Forgot your password?
typodupeerror
Spam

Washington Post Blog Shuts Down 75% of Online Spam 335

Posted by CmdrTaco
from the real-american-hero dept.
ESCquire writes "Apparently, the Washington Post Blog 'Security Fix' managed to shut down McColo, a US-based hosting provider facilitating more than 75 percent of global spam. " Now how long before the void is filled by another ISP?
This discussion has been archived. No new comments can be posted.

Washington Post Blog Shuts Down 75% of Online Spam

Comments Filter:
  • Not Just Spam (Score:5, Interesting)

    by eldavojohn (898314) * <eldavojohn@gm[ ].com ['ail' in gap]> on Wednesday November 12, 2008 @09:10AM (#25732821) Journal
    From the article:

    The badness attributed to McColo was not limited to spam. It included child pornography sites; sites that accepted payment for spam and child porn; rogue anti-virus Web sites; and a huge malicious software operation that apparently stole banking and credit card data from more than a half million people worldwide.

    And they operated for how long before they were shut down ... as a United States based hosting provider?

    If they have evidence of these things, I certainly hope that The Washington Post turns any evidence over to the FBI or at the least the local law enforcement where McColo is operating. And I hope a warrant is obtained through the appropriate channels to collect evidence from Hurricane Electric & Global Crossing ... I'm all for user privacy policy from an ISP but obviously these people are criminals.

    • Re: (Score:3, Funny)

      by Anonymous Coward

      Your post advocates a

      ( ) technical ( ) legislative ( ) market-based (x) vigilante

      approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

      ( ) Spammers can easily use it to harvest email addresses
      ( ) Mailing lists and other legitimate email uses would be affected
      (x) No one will be able to find the guy or collect the mone

      • Re:Not Just Spam (Score:5, Insightful)

        by Goaway (82658) on Wednesday November 12, 2008 @09:52AM (#25733339) Homepage

        Did you just fill that in at random, or what?

      • Re:Not Just Spam (Score:5, Insightful)

        by theaveng (1243528) on Wednesday November 12, 2008 @09:55AM (#25733365)

        I don't see how providing evidence to the government is "vigilante justice". On the contrary it is government justice which is what government is there to provide.

        • Re:Not Just Spam (Score:4, Interesting)

          by billcopc (196330) <vrillco@yahoo.com> on Wednesday November 12, 2008 @12:00PM (#25734997) Homepage

          Oh boy... field trip!

          The government is not there to enact justice, it is there to provide services to its citizens. Justice is not a service. Justice is a tool, a device to help ensure social stability, and as long as justice is controlled by someone on the payroll, there will be no true justice. There is only loyalty to the payroll.

          Plus, your sig has been bugging me for a while now:

          The government is not your daddy. Its purpose is not to raid middle-class neighbors' wallets and give it to the lazy.

          ... nor is its purpose to raid lower- and middle-class people's wallets and give it to the rich, but purpose be damned because that's all it's ever been good at!

          • Re:Not Just Spam (Score:5, Insightful)

            by theaveng (1243528) on Wednesday November 12, 2008 @12:57PM (#25735837)

            >>>>>The government is not your daddy. Its purpose is not to raid middle-class neighbors' wallets and give it to the lazy.

            >>... nor is its purpose to raid lower- and middle-class people's wallets and give it to the rich...

            No shit Sherlock. The common flaw with any of these actions is this - it's theft. Which is why I was strongly opposed to the 700 billion THEFT of taxpayer dollars to give to rich Wall Street fat slobs. And why I voted-out the politicians who voted "aye" to the bill.

            • Re:Not Just Spam (Score:5, Insightful)

              by IllForgetMyNickSoonA (748496) on Wednesday November 12, 2008 @02:35PM (#25737445)
              I can't stand those rich Wall Street fat slobs either (really - I just loath them), but the problem is, that if all the rich suddenly get broke and poor, the middle class (that's me, and - I guess - you) is screwed just as well, because the complete system breaks down.

              Of course, one could say screw the system, let the world burn, but the problem is, once the fire goes out, the same rich fat slobs shall crawl out of their lairs and take over the world again, just as if nothing happened.

              One more thing: I'm not a US citizen, so I might be wrong on who woted "aye" to the questionable bill, but I seem to remember, that it was just about everybody and their dogs (at least in the second round). So, whom did you really vote out?
      • Re: (Score:3, Funny)

        by DavidTC (10147)

        (x) No one will be able to find the guy or collect the money

        No one will be able to fund the guy or collect money from someone who owns a building? Um, okay.

