Ask Slashdot: Dealing With Anti-Spam Service Extortion? 279
An anonymous reader writes "I work for a European ISP, and lately we're receiving quite a few complaints from customers about not being able to send emails because of UCEProtect's listings. After checking with their site, we found out that our whole AS (!) was blacklisted. Their 'immediate removal policy' asks for money, around 90 euros Per IP for end users and 300 euros for ISPs, and their site has bold statements like
'YOU ARE LOSING YOUR RIGHT TO EXPRESSDELIST YOUR IP IF YOU ARE STUPID AND CLAIMING THIS WOULD BE BLACKMAIL...'
Could this be considered extortion-blackmail ? Has anyone else on Slashdot dealt with this service before?"
Contact local prosecutors (Score:2, Interesting)
In the US, I'd say what they're doing is restraint of trade. It's kinda like what Yelp does here. People list a business or service. It cost extra to remove negative reports. I avoid them.
While you may not have the resources to deal with these assholes long term, maybe the lawyer will say "litegate" or they may just say "Pay the extortion".
Or you could just find the principles involved and do an Anonymous disclosure on them. Maybe they don't want a bullseye painted on their foreheads or their cars or where their kids go to school. I like this strategy for the Westboro Community Church but you'll have to evaluate if it's OK for these asshats.
Re:I always go along and pay (Score:5, Interesting)
I used to run the AHBL (for those wondering, I am Andrew Kirch), my advice is this. UCEProtect isn't a protection scheme. They're just people who run a DNSBL and got tired of dealing with spammers lies for free. I am incredibly sympathetic, though I did not go the same route. I've been lied to, threatened, received death threads, etc. Eventually you stop doing it for free, and since I was unwilling to charge, I simply stopped. If you want to be delisted, pay, if you don't, don't. If one of your customers/friends/whatever is using UCEProtect, you can also contact them and ask them to stop. I've used it in the past, but not on a block outright basis. My policy applies only to my mail server though, and not yours.
Re:People still use blacklists??? (Score:5, Interesting)
Re:I always go along and pay (Score:4, Interesting)
That could be, but if the listing is inaccurate, they're likely guilty of defamation and probably other things as well if they're keeping the listing as such.
I don't know if in this case the listing is accurate, however, the OP could likely successfully file suit against them.
Yah... legal advice (Score:4, Interesting)
The guy posts the question as an AC. Why? That is a MAJOR red flag.
Secondly, no consumer ISP would tolerate such a question being asked on a public forum, they have lawyers in house to deal with this kind of stuff, they do NOT Ask Slashdot. Never. No way, no how.
10 to 1 that this is some east European with a couple of servers at a hosting party who hires them out to spammers and now finds his leased servers are useless to those same spammers because his IP range has been blocked and he wants them unbanned to he can continue to rent out his servers to spammers.
DNS block lists do on occasion hurt real newsletters. But this is about a legit newsletter, why is not mentioned? If this is a legit service that is being hurt, why is not mentioned. If it is a legit ISP that is being hurt, why is it not named?
Could it be that this question is posted by an AC with not even a hint about the nature of the hurt party being the very generic label "ISP" is that even the simplest google research would reveal that the ISP in question is a spam haven?
Anyway, a DNS list is just a list of numbers. It is a fact list that does nothing unless someone ELSE uses that list. Listing ip's on a list cannot be illegal and block mail from MY server is perfectly legal as well.
Spammers have tried fighting DNS lists for years now and failed. This question should never even have been asked.
Re:People still use blacklists??? (Score:5, Interesting)
The way this is handled in Finland that each isp has one outgoing SMTP-relay server that you have to use, you can't send the mail directly out. You can receive all the mail you want but the outgoing pipe has restrictions to prevent open/miss-configured servers, works great. (I have my own mail server with such arrangement on a static IP)
If you are a ISP I would suggest a similar arrangement to prevent all your customers sending spam :)
Re:People still use blacklists??? (Score:5, Interesting)
There just isn't any good reason to be operating a SMTP server on a residential connection
In the EU (and probably elsewhere too) there are VERY compelling reasons to do so. ISPs are required by law to store all your e-mail (and other) traffic and make it available to the government at a whim. So much for the basic human right to privacy and private communications (but hey if you're no turrerist you've got nothing to hide eh?) They are still snooping port 25 and probably reading it at the receiving end anyway, but I'll be doing anything in my power to hinder the government from snooping on my private communications.
UCEProtect is a spammer. (Score:5, Interesting)
I've had to deal with UCEProtect in my job as a system administrator. Whenever we got listed it was because their spambots (that send mail coming from the droppatrol.de domain) managed to get a bounce out of our system. We allow our users to forward mail offsite and some do to sites that are far far less permissive then us, and when that happens we properly send the bounce.
I would say that running spam bots, and then asking someone to pay to get off a blacklist that their spambots got you onto, is effectively organized crime type extortion.
Re:NEVER trust and AC (Score:5, Interesting)
Wouldn't happen with Comcast, because they block outgoing 25, and force everything through their mail server where they can implement sanity and outgoing spam checks.
That, I think, is the point of blocking the entire AS.