    • Here's the thing nobody gets. This is not an issue about blocking spam. What's at issue here is the ability of a privately owned business to provide whatever service or feature they want to for it's cutomers.

      If people want to get E-mail from 360, they can call the ISP and complain, they can switch providers, or they can use an alternatvie service. None of which require courts threatening people at gunpoint.

      Why does the US seem to think it rules the world and can tell everyone what's acceptable behavior?

      Gove
    • Re: (Score:3, Interesting)

      by mcrbids ( 148650 )
      Where does it say that e360insight is a spammer? I think that Spamhaus should have to present proof that e360insight is an illegitimate spamming business [spamhaus.org]. I think that's important. If e360insight is a spammer, I'm siding with Spamhaus. Since they have taken the roll of deciding who is spamming and who isn't, I think they could use more accountability [spamhaus.org] than what I find indicated on their website.

      Except that Spamhaus is not spam filtering or blocking software. It's merely a DNS da
    • Re: (Score:2, Interesting)

      by Coldmoon ( 1010039 )
      "Since they have taken the roll of deciding who is spamming and who isn't, I think they could use more accountability than what I find indicated on their website"

      Accountability certainly, but transparency would help to resolve these issues. The Antispyware industry tackled this by creating and then supporting systems/procedures that allow targeted application developers to appeal their inclusion in the AS's detection database, detection category (malicious, adware, Trojan, etc...), threat level, etc

      More
    • Re: (Score:3, Interesting)

      by walt-sjc ( 145127 )
      Here's the deal though.

      If it wasn't for spamhaus and other blocklist services, it would be up to individual administrators to create their own blacklists (most savvy admins do anyway BTW...) Now I don't know about other admins, but once you are in MY blacklist, you are there FOREVER. If you are in 4,556,865 blacklists, good f-ing luck getting out. Being on ONE list you have a chance.

      The other option is a reputation based system where "trusted" submitters send blacklist updates via usenet (GPG signed.) Since
  • by Kelson ( 129150 ) * on Monday October 09, 2006 @02:01PM (#16367913) Homepage Journal
    If ICANN is ordered to unplug Spamhaus from the DNS, and does so, is the Net prepared to deal with a 4-fold increase in spam hitting MTAs overnight?

    On the plus side, that might convince the judge to rethink the order.

    • Although the judge may not understand the unintended consequences of that ruling, the world shouldn't be held hostage, so to speak, by the threat that they will actually have to do their own spam filtering if this service were to go down.
      • Re: (Score:3, Interesting)

        by LilGuy ( 150110 )
        Easily said. Not so easily done. There are many businesses out there that can't even figure out how to lock down their MTAs and prevent asynchronous bouncing, let alone deal with an enormous influx of spam, which surely they won't see coming. Hell I worked at an ISP as the sole Abuse department tech, and that was plenty bad enough at the time, but after something like this... makes me glad I quit.
    • The most interesting facet of this case is the nature of the commerce involved. If it were traditional, paper & envelope mail, then there would be several long-standing precedents on both sides concerning interstate commerce and the postal system: prevention of fraud on the one hand, and interfering with private postal receipt on the other. In this case, however, independent ISPs, supposedly autonomous, private corporations, are using a service to filter "junk mail." Although an outside entity interf
    • On the plus side, that might convince the judge to rethink the order.

      Sometimes we have to live with uncomfortable outcomes. If I get 4x as much spam to filter, and it overwhelms my system, that's my fault for not preparing adequately (and a lesson learned about depending on others, I'd say). One cannot ignore the law just because one thinks the net result of doing so is beneficial to more people -- that is why we have courts, where supposedly, laws and torts can have their day and be judged on merit.

    • Spamhaus can elect to publish an ONTB (Ordered Not To Block) list as well as a block list.
      What I as an administrator choose to do with that info is up to me!

  • by cavtroop ( 859432 ) on Monday October 09, 2006 @02:01PM (#16367917)
    what pisses me off about this whole situation is that using the Spamhaus RBL is OPTIONAL, and initiated by the receiving servers. Nobody said you HAVE to use Spamhaus, people CHOOSE to.