    • Re:Not Just Spam (Score:4, Insightful)

      by Smelly Jeffrey (583520) on Wednesday November 12, 2008 @09:36AM (#25733157) Homepage
      The CAN-SPAM Act [ftc.gov] is directed at the commercial entities that actually create the message, not the service providers who happen to be the medium. There are no penalties defined for the ISP at the source end of the spam. This is a slippery slope, and one the US has done well to avoid so far.

      While many have an opinion otherwise, the fact is United States based internet service providers are protected by common [lectlaw.com] carrier [wikipedia.org] laws.

      While shutting down this ISP may have slowed the spam for today, the two fundamental flaws remain:
      • the United States does not have and will never have jurisdiction over foreign spammers
      • the spammers can relay their email through yet another ISP tomorrow.
      • Re: (Score:3, Informative)

        by theaveng (1243528)

        False. ISPs are Not common carriers. They have never applied for that distinction within the courts, and so they remain private-owned businesses. Therefore they are liable for actions committed.

      • Re: (Score:3, Informative)

        by Aranykai (1053846)

        Except that ISP's are NOT common carriers in the USA.

        http://yro.slashdot.org/article.pl?sid=05/06/27/1510219 [slashdot.org]

        Now, please stop promoting nonfactual bullshit.

      • Re:Not Just Spam (Score:4, Interesting)

        by cgenman (325138) on Wednesday November 12, 2008 @10:17AM (#25733705) Homepage

        Common carrier laws apply to ISP's because they are providing a neutral gateway, and is no more aware of the details of what is going on their network than the Highway service knows what I'm keeping in the trunk of my car.

        Spam senders, however, is different. It takes a large amount of network resources, spawns repeated complaints, and triggers most network system warning bells. You can't spam on any real scale and not be noticed. No ISP would accidentally allow spammers to operate on their network for any length of time... there must be complicity.

        ISP's generally don't like to talk about it, but the usual arrangement is that you get to spam X amount in exchange for X extra cash per month, or similar. Unless McColo was extraordinarily incompetent, they must have had a similar arrangement. I think it's fair to say that level of interaction (and kickback) takes them out of common carrier status.

    • ISPs are clueless? (Score:5, Insightful)

      by Bearhouse (1034238) on Wednesday November 12, 2008 @09:37AM (#25733177)

      Also FTA:

      'Two hours later, I heard from Benny Ng, director of marketing for Hurricane Electric, the Fremont, Calif., company that was the other major Internet provider for McColo.

      Hurricane Electric took a much stronger public stance: "We shut them down," Ng said.

      "We looked into it a bit, saw the size and scope of the problem you were reporting and said 'Holy cow! Within the hour we had terminated all of our connections to them."'

      So, after much hand-waving here, and elsewhere, about what info the Gov. and your ISP may be collecting about you, they could not spot this, a major spam, child-porn and theft site?

      Maybe the honest version would be;
      "We were making shitloads of money out of selling bandwidth to these bastards, 'no questions asked', but now you've blown the whistle on them I guess we've gotta look responsible."

      • by Anonymous Coward on Wednesday November 12, 2008 @10:30AM (#25733847)

        Because Hurricane Electric is operated by a boatload of fucking imbeciles. As someone who had cage/rack space (as a form of 2nd data centre) from them for numerous years, I can assure you their operational methods are quite possibly the worst (particularly in the Bay).

        It comes as no surprise that "HE had no idea this was happening". They have no idea what's happening on their network at any time.

        Imagine calling them because your network port is showing 30-40mbit/sec incoming traffic, destined to IPs that aren't even in your netblock (but are assigned to another HE-hosted company), and having two engineers tell you "that's impossible". You provide them tcpdump pcaps, and they tell you "those can't be real". The issue mysteriously gets resolved 72 hours later, and no one calls you back to tell you what the problem was. When you inquire, you're told "a customer had a misconfigured load balancer", which just induces even more questions about their network setup.

        Imagine a co-location provider that does not use vlans or any form of layer 2 segregation between customers, relies on out-of-country ISPs to provide connectivity between them and large tier-1 ISPs (specific example: peering with Telia -- a Swedish ISP that does not have a US-based NOC -- exclusively to gain access to AT&T's network), and has no form of failover redundancy, specifically on their core routers (they did have redundancy at the switch level). I'm absolutely convinced their Fremont data centre had a single public-facing router.

