Savvis Grudgingly Get Savvy About Spam 239
ElvenMonkey writes "The BBC is reporting that Savvis has finally promised to ditch those accounts that are using its network to send spam, in an effort to reduce the damage already done against its reputation; the CEO promises that all such accounts will be closed within 10 days (working days?) Amongst these accounts are believed to be the majority of the top 150 worst spammers worldwide."
Question (Score:5, Insightful)
Re:Question (Score:3, Insightful)
Their major pipe provider could probably care less what they do, same as Savvis did, as long as customers paid their bills. The only people bright enough to figure out who they are are geeks who use traceroute.
Re:Question (Score:2, Interesting)
There's two ways of thinking of this... from the comsumer point of you (the reciever of spam) and the business point of view (Savvis). I'd do the same thing if I was running their company.
Re:Question (Score:2)
See, that is exactly what is wrong with Corporate America... almost no sense of social responsibility. I'm sure most spammers have a very similar excuse. "I gotta make money and I'm not breaking any laws..."
*sigh*
-matthew
Re:Question (Score:2, Insightful)
Interesting, looks like maybe Paul Vixie reads slashdot [merit.edu] too (or maybe he surfs the BBC all day?).
Re:Question (Score:5, Interesting)
Similarly, what is unacceptable for a mom and pop garage shop ISP is perfectly acceptable for a Tier 1 or a larger Tier 2 ISP. If they decide to make a business from hosting SPAMmers (and some do) there are very few means to fight them.
Re:Question (Score:3, Interesting)
Of course, they fully supported the "marketers" who bought space from them. But they were against spam.
Re:Question (Score:2)
Rus
Re:Question (Score:5, Informative)
Savvis is an awesome provider. I run a free email service, and I can tell you when I was on Savvis (sharing a connection with another business), they were great. They told me when they got abuse complaints, and I took care of it. They also assign your subnet to you within Arin, so my guess is that they don't hear 90% of 'Arin complaints'.
Now I'm on RoadRunner (only access available where I am). The idiots in RR abuse will not forward me complaints, they just threaten to cut my access. They will not make an Arin change, and actually told me to buy 8 (yes, EIGHT) ips from ARIN so I wouldn't be associated with RR. Apparently the routing nightmare that would be created by assigning 8 IP's at a time is completely lost to RoadRunner tech support.
It looks to me though, that the assetts and C&W just haven't been brought into the fold as well as they should have (include the Abuse arm). I personally have complete confidence in Savvis.
Re:Question (Score:5, Informative)
Savvis is being forced to terminate their spamming customers because they can no longer deny that they know about the spamming activity. Savvis has openly supported clients who have engaged in network abuse and even criminal activity.
Re:Question (Score:4, Informative)
SPEWS blocks IP ranges only AFTER an ISP fails to kick off spammers for an extended period of time. This is because many spam-friendly ISPs just don't care if the spammers are blocked -- they'll often move the spammers to new IPs (which they can't do now because places like SPEWS will just block the old AND the new IPs) and move legitimate people into the blocked ones as human shields. SPEWS only lists non-spammer IPs because Savvis didn't take action against spammers in the first place -- specifically, SPEWS is listing the spam-friendly ISP's IP ranges, the "innocent parties" just happen to be renting IP space from known spam-supporting outfits. Savvis brought it upon themselves by making their IP space a cesspit from which no one wants traffic. That's their fault, stop blaming SPEWS for Savvis's bad decisions.
And SPEWS doesn't block anyone. That's a common spammer lie.
There's more to both sides.. I just don't have time to enlighten the masses on what a Good company does for it's customers vs what overzealous spam outfits can do to a Good companies customers.
Any ISP that openly supports spammers on their network is not a "Good company".
Re:Question (Score:2)
LOL. Spews is just as much a pain in the ass as the spammers themselves.
Re:Question (Score:2)
I notice that you didn't actually refute my statement that SPEWS blocks no one.
And I agree, SPEWS is a major pain in the ass. It's a big pain in the ass to scummy ISP management who would like to be able to host criminals without worrying that it will impact their ability to do business, and it is a pain in the ass to spammers who find themselves booted when their previously spam-friendly ISP finds themselves in SPEWS list. Boo-fuc
Re:Question (Score:2)
SPEWS will block entire countries, without any consideration to the spam to ham ratio. Their blacklist is poorly maintained, their policies regarding entry and removal from it is a joke and prone to verbal abuse. Even they advise upone their usage as experimental and not reliable enough for production.
Good luck filtering any serious mail servers with these bozos.
Re:Question (Score:2)
Let's see, I already point out that SPEWS does not block anything, and now you claim that SPEWS will block "entire countries".
