Perspectives on Spamhaus's Dilemma 420
The Illinois court that told Spamhaus to stop blocking the spammer filing suit against them — an order which Spamhaus ignored — is now considering ordering ICANN to pull Spamhaus's domain records. While Gadi Evron, whose blog posting is linked above, urges everyone to beat the judge with a clue stick, a guest writer on his blog counsels much greater restraint. Anti-spam lawyer Matthew Prince explains how Spamhaus got into its current pickle — apparently by following conflicting legal advice at two points in the process — and what they might have to do to get out. One spamfighter of my acquaintance says that Spamhaus's SBL and XBL blocklists knock out 75% of the spam at his servers before it hits and requires more CPU-intensive filtering. If ICANN is ordered to unplug Spamhaus from the DNS, and does so, is the Net prepared to deal with a 4-fold increase in spam hitting MTAs overnight?
Would you like spam with that? (Score:4, Interesting)
On the plus side, that might convince the judge to rethink the order.
ICANNot do it cap'n! (Score:4, Interesting)
Re:Hopefully ICANN is rational (Score:2, Interesting)
Re:What'll happen if spamhaus disappears from DNS? (Score:1, Interesting)
Of course, this whole thing is insane. I bet all those people who supported US control of the root DNS servers are feeling pretty stupid right now.
There is just one thing that can clear up the mess (Score:1, Interesting)
1) Bloggers blog about this, show their outrage at this nonsense, get themselves linked on social networking sites
2) YouTube users with too much time on their hands create humorous re-enactments of Spamhous process
3) Topic gets hyped, leaks into mainstream media, leads to public debate
4) Plaintiff in Spamhaus process looses business, money, walks the street, robs gas station, dies in prison of drug abuse
5) Whacky redneck fossil judge is forced to retire and takes up terrorizing his neighborhood
6) Everybody is happy again.
Ok, bloggers everywhere, time you do something useful.
Re:Hopefully ICANN is rational (Score:2, Interesting)
Good luck.
Re:Would you like spam with that? (Score:3, Interesting)
Re:Hopefully ICANN is rational (Score:1, Interesting)
Re:Ghostbusters (Score:4, Interesting)
That's a perfectly reasonable attitude, provide you are aware that the chinese business will, therefore, win their lawsuit in a chinese court. If you have no assets anyplace that a chinese court could get to, then you are fine. Just don't miscalculate, ignore them, lose to a default judgement, and then remember that you do have stuff in China!
Also, you have to be careful HOW you ignore them. For example, if you start to defend yourself on the merits, and then say "screw this...you don't have any jurisdiction over me, so bugger off" and THEN start ignoring them, that initial defending on the merits might be seen as conceding jurisdiction to the court. That's bad, because then when the winner comes to your country to collect, there is a decent chance your country's courts will recognize the debt as a valid debt, and then it is a simple matter for that Chinese business to get a judgement in your country to enforce the debt.
The bottom line: ignoring a court anywhere in the world is not something to take lightly. You need to at least get a lawyer with experience in the laws of your country to tell you HOW to ignore the foreign court so that you won't accidently open yourself up to a nasty surprise.
This could be the end of U.S. DNS control (Score:5, Interesting)
If U.S. judges think they have carte blanche to impose their laws on foreign entities using domain listing as a weapon then we absolutely MUST get DNS control the heck out of U.S. control, i don't care what DARPA thinks they invented decades ago. The status quo currently is bad enough as it is, but if one person in a robe is going to single handedly eliminate the backbone of the international anti-spam war when the service is based in a foreign country, run by non-U.S. citizens and it's a voluntary subscription service then something drastic needs to be done.
The notion that the U.S. can 'summon' foreigners to defend themselves in U.S. domestic courts is deeply flawed to begin with. It's just amazing that anyone can mock the Chinese for their 'great firewall' when the U.S. is prepared to yank a site from the ENTIRE WORLD, and think they can just because it's domain name is published on a U.S. machine when that is mandated by an historical quirk.
Is it time we gave the United States their little
Re:Ghostbusters (Score:3, Interesting)
Except that Spamhaus is not spam filtering or blocking software. It's merely a DNS database of sources of spam. There are many things you can do with it - you could toggle the use of Spam Assassin or perform extended anti-virus checking against emails from these addresses. You could enable grey-listing only for emails from the spamhaus addresses.
There are lots of things you could do - spamhaus only provides the database.
It's up to the ISP administrator to decide to use spamhaus for blocking email messages.
If I took a list of phone numbers of "bad guys" that I don't like, and published it, is it my fault if somebody uses that with caller ID to make a "phone call blocker"?
Sorry, the judge is simply out in left field, and needs to be beaten about the head and shoulders with a clue stick.
Wouldn't it need a federal court ? (Score:1, Interesting)
Could someone pls. send this over to GrokLaw...
Re:Ghostbusters (Score:2, Interesting)
Accountability certainly, but transparency would help to resolve these issues. The Antispyware industry tackled this by creating and then supporting systems/procedures that allow targeted application developers to appeal their inclusion in the AS's detection database, detection category (malicious, adware, Trojan, etc...), threat level, etc
More importantly, a similar procedure could open up a line of communication between the "spammer" and the antispam provider that may allow the antispam provider to force positive change in the behavior of the advertiser.
Sample framework for a possible procedure
1) Suspected/targeted advertiser contacts the Antispam solution provider with an appeal as to the detection and blocking of their commercial messages
2) Antispam provider then does a complete and DETAILED technical analysis and write-up/documentation of why the content is detected/blocked in a specified time period. This report is then supplied to the advertiser.
