October 13, 2011,
A Dutch ISP has filed two police complaints against Spamhaus, telling eWEEK Europe that its CEO is “nuts”
A Dutch Internet Service Provider, A2B, has filed two complaints with the police against anti-spam outfit the Spamhaus project, which is based in Geneva, Switzerland.
Spamhaus touts itself as an international non-profit organisation whose mission is to track the Internet’s spam operations and sources. Some ISPs use its blacklisting services to reduce the amount of spam they have to deal with.
Meanwhile, A2B is a Dutch ISP that provides the upstream connection for a number of data centres.
Speaking to eWEEK Europe UK, the director and owner of A2B, explained why he had decided to file two complaints with the Dutch police about Spamhaus, accusing it of “blackmail”, after it added all of A2B’s IP addresses to its SBL blacklist.
The problem began after Spamhaus asked A2B to block all the data traffic from the German ISP Cyberbunker, claiming the latter had been engaged in spamming. But A2B told eWEEK Europe that it decided to block only the particular IP address that Spamhaus had identified as a source of spam.
But this cut little ice with Spamhaus, which promptly added all of A2B’s IP addresses (for all of its customers) to its blacklist. After about 24 hours, A2B gave in and blocked all of Cyberbunker’s traffic, after which the blacklist entry was removed.
A2B sees this as proof it had been extorted and that the listing was not based on the ISP being involved in spamming. It claims Spamhaus’s actions were unfair and illegal.
“We are an ISP that provides upstream connections to our clients (mostly data centres),” explained A2B owner Erik Bais. “One of our data centre clients had another client, who was the original target of this problem.”
“Basically what happened is that instead of asking us to deal with it (by removing the offending IP address), Spamhaus told us that it wants that particular customer off the Internet, or we list all your customer’ IP addresses on our blacklist,” Bais said.
“This forced us to drop this particular customer’s IP address, but this IP address had nothing to do with where the spam message had originated from,” said Bais. “Suddenly all of our innocent customers were asking us what is going on, as their email connections were suddenly not working.”
No Legal Reason
“Spamhaus is blackmailing us because they forced us to do something for no legal reasons,” insisted Bais. “We checked and that customer had not violated our strict abuse policy, and it was absolutely not doing anything illegal.
“However Spamhaus said to us ‘you must do this or your customers will not have any email service’,” said Bais. “They deliberately denied email services to those that had absolutely nothing to do with spam.
“Consequently I filed two complaints with the Dutch police. The first complaint is a blackmail complaint against Spamhaus. And the second complaint is that Spamhaus has denied services to our customers, and denied them to have regular email traffic.”
Bais also went on to accuse Spamhaus of responding to his emails on the subject in a “non-civil manner.”
“I emailed Spamhaus CEO Steve Linford,” said Bais. “He responded by actually stating that ‘our policies are our policies we don’t care about your local laws’”.
According to Bais, Linford then told A2B that it must either follow the Spamhaus abuse policy or find itself on the blacklist.
“There are very strict rules about spam in the Netherlands, and indeed in Europe. Internally we also have very strict abuse policies, but I was very shocked at his response, as he (Linford) thinks he is above the law. This has to stop, as the guy is nuts,” said Bais.
“I actually stated in my email correspondence with Spamhaus that I was not trying to shut you down, or seeking financial compensation, as I want it resolved between us, but you need to adjust your policy because using a blacklist is all about your reputation,” said Bais. “By doing this, Spamhaus is ruining its own reputation, not mine.”
Bais said that at the end of this month he will be addressing an anti-abuse workgroup in Vienna (Austria) about this incident. “We are going to address this to the whole IT community and ask them to decide who is right and who is wrong. We are going to ask the IT community if Spamhaus is out of line, or if they need to limit themselves to just the offending ISP address in this case. This needs public discussion, but I am pretty sure which way it will go, as the community will say that Spamhaus is out of line here.”
Spamhaus did not respond to eWEEK Europe at the time of writing.
Updated: Spamhaus has responded to eWEEK Europe’s request, dismissing A2B’s claims as “rubbish”.
“If The Netherlands had penalties for wasting police time, Dutch ISP ‘A2B Internet’ would be looking at a hefty fine,” said Linford in an email.