        Their main Cisco GSR would crash/lock up for 10-15 minutes at time, before rebooting on its own or being administratively power-cycled. "What is happening with your network? No inbound or outbound packets make it to their dest" "We have an open case with Cisco" "Why was there no failover?" "We've an open case with Cisco". 2 months later, repeat. "Is this the same issue as 3 months ago?" "We believe so" "And why have you not replaced the hardware?" "We've an open case with Cisco". This issue went on for THREE YEARS.

        Then there's their UPS/power situation: twice during a single year their Fremont data centre lost power for 6-7 full minutes at a time. Both times, it was caused by "unexpected problems during maintenance"... but they supposedly have back-up gas generators, and tote photos of them on their web site.

        Then there's the cages. The cages are enclosures which should be 4-post, and are intended to be 4-post, but are front-mounted 2-post (and by front-mounted I don't mean telco style!). Generic, non-managed power strips are shoved into the cages, intended for you to use (rather than a 1 or 2U SNMP-managed PDU at the top of the rack). The cages are not deep enough for full-length servers, which results in full-length boxes blocking said power strip AC outlets. 42U rack, but only 6 or 7 AC outlets usable (unless you spaced your servers in a peculiar way, wasting about 1/3rd of your entire rack).

        One word: ghetto.

        When you consider all of the above, no one in their right mind should be surprised they were hosting a kiddie porn/spam/shady customer. "Build it and they will come".

        • by NevarMore (248971) on Wednesday November 12, 2008 @12:20PM (#25735311) Homepage Journal

          So, I don't mean to be a dick here or anything, but you had those kinds of problems with a vendor you were using as a data centre not just once, but over a timespan measured in YEARS.

          While you anecdotes indicate that HE does have problems, I think the bigger concern is that they have customers who put up with those problems. What golden nugget are we missing? Do they have higher than normal payouts for failing to meet SLAs?

          • Re: (Score:3, Insightful)

            His management may have been too inept to see the problems as badly as the "geek engineer" who had to deal with the issues. It's very costly to move, and easy to just bury your head in the sand. I'm not surprised they went through this for years. Sounds like a data center from hell and tech support from Sprint LOL
    • Re:Not Just Spam (Score:5, Insightful)

      by ojintoad (1310811) on Wednesday November 12, 2008 @09:51AM (#25733327)

      I certainly hope The Washingto Post doesn't have to do the job of the Federal Authorities in the future.

      I think this quote down on the third page was probably the best, from a Trend Micro researcher (emphasis mine):

      "There is damning evidence that this activity has been going on there for way too long, and plenty of people in the security community have gone out of their way to raise awareness about this network, but nobody seems to care," [Paul] Ferguson said. "It's a statement on the inefficiencies of trying to pursue legal prosecution of these guys that it takes so long for anything to be done about it. Law enforcement is saying they're doing what they can, but that's not enough. And if law enforcement can't address stuff like this in a timely fashion, then the whole concept of law enforcement in the cyber world needs to be readdressed, because it's hardly making a dent at the moment."

      • Re:Not Just Spam (Score:4, Insightful)

        by theaveng (1243528) on Wednesday November 12, 2008 @10:07AM (#25733561)

        The "federal authorities" cannot be everywhere at once. If you see a man getting beat by another man, do you just stand by and wait for the police to show-up 30 minutes later to collect the body? Of course not. You and your fellow citizens act to stop the abuse.

        What happened here is no different. This reporter noticed an illegality, collected evidence, and then took action (called the ISP) to see if he could stop it. Later on, he will provide the evidence to the government.

        • by Lord Apathy (584315) on Wednesday November 12, 2008 @10:13AM (#25733639)

          If you see a man getting beat by another man, do you just stand by and wait for the police to show-up 30 minutes later to collect the body?

          Well lets not get ahead of our self here. Depends on why the other man is kicking his ass. If the one getting his ass kicked is known child molester and the one doing the ass kicking clams that he has molested his daughter, I would be more inclined to pop open a cold beer watch the show. In the case of a known spammer I might be even willing to lend a hand.

          Hell, I was at a fight a few weeks ago that I paid 50 bucks to see....

