Feeds

Savvis outed as big-time spam host

Sorry. We won't do it again

  • alert
  • submit to reddit

The Power of One eBook: Top reasons to choose HP BladeSystem

Savvis, the big US corporate ISP, is to remove spammers from its books following pressure from anti-spam group Spamhaus. The pledge comes after a whistleblower, who had failed to persuade Savvis' management to put its house in order, was fired.

Alif Terranson, an engineer in charge with keeping Savvis's network clean, retaliated by publishing memos which reveal Savvis's attempts to help spammers stay in operation.

He also approached Spamhaus, which had monitored how Savvis had risen to become the second worst "spam-supporting ISP", since its purchase of Cable & Wireless America in March this year.

Previously, Savvis had had a good record, according to Spamhaus, which escalated steps slowly, to encourage the ISP to clean up its act. But the issue of Savvis's spam-friendly practices was brought to a head by the publication of the memos, which showed how Savvis helped penis pill peddlers to dodge blackhole listings by switching their IP addresses and swapping names.

Subversive business methods

These "subversive business methods" were criticised by some on Savvis' management team (such as Kris Kistler, director, infosec and abuse); but objections were ignored. Savvis made up to $2m a month from 148 of the world's most prolific spammers, Terranson told BBC radio. He said the number of spammers had risen since Savvis had acquired Cable & Wireless America, showing it was actively touting for business from spammers.

According to a leaked strategy memo, Savvis would lose between $250,000 to $2m a month in revenues if it booted spammers off its system, depending on where it decided to draw the line. Savvis says its monthly revenues from spammers were around $200,000.

Following publication of the memos, Spamhaus approached Savvis to spell out the consequences if it continued to help notorious spammers such as Eddy Marin stay online. Savvis would risk having its reputation trashed and email sent by clients blacklisted if it failed to mend its ways, it warned.

Steve Linford, a director at Spamhaus, described a three-hour conversation with Savvis chief exec Rob McCormick on Friday as friendly and the outcome positive.

Savvis is to adopt Spamhaus' Register of Know Spam Operations (ROKSO) as a criterion for booting recalcitrant spammers off its network. It reckons it inherited 40 of the world's worst operators when it bought Cable & Wireless America. Spamhaus puts the figure at 56, a discrepancy which might be explained by multiple listings.

Linford welcomes Savvis's change of tack: "We're very pleased to see Savvis has turned things around and pleased to work with them. As soon as an ISP agrees to do the right thing we want to help," he told El Reg. ®

Related stories

Spamming for Dummies
Spam King dodges $20m big stick
US, UK and Australia sign anti-spam act
Junk mail host nations named and shamed

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.