E-mail meltdown claims take heat

Although ISPs say they have had problems with a zombie mailing trick, antispam sellers say the warnings are overblown.

Feb. 4, 2005 10:23 a.m. PT

2 min read

Security vendors have accused antispam experts at SpamHaus of hyping a trick that allows spammers to take advantage of ISP mail servers.

Earlier this week, Steve Linford, director of the SpamHaus Project, warned that e-mail infrastructures were on the verge of collapse because of a new worm. He said the worm is forcing zombie computers to relay spam via mail servers belonging to Internet service providers. This, Linford said, is a huge problem, because including ISP domain names in spam blacklists would cause a huge proportion of legitimate mail to be blocked.

But some antispam providers, which claim to be able to solve the problem with their products, have attacked Linford over his comments.

"You report the words of Mr. Linford from SpamHaus about the e-mail infrastructure being menaced and about to collapse," said Francois Bourdeau, director of marketing for Vircom. "I find this to be not very accurate. Although the zombie drone problem is very serious, there are solutions out there for ISPs that will minimize the effects of zombie PCs sending out tons of spam."

In addition, antispam company Postini released a statement criticizing Linford's comments. "Postini believes that SpamHaus is badly overreacting to the recent news that some spam zombies now relay spam through ISP e-mail gateways rather then sending the spam directly to receiving mail servers. The notion that this makes spam undetectable is completely unfounded."

U.K.-based SpamHaus is a nonprofit organization that tracks spam gangs on the Internet. It works closely with police forces and is involved in various governmental antispam projects around the world. Linford said on Friday that many ISPs had contacted him about the problem asking for advice, and reiterated his concerns.

"This has already done damage," Linford said. "Large e-mail companies can't tell you they are under pressure. They can't say anything to the press, because people would question the resources to handle e-mail. We don't see this as hype."

"There are certainly ways to prevent this," he added. "We're just saying to do it quickly. The ISPs have said this is something they know about. Most vendors would say, 'Yes, yes, if you use our products, you can get rid of the problem.' But it's not effective just to buy products."

Linford noted that several months ago, America Online was the first ISP to report an increase in spam caused by this trick.

Some of the largest U.S. Internet providers have acknowledged that the issue is a problem, although they insist that e-mail was not at the point of meltdown. Many ISPs have blocked open relay ports, such as port 25, to shut out spammers from disseminating messages from home-operated servers. The block has helped some broadband ISPs limit the output of zombie spam, and some have noticed the new form of malware taking shape.

Dan Ilett of ZDNet UK reported from London. CNET News.com's Jim Hu contributed to this report.