          • Re:Not Just Spam (Score:5, Insightful)

            by theaveng (1243528) on Wednesday November 12, 2008 @10:32AM (#25733869)

            Even child molesters have the right to not be beaten to a pulp. For one thing, the *alleged* child molester might be falsely-accused and completely innocent. Such judgments should be made in a neutral environment by due process of law (court system), not by people on the street. Therefore I would act to stop a so-called molester from being beaten - you can take him into custody without turning him into a corpse.

            Discussing this issue reminds me of the guy who was beaten in Chicago(?) and then just left to lay there and suffer, while thousands of people walked past him & ignored his plight. You don't just "let the government help him". You use your individual liberty to take the initiative, call an ambulance, and help stop the bleeding.

        • by thrillseeker (518224) on Wednesday November 12, 2008 @10:38AM (#25733943)
          If you see a man getting beat by another man, do you just stand by and wait for the police to show-up 30 minutes later to collect the body?

          When seconds count, the police are just minutes away ...
      • Re:Not Just Spam (Score:4, Insightful)

        by kkwst2 (992504) on Wednesday November 12, 2008 @10:09AM (#25733587)

        Be careful what you wish for.

        I'd like to suggest quite the opposite, that this is the way it should be. Do not trust the government to protect your interests in this regard. Time and time again they've been proven slow, incapable, and even corrupt.

        Meanwhile, it is private groups, reporters, etc. that keep things in check. While this system is far from perfect, it's certainly better than the government as the sole "protector" of our interests.

    • Re:Not Just Spam (Score:5, Insightful)

      by zaffir (546764) on Wednesday November 12, 2008 @09:52AM (#25733335)
      Anyone wanna guess how much faster would they have been taken down had they been hosting RIAA or MPAA copyrighted works?
  • by Anonymous Coward on Wednesday November 12, 2008 @09:11AM (#25732827)

    Just give us an IP address linked in the summary. That's all we ned.

  • good job! (Score:5, Funny)

    by larry bagina (561269) on Wednesday November 12, 2008 @09:18AM (#25732917) Journal

    First they shut down McCain, now McColo. Next up: McDonalds?

  • Oblig. (Score:5, Funny)

    by Mateo_LeFou (859634) on Wednesday November 12, 2008 @09:18AM (#25732933) Homepage
    • Re:Oblig. (Score:5, Funny)

      by TheThiefMaster (992038) on Wednesday November 12, 2008 @09:43AM (#25733241)

      More like:

      Your post advocates a
      (x) technical (x) legislative (x) market-based (x) vigilante
      approach to fighting spam. Your idea will not work. Here is why it won'... Holy crap how did you do that? 75% of all spam!? So much for it being botnets causing it! Congratulations!

  • by Ritz_Just_Ritz (883997) on Wednesday November 12, 2008 @09:19AM (#25732935)

    the spam will flow. It's the old "balloon dog" effect. Squeeze it in one place and it balloons in another. The ONLY way to attack this problem is to go after the advertisers who are willing to use spam as a medium to sell product.

    • Re: (Score:3, Interesting)

      by postbigbang (761081)

      Or change the protocol set to something that can still work with anonymous yet non-commercial/legal mail. I can't think of a single person that would mind changing their email address or taking a few steps to eliminate the spam they get.

      • by HungryHobo (1314109) on Wednesday November 12, 2008 @09:27AM (#25733037)

        So how do you set up a system where people can still be anon(even if the government issues some warrents) but held accountable for spam?Got any protocols which allow that?

      • Or change the protocol set to something that can still work with anonymous yet non-commercial/legal mail.

        Sure, that's easy. Here's a few things to think about:

        Your post advocates a

        (X) technical ( ) legislative ( ) market-based ( ) vigilante

        approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

        ( ) Spammers can easily use it to harvest email addresses
        ( ) Mailing lists and other legitimate email uses would be affected
        ( )

    • Re: (Score:3, Interesting)

      by I.M.O.G. (811163)

      Usually when people make absolute/exclusionary statements, like "the ONLY way", they end up being not entirely correct.

      While going after the advertisers could solve the problem, that assumes you could track them down AND have any control over their actions. Jurisdictional hurdles and similar problems are obvious with this approach.

      Fortunately tho, that's not the ONLY way to address the problem. It'd be good if ISPs had incentives to address the problem - large scale bittorent protocol usage is something t

    • The ONLY way to attack this problem is to go after the advertisers who are willing to use spam as a medium to sell product.

      Your post advocates a

      ( ) technical (X) legislative (X) market-based (X) vigilante

      approach to fighting spam. Your idea will not work. Here is why it won't work.

