# Spamhaus. A good or bad force in the industry?



## MannDude (Jul 21, 2014)

Seems that there is a common divide when it comes to opinions on spam authorities such as Spamhaus. Some see the value in such blacklists whereas others find them to be immoral organizations. I've seen opinions range widely from them being a 'necessary force' to being compared directly with nazis, though I think the bulk of us lay with the mindset that they're a 'necessary evil' in the fight against spam.

What do you think?


----------



## SkylarM (Jul 21, 2014)

Definitely a necessary evil. Don't sell to spammers intentionally and rotate them through large allocations (cough CC cough) and you typically won't have any issues with them.


----------



## mtwiscool (Jul 21, 2014)

Bad has they want to boss people around and they have some really strange things going on (cough corruption cough).


----------



## definedcode (Jul 21, 2014)

I think they're good, and necessary but I don't think the blanket blacklisting is a good thing. Wouldn't like to be caught in the midst of it.


----------



## mtwiscool (Jul 21, 2014)

definedcode said:


> I think they're good, and necessary but I don't think the blanket blacklisting is a good thing. Wouldn't like to be caught in the midst of it.


They love blacklsting honest ips.

And non profit my ass:

http://companycheck.co.uk/company/05078652/SPAMHAUS-TECHNOLOGY-LIMITED/financial-accounts#financials

Over £1,000,000 profit last year.

And for a compney been oprating for 10 years profits jumped 10x in 1 year?


----------



## definedcode (Jul 21, 2014)

mtwiscool said:


> They love blacklsting honest ips.
> 
> And non profit my ass:
> 
> ...


heh, didn't know about all the profit.


----------



## mtwiscool (Jul 21, 2014)

definedcode said:


> heh, didn't know about all the profit.


That's why i think they is corruption at a large rate and they have been found doing some vary bad things.


----------



## definedcode (Jul 21, 2014)

mtwiscool said:


> That's why i think they is corruption at a large rate and they have been found doing some vary bad things.


I heard about the corruption, yeah.


----------



## Kayaba Akihiko (Jul 21, 2014)

Pretty sure they've already backmailed a few companies...


----------



## mtwiscool (Jul 21, 2014)

Kayaba Akihiko said:


> Pretty sure they've already backmailed a few companies...


Like this:



This proofs that spamhaus act like a mafia.

And this is not the first i hared of this issue with spamhaus and it is fucking scery and this is why i hate spamhaus.


----------



## definedcode (Jul 21, 2014)

mtwiscool said:


> Like this:
> 
> 
> 
> ...


Scary, yep.


----------



## devonblzx (Jul 21, 2014)

mtwiscool said:


> Like this:
> 
> 
> 
> ...


That doesn't prove anything.  It is a one sided statement about how they were going to have their net block blacklisted.  If a massive spammer was repeatedly spamming from their block even after spamhaus blacklisted specific IPs then the next step would have to be the whole block.  That is just common sense to me.   We don't have any idea of how many blacklists or notifications they were provided before that happened, my guess is a lot.


----------



## KuJoe (Jul 21, 2014)

All of my interactions with Spamhaus have been awesome and super friendly (especially compared to other blacklists like SpamCop). While I read a lot about the blackmailing, I also read a lot about the good things they do like block legitimate IPs for companies that protect/encourage spammers so it has some impact to their bottom line (although spammers pay a lot more than average clients so it's not a big impact). Either way, my experience with them the past however many years I've been in hosting (including numerous free hosting companies that were spammer magnets before LEBs were an option) has been only positive so I'm going to base my judgement on my own experiences and not a one-sided statement like @devonblzx pointed out.


----------



## definedcode (Jul 21, 2014)

devonblzx said:


> That doesn't prove anything.  It is a one sided statement about how they were going to have their net block blacklisted.  If a massive spammer was repeatedly spamming from their block even after spamhaus blacklisted specific IPs then the next step would have to be the whole block.  That is just common sense to me.   We don't have any idea of how many blacklists or notifications they were provided before that happened, my guess is a lot.


That's true. If spamhaus do notify you of repeated spamming on IPs prior to blacklisting the whole block then I fully support that.


