
Verizon Routing Millions of IP Addresses for Cybercrime Gangs - r721
http://www.spamhaus.org/news/article/726/
======
jakejohnson
Verizon is also allowing spammers to abuse Vtext, their email-to-SMS gateway
with spoofed domains. No SPF/DKIM checks so they can forge email From headers
and send out tens of thousands of spam text messages:
[http://blog.unto.net/a-bug-in-the-system-or-why-isps-
should-...](http://blog.unto.net/a-bug-in-the-system-or-why-isps-should-use-
spf.html)

~~~
cookiecaper
We've found that DKIM keys are often if not always ignored by major mail
carriers.

~~~
superuser2
Interesting. I found that my custom-domain Fastmail address went from spam to
the inbox in GMail the moment both SPF and DKIM were set up correctly.

~~~
cookiecaper
I think the presence makes a difference, and SPF is often at least partially
respected. But I think DKIM is so often incorrectly configured that most major
mail carriers just decide they have to let it through anyway.

------
cm2187
Starving spammers of IPs is not really a solution to spam anyway. Reforming
smtp is. And it is long long long overdue...

What I don't understand is that pretty much everyone has an incentive to
eliminate spam. ISPs to reduce traffic, emails providers to produce a better
service and spend less time dealing with spam. Users for obvious reasons. Only
the NSA enjoys the current unencrypted status quo. Why doesn't it happen? Why
are we stuck with a 30y protocol?

~~~
geofft
The incentives aren't aligned right. Every business will still need SMTP to
receive email from outsiders, and through that SMTP will come spam. Even if
two businesses decide to switch to a better protocol between them, they're
still running SMTP to reach anyone else.

And unless you permit sending a single message to both SMTP and better-than-
SMTP recipients without any UI awareness, you've built a product that's
strictly worse than SMTP for end users.

You could add features to email to make a more compelling product, and then
kill seamless integration with other SMTP users and still have a better
product. (See e.g. Slack. Or Facebook, for personal email.) And then maybe in
many many years nobody will want email any more. But that won't be quick.

~~~
cm2187
The market is very concentrated. If gmail, yahoo, microsoft and comcast
announce that they will gradually increase the spam level on non-"new smtp"
traffic, you can bet that adoption rate will stellar. Yes smtp will have to be
around for a while but if you treat any legacy mail traffic as suspicious once
it becomes <10%, I think it will go away within 3-5 years.

~~~
geofft
Most of those providers already enforce DMARC between themselves, which
provides all the anti-spam benefit you could hope for from a new protocol. (In
terms of protocol beauty, it's awful, but in terms of functionality it does
what you want.)

If Gmail, Yahoo, Microsoft, and Comcast announced that they are making it more
likely that outside email (from online stores, from individual Exchange
installations, etc.) will be marked as spam _when it 's not actually spam_,
people will find new email hosts. Somehow.

If they just want to mark traffic as spam when it is, they're already doing
that.

~~~
cm2187
I am not so sure. Senders are more concerned about their emails not appearing
as spam in gmail than the other way round. If all it takes is to update their
software, I believe they will do.

------
ars
This is too ironic for me. I've been fighting for almost a year to convince
Verizon that the emails my server sends are not spam.

I got nowhere. Their forms to be unblocked just reply "Yes you are a spammer,
Bye". Contacting a human has been futile.

And this is the same place that is ranked as the top host for spammers?

~~~
thaumasiotes
Actually, it's not really that surprising that the top host for spammers would
(a) be bad at distinguishing spammers from non-spammers; and (b) know it has a
problem and flail around aggressively trying to shut down spammers.

------
mattparlane
Would filtering based on the bogon list fix this? Is the bogon list still a
thing?

~~~
darkr
Indeed it is. Team Cymru are (afaik) one of the best sources for this
currently: [http://www.team-cymru.org/bogon-reference.html](http://www.team-
cymru.org/bogon-reference.html)

------
mattybrennan
I'm no fan of spam, but this seems to tie in to net neutrality. I'm not sure I
want verizon deciding who is good or bad on the internet.

~~~
profmonocle
It's not a net neutrality issue, these are bogons. A bogon is a block of IP
addresses being announced by a network that shouldn't be announcing them. For
instance, if you own the IP block 192.0.2.0/24, and then I announce a route to
192.0.2.0/24 from my network, my announcement is a bogon.

Bogons are unacceptable regardless of what they're being used for, because the
announcer is essentially hijacking those IP addresses. In this case the
addresses being hijacked aren't being used, but they still don't belong to the
group using them.

Any ISP that propagates BGP announcements from their customers should have
filters in place to prevent this from happening. Verizon isn't doing their due
diligence.

~~~
stryk
I thought a bogon was an Australian hillbilly? Hrmphf...

~~~
imron
That's a bog _a_ n.

------
jonathaneunice
Cui bono?

They make coin from the spammers, right? Might have a little something to do
with their negligent complicity.

------
mschuster91
Looks like extending BGP with certifications won't help against this type of
network hijacking.

What's most troubling is that Verizon ignores the anti-spam efforts. Did
someone fall in deep sleep while reading the mails?!

------
fiatmoney
Verizon routes millions of IP addresses for people who cheat on their taxes,
beat their wives, smoke crack on the weekends, and litter on the subway.

~~~
Buge
Well if those people lawfully own those IP addresses I don't see why Verizon
should stop.

If the people stole those IP addresses, then something should be done.

------
Dolores12
How about spamhaus.org just go to court then? It is bad idea to let verizon
decide what documents are forged.

------
jakeogh
Good. Do we really want ISP's (or anyone) deciding who and who is not a
"cybercrime gang" anyway? It's trivial to expand the current vogue definition.

~~~
Dylan16807
Uh. Replace "cybercrime gang" with " _people that do not own these IPs_ " and
reread the article.

~~~
jakeogh
In another universe, a "cybercrme gang" lost it's /16 today due to a xyz
regulatory body's decision deeming it as such.

"In addition, spamming from these stolen IP addresses is a felony under the US
CAN-SPAM Act." said another way.... "In addition, sending information in a
unauthorized fashion is a felony under the US CAN-SPAM Act."

Should we really be cheerleading more rules and tighter restrictions on comms?
Uh. Lets require biometrics to xmit!

~~~
Dylan16807
If you're against the entire concept of allocating IPs, I can't help you
there.

~~~
jakeogh
I'm against the implied idea that this is a problem we need more rules to fix.
If V's peers are really annoyed, they can take their own action.