      (X) No one will be able to find the guy or collect the money.
      (X) The police will not put up with it.
      (X) Anyone could anonymously destroy anyone else's career or business.
      (X) Jurisdictional problems.
      (X) Dishonesty on the part of spammers themselves
      (X) Lack of centrally controlling authority for email
      (X) Open relays in foreign countries

      And my favorite.

    • the spam will flow. It's the old "balloon dog" effect. Squeeze it in one place and it balloons in another. The ONLY way to attack this problem is to go after the advertisers who are willing to use spam as a medium to sell product.

      I think we need to go after the clowns making the balloon animals!

      God, I hate clowns...

  • Wow (Score:4, Interesting)

    by Reality Master 101 (179095) <RealityMaster101@noSpAM.gmail.com> on Wednesday November 12, 2008 @09:19AM (#25732941) Homepage Journal
    I had ONE spam message last night. I average probably 20 a night.
  • Sigh (Score:5, Funny)

    by elrous0 (869638) * on Wednesday November 12, 2008 @09:21AM (#25732961)
    Well, I guess now my Nigerian prince will never come.
  • by petes_PoV (912422) on Wednesday November 12, 2008 @09:21AM (#25732973)
    as the title says. if it gets them "off the air" is this a public service or a criminal act (or both)?
    • by drinkypoo (153816)

      Since morality is subjective, only you can decide. However, it is certainly illegal, and could get you sent to federal pound-me-in-the-ass prison.

      • by inviolet (797804) <slashdot.ideasmatter@org> on Wednesday November 12, 2008 @09:55AM (#25733373) Journal

        Since morality is subjective, only you can decide. However, it is certainly illegal, and could get you sent to federal pound-me-in-the-ass prison.

        Interesting. So it's up to me whether it is good or bad to eat broken glass.

        Look, since your mission is to undermine everyone's certainty, at least do it right. The one part of morality that is completely subjective is the discount rate, which is the time horizon that you set for your outcomes. Most things are good in the short term and bad in the long term, or vice versa, or some mixture. Nobody anywhere has yet figured out any rule for choosing or weighting one's time horizon.

        Indeed, probably most political disagreements are really disagreements over time horizon. E.g., stay in Iraq? It's all about how far into the future you look for justification.

    • Re: (Score:3, Informative)

      by mdmkolbe (944892)

      This was not a DDoS. They simply convinced their upstream providers to cut them off.

      This is perfectly legal(*) and moral, but is most cases completely impractical (upstreamers don't want to loose the revenue stream, downstreamers can always find a new upstream, etc).

      Of course it is also very susceptible to abuse as it is the digital age's equivalent of old-world shunning.

      (*) There may be contractual obligations and penalties for such actions but perhaps the downstreamer's bad behavior might contract

    • Re: (Score:3, Insightful)

      by Lord Apathy (584315)

      Fuck the spam issues, even though that was a good thing taking them out. I noticed that a blurb at the bottom said they where in with other criminal activities including hosting child porn sites. I want to know why someone isn't headed off to prison if this is a US based company.

  • Hosting Child porn? (Score:3, Interesting)

    by arkham6 (24514) on Wednesday November 12, 2008 @09:23AM (#25732979)
    According to the article, the provider hosted servers that provided child porn.

    1: Is that really possible for kiddie porn sites to be active in the US?
    2: If its true, would that company be partially responsible legally speaking?
  • Recomment (Score:5, Informative)

    by Anonymous Coward on Wednesday November 12, 2008 @09:24AM (#25732999)
    The comments on the Washington Post site are pretty worthless, but this one was particularly good:

    "Brian - Well done, and well reported. For the user who asked about reporting news versus creating news, you misunderstand Krebs's reporting. Like most good reporters who write big stories, he either got tips or analyzed data regarding spam and cyber-security. It probably was a combination of both. If he determined from his research, reporting and analysis that this data was coming from one place, he did not create a story by informing the spam host's business partners. Rather, he sought comment from them about this site, and they took action. What Krebs reported is not a big a story as Watergate, but what do you think Woodward & Bernstein did? Wait for a press release? A regulatory filing? No, they took one news event, worked backwards from it, and determined that something big was going on -- just like a spammer. Then they wrote about it, just like Krebs did. When Henry Blodget on Silicon Alley Insider wrote that The New York Times Co faces several possibilities for survival, he did not tap into a planned news event. He analyzed a balance sheet and made conclusions. Much of the news that comes out is because beat reporters see connections and draw conclusions that are not opinion, but reasoned and accurate viewpoints based on evidence out there that resists coalescing into a larger news event because most of us don't get it. That's why we have journalists, and this is a great example of that. And now for the full disclosure: I'm Robert MacMillan. I am a reporter at Reuters who covers the journalism business, and I worked at washingtonpost.com for many years with Brian. I sat right across from him so I know what he eats for lunch. Posted by: easymac | November 11, 2008 9:45 PM "
  • by plsuh (129598) <plsuhNO@SPAMgoodeast.com> on Wednesday November 12, 2008 @09:29AM (#25733059) Homepage

