Spamhaus hits out at ISPs, praises Microsoft

The chief technology officer of anti-spam campaign group Spamhaus hit out at ISPs on Tuesday, accusing them of failing to protect their customers from malicious attacks. Meanwhile he had high praise for Microsoft's Windows XP Service Pack 2.

In a panel session at IT conference Infosecurity Europe 2005, Richard Cox said ISPs were ignorant about who their customers were and what problems they faced. "The majority of (networks) do not know who their customers are," said Cox. "If you have a problem, you will not get a response. They will not firewall your network, but they do firewall the customer support center so you cannot get through."

Cox highlighted botnets--thousands of networked compromised PCs, typically used for malicious purposes such as spamming--as a problem for the Internet community. He said ISPs should exclude botnet computers from using their service. "It is the network's responsibility to take [botnet] computers off the network."

Cox said that Windows XP Service Pack 2 had helped to reduce the number of botnets around the world. "SP2 has removed a number of vulnerabilities in XP," said Cox. "But whatever we put right in SP2, [hackers] will find a way around it."

But the Computer Crime Unit of London's Metropolitan police disagreed with Cox.

"The botnet issue is a rising problem despite the issue of SP2," said Detective Inspector Chris Simpson. "It is also the script kiddies [doing this]. We might joke about the impact of these people, but a 15- or 16-year-old with a 30,000-strong botnet might be able to wipe someone off the Internet, so they really do pose a threat to anyone with Internet presence."

Dan Ilett of ZDNet UK reported from London.

[System Tyrant]

Spamhaus...

needs to either be shut down or heavily regulated. The way they do business is ridiculas. They block IP numbers without regard to everyone on it. My host had theirs blocked a few weeks ago and it took five days to get if fixed. I could not send e-mail for five days. That is ridiculas. I know spam is a problem without many real solutions, but their solutions just sucks. I will not knowanly support any company that uses their products.

I would also suggest that people read the information on their site. They don't care about colateral damage done to those that use shared hosting. I personally hope they get taken down.

[poster48150]

Spamhaus does not "block e-mail"

Matthew Good wrote:

"They block IP numbers without regard to everyone on it."

This is not correct. Spamhaus, like the other maintainers of similar lists, simply PUBLISHES one or more lists of IP addresses. It's up to an individual ISP or business to CHOOSE whether or not to block messages based on Spamhaus' or any similar lists. You should complain to either the ISP/business that is blocking the e-mail, or complain to your own ISP that they need to stop harboring spammers, or find another ISP that isn't spammer-friendly.

Presumably, Spamhaus blocks e-mail sent to themselves, based on their lists. They have every right to do this. They own their own network. It's private property and they can keep anything out that they want. "My network, my rules."

Jim
(no affiliation with Spamhaus, not even a user)

[System Tyrant]

One more comment.

This guy Cox is an idiot. Self richeous useless man. I don't think he knows a d*mn thing about stopping spam. If you haven't figured it out yet I really don't like Spamhaus. This company is run by idiots and causes more problems than they fix. And where is there customer service? Oh yeah hidden behind a firewall. Just try to get anything out of them. Unless you are an ISP you won't get even a peep from them.

You can't sue them either. They cost your company a million dollars. Well too bad.

I say down with Spamhaus.

[robintontx]

Odd....

I never had any difficulty contacting the folks at Spamhaus. They have always responded to questions and requests in a expeditious fashion. I have evaluated the majority of the RBL services out there and they have (in my opinion) the lowest false listing rate of any (again, in my opinion). Given that where I work 63% of the incoming e-mail is SPAM I would recommend that if you have a problem with Spamhaus publishing your net in their list you contact your ISP about taking care of the Spammers they are hosting who are getting you listed.

Robert

[orfeu_niko]

Yeap

Now I understand why US still uses dial-up. If
someone has broadband or something, then he's a
security threat.
Or maybe I'm wrong. I'm willing to admit that.

[Jim Harmon]

Why US uses dial-up

Many people don't feel that broadband is worth the extra money. Many seem satisfied with the service they get for $25/mo or less. I'm not among those... but more than half the people I know are.