Interesting People mailing list archives
more on 4 Rivals Almost United on Ways to Fight Spam
From: David Farber <dave () farber net>
Date: Mon, 28 Jun 2004 18:32:28 -0400
Begin forwarded message: From: rsk () gsp org Date: June 28, 2004 9:35:55 AM EDT To: vijay gill <vgill () vijaygill com> Cc: David Farber <dave () farber net> Subject: Re: [IP] more on 4 Rivals Almost United on Ways to Fight Spam [ I have rearranged the order of Vijay's comments, hopefully in a way that helps my response make more sense. ---Rsk ] On Thu, Jun 24, 2004 at 08:56:31AM -0400, David Farber quoted:
From: vijay gill <vgill () vijaygill com> For some numbers, please see the presentation by Carl Hutzler, director of anti-spam at AOL, given at NANOG in chicago a some months ago.
I'm well aware of Carl's work: much to his, and AOL's credit, Carl has followed in the footsteps of his predecessors by being an active participant in Spam-L, the Internet's primary anti-spam forum. The interaction has been, I think, mutually beneficial to everyone: Carl has taken away ideas that AOL is implementing, and we have gained a better understanding of the particular problems they face. NOT that everyone agrees on everything: they don't. But peer-to-peer dialogue is happening and progress is being made.Unfortunately, Carl/AOL are rather unique in this regard. Some examples:
- Nobody from Comcast has been observed there. - The one person from Verizon who *was* there has announced that he's resigned his position. - The one person from Yahoo abuse was laid off several years ago. Nobody has been seen since. - Nobody from Microsoft has been seen there in years. - I don't recall ever seeing anyone from Hotmail there. - Nobody from UUNet has been seen there in years. - and so on. The fact that these operations have chosen not to participate in the Internet's primary anti-spam forum speaks volumes about their complete lack of committment.
Do we have any hard statistics on this? I work for one of the above and we fight internal spam hard.
Frankly, I don't care about your internal spam: that's between you and your customers. I care about (a) spam that you are emitting to the rest of the Internet and (b) any abuse-support services that you are providing: DNS, hosting, mailboxes, connectivity: any kind of service being used in any way by any spammer/abuser. Since I don't know which ISP you work for, I can't say how much of (a) or (b) your ISP is responsible for. But you can easily find out by checking either SPEWS (www.spews.org) or Spamhaus (www.spamhaus.org), among other resources.
Of course to be fair, we would need to get the results normalized by the subscriber base.
I'm sorry, I don't buy the abuse-proportional-to-size rationale. To be "fair", it should be INVERSELY proportional to size, since large ISPs are vastly better situated to handle it than small ones.They're also capable of doing far more damage to the rest of the Internet.
(Even if every system I run was completely hijacked by spammers and sent traffic at maximum rates, they couldn't pump out in a year what Comcast sends out in a day. I just don't have the bandwidth or CPU.) For example, all the ISPs I mentioned above could easily afford to run 24x7 abuse control centers staffed by as many experienced professionals as necessary. The costs to them are trivial. [1] But this is not what they have done. Examples: both Hotmail and Yahooare legendary for repeatedly demonstrating absolutely complete cluelessness
in handling abuse reports. Read NANAE [2] for as many thousand examples as you'd like. Comcast has gone one better: they simply allow their abuse mailbox to fill up (at the 100,000-message mark) thus making itimpossible for the hundreds of millions of victims of Comcast-facilitated
abuse to even complain about it. [3] [ Let me also note in passing that when I took the time to repeatedly warn Comcast of the exponential increase in spam from their network in the spring of 2003 that I received nothing other than their standard ignorebot response. They chose to deliberately discard careful documentation of the problem and to do NOTHING. My experience is far from unique: they ignored all of us because we were telling them something they didn't want to hear. So did Verizon. So did Charter. So did Roadrunner. So did Adelphia. So did (...) ] Think about this for a minute: the entire rest of the Internet is trying to do their job for these ISPs and to provide them with the information they need in order to stop their network from abusing everyone else. This shouldn't even be necessary: they should already KNOW that thisis happening just by paying attention to what their own networks are doing.
But since they're clearly not, all they need to do is read their"abuse" mailbox and act on what they find there. (Immediately, of course.
Even a 24-hour delay is obviously unacceptable.) And they have FAILED to even do that.That's pathetic. And I'm not interested in any excuses or justifications for this failure -- not any more. Whether it's incompetence, negligence,
or active support of abusers makes no difference to what I and hundredsof millions of other Internet users have to put up with all day, every day.
