SCN: Spam

[Steve]

x-no-archive: yes  

=======================  

(Ed Foster, InfoWorld)---In November I wrote that readers were 
increasingly meeting resistance when reporting spam abuse to 
Internet services. By coincidence, the same week that column 
appeared, readers reported being dismayed by several reports 
about known spammers being given safe haven by major ISPs. And 
one of the biggest backbone providers, WorldCom subsidiary 
UUNet, appears to be the safest haven of all.   

Several major ISPs have been caught red-handed (or perhaps pink-
handed) making agreements with known spammers. In November, 
the Britain-based Spamhaus Project (www.spamhaus.org) revealed 
two examples of what it calls pink contracts, one signed by AT&T 
and one by PSINet. The pink contracts were essentially addendums 
to each ISP's standard terms of use contract, granting their customer 
permission to send bulk e-mail despite prohibitions against spam 
by both AT&T and PSINet. Both companies later acknowledged the 
contracts had been signed but said it had been done by mistake. But 
spam watchdogs wonder just how prevalent such agreements may 
truly be.   

"I think the ISP community as a whole needs to re-examine its 
ethics," says Steve Linford of the Spamhaus Project. "The contracts 
we're finding show that far from regulating themselves some U.S. 
backbones are colluding with spammers to profit off the spam 
problem."   

Although AT&T and PSINet were at least contrite, that doesn't seem 
to be the case with UUNet. Linford says he can't prove UUNet has 
any current pink contracts, but he does know they've hosted some of 
the same bulk e-mailers as AT&T and PSINet. He also is concerned 
that UUNet, whose customers he estimates are responsible for 
some 12 billion spam messages each year, so far refuses to follow 
most other ISPs in banning spam "services" - sites that sell bulk e-
mail tools.   

"This isn't a case of not knowing they're doing it - UUNet has now 
made a policy decision that it will continue to host and hence profit 
from the supply of spam services," Linford says. "This is 
extraordinary, because it is well-known that spam services are the 
root and cause of the whole spam problem. Seventy percent of all 
Internet spam is currently bulked from the UUNet network, and the 
volumes increase daily as more and more spammers arm 
themselves with yet more spamware from UUNet sites."   

The Spamhaus Project isn't the only watchdog that believes UUNet 
customers are responsible for large volumes of spam. Statistics for 
abuse complaints logged at SpamCop.net have in recent months 
seen UUNet with 10 times more complaints than any other source.  

Julian Haight, SpamCop's owner and administrator, says in the last 
year UUNet has taken over the top of the charts since previous 
leader America Online got serious about implementing anti-spam 
technology. "As soon as one service cracks down, all these people 
have to find someplace else to go, so that's one of the things that's 
been happening here," according to Haight, who says UUNet 
officials have promised to get themselves off his list. "AOL has done 
it, they can too. UUNet has a good abuse team that can take care of 
this if their hands aren't tied behind their backs by management and 
if the company makes their resellers step in line."   

UUNet's response to all this is rather predictable. "This is an 
industrywide problem, and UUNet is one of the largest networks 
carrying a lot of traffic, including some for AOL, Microsoft Network, 
and Earthlink," said a UUNet spokeswoman. "So if you look at 
absolute numbers, you are going to see some spam that originates 
with our customers, or with our customers' customers. But the 
bottom line is that WorldCom has a very specific, acceptable use 
policy against spam, and we vigorously enforce that policy with 41 
full-time staff members dedicated to the effort."   

OK. But I must say I'm feeling a sense of deja vu here. Several 
years ago I wrote about Apex Global Information Services (AGIS), 
another of the original Internet backbone providers. At the time, AGIS 
also seemed to be harboring more than its share of spammers, and 
its responses to questions from the press were much the same as 
we're hearing now from UUNet. AGIS is no longer with us. Perhaps 
WorldCom and UUNet officials should bear that in mind.   

Copyright 2000 InfoWorld Media Group, Inc., a subsidiary of IDG 
Communications, Inc.  





* * * * * * * * * * * * * *  From the Listowner  * * * * * * * * * * * *
.	To unsubscribe from this list, send a message to:
majordomo at scn.org		In the body of the message, type:
unsubscribe scn
==== Messages posted on this list are also available on the web at: ====
* * * * * * *     http://www.scn.org/volunteers/scn-l/     * * * * * * *