That would make you a liar.
without any consideration to the spam to ham ratio.
SPEWS lists IP ranges based upon the presence of a spammer and the amount of time that the spammer has remained connected on that IP address and continued to spam. Please give an example of SPEWS "blocking an entire country" (hint: you can't, because SPEWS doesn't
SPEWS really DOESN'T block anyone (Score:4, Interesting)
What SPEWS and similar services do is blacklist people, and users of the blacklists can decide whether to use the blacklist to block incoming messages, or whether to use it as weighting in systems like SpamAssassin. I fairly commonly see SpamAssassin ratings that say "X points because it's in blacklist1, Y points because it's in Blacklist2, Z points because it's matches the Nigerian_3 pattern, N points because it's ALL YELLING", etc.
SPEWS does have a reputation for being overzealous, and blacklists that are way overzealous get ignored by users, or given a low SpamAssassin weighting or whatever, as opposed to more conservative and responsible blacklists. But that's a choice you can make.
Re:SPEWS really DOESN'T block anyone (Score:2, Interesting)
What I can't figure out is this: their service is *identical* to credit reports. They take reports from third parties, produce lists of reported activities, and let others make their own decisions from the list.
Why isn't the credit reporting agency analogy more often used? Regular people should understand that right away.
Re:Question (Score:2)
I doubt RR has seen any complaints in years. I no longer bother trying to get their attention.
Re:Question (Score:2)
Oh that's rich...
Since when is it permissable to pass abuse reports to the spammer? How is RoadRunner supposed to know you aren't a spammer?
So ..what... I'm using my own server as an authenticated relay using various hacked PCs around the world to originate the email?
Hello? McFly? And I would need the relay and the hassles because..?
And I'm clueless one.. *sigh*.. I'd tell you how to view your headers, but I don't use Outlook.
They are a huge connector. (Score:3, Informative)
Which is the problem. They're so big that they have lots of legitimate customers and a few spammers.
The only way to go after them is through their reputation and their customers. Which is what happened. They don't want to be known as a spammer's network so they have to change.
Great (Score:5, Funny)
Re:Great (Score:5, Funny)
Re:Great (Score:2)
Rus
I didn't send in the response card for the holiday (Score:2)
Re:Great (Score:3, Funny)
But the money was so tasty (Score:3, Funny)
Capitalism In Full Flower (Score:5, Funny)
In related news the CEO said, "To make up for the lost revenue, we'll host pr0n. We'll be actively competing with GoatSex Guy."
ePorn is very profitable (Score:5, Interesting)
Re:ePorn is very profitable (Score:3, Funny)
Rus
Re:ePorn is very profitable (Score:5, Funny)
Re:Capitalism In Full Flower (Score:5, Funny)
I refuse to belive that guy could possibly be generating revenue from that site.
If anything, I'm sure he's paying through his ass for bandwidth. (Oh, sorry, couldn't resist.)
=)
Re:Capitalism In Full Flower (Score:2)
(seriously, that was great, man.)
Re:Capitalism In Full Flower (Score:4, Funny)
My second thought was, what was the first
Re:Capitalism In Full Flower (Score:4, Funny)
Please explain (without diagrams!) the GoatSex guy's business model.
Re:Capitalism In Full Flower (Score:2, Interesting)
Damn it! (Score:5, Funny)
Truth about Savvis (Score:5, Interesting)
how terrible (Score:4, Funny)
Re:how terrible (Score:2)
Too bad you didn't talk longer. You would have found out that due to an invasion his government was anihilated and he was the only survivor. He doesn't have a bank account and I am helping out with a VERY large transaction. Savvy?
Savvis to later announce.......... (Score:5, Funny)
If it makes money... (Score:5, Insightful)
Re:If it makes money... (Score:2)
The current SenderID/SPF and other DNSy proposals are a start, but they don't really do the right job. The trouble is they are trying to win too much of the war with one battle. If we fix SMTP such that a recipient knows, with certainty, that the address of the immediate sender is actually correct, then most of the spam problem can be dealt with more effectively by other methods.
We shouldn't then worry about wh
Re:If it makes money... (Score:2)
Most spam uses bad return addresses anyway. You could simply have it setup so that your e-mail system could initiate a reply in a fashion similar to the way bounces are generated. If it gets any message other than OK, it rejects the message before delivery.
Spammers would naturally move to using real addresses they culled from other sources, but it's a good first step that I believe would eliminate the vast majority of current spam.
Why 10 days? (Score:5, Insightful)
Are they going to send them a greeting card or something that says, "oh, even though you are great customers we are being told we can no longer host your illegal activities so you have 10 days to vacate?"
