New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Luna Node being extorted out of SingleHop
I received the following email last night. Apparently Spamhaus is threatening Singlehop with listing all their ranges if they don't kick out Luna Node. This kind of annoys me because it took me a while to find a decent KVM provider in Chicago and I signed up with them back when they were handing out /29s with every VPS.
SpamHaus Project Ltd., a company registered in London which maintains a
spammer blacklist, has threatened our service provider, SingleHop LLC,
that SpamHaus will blacklist all IP ranges assigned to SingleHop LLC
unless our (Luna Node) services with SingleHop LLC are terminated. As
such, SingleHop LLC has informed us that, unless this issue is resolved,
they will be closing our account on December 31st, 2013. We have
contacted SpamHaus Project Ltd., however they are now ignoring our
communications and refusing to work with us. We are still in the process
of discussing the issue with SpamHaus, but if this is unsuccessful, we
will be migrating all services to BurstNET's Scranton, PA datacenter.
On December 4th, 2013, a spammer began registering multiple accounts on
our billing system. We received reports of spam activity through SBL
listings and other sources, and terminated each account found to be
conducting spamming activities within a few hours after each report. By
December 15th, 2013, we had found the linkage between the accounts and
blocked the common IP subnet from which the orders originated. A few
days later, we also adjusted our policies and began conducting manual
screenings on all new clients to curb spamming activity on our network.
However, at the same time, due to the multiple blacklistings, SpamHaus
apparently incorrectly came to the conclusion that we were providing the
same spammer with a IP address each time we received a blacklist. As
stated above, they began illegally blackmailing our service provider and
pressuring SingleHop LLC to terminate our services. We immediately
responded with clarification of the policy changes that we were
implementing, including the manual screening of new customers (by
validating residential IP address, physical address, phone number, and
other provided data) and the considering of blocking outgoing
connections to port 25 by default on newly provisioned virtual machines.
Yet, after December 18, 2013 we have received no response from SpamHaus
and they appear to be ignoring our emails; again, we are still
attempting to communicate with them at this time. They have additionally
started listing arbitrary ranges assigned to Luna Node, including our
web server (which does not send any mail).
Due to the possibility that SpamHaus will continue to ignore our
communications, we are sending this notification and also preparing a
backup plan involving migration to new servers with Luna Node in
Scranton. You have the following options:
* Continue with the migration to our servers in Scranton, PA. This will
involve a change of IP address assignment.
* Pro rata refund for active services
The first option will be taken as default. If you would like a refund,
please open a ticket from the client area.
We have researched this antispam group and have found that they have
similarly affected other businesses, and that their actions are in fact
illegal by both EU and US laws. For more information, see the links below:
* http://www.quackpotwatch.org/opinionpieces/spamhausspewsaffidavit.htm
*
http://www.techweekeurope.co.uk/news/dutch-isp-hits-spamhaus-with-police-complaints-42302
* http://www.a2b-internet.com/spamhaus/
We have thus notified the appropriate agencies, including the United
States Federal Trade Commission and the Federal Bureau of Investigation,
by filing a complaint through the Internet Crime Complaint Center (ic3.gov).
If you have any questions, please open a support ticket. We apologize
for the impact to your services; we have spent considerable effort so
far to no avail to deal with SpamHaus' illegal actions, both by
attempting to cooperate with them and informing law enforcement agencies.
Best,
Jason Lee
Comments
Going from Singlehop to BurstNET? Ewie!
The letter seems to be handled professionally.
SpamHaus has lost its moral compass. I can imagine all the crap they deal with on a daily basis, but this is not an excuse for lack of responsible use of power they have. It's terrific how easily this third-party organization can kill someone's small business without any chance to appeal.
I feel sorry for LunaNode's situation and I hope they will survive this.
http://www.spamhaus.org/sbl/listings/singlehop.com
That's quite a few SpamHaus complaints in a short period.
Agreed. IANAL but I can't believe LunaNode wouldn't have an air-tight lawsuit against spamhaus for this.
The complaints were regarding the services of a single client who has already been dealt with; said client registered multiple accounts in our billing system, but was terminated within a day after we heard from SpamHaus that it looked like the same server was being set up at different IP ranges. We began manually screening new customer data (disabling automatic provisioning for new customers). We informed SpamHaus of this, but they have not indicated whether this is not sufficient or what.
Man, and I was going to purchase a VPS with you guys.
Spam goes on for quite awhile before they get a complaint/add a listing, how are you contacting them?
Via [email protected]
Using the subject line they provide I hope. In my dealings with them they've always been quite reasonable and quick to delist.
Hmmm If lunanode is on here, where do I buy a VM
? I am actually starting to hate spamhaus.
