Xtra blames huge spam attack for email delays

[alienwithin]

Thought this article might interest a few. Although there are rumours going around that the problems, which started happening three weeks ago, are due to new software they installed three weeks ago, would be interesting to know if it is, but they wont say, because if it is, they will be up for millions of dollars in compenstation to companies and home customers affected.

Xtra blames huge spam attack for email delays

Wednesday December 13, 2006

By James Ihaka

New Zealand

A huge spam assault on Xtra's email network is to blame for emails taking days to be delivered, says Telecom.

Several customers have vented their frustrations on an Xtra website message board saying some emails were days late.

The problems appear to be a continuation of the problems that plagued the network a few weeks ago.

One woman on the Xtra message board said she had forwarded emails from a computer 10m away from her own and sometimes had to wait up to three days to receive them.

Another woman contacted the Herald and said she tried to email another Xtra customer several times after completing a Trade Me auction, only to find out the other person had not received her emails.

General manager of consumer marketing, Kevin Bowler, said spammers intentionally targeted Xtra "with a flurry of false connections which are making it difficult for some mail servers to instantly connect to Xtra".

He said the record volumes of spam meant such problems would be "an unfortunate and on-going reality of the internet not specific to any provider".

Telecom filtered a record 226 million items of spam in September, compared with 65 million for the same time in 2005.

Mr Bowler said Telecom had invested "tens of millions of dollars"in email and anti-spam software and worked closely with two of the world's leading anti-spam vendors.

"spam and email security are areas that we have been placing significant resource and focus on."

But at least one Xtra customer is not convinced and believes the problems are due to Telecom's underinvestment in technology.

"I think it's too much of a convenient excuse," said Kevin Wright. In recent weeks he had waited "up to 2 1/2 days" to receive emails from the US.

"It appears like they have had some new spam filters put in which is slowing down traffic from offshore. Ten to 30 minutes is okay but 2 1/2 days is completely unacceptable."

[bobbear]

I think it often seems to go like this:

ISP notices bandwidth costs are soaring as the spam epidemic rises to new highs. ISP installs spam filtering software that reduces the ISP's bandwidth costs but slows everything down to a crawl and causes customer dissatisfaction with long email delivery times and missing emails, (usually into a blackhole as ISP's often don't now allow any form of NDR), thus rendering email often slower and more unreliable than snailmail.

It's only going to get worse until all sections of the internet community start taking spam seriously, (or are forced to take it seriously by legislation), instead of just ignoring it completely or at best regarding it a nuisance that has to be tolerated.

It seems to me that spam has transcended 'nuisance' status and is now actually starting to render the email system unusable in the present form of the SMTP.

Just my 2p's worth......(UK currency)....

[Telarin]

What is really frustrating when you think about it, is that spam could be totally eliminated if 6 agencies decided to do so.

The 5 regional registries control all the IP address: ARIN, APNIC, AFRINIC, LACNIC, RIPE

If those 5 agencies made it part of the terms of IP registration that an applicant could not support spam services, it means complaints that went unanswer and unresolved could be forwarded on to the registries, and the IP addresses pulled. This would put pressure on the top level ISPs to make sure that their customers were not supporting spammers, and would present dire consequences for those that ignored what went on on their networks.

The 6th agency is ICANN who acredits the registrars that handle domain names. Same thing, if they made a policy forbidding support of spammers, then those registrars that have demonstrated an "I don't care if we support spammers" policy again and again would have their accredidations pulled until they could demonstrate a system for dealing with these problems.

Thats it, that would be the end of spam. It would put responsibilty for all spam origins on the ISPs, and would force them to deal with, rather than ignore the problems, and on the registrars that allow spammers to operate off their nameservers.

[turetzsr]

What is really frustrating when you think about it, is that spam could be totally eliminated if 6 agencies decided to do so.

<snip>

...That would (well, might) end e-mail spam as we currently know it. IMHO, as long as there is economic incentive to spam, there will be spam in one form or another. If we find the way to keep it out of our e-mail inboxes, it will move to IM or newsgroups or some other "free," trusted medium. When we find a way to stop that, it will move to another medium. And on and on until the economic value is gone.

[Telarin]

That is true, however, getting it out of email would substantially reduce the impact on businesses as most don't use (and many do not even allow the use) of IM programs and other "free" means of communication. However, if those conditions were put into place by the RIRs and ICANN, it would be a simple matter to extend them to include IM and other programs that are susceptible to spam.

[bobbear]

What is really frustrating when you think about it, is that spam could be totally eliminated if 6 agencies decided to do so.

<snip>

I couldn't agree more. It is so frustrating to see registrars that completely ignore any abuse reports and the usual rogue IP ranges spewing spam. Mind I can see problems in pulling IP ranges as the ultimate penalty as that may hit more innocent users than crooks and could result in a huge backlash.

The registrars probably could, (and should!), be leant on with less collateral damage if a standardised AUP compelling registrars to act on all spam abuse reports was part of a mandatory accreditation agreement and registrars that failed to comply were prevented from accepting new registrations.

The problem is, whatever ideas are implemented, would they just be useless without an international framework of agreement and enforcement?

[Miss Betsy]

IIUC, the people who could stop the spam, the major upstream providers, are not concerned because they don't get blocked AND they get the money for all the bandwidth that spammers produce - i.e. sprint and China.

Another problem with delays is that ISPs are using content filters instead of blocklists - something the consumer should understand. Several years ago, emails to an Earthlink took several hours to deliver while the same email to a hotmail account was delivered immediately.

Miss Betsy

[Telarin]

IIUC, the people who could stop the spam, the major upstream providers, are not concerned because they don't get blocked AND they get the money for all the bandwidth that spammers produce - i.e. sprint and China.

Another problem with delays is that ISPs are using content filters instead of blocklists - something the consumer should understand. Several years ago, emails to an Earthlink took several hours to deliver while the same email to a hotmail account was delivered immediately.

Thats the point of going all the way to RIR policy. It puts the pressure on the upstream ISP, because it is their IP ranges that are ultimately at risk. And really, for the most part the upstreams are just providing connectivity. Their servers never touch emails moving accross their network, and as a general rule, packet snooping their customers data would be very very illegal. IF they receive abuse reports for downstream ISPs, they can act on them if they choose, but it is unlikely that they will receive very many, since most people don't know how to escalate a report, and those that they do receive are going to be very hard to prove since they wouldn't have access to the customers servers anyway.

I couldn't agree more. It is so frustrating to see registrars that completely ignore any abuse reports and the usual rogue IP ranges spewing spam. Mind I can see problems in pulling IP ranges as the ultimate penalty as that may hit more innocent users than crooks and could result in a huge backlash.

Having an RIR pulling IP addresses would of course have to be a last resort as it is essentially the nuclear option. It effectively shuts down the ISP with no recourse but to comply or stay offline with no IPs.