Email Servers Will Choke, Says Spamhaus 576
Rub3X writes, "The legal battle between antispam organization Spamhaus and e360 Insight is heating up. Spamhaus has a user base of around 650 million, and its lists block some fifty billion spam emails per day, according to the project's CEO Steve Linford. Spamhaus CIO Richard Cox says the immediate issue is that if the domain is suspended, the torrent of bulk mail hitting the world's mail servers would cause many of them to fail. More than 90% of of all email is now spam, Cox says, and he doubts that servers worldwide would be able to handle a ten-fold increase in traffic." Others estimate Spamhaus's blocking efficacy as closer to 75%; by this metric spam would increase four-fold, not ten-fold, if Spamhaus went unavailable. The article paraphrases CIO Cox as saying that the service will continue "even if there is a short-term degradation."
kdawson at it again. (Score:5, Informative)
216.168.28.44
204.69.234.1
204.74.101.1
204.152.184.186
#
No need to HUP -- once the file is created and filled with those IPs, it'll pick them up automatically. You can easily install dnscache with the other tools on your mail servers for 0 interuption of service.
Cheers.
Re:SpamHaus users can use n.n.n.n form URLs (Score:1, Informative)
It is called an IP address.
Spamhaus is correct (Score:3, Informative)
If Spamhaus goes down though, ten more RBLs will pop up. It's necessary to stop spam. And they're right... most mail servers on the Internet are not capable of handling the sheer amount of traffic if they were not also hanging up on bogus SMTP connections before even receiving content information. You ever wonder why your e-mail is delayed? This is because your ISP is queing mail processing because they can't handle it all at once. Without relay blacklisting, e-mail would be even slower and likely interrupted. I'm not suggesting that Spamhaus is that important, but what they do in theory, is.
All I can say is, pray that IPv6 doesn't get adopted or it will be even worse.
Re:Use the UK server name! (Score:1, Informative)
> 119.59.126.24.zen.spamhaus.org
Non-authoritative answer:
Name: 119.59.126.24.zen.spamhaus.org
Address: 127.0.0.4
> 119.59.126.24.zen.spamhaus.org.uk
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Re:I say let the spam come (Score:3, Informative)
Re:I say let the spam come (Score:5, Informative)
IIRC they asked the original (state, district ?) court to move the case to federal.
_Then_ they didn't turn up at the federal court because they _then_ decided they didn't accept its jurisdiction.
Re:what else can you do? (Score:3, Informative)
Re:Someone please tell me they have an alternative (Score:4, Informative)
Spammers now send their messages in MSN and ICQ invites/authorization requests.
Re:I say let the spam come (Score:5, Informative)
Re:Interesting legal argument. (Score:2, Informative)
1. Spamhaus requested jurisdiction be moved to a federal court in this (PDF) document [e360insight.com], thereby accepting jurisdiction of the court.
2. The Illinois District Court is a general trial court of the US federal court system.
3. Their ciurrent position - after losing horribly through inept legal arguments - seems to be that they're nice people.
Questioning the Math/Assumptions (Score:5, Informative)
Others estimate Spamhaus's blocking efficacy as closer to 75%; by this metric spam would increase four-fold, not ten-fold, if Spamhaus went unavailable
I think the math is a lot more complicated than this implies. Here's how I'd work it:
With Spamhaus:
[ P x S(O) x [1-E(O)] + (1-P) x S(O) x [1-F(O)] ] - [ P x S(T) x [1-E(T)] + (1-P) x S(T) x [1-F(T)] ]
Divided By
[ P x S(T) x [1-E(T)] + (1-P) x S(T) x [1-F(T)] ]
The assumptions yielding either the ten-fold or the four-fold increase seem to be that E(O)=0, and of course that false positives don't matter. Even with these assumptions, the math in the OP is a bit fuzzy to me:
yields (reducing above ratio):
Divided By
[ P x S(T) x (1-E(T)) + [ (1-P) x S(T) ] ]
P x E(T) / [ 1 - [ P x E(T) ] ]
The four-fold increase seems to be predicated upon P=.9 and E(S)=E(T)=.75. However, this would yield about a two-fold increase of
[.9 x
Factoring in false positives might actually make the Without Spamhaus scenario more dire, but clearly it would be less dire if we assume that E(O) is not zero. A better approximation would use the marginal efficiency of Spamhaus. Even with a generous assumption that Spamhaus catches an additional third of all spams sent (vs. all others without Spamhaus, and ignoring false positives), the overall increase in R(T) looks less than 50% to me (.3/.7, or approximately 43%).