    When it comes to these sorts of things, oft times law enforcement and intelligence agencies who know about a source of major operations DON"T shut them down, so as to build a case against the bigger players or to maintain the ability to track what is going on. Given that this is a US-based corporation with US-based servers, I wonder if this shutdown has seriously compromised on-going monitoring and criminal cases. While this has almost certainly seriously disrupted operations of the various bad guys for now, I would give it only a few days before they're back online based at overseas locations where they're less easily reachable. Except for some script kiddies, the operations are all sophisticated enough to use standard techniques such as multiple hardcoded fallback IPs. DNS redirection, and using fake BGP announcements to hijack IP blocks to get back online.

    --Paul

    • by dbIII (701233) on Wednesday November 12, 2008 @10:04AM (#25733507)
      I think law enforcement and intelligence is too busy working hard in other areas (IMHO due to mismanagement and fear campaigns) to be able to handle their traditional roles. If you see criminal activity that you can stop immediately without any danger to yourself why look the other way? You can report it later instead of making yourself an accessory after the fact by condoning the criminal activity by continuing to let them operate with your resources.

      As for the other stuff, in a world scripted by Tom Clancy the supervillians simply switch to their backup systems. However in reality shutting down something that has taken a long time to establish can stop them for a long time and can open them up to exposure when they are trying to do it again.

  • by EmperorKagato (689705) <sakamura@gmail.com> on Wednesday November 12, 2008 @09:32AM (#25733089) Homepage Journal

    This is their AUP from 2005 (Mccolo.com)

    Acceptable Use Policy (AUP)

    All Maxis' Commerce colocation or dedicated server customers are bound by the following Acceptable Use Policy. This document may be updated from time to time. Please consult this site periodically for the most recent revision of this document.

    No Maxis' Commerce customer shall:

    Do anything illegal or anything that adversely affects Maxis' Commerce legal interests. The following list is non-exclusive, and should not be considered license to commit other illegal activities not specified below. All illegal activity is prohibited, and Maxis Commerce will cooperate fully with any law enforcement officials and/or agencies investigating and/or prosecuting such activities.

    Cracking/Hacking - attempts to access accounts or systems other than the userâ(TM)s own accounts or systems or an account or system that the user has been explicitly authorized to access is illegal under federal and state law.

    Child pornography - as defined by U.S. law. This is strictly prohibited and dealt with quickly and harshly.

    Interstate gambling - because Internet traffic generally ignores state and country boundaries, any Internet based gambling site is restricted by Federal Inter-state gambling regulations.

    Pyramid schemes or fraud - are illegal under a number of Federal, State and Local laws.

    Theft of services - attempts to utilize services that are not contracted for is considered theft and will be dealt with as such.

    Harassment - use of Maxis' Commerce network to harass or threaten (in the legal sense of those terms) any other person is prohibited.

    Please consult an attorney if you are unsure of the legal status of your activities.

    Do anything that threatens the integrity of Maxis' Commerce network or the utilization there of by other persons.

    Denial of Service (DOS) attacks - no customer will commit a DOS attack against any Maxis Commerce customerâ(TM)s host, or any other host on the Internet. Similarly, no Maxis Commerce customer will willfully or negligently allow incitement of others to attack any host on Maxis' Commerce network, or any other host on the Internet.

    Blacklists - No customer shall do anything that could get any portion of Maxis' Commerce IP space (or address space announced by Maxis Commerce on behalf of Customer) put on blacklists such the RBL (Realtime Black List) as maintained by MAPS (http://www.mail-abuse.com) or other similar organizations, or perform activities that would cause portions of the Internet to block mail or refuse to route traffic to any portion of Maxis' Commerce IP space (or address space announced by Maxis Commerce on behalf of Customer).