----------



## definedcode (Jul 21, 2014)

KuJoe said:


> All of my interactions with Spamhaus have been awesome and super friendly (especially compared to other blacklists like SpamCop). While I read a lot about the blackmailing, I also read a lot about the good things they do like block legitimate IPs for companies that protect/encourage spammers so it has some impact to their bottom line (although spammers pay a lot more than average clients so it's not a big impact). Either way, my experience with them the past however many years I've been in hosting (including numerous free hosting companies that were spammer magnets before LEBs were an option) has been only positive so I'm going to base my judgement on my own experiences and not a one-sided statement like @devonblzx pointed out.


Good to hear something positive about them, a lot of the time you only hear negative opinions. Thanks for the shout.


----------



## mtwiscool (Jul 21, 2014)

devonblzx said:


> That doesn't prove anything.  It is a one sided statement about how they were going to have their net block blacklisted.  If a massive spammer was repeatedly spamming from their block even after spamhaus blacklisted specific IPs then the next step would have to be the whole block.  That is just common sense to me.   We don't have any idea of how many blacklists or notifications they were provided before that happened, my guess is a lot.


Do you know how spam works?

Spam is more complex then spamhaus makes it out to be as alot of spam is opt in by the person signing up to a website and agreeing that they will get offer emails.

Aka alot of the the list will not be spam and can take months to investigate and not the short time that spamhaus allows before listing the whole block.


----------



## KuJoe (Jul 21, 2014)

mtwiscool said:


> Do you know how spam works?
> 
> Spam is more complex then spamhaus makes it out to be as alot of spam is opt in by the person signing up to a website and agreeing that they will get offer emails.
> 
> Aka alot of the the list will not be spam and can take months to investigate and not the short time that spamhaus allows before listing the whole block.


How many times has this happened to you? If you say more than 0, you're lying.

Additionally how many times do you converse with Spamhaus a month? You're giving vague "examples" with no real evidence of anything really happening. For fairness sake, I say we keep this thread to personal experiences only and not the one-sides statements.


----------



## Aldryic C'boas (Jul 21, 2014)

I'd be more willing to contribute to threads like this if folks were content to simply state their opinion and walk away - don't really feel the desire to be pestered with "omg I'm always right" from the kiddy armchair lawyers.


----------



## HalfEatenPie (Jul 21, 2014)

KuJoe said:


> How many times has this happened to you? If you say more than 0, you're lying.
> 
> Additionally how many times do you converse with Spamhaus a month? You're giving vague "examples" with no real evidence of anything really happening. For fairness sake, I say we keep this thread to personal experiences only and not the one-sides statements.


I'm pretty sure most of his sources are simply rage posts from other individuals on the internet.


----------



## mtwiscool (Jul 21, 2014)

KuJoe said:


> How many times has this happened to you? If you say more than 0, you're lying.
> 
> Additionally how many times do you converse with Spamhaus a month? You're giving vague "examples" with no real evidence of anything really happening. For fairness sake, I say we keep this thread to personal experiences only and not the one-sides statements.


For one this has happened to me before when i ran a torrent website.

Our ip got blacklisted when we only sent activation emails.

The website was based in Lithuania.


----------



## HalfEatenPie (Jul 21, 2014)

mtwiscool said:


> For one this has happened to me before when i ran a torrent website.
> 
> Our ip got blacklisted when we only sent activation emails.
> 
> The website was based in Lithuania.


VM/Dedicated IP or a shared IP?


----------



## switsys (Jul 21, 2014)

I'm leaning towards 'neccessary evil', but I think they have been given too much power.

In the words of Lord Acton: "power corrupts, and absolute power corrupts absolutely".


----------



## mtwiscool (Jul 21, 2014)

HalfEatenPie said:


> VM/Dedicated IP or a shared IP?


Dedicated IP.

Not going to say much as i like to separate things up.

Reason according to spamhaus something like shoehous.

Don't run the website at the moment as offshore hosts are a ass to deal with.

But we only sent account activation emails.


----------



## KuJoe (Jul 21, 2014)

So they blocked all one of your dedicated IPs because people were reporting your illegal site for spam? Those monsters!


