| Spamhaus' Blackmail War |
| |
Spamhaus and the Dutch ISP A2B Internet that was temporarily slapped on the Spamhaus Block List (SBL) blacklist continue to be in dispute – even after the internet service provider was removed from the list.
 |
|
The row between A2B Internet and Spamhaus came after the Dutch ISP allegedly provided connectivity services to CyberBunker and included on its Spamhaus Block List (SBL) – which is used by email providers to weed out spam.
Spamhaus apparently does not approve that "CyberBunker offers anonymous hosting of anything except child porn and anything related to terrorism". Of course this almost 'anything goes' is classified by Spamhaus as: spam, phishing and malware.
According to Spamhaus, CyberBunker is designated as a 'rogue' host and has long been a haven for cybercrime and spam. Of course Spamhaus has not been able to prove any of these allegations. |
Spamhaus deals with this common situation by adding 'rogue' hosts to its SBL and contacting upstream providers to encourage them to kick 'bad actors' off their network. After notifying A2B Internet several times about CyberBunker since June without any results, A2B's IP ranges were added to the Spamhaus Block List's "providing a spam support service" category. Until Spamhaus finally escalated the SBL listing on 6 October, A2B Internet was accused by providing connectivity to a Chinese-based rogue host, whose businesses include selling counterfeit watches advertised via spam, by Spamhaus.
Spamhaus is supposed to track email spammers and spam-related activity. It supplies DNS-based block lists that are used by many ISPs to block traffic from known spammers. A2B Internet was placed on this list for around two days until it stopped handling traffic for CyberBunker, which is still online but connected via other providers.
A2B Internet responded to the blacklisting by accusing Spamhaus of acting as internet vigilantes and complaining to the police over alleged extortion. It accuses Spamhaus of placing "disproportionate pressure ... upon us to stop routing for a network without legal cause or reason". It further argues Spamhaus should take up any problem it has with CyberBunker directly or with the police, not upstream providers.
"The thing is that we are a LIR (Legal Internet Registrant) and we provide transit to other LIRs and ISPs," Erik Bais, a director at A2B Internet said. "If Spamhaus is having an issue with something that CyberBunker is doing, they can either take it up with them or if they don't want to, take it up with the police. "We have acted on the provided abuse message after pushing Spamhaus to provide it, and when they stated that blocking one IP address was not enough and they wanted to see CyberBunker completely removed from our network, it shows exactly how detached from reality they are.
"CyberBunker isn't even a customer of ours, but is rather a customer of DataHouse (who also has their own network and IP addresses) and to move up two ISPs and start complaining there is just insane. On top of that, putting the IPs of that ISP on a blacklist to "make your point" is something I don't have a good word for." |
|
 |
| Erik Bais |
|
 |
|
Steve Linford, the Spamhaus founder, defended the blacklisting. "We do not need to 'take it up with the police' every time we encounter a rogue host or spam host, we very simply add them to the SBL," Linford said. "That is what the SBL is for.”
Linford was amazed to ascertain that after all of CyberBunker's IPs have been on the SBL for some time, there has not been a single complaint from any of CyberBunker's customers about it.
According to Erik Bais, the blacklisting of a range (but not all) of A2B's internet addresses meant that a number of the ISP's customers, including a high street retail chain, were left unable to send email. He compared this to the BlackBerry outage last week.
It is this collateral damage that prompted Erik Bais to file a police complaint against Spamhaus. "I don't want to put Spamhaus out of |
| Steve Linford |
|
business or sue it for money but I do want it to change its policies, which are unjust," Erik Bais said. "They are listing innocent addresses that not involved in spamming. What Spamhaus did felt like extortion. A denial of email service."
Bais also disputed Spamhaus's assessment that CyberBunker is a haven for cybercrime, arguing that it is Chinese-based customers peddling replicas and torrent tracker services, rather anything more unsavory, that have led to the complaints Spamhaus is pursuing.
Linford argued that A2B's claims on the effect of the temporary blacklisting applied by Spamhaus are exaggerated.
"There was only ever one of A2B's many IP ranges on the SBL, back on October 6, it was 178.249.152.0/21 and it was only on the SBL for 48 hours. To enlarge his story A2B has been saying that 'all' of A2B was on the SBL, which is a lie." Linford said.
"So the current status is that A2B has no SBL listings, the one they had on October 6 lasted only 48 hours and was only a part of their IP range – not the all of A2B" Erik Bais says.
Bais said that it had received messages of support from several other ISPs since complaining to Dutch police about Spamhaus.
Linford said most ISPs co-operated with Spamhaus and had no problem with its methods. "We always ask upstreams to stop giving transit to rogue hosts once the host is completely SBL'd. All transit providers have Terms of Service which forbid spam and malware from a downstream and require downstreams to handle complaints promptly. A2B Internet is the only transit provider we know of that also doesn't care what his downstream does."
Erik Bais said A2B had a "very strict" abuse policy, pointing to favorable listings by independent third-party services to this effect.
CyberBunker's general manager, Jordan Robson, who had followed the bickering between Spamhaus and A2B Internet, is confident nothing will come of it. "As usual, we have not heard a peep from any authorities or police about any of this." Jordan Robson said. "CyberBunker already decided not to respond to any of Spamhaus' childish claims anymore long ago." |
|
 |
| Jordan Robson |
A2B Internet and Spamhaus have published their radically different take on ongoing events here and here. |
|
