Spamhaus and Gmail

Today’s been chock full of phone calls and dealing with clients, but I did happen to notice a bunch of people having small herds of cows because Spamhaus listed www.gmail.com on the SBL.
“SPAMHAUS BLOCKS GOOGLE!!!” the headlines scream.
My own opinion is that Google doesn’t do enough to police their network and their users, and that a SBL listing isn’t exactly a false positive or Spamhaus overreaching. In this case, though, the headlines and the original article didn’t actually get the story right.
Spamhaus blocked a range of IP addresses that are owned by Google that included the IP for www.gmail.com. This range of IP addresses did not include the gmail outgoing mailservers.
Spamhaus says

Some Google-owned server IPs hosting severe malicious spam problems – specifically Google’s “Google Docs” service – do get rightly listed in the Spamhaus SBL when Google does not take action fast enough to stop the serving of malicious sites via Google Docs. Such listings act as pointers to the abused resource but do not in any way affect Google’s Gmail service or any Google outbound mail service.

Spamhaus goes on to talk about the responsibility providers have to police their userbase and the fact that large providers who are not policing their users are cost shifting to the rest of us.

We at Spamhaus surely understand the challenges that the cloud service providers face. These problems are not easy to solve and the scale and complexity of the systems involved certainly does not make things easier. What we are puzzled by is how the rest of the internet has to keep carrying the burden of this abuse. The companies that host these services all without exception make hundreds of millions of dollars each year. They employ some of the best and brightest engineers. Surely they can spend a little of their immense resources on making the internet they rely on for their business, a better and safer place.

Unfortunately, Google doesn’t seem to see any value in policing their customers and users. If they can’t make a buck at it, then it doesn’t get done. And if Google’s costs of doing business are shifted to other companies, so much the better. Good for Spamhaus for standing up and pointedly telling Google they can’t keep supporting spam and spammers.

Related Posts

Spamfilters: a marketer's best friend

I was cleaning out my spam folder this afternoon. I try and do it at least once a day, otherwise the volume gets so bad I don’t actually look at the mail I just mark it all as read. I realized, though, that spamfilters are actually a marketer’s best friend.
If there were no spam filters keeping all the crap people get out of their inbox (in my case over 1000 messages a day) then spam would overwhelm even the most dedicated email junkie. I couldn’t do my job without my spam filters, and in fact the recent rash of virus spew is ending up in my inbox and making finding real mail a problem. I do a lot of sorting before mail ever hits my inbox, and I’m still struggling to deal with the couple hundred “your order has shipped!” and “please her tonight!” emails that my local bayesian filters haven’t caught up to, yet.
Today’s stats:
Work inbox: 17 messages
Work spam: 419
95.9% spam
Personal inbox: 40
Personal spam: 975
95.9% spam
Without filters, I couldn’t accurately find that 4.1% of real mail that I get. Without filters, I couldn’t do my job. Without filters, I couldn’t find the real receipts from purchases I actually made. Without filters, I couldn’t read and respond to mail I wanted.
A mailbox overflowing with spam is unuseable, and email marketers should be thankful that providers work so hard to keep spam out. Otherwise, email wouldn’t be useful for anything.

Read More

Marketing to businesses

“If you do stupid things, you’re going to get blocked,” says Jigsaw CEO Jim Fowler in an interview with Ken Magill earlier this week.
Jigsaw is a company that rewards members to input their valuable business contacts. Once the addresses are input into Jigsaw, they are sold to anyone who wants them. Jigsaw gets the money, the people providing information get… something, the people who provided business cards to Jigsaw members get spammed and the people who downloaded the lists get to deal with a delivery mess. Sounds like a lose for everyone but Jigsaw.
Except that now Jigsaw is listed on the SBL for spam support services. Well, that’s going to cause some business challenges, particularly given how many companies use the SBL as part of their filtering scheme.
It’s hard to think of a situation where I would appreciate someone I gave a business card to providing my information to a site that then turns around and lets anyone download it to send email to. I know, I know, there are a million companies out there I’ve never heard of that have The Product that will Solve All my Problems. But, really, I don’t want them in my work mailbox. The address I give out on my business cards is, for, y’know, people to contact me about what I’m selling or to contact me about things they’ve already purchased from me. That address is not for people to market to. I have other addresses for vendors, and even potential vendors, to contact me.
Jigsaw clearly facilitates spam to businesses by collecting email addresses and then selling them on. This is a drain on small businesses who now have inboxes full of valuable offers to wade through. Perhaps their stint on the SBL will make them reconsider their spam support services.
HT: Al

Read More

Spammer loses in the court of public opinion

Columnist Mike Cassidy of the SJ Mercury News dedicates his column today to explaining how horribly a spammer named Michael Luckman is being treated by Spamhaus.
The gist of the story is that Mr. Luckman thinks that because it is legal to purchase lists and send mail that there is nothing anyone can do to stop him from doing so. Unfortunately for Mr. Luckman, this isn’t actually true. Simply complying with the law does not mean that spamming behaviour has to be tolerated by ISPs. What’s more, ISPs have a lot of power to stop him.
His recipients’ ISPs can stop him. Filtering companies can stop him. And his upstream can stop him. In fact, Mr. Luckman’s upstream is GoDaddy, a company that has an abuse desk that is one of the toughest on the Internet. They do not tolerate spamming at all and will disconnect customers that are spamming whether or not there is a SBL listing involved.
Sure, Mr. Luckman is complying, or says he’s complying, with CAN SPAM. But that doesn’t change the fact that he is violating his contract with GoDaddy. Given that admission, I am extremely surprised that the reporter focused so exclusively on Spamhaus’ role in this, without mentioning GoDaddy’s abuse enforcement or that Mr. Luckman has to comply with contracts he signed.
Most reputable marketers agree that sending mail to purchased email addresses is spam. Most recipients agree that mail they didn’t ask to receive is spam. Even the reporter agrees that Mr. Luckman is a spammer. Compliance with CAN SPAM doesn’t mean anyone is required to accept his mail, nor provide him with a connection to the rest of the internet.
This is a lesson Mr. Luckman is having problems learning. Instead of fixing his process so he isn’t sending spam, he contacts a reporter to plead his case in the court of public opinion. Sadly for him, most people hate spam and won’t defend a self admitted spammer against a blocking group. In fact, over 80% of the people who have voted in the “has Spamhaus gone too far” poll have said no. What’s your vote?

Read More