    Perform actions that cause unusual load on Maxis' Commerce servers (for example, mail servers, web servers, usenet servers, name servers, etc.), that cause slowness or denial of service to other Maxis Commerce customers.

    Do anything that threatens the Internet or any other network.

    No customer shall take actions that cause any portion of the Internet, or the Internet as a whole, to become unusable to any other portion of the Internet, or the Internet as a whole.

    No customer shall take actions that degrade the usefulness of the Internet, or any portion of the Internet, either through network degradation, flooding of usenet or email or so on.

    Spam - No customer shall send unsolicited commercial email, unsolicited mass mailings, spam or flood usenet newsgroups, or anything of that sort. If you have questions about what is allowed and what is not, please email abuse@mccolo.com for clarification.

    No spam may originate from Maxis Commerce IP space.

    No spam may advertise sites or services located on Maxis Commerce IP space (even if the spam originates elsewhere).

    No Maxis Commerce customer shall use third party mail servers to relay spam. This is considered a DOS attack on the third party and will be treated as such.

    No customer shall participate in pyramid schemes

  • How much spam? (Score:2, Insightful)

    by Rik Sweeney (471717)

    So, how much spam does everyone get each day on average? I think I get between 5 and 8, not much by most people's standards I imagine it's still depressing to see.

    I'll be interested to see if this number goes down in the next few weeks, but I doubt I'll notice.

    • by gapagos (1264716)

      My gmail account deletes all spam older than 30 days, and I never bother to go into that folder.
      Considering I currently have 517 spam emails, that means I receive 517/30=17.23 emails of spam per day on average.

      So yeah, quite a bit. I had this email address for a little bit more than 4 years.

    • Re: (Score:3, Interesting)

      by SCHecklerX (229973)

      You'd have to ask my greylist, mimedefang, and spamassassin filters, as most of it gets killed before even making it to the 3rd, which kills the rest. Stuff in that small threshold I allow, maybe 1-2 every couple of months gets through, and that's usually from a company I actually had done business with in the past.

      Mimedefang rejections on dumb things at the helo/from stage, and greylisting kill most things without ever having to receive or process it.

    • Re:How much spam? (Score:4, Interesting)

      by argent (18001) <peter@nospAM.slashdot.2006.taronga.com> on Wednesday November 12, 2008 @09:58AM (#25733431) Homepage Journal

      So, how much spam does everyone get each day on average?

      Well, according to my mail logs, my mail server that currently provides mail service for myself in the past 8 hours:

      Has blocked 2879 messages, based simply on the IP address, using RBLs.
      Has blocked 1013 messages, based on some early tests in mail delivery.
      Has passed 176 messages on for further filtering, with my address. I haven't checked how many were to my wife or to invalid addresses. Typically that's several hundred an hour.

      The next level of filtering:

      Dropped 18 messages completely.
      Filed 127 messages in the "probable spam" box, where they will be deleted within a week.
      Delivered 31 messages to my home server.

      Of those messages, about half of those were filed as "spam" by Apple's Mail.app.

      That's pretty low by my standards. Good work.

    • Re: (Score:3, Interesting)

      by s7uar7 (746699)
      Gmail holds spam in a separate folder for 30 days before deleting them. Usually I have around 3000 emails in there, around 100/day, but at the moment I only have 1442; over the last 4 days I've only averaged 30 spam emails a day (900ish a month).
  • OMFG!! (Score:5, Funny)

    by glock22ownr (734154) on Wednesday November 12, 2008 @09:34AM (#25733125)
    MY SITE IS DOWN!! WTF !
  • Does that mean that I will NOT be getting my millions of dollars from that friendly nigerian prince?
  • The story, linked to from the story, linked to by slashdot requires registration. Anyone got a handy login?

  • BS. Not by volume. (Score:3, Interesting)

    by suso (153703) * on Wednesday November 12, 2008 @09:40AM (#25733207) Homepage Journal

    This couldn't be by volume. Given the amount of spam that everyone receives every day, I don't think a single ISP could possibly generate 75% of it. It would take multiple gigabit connections and I'm sure someone would have already noticed that kind of traffic coming from one place.

    • by radish (98371) on Wednesday November 12, 2008 @09:50AM (#25733317) Homepage

      RTFA. The ISP in question hosted the control points for the botnets which generated the spam. They didn't need crazy bandwidth, just solid hosting.

