| About | Legal | Contact | Resources | Home | mainsleazespam.com |
| uu.net (Also known as spew-spew.net in the anti-Spam community. |
|
There is a great deal of evidence in public archives of spam and reports of interactions
with uu.net representatives, that uu.net hosts many spammers and spam support operations.
uu.net in fact ranks among the most listed ISPs for this reason at Steve Linford's
Spamhaus.org, Sponsor of SBL. A post made January 18, 2004, to news.admin.net-abuse.email pointed out that the following: On Jan 1, UUNET had 112 SBL listings. On Jan 18, UUNET has 123 SBL listings. |
|
Should ISPs Be Knowingly Profiting From Selling Service To Known Spam Gangs? Press Release by Steve Linford SBL February 4, 2005. Since the release of Sobig spammers have released countless virus variants turning millions of private home computers into unwilling spam servers. Crucial in this underground spam world is the stealth bulk spamming software specially written to take control of private computers. Crucial to the distribution are a handful of ISPs knowingly aiding the spam gangs. In this article Spamhaus exposes the author and distributors of the illegal Send Safe proxy hijacking spamware, and exposes one major ISP knowingly hosting the proxy spam gang. This for Spamhaus is the crux of the spam problem, because MCI Worldcom not only know very well they are hosting the Send Safe spam operation, MCI's executives know send-safe.com uses the MCI network to sell and distribute the illegal Send Safe proxy hijacking bulk mailer, yet MCI has been providing service to send-safe.com for more than a year. MCI executives have refused to stop providing service to these gangs, insisting that the sale and distribution of stealth spamming software is "not against MCI's policy". For more than a year MCI have flatly refused to stop send-safe.com and other proxy spam gangs, which has allowed Send Safe to become one of the most sold anonymous proxy hijacking bulk mailers on the spam scene, and has had ever more spammers flocking to MCI. Complete text of Linford (SBL) Press Release. Linford Response to Criticism of Press Release. |
|
In September 2004 Savvis, a major ISP, announced that, in response to Steve Linford and Spamhaus.org
suggestion to Savvis that Spamhaus was about to blocklist Savvis corporate email servers, Savvis would
be begin removing the spammers from their network. Many in the anti-spam community were highly skeptical,
especially in light of internal Savvis memos leaked to the Internet which showed Savvis execs had
discussed strategies to allow them to keep their spammers and dodge the wrath of being blocklisted by
not only Spamhaus, but also SPEWS, which was escalating blocks of Savvis net space. I posted the
question below to Steve Linford in the newsgroup news.admin.net-abuse.email, since MCI / uu.net is
a major ISP that as a source of spam abuse is far greater than Savvis. Below is Steve's reply as
posted with full headers as it my my newserver. Path: newshog.newsread.com!news-toy.newsread.com!netaxs.com!early-edition.newsread.com!newsread.com!newsprint.newsread.com!news.glorb.com!sn-xit-02!sn-xit-09!sn-xit-08!sn-post-01!supernews.com!news.supernews.com!linford From: Steve Linford Newsgroups: news.admin.net-abuse.email Subject: Re: Regarding SAVVIS Date: Sun, 12 Sep 2004 18:44:35 +0100 Organization: The Spamhaus Project Message-ID: References: User-Agent: MT-NewsWatcher/3.4 (PPC Mac OS X) X-Complaints-To: abuse@supernews.com Lines: 30 Xref: news-toy.newsread.com news.admin.net-abuse.email:2470831 In article InactiveX666@hotmail.com (Ronald D. Edge) wrote: > In article > linford@spamhaus.org says... > >One of our U.S. team simply left a message with SAVVIS Abuse for an > >executive to call, one did a few minutes later. > > And you are planning to do this with MCI/uu.net on? MCI is a much greater problem, it's not a case of a few executives working against an otherwise anti-spam abuse team that wants to enforce the AUP, the culture of spam support is deeply engrained in MCI VPs as well as in the leaders of the abuse department. MCIs abuse department hates anti-spam organizations as much as the VPs like spam revenue, they refuse to work with any anti-spam system - doing so would be "giving in to the anti-spam community" as MCI's abuse chief sees it. MCI is not a problem anyone can fix overnight or with a few phone calls. Tackling the MCI spam problem is a multi-pronged approach. As I've said before, there is no question Spamhaus will escalate listing mci.com corporate mail relays for knowingly providing spam support to professional spam gangs, but action from us alone is not going to eradicate the rot in MCI, therefore we plan action in concert with a campaign involving press and MCI shareholders. -- Steve Linford The Spamhaus Project http://www.spamhaus.org |
|
uu.net recently suffered quite a bit of public scrutiny for its role in allowing
spammers to operate, about the time the state of Virginia was announcing a major lawsuit
against one of the reported top 10 spam operations. Seems someone pointed out
that uu.net is ranked among the most prolific sources of spam on the Internet
by what is probably the most reputable and respected spam email blocklist currently
in operation, Steve Linford's Spamhaus.org. Article
linked below reports that "...Spamhaus.org, also monitors the world's Internet service providers,
the companies that connect people and businesses to the Internet. In that category, Spamhaus
lists UUNet as the ISP allowing the most spammers onto its network, based on the Internet
addresses they are using: Group Lambasts UUNet on Spam As reported in the Register online in UK |
|
One of the first places many in the anti-spam community turn on the web to spot
where the spam is coming from is the archive of postings to the usenet NNTP newsgroup news.admin.net-abuse.sightings.
This newsgroup exists solely as a place for posting samples of spam email with the original headers as
evidence. The archive is maintained by google.com at Group: news . admin . net-abuse . sightings To get an idea of uu.net's role in this problem, go the the URL above, and in the search box enter the text "uu.net" (leave the double quotes!). Right below the search argument text box is a radio button labeled "Search only in news.admin.net-abuse.sightings". Be sure to check it so you search only in this group. Searching on the afternoon of January 2, 2004, I just now got 33,500 hits. Searching on "uu +.net" (this time REMOVE the double quotes), I got more than 38,000 hits. Note that only the tiniest fraction, probably a vanishingly small fraction of 1% of any total single spam run, get posted to this newsgroup. The real numbers of spam emails being sent from uu.net space appears to be pretty monstrous, and growing steadily for the past five six years. To get an even better idea of the problem, visit this archived newsgroup: Group: news . admin . net-abuse . email This newsgroup is frequented by many system administrators and technicians active in computing technology and support, and particularly in the fight against spam email. It is also frequented by trolls trying to disrupt the group. The language can get rough. But the bottom line is, a search like that above on the delimited string "uu.net" returns 31,000 posts discussing uu.net and its role in spam support. One can see from the reports over the past five or six years the trend at uu.net towards ignoring complaints and allowing the spammers to flourish, according to claims made by those reporting their attempts to contact uu.net and get uu.net to enforce its terms of service, which actually explicitly forbid the very abuse they appear to be allowing to flourish. |