Re:Why 10 days? (Score:2, Insightful)
Re:Why 10 days? (Score:5, Insightful)
Re:Why 10 days? (Score:4, Insightful)
Contracts Perhaps? (Score:2)
Considering how scummy spammers are, id not put it past them to do something like that.
Disclaimer: I've *not* seen the contract/aup nor do i know the legal status of the spam they are sending.. I'm just guessing here..
I have proof they know. (Score:2)
Tracking link: http://www.sheck-buy.com
[report history]
ISP does not wish to receive report regarding http://www.sheck-buy.com
Resolves to 216.39.69.238
Routing details for 216.39.69.238
[refresh/show] Cached whois for 216.39.69.238 : abuse@savvis.net
Using abuse net on abuse@savvis.net
abuse net savvis.net = abuse@savvis.net
Using best contacts abuse@savvis.
About bloody time (Score:3, Interesting)
But it makes me wonder if this was more of a move of desperation for Savvis. On the surface, sure - they were threatened with what amounts to a permanent blacklist. But even then.
Spam will die when it becomes un-profitable. (Score:2)
As you can see in the article, the spammers paid LOTS of money to savvis for the bandwidth.
Now they'll have to find another ISP which will, probably, charge them even MORE money to put up with the crap that savvis is unwilling to deal with any more.
This isn't the war, but it is a victory.
slashdotting (Score:3, Interesting)
Right after they were threatened with a netblock (Score:5, Interesting)
Re:Right after they were threatened with a netbloc (Score:2)
Which confuses me greatly. There are ISPs in the world that haven't already blocked all of Savvis at the router level?
Re:Right after they were threatened with a netbloc (Score:4, Insightful)
Well, given that Savvis's customers (both their own and the ones they got from c&w) include people like Lycos and a few Federal agencies, that might not be such a good idea.
Re:Right after they were threatened with a netbloc (Score:2)
Why not? If I run an ISP, I am perfectly within my rights to block all traffic from Savvis's networks regardless of who is renting bandwidth from them.
Re:Right after they were threatened with a netbloc (Score:2)
Maybe, but when our customers can't access legitimate sites, they head to another ISP. We can't even use spamhaus because it blocks too many networks with real users on them.
Re:Right after they were threatened with a netbloc (Score:2)
If you say anything other than "no" you're lying.
Re:Right after they were threatened with a netbloc (Score:3, Insightful)
Re:Right after they were threatened with a netbloc (Score:2)
Dropped for now (Score:5, Insightful)
Re:Dropped for now (Score:3, Insightful)
Immoral, illegal, whatever. If they are really pulling in that amount of money, I'd consider doing it.
However, I have grave doubts that believing that the money is that good. You can buy a good wad of "regulators" with that cash.
Re:Dropped for now (Score:2)
Personally, although I hate Spam, its not in the same box as Sex-slave trading.
Drug trafficking may be more on a par though.
Re:Dropped for now (Score:3, Insightful)
No...No...No... (Score:3, Insightful)
We need to track down the spammers, take them to court, and take away some of there money.
One lawsuit is not going to put a dent in their business, but when they have to defend 50 lawsuits and pay $10,000 in attorney fees to defend each one and then pay a $5,000 judgment, then it will hurt them.
Re:No...No...No... (Score:3, Interesting)
Another method of financially hurting spammers, which the government could start doing anyt
IP blocks (Score:2)
Re:IP blocks (Score:3, Informative)
Which rule was it? (Score:3, Interesting)
Which is to say, they bill $2 million, but spammers, being spammers, only pay 1/10th.
Can't help but how much that has to do with botting the lying thieves, and how much is the threat to block their entire network.
Re:Which rule was it? (Score:2)
Was the title copied from The Register (Score:2)
Re:Was the title copied from The Register (Score:2)
Who? (Score:2, Interesting)
At first I saw the name `Savvis', and I'm thinking, never heard of them before, who's that? Then I saw the mention of C&W in the article and the light went on -- "Oh, Clueless and Witless! It all makes sense now!"
Finally (Score:2)
Rus
If they were serious. (Score:5, Insightful)
When they cancel a spammer, make the information on the spammer public so that the spammer can be tracked and sued.
Re:If they were serious. (Score:4, Interesting)
My girlfriend and I had just bought 28 acres to open a nursery next spring, and found a large oak across the only building on the property. It was an old frame structure, and not worth much, but now we have to buy something for an office. Too bad I couldn't get some of the spammers fines to buy a new building.
Re:yeah but... (Score:4, Informative)
Re:I don't follow (Score:2)
Re:If they were serious. (Score:2)
I thought all Spam was from evil non-Americans? (Score:5, Insightful)
Now we have some proof that 148 of the world's worst spammers are hosted by a US company will these same people call for a complete block on US emails or is that now a crazy approach?
it's all outsourced... (Score:2)
Re:I thought all Spam was from evil non-Americans? (Score:2)
I don't know about C&W. I also don't know whether most of the spammers came from C&W or were already Savvis customers.