    Damn, judges really should be expected to have a clue when sitting in on a case...
    • by patrixmyth ( 167599 ) on Monday October 09, 2006 @02:11PM (#16368087)
      If you use cotton swabs, and I'm hoping that you do, then take a moment to read the package. It clearly states that they are not to be put into your ear, despite the fact that plainly that's the use that 90% of consumers make of them. This is plainly because of liability issues which arise from people who can't seem to figure out how far to stick them in their ear. Perhaps Spamhaus could adopt a similar defense by distributing the list with the explicit instructions that it is not intended to be used to block spam, especially in the U.S. and uber-especially in the region where this judge has authority. Just a thought, seems at least as effective as holding your ears and screaming "LA-LA-LA-LA" everytime the court tries to tell you what to do.
    • Usually I would be very, very against this sort of behavior, but I think just this once it would do a lot of good for someone to post this judges email address, both work and home. Preferably on a few high traffic newsgroups, and make sure that his spam filters are unavailable for use. He is a public official, that is trying to decide an issue that affects the whole world, maybe the whole world needs to send him a note.
    • by dchamp ( 89216 )
      Exactly. There are a number of other RBL's out there. I choose to use some of them, but not others. For instance, I don't use SORBS because IMHO they're a little too restrictive - but I understand why some people like them, because they block a lot more spam than others.

      To lose the ability to use Spamhaus would be a big blow to spam blocking.
    • Damn, judges really should be expected to have a clue when sitting in on a case...

      But can you expect a judge to be as technically savvy as anyone in IT, given the broad range of cases they must try? Look at the trouble court cases with juries have when the case involves technical arguments (not just IT, but science topics as well).

      While I agree that the judge should have some reasonable level of knowledge to allow him/her to judge the case, it doesn't surprise me that judges currently have little clue

    • Damn, judges really should be expected to have a clue when sitting in on a case...

      The judge does have a clue. Spamhaus lost. Sure, it was a default judgement because they didn't feel that the court had jurisdiction so didn't defend, but that is irrelevant. The court has to treat it like any other judgement, and attempt to enforce it.

      • by jfengel ( 409917 )
        Really? IANAL, but generally it's the executive branch, rather than the judicial branch, that has to enforce laws. Judges only make decisions. They impose sentences, but they turn them over to the executive branch to execute them.

        Which is why I'm trying to figure out where the judge gets the authority to order ICANN to do anything. ICANN does ultimately report to the US Government, but not to a district court judge.
  • by realmolo ( 574068 ) on Monday October 09, 2006 @02:01PM (#16367923)
    I imagine that ICANN will say "Uh...no" if they actually do get that court order. I mean, ICANN is kind of evil, but I guarantee they hate spammers AT LEAST as much as everyone else.
    • Re: (Score:2, Interesting)

      by nihaopaul ( 782885 )
      i for one would pledge to support countersuing the government and the judge for loss of information and damages ranging into the thousands daily from increased spam. money talks bullshit walks, hit them hard and where it hurts
    • The people who deal with domains day in and day out will know what spam hits the tech/admin contact details. Be sure that ICANN support staff will suffer from this... But doesn't the judge realise that his mail box is partly being protected by RBLs?
    • by maxwell demon ( 590494 ) on Monday October 09, 2006 @02:34PM (#16368441) Journal
      Moreover, given that there are ambitions to get control away from ICANN to an internationally controlled entity, for ICANN it would essencially be suicide to follow such an order. Because it would deliver the perfect argument: A real world case causing huge damage to everyone, which would not have been possible if it were under international control.
      • Re: (Score:3, Interesting)

        by robertjw ( 728654 )
        Exactly. A US court ordering ICANN to drop a name could have disasterous results. Not only would it be the end of ICANN, it could cause a MAJOR backlash resulting in a chaos of domain names.

