Attacks Shutting Down Anti-Spam Sites

from the BAD-trend dept

In the last couple of weeks three major anti-spam blacklists have shut down after losing the battle to constant denial of service attacks from spammers. I can understand why those who ran the lists shut them down (some things just aren’t worth the trouble) but absolutely hate the idea that spammers might be winning the battle. Not sure of the details on any of the three sites that were shut down, but it sounds like they were run by volunteers. Perhaps it’s time for a major corporation to step in and support some of these public anti-spam blacklists. If they were to do that, then they might also be able to set up a blacklist that didn’t have all the downsides that many of the current ones do. We’ve outlined the problems of blacklist collateral damage before, but with the right set up (clear process for labeling spammers, easy ways to appeal, etc.) perhaps a better solution could be built.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Attacks Shutting Down Anti-Spam Sites”

Subscribe: RSS Leave a comment
Mark Fletcher (user link) says:

Blocklist shutdowns

The blocklists have been shut down because they were hit with massive distributed denial of service attacks. Literally thousands of hijacked Windows boxes are being trained on the sites of the blocklist maintainers. Combined with massive joe-job spam runs (forged spam email that looks like it’s from the blocklist maintainer) containing such personal information as the maintainer’s home phone number, and it’s very easy to see why the sites are being shut down.
Speculation (it may have been confirmed by now, I’m not sure) is that the boxes were zombied by the SoBig viruses. They now phone home to an IRC server, awaiting instructions on who to blast next. It may actually be more complex and obfuscated than that.
Getting ISPs to disinfect the thousands of zombie boxes is proving to be very difficult, if not impossible. It will take a large amount of man-power to do this, and many ISPs don’t have the cycles. Not an excuse, just a reality.
The Internet is becoming a very scary place. There are a few individuals who have the power to make anyone’s ‘net life miserable.

Anonymous Coward says:

Time to consider a 'DFOL' WRT the spammers

Then perhaps it is time to consider a Distributed Filing of Lawsuits.

Basic Tools:

1) Run your mail as a whitelist
2) The rejection notice says ‘visit this web page’
3) Web page lets you know to get a valid address, you can call the end user, or you can agree to a contract. The contract allows the spammer to be sued in the local small claims court.
4) Profit! (yea, yea missing a few steps)

The variation on 3 is ‘selling’ a certificate allowing the mailing user to talk to your mail server.

The only other option is to use the fast and loose identity theft handling…order the crap the spammers are selling, then scream identity theft! The spammer has shipping expenses, credit card processing expenses, and the hassle of returning merchandise/filling out paperwork.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...