Netprospex Blacklisted By Spamhaus

I've written about Netprospex before. For example, talking about how I think their "opt-out" guidance on email marketing is misguided (and how so many others feel the same way). And then there was Peter Seebach's post questioning their touted "verified!" business lists for sale. And most recently, there was that commenter who asked me what I thought of using Netprospex as part of an email acquisition strategy. (My response: "It's like buying a lottery ticket as part of your retirement savings strategy.)

I feel like it's all been said before, so I won't bother going in to any depth on my opinion of companies such as Netprospex. Instead, I'll just link you to their latest Spamhaus blacklisting. The entry is light on details, so I could but speculate as to what happened. But clearly, the blacklisted IP addresses and are now having significant issues attempting to deliver mail to Yahoo, Hotmail, Gmail, Comcast and many other ISPs. Ouch.

(Update: Two SBL entries, from the looks of it. Click on the IP addresses above to link to each.)

The Passing of J.D. Falk

I'm very sad to pass along the news that J.D. Falk has passed away after a year-long battle with cancer.

I feel like I've known J.D. forever, and I most definitely had come to greatly respect and admire him. Occasionally someone would ask me if I'm trying to sound like Seth Godin, when I loudly attempt to espouse a consumer-centric point of view, I reply that no, I'm channeling J.D. Falk. Helping to stop spam and improve the email ecosystem have been his day job for so many years, across Yahoo, Hotmail, the Mail Abuse Prevention System, and most recently, Return Path. That job occasionally involved hitting marketers with a stick, reminding them that the email universe does not revolve around them.

The world is a slightly less better place today without J.D. Falk in it.

What does Spamhaus think of email append?

Today I stumbled across SBL listing SBL120550, which says the following:

"Several IPs in this /28 are sending spam to spamtraps advertising the services of ADT Home Security. The IPs belong to InfoCanada, a division of InfoUSA, via their Yesmail ESP.

InfoUSA also sells purchased and e-pended lists. We do not know whether the purchased list that the customer is using is using came from InfoUSA, but we consider the sales of purchased and e-pended lists to be spam support by definition. Use of such lists is a reliable path to an SBL listing."
(Emphasis added.)

There you have it, straight from Spamhaus themselves, explaining exactly what they think of purchased and e-pended (email append) lists.

Laura Atkins of Word to the Wise has compiled some very helpful ISP Summary Information, showing that, for starters, the SBL is used as a spam filter at AT&T, Comcast, Cox, RoadRunner, and Yahoo. Meaning, use of email append can lead to a blacklisting by Spamhaus, which leads to blocking at those ISPs. And they're not the only ones who use Spamhaus; I think Hotmail and Gmail do, too. Not to mention, many other smaller ISPs and corporate sites.

Visualizing Yahoo Spam Blocking

This cool website from Yahoo shows how many emails they're processing every second. Of most interest to me is the amount of spams they're blocking: Click on the "show blocked spam" button to see for yourself. Doing some rough math this morning, it appears that right this second, only 84% of inbound mail attempts into Yahoo are unwanted spam, meaning that "only" 84 out of every 100 servers in the Yahoo inbound mail server farm are wasting their entire existence on processing mail that nobody wants. Ouch, what a waste.

Dutch ISP Picks Fight with Spamhaus

eWeek reports that Dutch internet service provider A2B has filed two police complaints against anti-spam blacklist Spamhaus for refusing to terminate a provider Spamhaus alleges is known for "hosting malware, phishing and websites selling fraudulent goods advertised via spam."

I didn't know much about the story at first, other than noticing A2B principal Erik Bais on Twitter and thinking to myself, wow, that guy is really mad about this.

Today, we have Spamhaus's side of the story, as published on their own website. Seems pretty straightforward to me; I've dealt with Spamhaus enough times to know that if you don't terminate the bad guys after Spamhaus notifies you, there's a potential that they will escalate the listing in question. Like it or not, Spamhaus regularly lists ISPs and providers it feels to be "spam supporting" through their connection to a given spammer. It feels like Erik Bais is perhaps new to this particular kind of rodeo.

In their published statement, Spamhaus explains that the alleged bad guy in question is "CB3ROB A/K/A "CyberBunker" [and] has a long history of run-ins with the law. It was also a host of the infamous 'Russian Business Network' cyber-crime gang broken up by the FBI and other law enforcement agencies."

A2B alleges that the Spamhaus action amounts to a denial-of-service attack. I'm not sure how; there's a pretty commonly understood technical definition of what constitutes as DOS attack and a Spamhaus listing doesn't seem to fit that definition.

Is A2B likely to see any action taken as a result of the complaint? My guess is, "probably not," especially considering the following bit at the end of the Spamhaus statement: "With no irony lost, this week senior staff from Spamhaus and the Dutch high-tech crime-unit tasked to investigate the very criminal activity CB3ROB hosts and A2B Internet routed, were meeting together at an anti-cybercrime conference. CB3ROB, A2B Internet and the phishing, malware and counterfeit goods outfits both were tacitly servicing were discussed and Spamhaus handed its files on CB3ROB and A2B Internet to the Dutch NHTCU's investigator."