        I hate to bring up that whole slippery slope thing, but we can't just have courts ordering names removed from DNS. What's next? Porn sites? Music sharing? Terrorists? Communists? Democrats? Without an independent, (relatively) impartial name registration/IP address management system the whole concept of a glo
        • by Tony Hoyle ( 11698 ) <tmh@nodomain.org> on Monday October 09, 2006 @03:36PM (#16369497) Homepage
          The EU is ready to take over ICANN regionally already - they needed to to have a credible threat to get their own way last year, and make no mistake if they were pushed make the switch that will end ICANN (and probably end the idea of a single global entity controlling DNS.. it'll be down to regional ones, because China will want their own, the US will probably keep ICANN, etc..).

          If ICANN start ordering UK websites down at the request of random US courts then that'll be a pretty hard push in that direction. Even the americans aren't that bloody stupid.
    • by cgenman ( 325138 ) on Monday October 09, 2006 @02:44PM (#16368571) Homepage
      It's a good thing that the management of ICANN was turned over to an international consortium to tend the domain name system in a broadly fair and equitable... wait, what? Crap. Nevermind.

  • I'll put them in my hosts file. I'm sure the follow-up story on Slashdot will have their IP addresses in it...
    • by Kelson ( 129150 ) * on Monday October 09, 2006 @02:09PM (#16368051) Homepage Journal
      I'll put them in my hosts file.

      Um... you are aware of how Spamhaus's list is distributed, right?

      You convert the IP address of the server you're trying to check into a host name, such as W.X.Y.Z.sbl.spamhaus.org, then do a DNS lookup on that hostname. The result you get indicates whether the original IP is liste or not.

      Trust me, you don't want to put 4 billion records in your hosts file!

      • Re: (Score:2, Insightful)

        by Mixel ( 723232 )
        So you can use the spamhaus' DNS server, querying it directly, using its ip.
      • by wfberg ( 24378 )
        Um... you are aware of how Spamhaus's list is distributed, right?

        People who use spamhaus usually have some inkling how DNS works (being, for example, ISPs).
        They can just add spamhaus to their hints file.
      • Re: (Score:2, Informative)

        by Anonymous Coward
        Um... Are you familiar with how DNS works? He'll put the address of the modified Spamhaus DNS server in his hosts file. That way his MTA can still do the lookups even if their domain no longer resolves.
      • C'mon Joe, you can always change your name.

        Sure, it'd be annoying if Spamhaus.org had to change their name to some country-code domain that's not under ICANN's thumb, becoming Spamhaus.aq or whatever, or even get a new .org, becoming SpicedHamHous.org or whatever. But they could do it.

        And they could always become 71.30.168.216.in-addr.arpa instead of spamhaus.org.

        The basic problem here is that the court probably shouldn't have jurisdiction, and Spamhaus asserts that it doesn't, and therefore didn't defend

    • The NN in ICANN stands for "Names and Numbers". ICANN could not only revoke their DNS, they could also revoke their IP addresses.
      • Re: (Score:3, Informative)

        by Tony Hoyle ( 11698 )
        No they couldn't. Spamhaus is european and its IP addresses are allocated by RIPE.

        I don't think ICANN even give out IP addresses in the US.

        Plus if they did everyone would probably ignore them anyway.
  • ICANNot do it cap'n! (Score:4, Interesting)

    by Volante3192 ( 953645 ) on Monday October 09, 2006 @02:04PM (#16367973)
    Can ICANN even pull a second level domain? .org is managed by Public Interest Registry. One would imagine all ICANN could do would be to put a halt on the org TLD...
    • They can do what they want if the registrar's offices are in USA. The data is stored on a hard disk in the USA then the court can sieze it.
      • They can do what they want if the registrar's offices are in USA. The data is stored on a hard disk in the USA then the court can sieze it.

        The original poster was talking about ICANN not being able to do anything, and rightly so. I haven't read the contract between PIR [pir.org] and ICANN, but I doubt it includes the ability for ICANN to remove specific delegations from the .ORG domain.