Re:I say let the spam come (Score:2, Informative)
Only if Spamhaus is used as the only filtering method. Any decent ISP will have alternatives. Personally I use Spamhaus as the first filtering rule, second in line is greylisting, then clamav and last spamassassin.
95% of all incoming connections to my MTA don't get past greylisting (stupid zombies). Spamassassin catches nearly all spam that was left (also checking sender in a couple dns blacklists).
Without spamhaus the only thing that will happen is that there is a little more mail will be passed to spamassassin and spam formerly in spamhaus will get a lower score (about 1 point in SA 3.0.x).
Re:Use the UK server name! (Score:3, Informative)
You missed the point. The GP was simulating an blocklist lookup, whereas you just checked that you could get the IP address for the website. Looking up <suspect IP address>.zen.spamhaus.org returns an IP address (typically 127.0.0.4) if the tested IP is in the list, and unknown domain name otherwise.
Voluntary Subscription Service (Score:2, Informative)
When are the courts and the politicians going to start serving the people ? Corporations are all about money and self interest - start protecting the populace not the highest bidder.
Re:I say let the spam come (Score:3, Informative)
GP probably meant gavel [wikipedia.org] , the judge's small mallet which he bangs on his table to call for silence or attention.
Re:I say let the spam come (Score:4, Informative)
"The" legal system? You make it sound like you think there's only one. Here's a clue: the US legal system is just one of many legal systems in the world. Spamhaus is based in the UK, where we have a somewhat different legal system. It is not reasonable to expect people based outside the USA to know (or care) how the US legal system works.
Re:Maybe I'm misunderstanding something (Score:3, Informative)
Re: out of office auto-replies (Score:3, Informative)
servers choking... (Score:5, Informative)
October 15 2005 :
Pieces of spam blocked by realtime blocklists: 9062
Top blocklists:
sbl-xbl.spamhaus.org 7193
bl.spamcop.net 1648
dnsbl.njabl.org 221
October 15 2006:
Pieces of spam blocked by realtime blocklists: 47429
Top blocklists:
sbl-xbl.spamhaus.org 40631
bl.spamcop.net 5240
dnsbl.njabl.org 1558
As spamhaus is currently rejecting 40631 emails which consequently don't have to be processed by spamassassin, it would be definitely be felt on this server were Spamhaus to become available. In fact, the reason I started using RBLs to begin with was due to one of the Spamhaus ROKSO culprits sending about 20,000 messages per hour to a dictionary list of users at a hosted domain. The server was dying then, but using OpenBSD's pf databases together with the spamhaus SBL, the problem was stopped cold.
Re:I say let the spam come (Score:1, Informative)
MOD PARENT INSIGHTFUL!!! (Score:3, Informative)
So stop the judge-bashing. Cases are not supposed to be decided on pragmatic issues when the pragma directly violates previous jurisprudence - legislation is the solution to pragmatics not matching current judicial findings. The bottom line is that Spamhaus f*cked up by not appearing in court. They should have. And, because of that, the judge rendered judgement in a proper fashion. If Spamhaus didn't understand the impact that not showing up in court would have on them (especially if they already had the wherewithal to hire a lawyer to file motions with said court), then they have no one to blame but themselves.
Spamhaus is now free to ignore the court's ruling (they are, of course, based in another country with servers in a third and can do so with relative impunity). The court is also now free to attempt to enforce its judgement in any way it sees fit within the bounds of the law. That's the way the system works. If you don't like it, change the system. Don't bitch at the actors who are merely doing their jobs (and, in fact, appearing to be doing so in an relatively competant way).
Spamhaus is part of the problem (Score:1, Informative)
Then grab your torches and pitchforks and go after the freak'n spammers. I'm talk'n heads on pikes in the town square.
That's the way to fix smtp.