Email meltdown claims slammed

Although ISPs have confirmed experiencing problems with a dangerous spamming trick reported by Spamhaus, anti-spam vendors say it's all hype
Written by Dan Ilett, Contributor

Security vendors have accused anti-spam experts at Spamhaus of hyping a trick that allows spammers to take advantage of Internet service provider mail servers.

Earlier this week Steve Linford, director of Spamhaus, warned that email infrastructures were on the verge of collapse because a new worm is forcing zombie computers to relay spam via ISP's mail servers. This, Linford said, is a huge problem because including ISP domain names in spam black lists would cause a huge proportion of legitimate mail to be blocked.

But vendors, who also claim to be able to solve the problem with their products, have attacked Linford over his comments.

"You report the words of Mr. Linford from SpamHaus about the email infrastructure being menaced and about to collapse," said François Bourdeau, director of marketing for Vircom. "I find this to be not very accurate. Although the zombie drone problem is very serious, there are solutions out there for ISPs that will minimize the effects of zombie PCs sending out tons of spam."

"There are technological solutions to the problem, but that ISPs need to take responsibility and use tier-1 solutions to prevent the problem from becoming overwhelming," Bourdeau added.

Anti-spam company Postini also released a statement criticising Linford. "Postini believes that SpamHaus is badly overreacting to the recent news that some spam zombies now relay spam through ISP email gateways rather then sending the spam directly to receiving mail servers. The notion that this makes spam undetectable is completely unfounded."

Spamhaus is a non-profit organization that tracks spam gangs on the Internet. It works closely with police forces and is involved in various governmental anti-spam projects around the world. Linford said on Friday that many ISPs had contacted him about the problem asking for advice, and reiterated his concerns.

"This has already done damage," said Linford. "Large email companies can't tell you they are under pressure. They can't say anything to the press because people would question the resources to handle email. We don’t see this as hype.

"There are certainly ways to prevent this. We're just saying to do it quickly. The ISPs have said this is something they know about. Most vendors would say 'yes, yes, if you use our products, you can get rid of the problem'. But it's not effective just to buy products," Linford insisted.

Linford added that AOL was the first ISP to report an increase in spam, several months ago, caused by this trick. UK ISPs, such as BT and Thus, have declined to comment on the matter.

Some of the largest US Internet providers have acknowledged that the issue is a problem, although they insist that email was not at the point of meltdown. Many ISPs have blocked open relay ports, such as port 25, to shut out spammers from disseminating messages from home-operated servers. The block has helped some broadband ISPs limit the output of zombie spam, and some have noticed the new form of malware taking shape.

Earthlink, which runs both a dial-up and a broadband service, said it has noticed a gradual increase in spam volume coming from its legitimate mail servers since the beginning of 2004. The company claims it has implemented safeguards, such as authenticated SMTP servers and re-routing of legitimate e-mail, to cut down the flow.

"Overall we've been able to greatly reduce the amount of spam from our network by routing activities and applying chokepoints," said Trip Cox, Earthlink's chief technology officer. Cox added that the measures have reduced spam from 30 percent of the ISP's total email volume to 2 percent.

CNET News.com's Jim Hu contributed to this report.

Editorial standards