Feeds

Savvis outed as big-time spam host

Sorry. We won't do it again

  • alert
  • submit to reddit

Reducing security risks from open source software

Savvis, the big US corporate ISP, is to remove spammers from its books following pressure from anti-spam group Spamhaus. The pledge comes after a whistleblower, who had failed to persuade Savvis' management to put its house in order, was fired.

Alif Terranson, an engineer in charge with keeping Savvis's network clean, retaliated by publishing memos which reveal Savvis's attempts to help spammers stay in operation.

He also approached Spamhaus, which had monitored how Savvis had risen to become the second worst "spam-supporting ISP", since its purchase of Cable & Wireless America in March this year.

Previously, Savvis had had a good record, according to Spamhaus, which escalated steps slowly, to encourage the ISP to clean up its act. But the issue of Savvis's spam-friendly practices was brought to a head by the publication of the memos, which showed how Savvis helped penis pill peddlers to dodge blackhole listings by switching their IP addresses and swapping names.

Subversive business methods

These "subversive business methods" were criticised by some on Savvis' management team (such as Kris Kistler, director, infosec and abuse); but objections were ignored. Savvis made up to $2m a month from 148 of the world's most prolific spammers, Terranson told BBC radio. He said the number of spammers had risen since Savvis had acquired Cable & Wireless America, showing it was actively touting for business from spammers.

According to a leaked strategy memo, Savvis would lose between $250,000 to $2m a month in revenues if it booted spammers off its system, depending on where it decided to draw the line. Savvis says its monthly revenues from spammers were around $200,000.

Following publication of the memos, Spamhaus approached Savvis to spell out the consequences if it continued to help notorious spammers such as Eddy Marin stay online. Savvis would risk having its reputation trashed and email sent by clients blacklisted if it failed to mend its ways, it warned.

Steve Linford, a director at Spamhaus, described a three-hour conversation with Savvis chief exec Rob McCormick on Friday as friendly and the outcome positive.

Savvis is to adopt Spamhaus' Register of Know Spam Operations (ROKSO) as a criterion for booting recalcitrant spammers off its network. It reckons it inherited 40 of the world's worst operators when it bought Cable & Wireless America. Spamhaus puts the figure at 56, a discrepancy which might be explained by multiple listings.

Linford welcomes Savvis's change of tack: "We're very pleased to see Savvis has turned things around and pleased to work with them. As soon as an ISP agrees to do the right thing we want to help," he told El Reg. ®

Related stories

Spamming for Dummies
Spam King dodges $20m big stick
US, UK and Australia sign anti-spam act
Junk mail host nations named and shamed

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.