OT Spamhaus tactics (was Spamhaus RBLs)

Anthony Cartmell ajcartmell at fonant.com
Tue Oct 21 17:12:48 IST 2008

>> Spamhaus seemed such a good idea, but my opinion of its accuracy and
>> policies is somewhat tainted now...
> It's still one with quite "friendly" policies (ever dealt with
> spews/apews?).

No, not yet :)

> The point of doing what they did is that you catch the
> attention of the upstream provider much quicker than by listing only a  
> few single IPs while the offending spammer is jumping from IP to IP.

Yes, it certainly was effective using hundreds of innocent servers as a  
lever to get one spammer stopped. Just not very nice being caught in the  
cross-fire with very little that we could do.

> If the
> provider gets complaints from a lot of customers they may act quicker on
> getting rid of the spammer or they may prove that they *are* a spam
> hosting provider. So, it's effective either way.

True. Would have been nice to think that Spamhaus might have done just a  
little bit of homework to inspect the machines in the netblock to see who  
was using them, but I suppose they don't really care too much if innocent  
people's e-mail is getting blocked, so long as it doesn't happen often  
enough for people to question their lists and then stop paying for feeds.

> And there's also the occasional case where you accidentally attribute a
> subnet to a spammer because many IP addresses in that space already  
> belong (or belonged) to them and it looks like they can use the whole
> range.

This was deliberate escalation by Spamhaus, not accidental, they said as  
much in the comments.


www.fonant.com - Quality web sites

More information about the MailScanner mailing list