      • by suso (153703) * on Wednesday November 12, 2008 @10:03AM (#25733491) Homepage Journal

        Ok, I did RTFA that slashdot posted too, but not the link inside the article. The initial article didn't mention anything about botnets and made it sound like it was the source of the spam.

        What I don't like about this is that it gives normal people a false sense of security about the whole issue. The real issue is that governments aren't cracking down on people within their borders causing these problems including the U.S.

        The Washington Post is not a security agency, they are a news agency. And when they do stuff like this they don't really have the right motives. Its just like those investigative reports that your local news channel does.

        Slimy business practices have a way to continuing on despite everything, so in the wake of McColo it won't be long before we have a Colo King.

  • by rwyoder (759998) on Wednesday November 12, 2008 @09:46AM (#25733281)
    I use a procmail filter that sends mail from known addresses into my mailbox, and dumps everything else into a "garbage" file that I check every morning before deleting it, (on the off change that a friend or business has sent mail from a new address). This morning for the first time in *years*, the file was empty.
  • by Time Ed (970465) on Wednesday November 12, 2008 @09:48AM (#25733303)

    ...once the folks who sell spam and porn find a hosting provider who turns a blind eye, they tend to stick with it and consolidate their operations. Paying attention to Spamhaus and the more reliable botnet trackers tells me where these operations are located, and helps me write good gateway filters for my employer, my house, and my friends. Cutting off internet access tends only to disperse the nere-do-wells rather than stop them, and I have to start over again tracking and writing new filters. In other words, I like to know where these guys hang out so I can avoid them, the same way I avoid the riff-raff in the physical city where I live.

    I think its great that someone is doing something about the problem, but I don't think it should be the ISP. We already have laws against spam and certain porn, and it should be up to the government to enforce those laws. Vigilantism is never the answer.

    The tried-and-true way works: if you have evidence, take it to the police. If the police won't do anything, take it to the press. Sure it takes a little longer, but it keeps - in this case your internet connection - safe from the Random Crusader. And the criminals may actually get arrested.

  • Most of what I tend to see in my inbox (or SeaMonkey junk folder) are various variants of the "Nigerian Scam". I dont see all that much actual commerical spam for some reason.

  • I haven't seen so much as a slight dip in spam-per-hour on any of the spam filters I manage.

  • Spam graph way down (Score:3, Informative)

    by ESCquire (550277) on Wednesday November 12, 2008 @10:05AM (#25733525)
    For all those who don't believe that a single ISP can be responsible for this amount of spam: take a look at the munin graph [imageshack.us] from our spam scanner. When I looked at it in the morning I went "huh, did I misconfigure something on our mail server?", didn't find anything, went to Google News and submitted to /. shortly after that.
    • Re: (Score:3, Funny)

      by farbles (672915)
      Our graph looks even better - incoming mail is down to a quarter what it was. All the mail servers are ordering margaritas, they haven't seen incoming spam rates this low in years.
  • by foniksonik (573572) on Wednesday November 12, 2008 @10:19AM (#25733741) Homepage Journal

    This shows a dramatic reduction in spam [spamcop.net] as of yesterday 4PM EST.

    Will be interesting to watch it climb back up....

  • by kipin (981566) on Wednesday November 12, 2008 @10:22AM (#25733769) Homepage
    http://www.spamcop.net/spamgraph.shtml?spamweek [spamcop.net]

    Look at Tuesday's sharp drop off coinciding with the shut down.
  • by tsu doh nimh (609154) on Wednesday November 12, 2008 @10:47AM (#25734071)
    From their press release: "In the afternoon of Tuesday 11/11, IronPort saw a drop of almost 2/3 of overall spam volume, correlating with a drop in IronPort's SenderBase queries. While we investigated what we thought might be a technical problem, a major spam network, McColo Corp., was shutdown, as reported by The Washington Post on Tuesday evening."
  • by Animats (122034) on Wednesday November 12, 2008 @12:33PM (#25735491) Homepage

    Now it's time for some federal law enforcement action. Over at McColo, there will be records that indicate who's behind the spamming and botnet operations. They'll know who paid for servers. There will be phone records showing who made support phone calls to McColo.

    McColo is in San Jose, and the San Francisco office of the FBI, which covers Silicon Valley, has a Cyber Intrusion Squad. [fbi.gov] It's their job to start digging and find out who's behind the spam operations.

    Even if the people behind the spamming tried to stay anonymous to McColo, the odds are that they slipped up somewhere.

Parkinson's Law: Work expands to fill the time alloted it.

Working...