I manage a group of servers hosted at the Savvis LA1 NOC and they seem like a competent company. This year, I got a couple of compaints forwarded to me, which were resolved quickly (no spamming from my servers).
Still, I am glad they are going to be proactive in combating abusers.
Re:I thought all Spam was from evil non-Americans? (Score:2, Interesting)
I thought it was common knowledge that most spam comes from the US. http://www.spamhaus.org/rokso/ [spamhaus.org]
As the others said, it's a matter of baby vs. bathwater. People (usually) don't just block all of China because there are some spammers there, they block all of China because there are some spammers there and they don't expect to receive any valid email from China. While there may be a huge amount of spam coming from the US, most of their valid email is probably coming from the US also. It simply wouldn't ma
Spammers will go elsewhere (Score:4, Insightful)
Until there is a universal anti-spam framework in place across the internet, this move won't help anyone. It will help Savvis's reputation (at least, it will help them eventually; people will still block them for a while). But it won't help spam recipients, because the spammers will simply go elsewhere. Spammers, being the leeches that they are, adapt pretty damn fast.
Re:Spammers will go elsewhere (Score:2)
Spammers are persistent and work damn hard. Which brings to mind, if they only put half that effort in legit work, they would probably be halfway to CEO by now in a legit company.
However, legitimacy is not an option for the truly evil.
Re:Spammers will go elsewhere (Score:2)
They're just not worth it (Score:4, Interesting)
He disputed the figure of $2 million a month revenue from the spammers, and said the actual figure is only a tenth of that amount.
It's not worth $2m/month for the bad publicity, how much less then $200K/month. That doesn't make sense. If you're only making $200K/month, little over $1000/spammer/month, then dump them. Why is this even being discussed?
Comment removed (Score:5, Insightful)
Savvis AUP prohibits Spam (Score:3, Interesting)
(From the "this is news?" department):
Found on their website [savvis.net]
The following general actions are considered "abuse" and are strictly prohibited:
Using SAVVIS networks to transmit material that SAVVIS believes to be illegal, obscene, or inappropriate.
Forging of message headers or identity information, or taking any action with the intent of bypassing restrictions or limits on access to a specific service or site. This prohibition does not restrict the legitimate non-commercial use of pseudonymous or anonymous services.
Falsifying identity or contact information (whether given to SAVVIS, to the InterNIC, or other parties).
And found elsewhere on the same page, specifics against "spam e-mailing." That pretty much covers the actions of those who are using the system to send out unsolicited commercial e-mail.
I believe that Savvis ought to be made to completely reveal to the authorities and the Internet Community the identities, home and work addresses and telephones of those persons identified with the sending of UCEs. That might take 10 days, though it should not.
Of course that means I'll get less pr0n in my in-box....
Re:AUPs mean nothing at all (Score:3, Informative)
With respect, I would strongly suggest that AUPs are very meaningful in the sense that they constitute a contract that may be enforced in a court of law.
For example, were you to have a contract with me for a year of Internet service and you started to use my system to spam others, were I to summarily shut you down, you would have a cause of action to sue me for non-fulfillment of our contract.
An AUP adds those clauses to any contract in effect and prevents an ISP from being sued by a spammer for sending
Users' worm-infected boxes? (Score:3, Insightful)
Re:Users' worm-infected boxes? (Score:2)
Spammis (Score:3, Informative)
(Agis hosted Sanford Wallace for about a year while loudly proclaiming they weren't doing anything wrong. LOTS of people found out how to block IP ranges. Agis later repented, booted Wallace et al, but it was too late. Nobody who cared about their online reputation would choose them as a host, and Agis went belly-up not too long thereafter.)
Agis is an acronym (Score:3, Funny)
If they have a reputation... (Score:2)
Why 10 Days (Score:2)
Re:Burn Savvis 'crops', Salt Their Fields! (Score:2)
c&w [blackholes.us]
You can use some of their lists to block a lot of spam. If you don't know anyone in China or Korea, you can block those segments.
Re:Burn Savvis 'crops', Salt Their Fields! (Score:3, Funny)
Re:spam assassinated? (Score:3)
Of course, just because a user doesn't SEE the spam, doesn't mean the spam isn't wasting bandwidth and system resources being sent and rejected/dropped.
Re:permanently block them.. (Score:2)
What happens when the ISP goes belly-up and the IP space gets reassigned to somebody else?
The problem with permanent blocking is that eventually, most of the internet will be blocked.