        You are correct that the court could theoretically size the servers that are located in the USA, although I'm not sure what the legal
  • ICANN abuse (Score:4, Insightful)

    by JonyEpsilon ( 662675 ) on Monday October 09, 2006 @02:07PM (#16368025) Homepage
    If I've ever heard a compelling argument for an independent ICANN, this is it!
  • Jurisdiction (Score:5, Insightful)

    by chiller2 ( 35804 ) on Monday October 09, 2006 @02:11PM (#16368089) Homepage
    Is this perhaps why there was pressure to separate the US government from ICANN? Maybe now we can see why.

    US court
    US spammer
    UK RBL
    • America is the world police. They want something done elsewhere in the world, they have it done through the UK.
    • Actually, I see this as direct corrolation to:

      EU courts...
      EU Companies complaining...
      A certain giant convicted US monopolist selling to customers in the EU market cutting out those EU companies.

      I'm sure the US courts can take any dollars from US customers to satisfy fines even if they can't enforce their ruling in the rest of the world. The RBL can withhold service from american customers-- but doesn't want to because of the profits involved.
      • by chiller2 ( 35804 )
        Spamhaus is based solely in the UK whereas said monopolist has a physical presence in numerous EU countries.

        Microsoft
        Microsoft Campus
        Thames Valley Park
        Reading Berkshire
        RG6 1WG

        Service Clients Microsoft France
        18 avenue du Québec
        91957 Courtaboeuf Cedex
        France

        Microsoft Deutschland GmbH
        Privatkundenbetreuung
        Konrad-Zuse-Straße 1
        85716 Unterschleißheim

        I would say that puts them in the jurisdiction of the EU courts. This is not the case with Spamhaus and the USA.
  • by Anonymous Coward
    This isn't going to happen, neither ICANN or the current DNS would ever recover from a scandal like this. Let's just forward all our spam to Governor Blagojevich [illinois.gov].
  • Users have decided to put their faith in what Spamhaus says is or is not spam. If they say these people are spammers then they are, and the users don't want the mail coming from them. End of story. If they are pulled from Spamhaus then the users will just enter them in their blacklists directly either way they will get blocked.

    Its a stupid arguement...they are spammers if we the general public or our trusted agent (Spamhaus) say they are...
    • by El Torico ( 732160 ) on Monday October 09, 2006 @02:30PM (#16368371)
      Wait, we should see both sides of this argument. All of us can read what e360insight has to say at http://www.e360insight.com/case_history.html [e360insight.com], and yes, I mean all of us. Of course, since we are polite, all of us won't do it at the same time, will we?

      Also, we can express our concerns directly to them at http://www.e360insight.com/contact.php [e360insight.com]. They were nice enough to have a comment submission form. I hope they have a lot of disk space for submitted comments.

  • by The Blue Meanie ( 223473 ) on Monday October 09, 2006 @02:20PM (#16368211)
    So go ahead and pull their domain from the DNS hierarchy.

    # cat >> /etc/named.conf
    zone "spamhaus.org" in {
                    type forward;
                    forwarders {216.168.28.44; 204.69.234.1; 204.74.101.1; 204.152.184.186; };
    };
    ^D
    # pkill -HUP named

    All fixed!!
  • I have no opinion on the legal position, but I would have thought it unlikely that Nominet would pull Spamhaus's record or IP address. So ICANN probably couldn't do much about it even if they wanted to. In the worst case scenario one might have to use the spamhaus.org.uk address instead of the spamhaus.org one.
  • by Mr. Protocol ( 73424 ) on Monday October 09, 2006 @02:22PM (#16368251)
    According to the article by the John Marshall Law School lawyer, the problem is not that Spamhaus ignored the initial TRO. The problem is that they didn't. They appeared in state court and asked that the case be moved to Federal Court, which it was. By doing so, they implicitly agreed that the Federal Court had jurisdiction.

    Then they claimed it didn't.

    I can't think of anything more likely to P.O. a judge than to ask to get into his courtroom, then call him a buffoon.

    In the end, as the article says, ICANN may be forced to pull 'spamhaus.org', but ISPs that use it are savvy enough to move to using 'spamhaus.or.uk' or something similar, outside the court's control. But the individuals affected by the order may be unable to set foot in the U.S. for the rest of their lives, even to change planes.
    • Re: (Score:2, Insightful)

      by partenon ( 749418 )
      "But the individuals affected by the order may be unable to set foot in the U.S. for the rest of their lives, even to change planes."

