Tier 1 networks don't buy bandwidth from anyone, so the majority of the weight of the attack ended up being carried by them. While we don't have direct visibility into the traffic loads they saw, we have been told by one major Tier 1 provider that they saw more than 300Gbps of attack traffic related to this attack. That would make this attack one of the largest ever reported.

The challenge with attacks at this scale is they risk overwhelming the systems that link together the Internet itself. The largest routers that you can buy have, at most, 100Gbps ports. It is possible to bond more than one of these ports together to create capacity that is greater than 100Gbps however, at some point, there are limits to how much these routers can handle. If that limit is exceeded then the network becomes congested and slows down.

Over the last few days, as these attacks have increased, we've seen congestion across several major Tier 1s, primarily in Europe where most of the attacks were concentrated, that would have affected hundreds of millions of people even as they surfed sites unrelated to Spamhaus or CloudFlare. If the Internet felt a bit more sluggish for you over the last few days in Europe, this may be part of the reason why.

Questioned about the attacks, Sven Olaf Kamphuis, an Internet activist who said he was a spokesman for the attackers, said in an online message that, "We are aware that this is one of the largest DDoS attacks the world had publicly seen." Mr. Kamphuis said Cyberbunker was retaliating against Spamhaus for "abusing their influence."

"Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet," Mr. Kamphuis said. "They worked themselves into that position by pretending to fight spam."

While lists of open recursors have been passed around on network security lists for the last few years, on Monday the full extent of the problem was, for the first time, made public. The Open Resolver Project made available the full list of the 21.7 million open resolvers online in an effort to shut them down.

We'd debated doing the same thing ourselves for some time but worried about the collateral damage of what would happen if such a list fell into the hands of the bad guys. The last five days have made clear that the bad guys have the list of open resolvers and they are getting increasingly brazen in the attacks they are willing to launch. We are in full support of the Open Resolver Project and believe it is incumbent on all network providers to work with their customers to close any open resolvers running on their networks.

Back at the district court, e360 was left with the task of proving up its damages, but it suffered a slew of discovery foibles. e360's principal failed to appear for his deposition as scheduled and failed to respond to Spamhaus's interrogatory requests. Spamhaus moved to dismiss on the basis of e360's discovery failures, and the trial court gave e360 another opportunity to address the discovery issues. e360 supplemented its previous responses but added a slew of new witnesses. It also increased its damages estimate from $11.7 million to a "whopping $135 million." It also sought to reopen discovery. The trial court said no dice and struck the new witnesses listed by e360 and struck e360's requested damage award to the extent it exceeded the initial $11.7 million request.

"I have never seen such an incompetent presentation of a damages case," Posner said. "It's not only incompetent, it's grotesque. You've got damages jumping around from $11 million to $130 million to $122 million to $33 million. In fact, the damages are probably zero."

By failing to comply with its basic discovery obligations, a party can snatch defeat from the jaws of certain victory. After our earlier remand, all e360 needed to do was provide a reasonable estimate of the harm it suffered from Spamhaus’s conduct. Rather than do so, however, e360 engaged in a pattern of delay that ultimately cost it the testimony of all but one witness with any personal knowledge of its damages. That lone witness lost all credibility when he painted a wildly unrealistic picture of e360’s losses. Having squandered its opportunity to present its case, e360 must content itself with nominal damages on each of its claims, and nothing more. We VACATE the judgment of the district court and REMAND this matter with instructions to enter judgment for the plaintiffs in the amount of three dollars.

Despite litigating the case vigorously up to this point, when it came to damages, e360 seemed to muster a lot less energy. According to the court, e360 was "slow to provide information requested by Spamhaus . . . [and] missed several [d]eadlines." I'll spare readers a detailed discussion on damages, but the court's take can be summed up as follows:

The unreliability of [e360's] approaches is unmistakably demonstrated by the profound differences in claimed damages profferred at various points during these proceedings. Finally, it strains credulity that a company that made only a fraction of the profits [e360] asks for over the course of its five-year lifespan would have garnered profits in the amounts [e360] set out in [its] testimony or documentary evidence. The profit and loss statement [e360 provided] sets out the company's overall profits at $332,000. . . . .

At the time of default judgment, the damages claimed were $11,715,000. During discovery, Exhibit 5 was proffered reflecting damages of $135,173,577. At trial, proffered Exhibit 5(a) showed damages of $122,271,346. During final argument, the claimed amount was $30,000,000.

Ironically, through litigating this dispute, e360 caused to be memorialized in a court order, facts about its email practices (and the email marketing industry in general) that I'm guessing it would prefer not be in the public eye. Two facts jumped out at me from the order. First, e360 sent out 6.6 billion (!) emails through the course of its five year existence. Second, there were some familiar faces among the list of its customers: SmartBargains and Optinbig.