"Sufficiently advanced stupidity is indistinguishable from malice."
I keep hearing about how several of the above are primary sources, but rigorous data are hard to come by.
Hard numbers? How many would you like? Exhaustive and anecdotal reports have been published over and over and over again on NANAE [2], Spam-L [4] and other anti-spam/abuse forums. Don't you read them? If not, why not?
[Aside: every one of those major ISPs should have personnel whose job consists of nothing but monitoring those forums 24x7 and using the information found therein. Especially because they are absolute goldmines of useful research *done by other people using their own time and money*. Enormous amounts of abuse could be stopped very quickly with a very small investment just by doing this. ] But since you don't mention which ISP you work for, let me throw a few random statistics on the table: - A quick check of my own data shows - at *least* 1500 spammer dropboxes on Hotmail - at *least* 100 on Comcast - at *least* 150 on MSN - at *least* 2000 on Yahoo - at *least* 200 on Earthlink. Note: those are *just* the dropboxes. This doesn't take into account all the other abuse support services they're providing such as web site hosting, DNS, etc. Note: those are *just* the ones that I happened to have noticed and happen to have handy at the moment. Which means that they represent only the tip of the tip of the iceberg of spam/abuse support provided by these ISPs. I don't bother reporting them anymore: why should I? Since carefully-prepared reports (done on my time, at my expense, and documenting the abuse and the relationship to the dropbox) filed with their abuse desks have resulted in (a) ignorebot responses and (b) no action, why should I? Why should anyone else, for that matter? Clearly, these ISPs have no intention of lifting a finger to remove their spamming parasites. Again: read NANAE for as many thousand examples as you like. [ Aside: on very rare occasions, some people have actually managed to be persistent enough to cause some action to be taken. But (a) it's far too slow -- since spammers only need a dropbox for 24 hours to profit handsomely from it and (b) nothing at all has been done to prevent the same abusers from signing up for service again and again and again. The business and operational model for several of these ISPs is clearly broken. ] - Comcast continues to trail only the entire country of China in terms of attempted spam delivery here. (It passed Korea a few months ago.) For example, on one small mail server with 26 users, the anti-spam measures blocked 1280 spams from Comcast over the last 8 days. That's about 50 each. Note please: those are just the ones that were blocked. That number doesn't include all the ones that got through, and that's a substantial figure, because this particular server has rather loose spam-blocking in place. During the same period, that server refused 1644 spams from China. By the way: over this past weekend, a discussion on NANAE [2] has started over whether or not anyone has observed any slackening in the torrent of abuse that's been outbound from Comcast for the last 1.5 years. Early reports appear mixed. How many more numbers would you like? And what's the point of my producing them? All but one of these ISPs (AOL) have no intention of actually *doing* anything: if they did, they would have already done so, years ago. They would be leaders in the fight on spam/abuse, instead of leading producers/facilitators of it. ---Rsk [1] Comcast bid $56 billion for Disney a few months ago. Clearly, they're not hurting for cash, and could easily set up a professional abuse control center for .01% of that.[2] NANAE: http://groups.google.com/groups?safe=off&group=news.admin.net- abuse.email
[3] Mail to abuse () comcast net, the designated RFC 2142 mailbox for abuse reporting issues, has resulted in: <abuse @ comcast.net>Permanent Failure: +522_mailbox_full;_sz=570968404/629145600_ct=100000/100000
Delivery last attempted at Tue, 9 Dec 2003 01:49:57 -0000 Let me decode that for you. "sz=570968404" means that there are 571 MEGABYTES of unread mail in the Comcast abuse mailbox. (However, it hasn't reached the mailbox size limit of 629 meg.) "ct=100000/100000" means that it HAS reached the limit of 100,000 messages. This is not the only time this has happened: see NANAE for repeated reports. [4] Spam-L: http://www.ot.com/~dmuth/spam-l ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on 4 Rivals Almost United on Ways to Fight Spam David Farber (Jun 24)
- <Possible follow-ups>
- more on 4 Rivals Almost United on Ways to Fight Spam David Farber (Jun 28)
- more on 4 Rivals Almost United on Ways to Fight Spam David Farber (Jun 29)
- more on 4 Rivals Almost United on Ways to Fight Spam David Farber (Jun 29)
- more on 4 Rivals Almost United on Ways to Fight Spam David Farber (Jun 29)