----------



## Aldryic C'boas (Jul 21, 2014)

Sure.  Just like you never really DDoS'd someone, and it was 'all a misunderstanding'.  And if I recall correctly - the last time you told this story, you 'just happened to be in the same netblock', and weren't targetted by Spamhaus directly.  Why you think people believe a word you say after your constant lies baffles me.

_Edit:  For clarification, that was directed at the post above KuJoe's - he had already replied to our resident failed abortion before I finished my rant >_>_

Back on topic - threads like this are fairly rotational - you're pretty much going to see at least 2-3 on various forums a few times a year.  And out of all the ones I've read, I cannot think of a single legitimate provider in charge of their own IP space and actually keeping their network clean that had problems with Spamhaus.  Or any other SBLs really, minus the actual scam organizations like UCE.

What I do see a lot of, are people that were collateral damage (CC users, people that don't own the IP space being affected by their neighbors, etc) going on crusades against 'The Evil Spamhaus'.  Spamhaus didn't target you - they don't even know you exist, and likely wouldn't care if they did know.  Your upstream did something stupid, you suffered the consequences.  Vent your frustration at your upstream, as they are the ones responsible - not the SBLs doing their job.

Another thing I see a lot of is people trying to defend "providers" that rent IP space from known dirty companies (again, everyone's favourite CC and sons).  Don't be absurd - if these kids really cared about their business and clients, they would either get their own IP space or get the hell away from their dirty upstream.  _"Oh but CC is cheap and we can't afford to go with a real upstream"_.  Well, maybe you should've concentrated on selling sustainable service under a proper business plan rather than the "let's see how much garbage we can cram per machine at bottom dollar" Fabozzi model.

Personal experience?  I've been dealing with Spamhaus for over a decade for various companies - latest and longest being my work with Fran.  They know us, they know we're very strict on abuse.  Not only do some of the workers know me by name, but I've even received emails or calls on my personal cell to give me a heads-up on abuse, rather than us getting listed - because they know we're serious about dealing with abuse, and we're not just going to bullshit them to make a few more bucks from a spammer.

tl;dr - If you actually care about your business and handle abuse, you won't have problems with RBLs.  If you want to just make money selling to anyone, competing in the idiotic resource races?  Hey, you get what you sell for.


----------



## mtwiscool (Jul 21, 2014)

KuJoe said:


> So they blocked all one of your dedicated IPs because people were reporting your illegal site for spam? Those monsters!


Our website only linked to files(torrent website) and we would always responded to Europe based copyright claims but no DMCA's are we had VPS's in Europe.

We never got a copyright complaint forwarded to us aka we did a good enough job at dealing with copyright.

But we don't know how many really as our host had a slightly strange policy.

As they copyright agent only spoke Icelandic.


----------



## DomainBop (Jul 21, 2014)

> What I do see a lot of, are people that were collateral damage (CC users, people that don't own the IP space being affected by their neighbors, etc) going on crusades against 'The Evil Spamhaus'.


To a lesser extent you also see business owners like me bitching about the annual $$$ cost of trying to fight all of the incoming SPAM we get hit with (both email SPAM and web based threats like comment spammers, bots, etc) and going on crusades against shitty SPAM friendly providers like Ecatel, the kids from the daycare, etc. 

Back to Manndude's question: I've mentioned before that my company makes extensive use of Spamhaus lists and over a dozen other blocklists both at the firewall and application level.  Using the blacklists makes our life much easier: annual $$$ costs incurred from SPAM (I'm including both email and web based threats here) are lowered, legitimate incoming emails don't get lost in a sea of Viagra spams, server loads are greatly reduced (if we removed those blocklists our server loads would instantly double from being hit nonstop with crap) so I think overall Spamhaus and other blocklists are doing a great service for the (Internet) industry. 

There might be some collateral damage when a Blacklist whacks an entire /15, but the people who are caught in the crossfire could easily reduce their risk of being a collateral damage victim if they did their research being signing up with a hosting provider or data center (or pseudo data center like CC). If they're signing up with a provider who doesn't own their own IP space they also need to research the upstream owner of the IP space.  If you don't do your research and just grab a deal from a provider because _OMFG RAM! lots of it! Cheap!_ then you have only yourself to blame when you become collateral damage.


