Tuesday 10 October 2006

There May be Troubles Ahead (for Spamhaus)

But while there's moonlight, and music, and love, and romance...

I'm reading some misinformed comment about the latest Spamhaus woes. I wrote today's IT Blogwatch on the topic, but here's my attempt to summarize here...

  1. e360, which describes itself as a legitimate direct marketer [no comment], objected to being described by Spamhaus as a spammer. It sought legal redress in an Illinois state court.
  2. Spamhaus argued that it was a U.K. organization with no business dealings in Illinois, so the court had no jurisdiction. However, before Spamhaus decided on this defense strategy it asked the court for the case to be removed from state court and moved to federal district court.
  3. Because Spamhaus then decided not appear in court, the judge decided he had no choice but to enter a default judgment in favour of e360.
  4. A further, proposed order from the court would have the spamhaus.org domain de-registered. This is potentially a huge problem for Spamhaus -- access to the Spamhaus blacklists is usually via a DNS lookup -- a query to a zone such as sbl-xbl.spamhaus.org.

For its part, Spamhaus appears nonplussed, stating that:

We think it can not actually happen, due to the effect it would have both on the Internet and on millions of users. We believe a government agency would have to step in before it happened. One U.S. government agency has begun working on a response. Before an event such as this could occur, we believe ICANN would fight the order, as ICANN understands both the technical effect as well as the political one (hint: ITU and U.S. control of the Internet).

In other words, Spamhaus is pointing to the ongoing grumbles from outside the U.S. about the continued control over Internet policymaking by the U.S. government. If Spamhaus were to "go dark" it may catalyze a new, strengthened effort to wrest control of the Internet from the U.S.

This proposed action may seriously reduce the effectiveness of our spam filters. In the meantime, what can you do to guard against the problem?

If your spam filter uses either of the Spamhaus DNS blacklists, you may be able to change the zone it uses to one that isn't under U.S. control. For example, look in your filter's configuration and change sbl-xbl.spamhaus.org to sbl-xbl.spamhaus.org.uk (note that Spamhaus has not yet confirmed that this is supported).

Alternatively, as suggested by Slashdot's The Blue Meanie, you may be able to modify the way you resolve DNS queries. In UNIX-like operating systems, you might add something like this to /etc/named.conf:

zone "spamhaus.org" in {
type forward;
forwarders {;;;; };