      Is it supposed to be bad?
  • Maybe the judge have no clue on what he decided... showing him some examples could be good as in:
    • Making his small children/grandchildren receive viagra&porn sites spam
    • Making his mail address public, so he WILL receive spam, probably some from the very company he is defending
    • Making him understand the optional part of the equation, and that he should do the same with microsoft, yahoo, google, and practically every decent mail provider in internet as they are also probably avoiding their users to re
    • Re:Perspectives (Score:5, Insightful)

      by dodobh ( 65811 ) on Monday October 09, 2006 @02:40PM (#16368509) Homepage
      Spamhaus method of fighting spam dont stops 3/4 of the spam of the world. Probably graylists, bayesian analisys, and other methods stops far more.

      You obviously don't run a mail server with > 1 user. The sbl-xbl list stops ~ 80% of our spam. That's for a small email service provider, defending only about 75 million email addresses.

      Bayesian doesn't stop spam. It just flags stuff as possible spam. Humans are worse filters than any software. If you have to look for false positives in a spam folder, don't even bother to filter stuff. That is just a waste of CPU cycles.

      On the smaller servers I run, recipient validation handles ~ 50% of the spam, the sbl-xbl stops ~ 80% of the rest, dynamic IP blocks and hostname checks stop the remaining.
  • Voluntary email blocking service to block emails from addresses selected by Spamhaus?

    I mean- it seems to me, if I want to pay someone to filter emails for me, I should be free to do so.
  • cases their IQ/Knowledge might not be able to handle.

    this is a case to prove this point.
  • If you have an interest in the case, get a lawyer and file arguments as an intervenor or other non-party participant. Public openness and participation is a hallmark of Western legal system.

    If you don't have a lawyer in that jurisdiction, consider getting a local one who can find a proxy there.

    In any event, protect your interests. If you don't, you may lose them; the law tends not to protect those who sit on their rights.
  • by Anonymous Coward on Monday October 09, 2006 @02:54PM (#16368763)
    A reckless decision by this judge to crap on the internet over an uncontested U.S. based trial will be a huge motivation to wrest DNS control from U.S. control/jurisdiction.

    If U.S. judges think they have carte blanche to impose their laws on foreign entities using domain listing as a weapon then we absolutely MUST get DNS control the heck out of U.S. control, i don't care what DARPA thinks they invented decades ago. The status quo currently is bad enough as it is, but if one person in a robe is going to single handedly eliminate the backbone of the international anti-spam war when the service is based in a foreign country, run by non-U.S. citizens and it's a voluntary subscription service then something drastic needs to be done.

    The notion that the U.S. can 'summon' foreigners to defend themselves in U.S. domestic courts is deeply flawed to begin with. It's just amazing that anyone can mock the Chinese for their 'great firewall' when the U.S. is prepared to yank a site from the ENTIRE WORLD, and think they can just because it's domain name is published on a U.S. machine when that is mandated by an historical quirk.

    Is it time we gave the United States their little .us domain to play with and left the rest to people who understand how serious this stuff really is.
    • something drastic needs to be done

      Militant Muslims have been telling you that for years :-)

    • Re: (Score:3, Informative)

      by ScrewMaster ( 602015 )
      Congratulations on posting one of the most arrogant, clueless remarks I've heard in a long time. The rest of you had just as many centuries as we did to come up with something like the Internet and failed. We gave it to you for free, let all of you use it, even our bitterest enemies, and have managed it with a far more even hand than ANY of you "people who understand how serious this stuff really is" would ever have done.

      Truthfully, your comment smacks more of blindly uninformed anti-Americanism and unadult
    • Re: (Score:3, Insightful)

      by russotto ( 537200 )
      Quite a rant, but that's all it is.

      1) The U.S. hasn't summoned Spamhaus to appear in court. According to the court documents posted so far, Spamhaus was never served with this lawsuit.