3) Based on the report generated in #2, the content detection is continued (I.E., there is ample and reproducible evidence that the advertiser is engaged in spam activities and the blocking is valid)or the detection is determined to be a false positive and the blocking is removed...
4) Given that the content is blocked due to valid and reproducible evidence, the Antispam provider will then have all the evidence they need to defend their position in court if need be
If the security industry wants to provide the protection their customers require (hopefully this is the main motivation), then they have to also provide the means for positive change in advertising models.
Escalation without any means of relief/behavior modification is ultimately self-defeating...
Re:Hopefully ICANN is rational (Score:3, Interesting)
I hate to bring up that whole slippery slope thing, but we can't just have courts ordering names removed from DNS. What's next? Porn sites? Music sharing? Terrorists? Communists? Democrats? Without an independent, (relatively) impartial name registration/IP address management system the whole concept of a global Internet could break down.
A question for a courthouse email admin? (Score:2, Interesting)
Juristiction my ass (Score:5, Interesting)
1. Spamhaus isn't in Illinois
2. Spamhaus isn't even in the US, no business presence on US territory at all.
3. Spamhaus only connection to the US is US companies utilize the service.
Based on that Illinois can only go after companies that use the database, not the provider overseas. They don't market or have any presence in the US. The court likely could go after these companies. Will they?
Now what I'd love to see is Illinois try and go after everyone in the US using the database... go ahead and try. I'll keep using it because it's a good effective database.
I've got a feeling there's money behind this ruling. It just sounds to fishy to be legitimate.
Re:I'm amazed (Score:3, Interesting)
Re:Ghostbusters (Score:3, Interesting)
If it wasn't for spamhaus and other blocklist services, it would be up to individual administrators to create their own blacklists (most savvy admins do anyway BTW...) Now I don't know about other admins, but once you are in MY blacklist, you are there FOREVER. If you are in 4,556,865 blacklists, good f-ing luck getting out. Being on ONE list you have a chance.
The other option is a reputation based system where "trusted" submitters send blacklist updates via usenet (GPG signed.) Since there is no single DNS server (or domain) it can't get shut down. I suppose you could also share the main list via bittorrent, freenet, or other such service.
Anyway, I would expect spamhaus to just get a bunch of alternate names registered all over the place in different countries to get out of a TLD that is under US control.
Reconfigure your MTAs NOW.. (Score:4, Interesting)
- Use IP numbers or
- host a domain resolution for spamhaus in a local name server and configure your MTA to hit that first. (Have your nameserver serve as an unofficial secondary pointing to their primaries, and squirrel a dump of their name service just in case the court gets their primaries shut down.)
Then ICANN can pull the record and it won't do squat.
For your convenience (from nslookup):
> server 204.74.101.1
Default Server: udns2.ultradns.net
Address: 204.74.101.1
> set type=soa
> spamhaus.org
Server: udns2.ultradns.net
Address: 204.74.101.1
spamhaus.org
origin = need.to.know.only
mail addr = hostmaster.spamhaus.org
serial = 2006100802
refresh = 3600 (1H)
retry = 600 (10M)
expire = 2419200 (4W)
minimum ttl = 3600 (1H)
spamhaus.org nameserver = udns2.ultradns.net
spamhaus.org nameserver = udns1.ultradns.net
spamhaus.org nameserver = ns8.spamhaus.org
spamhaus.org nameserver = hq-ns.oarc.isc.org
ns8.spamhaus.org internet address = 216.168.28.44
(I'm presuming that the spamhaus.org domain contains the
servers in question. But if not, perhaps someone who
actually administers an MTA using their services can
follow up with the necessary info.)
Chicken Little FTL (Score:3, Interesting)
Not gonna happen.
Total number of recipients logged in one maillog file: 92033
Total number of messages in this logfile that got a SpamAssassin score increase thanks to XBL or SBL listing: 47818
Total number of scores that may have potentially been pushed over our threshhold (9.0) by the SBL/XBL score: 985
Big effing deal. All the RBLs could go offline this afternoon, and it would have minimal impact on our spam scoring system. It isn't necessary for any RBLs to exist to control spam. It just isn't.
ICANN - is this what ITU have been waiting for? (Score:1, Interesting)
Big Lasagna Illinois vs. Nice Lasagnas Italy :
A small Italian company 'Nice Lasagnas Ltd' gives away recipes for lasagnas on their website, www.italian-best-lasagnas.com.
John "Big Lasagna" Smith sues the small Italian company, in Illinois, USA, claiming its website makes fun of him. John "Big Lasagna" Smith states the Illinois court has jurisdiction, because his friend John Doe, who lives in Illinois, used to download lasagna recipes from www.italian-best-lasagnas.com.
Best Lasagnas Ltd has never visited the USA and has no US office, agents or business outlets, and it's lasagnas recipes surely don't make it rich enough to afford the cost of a 3 month trial at the other end of the world.
So, Best Lasagnas Ltd is not present for the judgement, and John "Big Lasagna" Smith obtains a default court order saying ICANN has to remove italian-best-lasagnas.com from the internet.
This means that any US citizen or firm, having enough money to spend and targeting people small enough, has the ability to disrupt the entire internet-based commerce of other counties, just because ICANN is subject to U.S. laws.
Re:I'm amazed (Score:2, Interesting)