A bunch of folks have been submitting the news that the FTC has shut down an ISP, called 3FN, known for actively recruiting scammers and spammers to use its services. The FTC noted "Anything bad on the internet, they were involved in it," and has pushed its upstream providers to cut off service. From the details, it sounds similar to the story from late last year when upstream service providers pulled the plug on another hosting firm, McColo (due to public pressure, not gov't intervention), and cut off huge amounts of spam, since so many spammers relied on botnets through McColo. While some scammers are apparently upset by 3FN going down, some folks are noticing that there doesn't seem to be a corresponding drop in spam as happened last time. Apparently, the spammers realized that having a single-point-of-failure wasn't a very good thing, and have built redundancy into their systems now. So, while many scammers and spammers did use 3fn, losing it hasn't been nearly as devastating as losing McColo. So, it's definitely reached that whack-a-mole stage, where taking stuff down makes for good press releases... but is it really stopping anyone?

Last week, there was a lot of attention over the shutdown of McColo, a hosting company that was apparently used by a huge number of spammers to control some of the largest zombie botnets out there. While we were initially skeptical of just how big an impact this had (the press and some antispammers have "cried wolf" way too many times in the past on the impact of shutting down certain spam operations), the evidence in the days that followed suggested, indeed, that an awful lot of the world's spam was controlled via McColo. The Washington Post, which kicked off the shutdown by presenting evidence of McColo's spam connections to its upstream providers, is now digging deeper into how the whole operation worked.

Burying the lede a bit, the article notes that McColo actually came back online briefly this past weekend, and apparently spammers very quickly worked to transfer data to Russian servers while trying to update various botnets to take commands from those servers, rather than the cut off McColo servers. There's some speculation that McColo tried to time the reconnect to weekend hours when most working stiffs wouldn't notice. However, Swedish telco TeliaSonera, who provided the connection (thanks to an old agreement the two firms had) pulled the plug within hours of being notified.

It's also worth noting that McColo hasn't made any public statements since this whole situation came about, which certainly raises questions about how much the folks who ran the company knew about how their network was being used. Even though it sounds like spammers may not have been able to regain full control over their botnets, it seems likely that they did regain some control, and spam levels are likely to get back to where they were in rather short order.

While the chances that they'll ever actually pay are quite remote, some people will surely be happy to hear that some spammers were ordered to pay $236 million in damages for spamming an ISP that flooded it, disrupting customer bandwidth, forcing the ISP to upgrade its servers while also costing it customers. The amount actually works out to $10 per spam message, which seems a bit on the high side. Of course, this is hardly the first huge fine against spammers, and we've yet to see one actually result in payment -- but we have seen spammers on the losing side of these cases come back later to spam some more. While there may be some emotional pleasure in seeing a spammer hit with such a big fine, it's an open question as to whether or not it actually acts as any kind of deterrent.

Apparently an ISP that's got quite the reputation of being "scammer-friendly" is finding it increasingly difficult to find anyone who will provide it internet access. Its latest upstream provider finally kicked it off the internet this past weekend after receiving mounting complaints from researchers who found that 78% of the domains on Intercage's system were scammers and spammers. That's quite a lot, and says something about Intercage's unwillingness to deal with complaints directly. Though, it does raise questions about the "innocent bystanders" who make up the other 22% of Intercage's customers. Should those customers be expected to investigate who else hosts on the ISP they sign up for? Is it fair to cut them off from the internet too? In the meantime, there's always someone else willing to provide service -- and, indeed, it took all of about two days for Intercage to find itself a new provider.

Last week, we asked you how you would sentence a convicted spammer, and you came up with all sorts of colorful solutions. I doubt it influenced the judge much, but she's now sentenced the spammer in question to almost four years in jail, noting that she hopes it will serve as a warning to other spammers, especially unrepentant ones like Robert Soloway:

"This individual has refused to stop his criminal conduct, notwithstanding two separate civil judgments and an injunction by a U.S. federal court judge. I suggest to you the only effective way to stop Soloway is a long prison sentence during which he'll be incapable of continuing this criminal activity."

Of course, on the very same day the sentence was handed down, another spammer escaped from the minimum security prison where he was serving a 21-month sentence. Federal Marshals and the FBI are apparently now searching for him. Perhaps Soloway will have a bit more security.

It's no secret that Ron Paul's candidacy for president has captured the attention of many technology-savvy voters. This isn't all that surprising given Paul's libertarian views and the widespread support of libertarian ideals by many in the technology world. However, Wired News is now reporting on the fact that spammers seem to be supporting Ron Paul too. Pro-Paul spam messages are being sent out, even with typical spam obfuscation gibberish in the subject lines: "Ron Paul Wins GOP Debate! HMzjoqO" and "Ron Paul Exposes Federal Reserve! SBHBcSO" are two examples in the article. Of course, while the article suggests that Paul's supporters may be doing the spamming, it might be something different. Spammers are well known for responding to news events with current event-related spam -- knowing that it's more likely to catch the attention of readers. Even if the current batch of spam isn't selling anything (other than support for Ron Paul), that could just be to get through filters so that the next batch of spam advertising stocks or drugs is more likely to get through. Of course, another possibility might be that spammers figure that a President like Paul would likely try to do away with anti-spam legislation which could be seen as a violation of the First Amendment. Somehow, that seems unlikely though.

You may recall that last year there was a lot of news about a direct email firm, e360insight, suing anti-spam organization SpamHaus for listing the email firm as a spammer -- and winning over $11 million. Part of the reason for the decision was that SpamHaus, after originally preparing to fight the charges, simply ignored the case and said that it didn't apply since SpamHaus is based in the UK and the lawsuit was in Illinois. Because of that, the district court judge gave a default judgment to the e360insight and awarded the company $11 million from SpamHaus (which SpamHaus neither had nor intended to deliver). The court also issued an injunction against SpamHaus, saying it could no longer list e360 as a spammer -- which SpamHaus has ignored. However, now, an Appeals Court has tossed out the injunction and the monetary award, saying that the district court judge didn't look closely enough in determining the punishment -- and simply accepted the word of the guy behind e360insight in saying how much SpamHaus's listing had cost him.

While this is initially a victory for SpamHaus, it doesn't change the initial default judgment against SpamHaus -- it just sends the ruling back to the lower court to rethink what the punishment should be. So, SpamHaus may still be on the hook for certain damages and may again be told not to list e360insight (though, again, it'll probably ignore any such ruling). Of course, with the recent ruling that found section 230 of the CDA means that anti-spyware vendors are allowed to call any software they want spyware, as long as they have a good faith belief that it is spyware, you have to wonder if SpamHaus could use the same law to defend its ability to call any particular organization a spammer. It may be too late for that in this case, with SpamHaus already having decided not to take part -- but for future reference, it will be interesting to see if others start using this same argument.