      2) The U.S. so far hasn't shown any willingness to yank the site. Rather, there's a _proposed_ order from a Federal judge in the Northern District of Illinois which would yank the site. IANAL, but I know a court's powers to compel third parties are limited, and there might be an issue of that district's jurisdiction over IC
  • by kimvette ( 919543 )
    Publicly post the judge's and the plaintiff's email addresses publicly on every messageboard and blog known to man, sign them up for every known advertising list, freebie offer, etc. and extend this to their families as well.

    You'll see the order rescinded and the spammer's case thrown out of court with prejudice.
  • I'm amazed (Score:5, Insightful)

    by belmolis ( 702863 ) <billposer AT alum DOT mit DOT edu> on Monday October 09, 2006 @03:16PM (#16369159) Homepage

    I'm amazed at the knee-jerk reaction of so many people here. I hate spam as much as the next person, but claiming that the judge is ignorant, stupid, or malicious is ridiculous. The fact is, Spamhaus responded to the suit in the most inappropriate way imaginable, by acknowledging the federal court's jurisdiction and thereafter ignoring it. If you get a traffic ticket, even if it is unwarranted, what would you expect to happen if you turn up in court, then walk out and refuse to communicate any further with the court? What Spamhaus has done is the equivalent, only federal judges have a LOT more power. Spamhaus should either have challenged the court's jurisdiction from the outset or, having accepted it, complied with its orders and defended the suit.

    Other than Spamhaus trying to correct the situation, I wonder if third parties might be able to submit an amicus brief to the court along the lines of: "Yes, Spamhaus behaved liked idiots, but cutting them off is not in the public interest.":

    • Re: (Score:3, Interesting)

      This was a default judgment. They might have a decent chance to set aside the judgment and defend on the merits. I wonder where the EFF comes down on this?
  • This means you need 4x the CPU power, so it's time to upgrade all your servers or buy more of them.
    Nice one, uncle Sam.
  • Juristiction my ass (Score:5, Interesting)

    by digitalgimpus ( 468277 ) on Monday October 09, 2006 @03:26PM (#16369335) Homepage
    Lets look at the facts:
    1. Spamhaus isn't in Illinois
    2. Spamhaus isn't even in the US, no business presence on US territory at all.
    3. Spamhaus only connection to the US is US companies utilize the service.

    Based on that Illinois can only go after companies that use the database, not the provider overseas. They don't market or have any presence in the US. The court likely could go after these companies. Will they?

    Now what I'd love to see is Illinois try and go after everyone in the US using the database... go ahead and try. I'll keep using it because it's a good effective database.

    I've got a feeling there's money behind this ruling. It just sounds to fishy to be legitimate.
  • IF... (Score:3, Informative)

    by SmoothTom ( 455688 ) <Tomas@TiJiL.org> on Monday October 09, 2006 @03:49PM (#16369719) Homepage
    ...the judge orders ICANN to pull their DNS, and IF they actually do it, the estimate is that SPAM could incease 4X.

    If so, I sincerely hope that somehow the increase in SPAM to the judge's court is even higher - at least double that.

    The only way that folks who purposely damage the system for the majority of users will learn, no matter that it may be just not understanding what they are doing, is if they see a direct effect - a strong direct effect - on their own personal use of the system.

    --
    Tomas
  • Chicken Little FTL (Score:3, Interesting)

    by kindbud ( 90044 ) on Monday October 09, 2006 @04:37PM (#16370513) Homepage
    is the Net prepared to deal with a 4-fold increase in spam hitting MTAs overnight?

    Not gonna happen.

    Total number of recipients logged in one maillog file: 92033

    Total number of messages in this logfile that got a SpamAssassin score increase thanks to XBL or SBL listing: 47818

    Total number of scores that may have potentially been pushed over our threshhold (9.0) by the SBL/XBL score: 985

    Big effing deal. All the RBLs could go offline this afternoon, and it would have minimal impact on our spam scoring system. It isn't necessary for any RBLs to exist to control spam. It just isn't.

After all is said and done, a hell of a lot more is said than done.

Working...