----------



## HalfEatenPie (Jul 21, 2014)

DomainBop said:


> To a lesser extent you also see business owners like me bitching about the annual $$$ cost of trying to fight all of the incoming SPAM we get hit with (both email SPAM and web based threats like comment spammers, bots, etc) and going on crusades against shitty SPAM friendly providers like Ecatel, the kids from the daycare, etc.
> 
> Back to Manndude's question: I've mentioned before that my company makes extensive use of Spamhaus lists and over a dozen other blocklists both at the firewall and application level.  Using the blacklists makes our life much easier: annual $$$ costs incurred from SPAM (I'm including both email and web based threats here) are lowered, legitimate incoming emails don't get lost in a sea of Viagra spams, server loads are greatly reduced (if we removed those blocklists our server loads would instantly double from being hit nonstop with crap) so I think overall Spamhaus and other blocklists are doing a great service for the (Internet) industry.
> 
> There might be some collateral damage when a Blacklist whacks an entire /15, but the people who are caught in the crossfire could easily reduce their risk of being a collateral damage victim if they did their research being signing up with a hosting provider or data center (or pseudo data center like CC). If they're signing up with a provider who doesn't own their own IP space they also need to research the upstream owner of the IP space.  If you don't do your research and just grab a deal from a provider because _OMFG RAM! lots of it! Cheap!_ then you have only yourself to blame when you become collateral damage.


You've hit the nail right on the head.


----------



## drmike (Jul 21, 2014)

The only people calling Spamhaus Nazis are the paid shills over on that other parody site.  Some folks should be ashamed of themselves parrotting for CC for discounts and lowcost / Free VPS.

What is going on and backgrounded to this post is the ColoCrossing can't stop fncking spamming. It's probably their liquidity, it's certainly their religion.

Unsure when "smart" people like Jon Biloh became so g0d damn dumb.  Not only is spam illegal in many places, but vast majority of what is being spammed is illegal also.   Illegal drug sales, prescription free selling of who knows what compounds, financial scams, ID theft, selling of fake imposter look-alike products, the list goes on and on.  Keep playing with fire kids...

I've been (since the 1990's) a fan of requiring these network operators to have proper bonding and insurance to even operate.  Bond / insurance should be pursued by victims/the inept/the defrauded/etc. in cases of damages inflicted upon them, their company due to negligence, fraud, etc. perpetrated from their said crappy networks.

People can paint blacklists and other proactive prevention systems as the boogeyman.  People that do are misguided, ignoring reason, ignoring the mass collateral damage by sh!theads abusing such network resources.

If you live in a lousy, crime infested neighborhood, the police are the boogeymen / Nazis.  You are likely to get looked at with additional scrutiny,  you might be stopped for suspicious behavior,  you may end up on lists.... Insurance companies will slap you in the pocketbook for living amongst filth, your home owners insurance will be higher than elsewhere, your car insurance will be higher due to theft and destruction propensity of your neighbors. Why should it be any different in network e-imaginary neighborhood in a crime infested neighborhood like ColoCrossing / Velocity Servers?

See the net isn't isolated like your neighborhood.  What some a$$hole does on ColoCrossing's network by AK-47 style spraying spam, mass attacking targets, etc. ruins the bucolic happiness here in my non-adjacent network.  It sends crime and filth into my children's school.  It wastes electric, wastes computing resources, it wastes MY TIME.

Utopia BS of the internet is becoming utterly tiresome.  Time for the laws that apply to meat and potatoes to start whacking idiot network operators where their tangibles are, in the pocketbook and/or attacking their liberty to operate such businesses.   Because big picture, that's the only things these sorry a$$ excuses for providers/network operators understand - MONEY.  That's why they allow, sell to and foster these bad customers / netizens.

I am sure ColoCrossing would rather have say the Federal Trade Commission and State regulators on their case instead of Spamhaus merely blacklisting ranges correctly.   A proper criminal indictment surely would be less punitive than some Spamhaus action, right?


