by Mike Masnick

Attacks Shutting Down Anti-Spam Sites

from the BAD-trend dept

In the last couple of weeks three major anti-spam blacklists have shut down after losing the battle to constant denial of service attacks from spammers. I can understand why those who ran the lists shut them down (some things just aren't worth the trouble) but absolutely hate the idea that spammers might be winning the battle. Not sure of the details on any of the three sites that were shut down, but it sounds like they were run by volunteers. Perhaps it's time for a major corporation to step in and support some of these public anti-spam blacklists. If they were to do that, then they might also be able to set up a blacklist that didn't have all the downsides that many of the current ones do. We've outlined the problems of blacklist collateral damage before, but with the right set up (clear process for labeling spammers, easy ways to appeal, etc.) perhaps a better solution could be built.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Mark Fletcher, 25 Sep 2003 @ 9:13pm

    Blocklist shutdowns

    The blocklists have been shut down because they were hit with massive distributed denial of service attacks. Literally thousands of hijacked Windows boxes are being trained on the sites of the blocklist maintainers. Combined with massive joe-job spam runs (forged spam email that looks like it's from the blocklist maintainer) containing such personal information as the maintainer's home phone number, and it's very easy to see why the sites are being shut down.
    Speculation (it may have been confirmed by now, I'm not sure) is that the boxes were zombied by the SoBig viruses. They now phone home to an IRC server, awaiting instructions on who to blast next. It may actually be more complex and obfuscated than that.
    Getting ISPs to disinfect the thousands of zombie boxes is proving to be very difficult, if not impossible. It will take a large amount of man-power to do this, and many ISPs don't have the cycles. Not an excuse, just a reality.
    The Internet is becoming a very scary place. There are a few individuals who have the power to make anyone's 'net life miserable.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Sep 2003 @ 3:12am

    Time to consider a 'DFOL' WRT the spammers

    Then perhaps it is time to consider a Distributed Filing of Lawsuits.

    Basic Tools:

    1) Run your mail as a whitelist
    2) The rejection notice says 'visit this web page'
    3) Web page lets you know to get a valid address, you can call the end user, or you can agree to a contract. The contract allows the spammer to be sued in the local small claims court.
    4) Profit! (yea, yea missing a few steps)

    The variation on 3 is 'selling' a certificate allowing the mailing user to talk to your mail server.

    The only other option is to use the fast and loose identity theft handling...order the crap the spammers are selling, then scream identity theft! The spammer has shipping expenses, credit card processing expenses, and the hassle of returning merchandise/filling out paperwork.

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories


Email This

This feature is only available to registered users. Register or sign in to use it.