Mun
Same here, never had any issues with them on multiple occasions.
https://www.lunanode.com/duWqmq8ANgGYJCmH.html
http://www.spamhaus.org/sbl/query/SBL206845
http://www.spamhaus.org/sbl/query/SBL207344
edit:
Full singlehop listings:
http://www.spamhaus.org/sbl/listings/singlehop.com
More Luna Node Listings:
http://www.spamhaus.org/sbl/query/SBL206845
http://www.spamhaus.org/sbl/query/SBL206907
http://www.spamhaus.org/sbl/query/SBL206962
http://www.spamhaus.org/sbl/query/SBL207344
http://www.spamhaus.org/sbl/query/SBL207663
http://www.spamhaus.org/sbl/query/SBL207665
@nunim already posted that.
The listing of our web server at http://www.spamhaus.org/sbl/query/SBL207665 is arbitrary, we don't send mail from our web server.
Giving out /29's is great however it should have been very obvious this would build a reputation as a great email host, that is sad but true.
A lot of clients really do not either understand or care about spam, to many of them they just think spam = hello I am price nagabodo from nigeria and I want to give you a billion groats or viagra,
They just dont understand that 1) cann spam is still spam and 2) mailing lists etc will generate spam reports in all but the most well executed of circumstances.
I think spamhaus will probably accept this and in the mean time I think you should work with the DC to have all outbound SMTP traffic from your servers blocked at a network level, set up a relay server and only allow customers to use the white listed relay on application, that way you can limit things to the point that no spammer will target you anyway and anyone that pays no attention and just starts sending (usually spammers) will be none the wiser but at the same time doing no damage.
SpamHaus Project Ltd. appears to have additionally delisted all of our IP blocks after further communication today. I will not confirm any changes in the status yet as we are still communicating with SingleHop LLC, who probably will have to confirm with SpamHaus.
I am regaining trust in SpamHaus but they still have a ways to go, this caused us and I'm sure our customers as well a lot of frustration.
Note that either way I believe we (Luna Node) will be proceeding to offer services is Scranton in BurstNET's facility with owned equipment (and hopefully our own IP ranges); ideally this will be an additional location and not a move!
For the love of god, please don't waste your time and money on that "network"
@perennate: I think a good IT lawyer and a class action suit against SpamHaus would cure the problem pretty quick, as opposed to alerting "law enforcement agencies" who are unlikely to act here.
And also cost more than our annual revenue.
The key words you seem to have missed were: "class action". Assuming prospects are good, this is usually undertaken on contingency basis. With a good PR campaign (read: lots of publicity needed to get this going on a large scale), such action should be enough to get SpamHous to sit down and settle quickly before they are put out of business as an unreliable (false positives) and untrustworthy, not to say shady (blackmail), service.
Prometeus had also dealings with Spamhaus...
They blacklisted a whole /23 and threatened to blacklist everything including upstream (and we have hundreds of peerings) because there was a recurring spammer (2 incidents, some 2 weeks apart). They also refused to communicate further and said we need to do much more than currently do to keep spammers out. Probably thought we are a small operation with a couple of hundred customers and seers that could tell a spammer from the name at sign-up.
The fact they were the only ones listing the range for weeks, didnt bother them at all and it actually helped since the word got out and spammers avoided us, but as time went by and more email providers got some letters from us, they delisted without any comment.
Hosting email is not profitable so we recommended our customers affected by this abuse to use mandrill, however it sucks for people which are kicked out of their DC due to this.
At that time we didnt provide DNS services either and people trying to use some free or otherwise were also rejected, so it went further than email.
Spamhaus doesnt stop spam, they only benefit from it, it would be against their interest if real spammers would disappear.
As this instance has shown, Spamhaus is usually quite reasonable. They do not try to extort you out of money for delistling like some of the SBLs. I've never personally encountered a false positive on Spamhaus, have you? They're usually quite a bit more accurate then most SBLs, especially company internal lists like Yahoo, AT&T, GoDaddy etc.. I've experienced numerous false positives with those companies but I have yet to receive a false Spamhaus.
Please do not get into BurstNET, get into a more premium datacenter that's similar to Singlehop. Maybe Singlehop in Phoenix, perhaps?
@Jeffrey I don't think singlehop offers colo
And i don't think they want to go with the same company.
BurstNET should be a last resort.
Sorry for my "shorthand": by "false positive" I was referring to the situation described by @perennate in his emails to customers (of whom I'm one) a while back, prior to resolving this situation.
With respect to "reasonable": we seem to have a radically different understanding of the meaning of the word! Keeping IP's blacklisted in their database and turning up pressure by refusing to communicate is bad enough. Blackmailing a provider's upstream, however, crosses the line into a very dark, gray area, to put it very mildly. And from what I hear, seems this is SpamHaus's standard operating procedure these days. If true, they should be shot down, pure and simple, and some other organization with a little more common sense and social responsibility take their place. Just my 3 cents looking from the outside (had no dealings with them. Yet!
For the part about upstream, SingleHop owns the IP space; still, telling them they'll blacklist everything is kinda excessive.
Thanks for the clarification. Still, SpamHouse did cause SingleHop to tell you to move out forthwith. Sounds like they see themselves as the new global Internet Police. Can't say I see this as an improvement on the odd spammer out (usually pretty simple minded and hardly tech savvy and easily handled inhouse using graylisting, SPF, DKIM and a few other simple tools).