Lativa Upset With Spamhaus Over Blacklisting
Written by Sue Walsh on September 6, 2010
Credit: Spamhaus.org
The Latvian government is quite upset with Spamhaus and was not shy about showing it. The spat began when Spamhaus placed a block of IPs belonging to a Latvian service provider called Microlines due to a large amount of spam and DDoS attacks traffic originating with them. Spamhaus said when it contacted the provider with a take down demand they were ignored. They also sent the same requests to the router provider, Latnet Serviss and were also ignored. That’s when they blacklisted the IPs. The government agency in charge of top level domains for the country promptly lashed out when the blacklist caused several national institutions and organizations to suffer an outage.
“No Internet user should be punished for the actions of another Internet user,” the officials said, adding that Spamhaus is impolite, arrogant, and even rude.”
Their ire is the result of the fact that Latnet Serviss is one of the largest ISPs in the country, but the fact remains that they blatantly ignored the communications from Spamhaus, and what’s more, Microlines has been found to be hosting rogue anti-virus apps, the Zeus and Gozi Trojans, and other malware. Several security firms have come to Spamhaus’s defense and blamed Latnet and Microlines for refusing to deal with the issue.
It’s not yet known if the government has taken any action to get Microlines to comply or when/if the block will be lifted. The moral of the story? If you get a take down notices or abuse complaint, take it seriously and respond promptly!
Loading ...
Unfortunately, Spamhaus was completely right in this case. Microlines.lv refuses to institute and abuse address and will not respond to abuse reports sent to those addresses it does have. Moreover, it is all but impossible to even contact them online as their mail server rejects 99/100 messages I’ve sent them- changing IP’s, ISP’s, and mail clients/services does not matter.
79.135.155.47 and 46 have been hosting Glavmed/Spamit illegal pharmacy sites for a while now, and nobody at Microlines appears to care- even when you can slip a mail past their ridiculous spam filter (how ironic).
Had Microlines followed the relevant RFC’s and instituted an abuse address or responded at all when contacted by both spamhaus and independent reporters, they would not have brought this upon themselves.
I’d have to agree with the Latvians on this one. We’ve suffered outages though Spamhaus blacklisting shared ISP servers without any concern for the effect on other users of that server. Their support staff are not only rude but offensive, posting sarcastic comments and the like in replies to polite requests for removal.
It also seems that most of the blacklisting activity is the based-on tipoffs from so-called trusted third parties, and that little or no checking is done on the validity of such submissions.
If you’ve tried using Spamhaus blocklists on a mailserver you’ll know that the SBL-XBL list is reasonably effective, but the Zen list blocks far too much valid mail.