----------



## texteditor (Jul 21, 2014)

Spamhaus is _literally_ composed of Nazis and Colocrossing is _literally_ the Warsaw Ghetto



drmike said:


> The only people calling Spamhaus Nazis are the paid shills over on that other parody site.  Some folks should be ashamed of themselves parrotting for CC for discounts and lowcost / Free VPS.
> 
> I am sure ColoCrossing would rather have say the Federal Trade Commission and State regulators on their case instead of Spamhaus merely blacklisting ranges correctly.   A proper criminal indictment surely would be less punitive than some Spamhaus action, right?


this is a good summary, basically


----------



## lunanode (Jul 21, 2014)

mtwiscool said:


> Like this:
> 
> 
> 
> ...


Since last year's incident with Spamhaus we begun manual screening of new sign-ups, as well as monitoring outgoing smtp rate per client; basically taking proactive measures to make our network / services less attractive to spammers. Since then we have had no issue with Spamhaus.

We do not agree with the tactics that Spamhaus uses (blackmailng) against ISPs. But the truth is that once proactive measures were taken to ensure our network is clean we have not had issues with spammers, and honestly the internet would probably be a worst place for everyone if blacklists services like spamhaus did not exist.


----------



## Awmusic12635 (Jul 21, 2014)

My experiences with them have not been bad. Get a couple of listings a month (Mainly customers of our customers), resolve problem, reply back it is solved, listing removed. It is that simple.


----------



## Lee (Jul 21, 2014)

mtwiscool said:


> They love blacklsting honest ips.
> 
> And non profit my ass:
> 
> ...


Non profit does not mean they can't make a profit, that would be plain silly.  It means can't use the surplus cash to pay dividends or to be drawn out as if it was profit.  They need to use the money to invest and develop the company.


----------



## sleddog (Jul 21, 2014)

Aldryic C said:


> I'd be more willing to contribute to threads like this if folks were content to simply state their opinion and walk away - don't really feel the desire to be pestered with "omg I'm always right" from the kiddy armchair lawyers.


Well, at least no-one has mentioned Der Fuehrer yet.


----------



## MannDude (Jul 22, 2014)

So what about other spam authorities? Are they not as heavily relied upon as Spamhaus is from mail providers, or are they less vigilant?


----------



## mtwiscool (Jul 22, 2014)

~Lee~ said:


> Non profit does not mean they can't make a profit, that would be plain silly.  It means can't use the surplus cash to pay dividends or to be drawn out as if it was profit.  They need to use the money to invest and develop the company.


The secound compney is a LTD compney and first one is a non-profit.

It is a strange set up and thw whitelist compney does not exist.

My only problem with spamhaus is that they blackmail.

And they could employ themselves then pay them selves out of the chairity anyway.

But a 10x jump is vary strange.


----------



## drmike (Jul 22, 2014)

mtwiscool said:


> The secound compney is a LTD compney and first one is a non-profit.
> 
> It is a strange set up and thw whitelist compney does not exist.
> 
> ...



Give it up mtwiscool...

At least Spamhaus is incorporated and understands to some degree the uses for incorporated entities and why to shield oneself properly.

Where does blackmailing by Spamhaus occur?  Give me one real example....

See words have meanings:



> black·mail
> 
> ˈblakˌmāl/
> 
> ...



I can't find Spamhaus using some emotional control to extract money from misbehaving service providers...  They don't seem to operate a pay to get delisted service either.


----------



## syncrohost (Jul 26, 2014)

They are fine as long as they can be reached via phone or email.  Unfortunately it's near impossible to get a hold of someone when emails are being blocked and It's nothing but headaches when Spamhaus registers IP as blacklisted.


----------



## Kris (Jul 26, 2014)

HalfEatenPie said:


> VM/Dedicated IP or a shared IP?


Lithuania? Sounds like BalticServers.

They switched IP ranges when they tried to look like a legitimate operation (and not just Xrumer machines) but then bought Santrex ranges  

In before : No gauisue, I raely just waes hosting okays torrentings. They are the blakmails


----------

