Welcome to WebmasterWorld Guest from 126.96.36.199
Even a large zombie network doesn't need more than one machine (and maybe a few more for redundancy, preferrably hosted on a completely different NOC or ISP) for instructions and it can be hosted anywhere, the US being the least attractive choice.
The only way the spammers can stay in business is by distributing and disguising the source of their spam.
I'm persuaded that ISP's could do more. Fact is, the majority of home users never NEVER access an e-mail server. So, suppose an ISP required users to manually call in and verbally list the e-mail servers they were going to access. 99% of users wouldn't ever do this. The other 1% would call once, and set up their (one or maybe several) whitelisted servers.
And all the botnets could send out their commands, and the compromized Windows systems would try to send out e-mail....and be blocked at the ISP.
Socially speaking, this would do much more good than trying to block peer-to-peer networks. And it would have less potential for harm.
Softlayer has their act together.
If you have evidence that spam is originating from Softlayer, just tell them. I do not think they will let it go on for long.
BTW, I've had more spam today than I've had in ages. And more of it has gotten past my spam filters.
Though Softlayer's exploit sites/hosted sites ratio is only one-quarter that of McColo, they are far ahead in terms of raw numbers of bad sites; McColo had only 62 (The report states that these numbers are from October, 2008).
In short, while this article about McColo focused on spam, Softlayer apparently has a lot of cleaning up to do regarding malware sites.
I once accidentally created an open mail relay on my server. I took the authentication off it to test something and forgot to put it back. Someone noticed.
Didn't realise until my ISP sent an actual letter to me, not just an email, saying they'd had complaints.
Anyway, looking briefly at the logs, I reckon it had sent out about 3 million emails in a week.
That was just one computer, and the bandwidth wasn't even enough for us to notice a slowdown, either on the server or the connection.
Stewart said he has complained to McColo several times about botnets operating out of the company's servers, and each time, he said, the company claimed it was addressing the problem. But according to Stewart, they did so by just moving the offending Web sites to a different section of their network. <<< Washingtonpost.com
Now, I think we need to get after The Planet and all of those pesky content scrapers & sql injection scripts.
Is there any evidence that its sill happening there, the reason I ask is that I'm sure were not the only company there with servers running legitimate sites not involved in these types of activities at softlayer, also your post insinuated that shutting down softlayer would take care of the rest. From what I've read today these people operate out of many of the larger web hosting companies.
Spam has become a part of our daily life and we don't even discuss how dearly it costs us and how it can be prevented. I assumed as others that it was totally out of control and supported by unfriendly countries. But this event shows us that it can be controlled, at least contained, and old initiative must be given a serious and more comprehensive consideration.
I've always been told by industry experts the bulk of spam was from "zombie" computers in the US / UK / other local "target regions" where these unwilling average home pcs became little mail servers to pump out spam with fresh ips.
I've seen a drop in the number of emails processed by my server too.
The Postini quarantine reports still show numbers down (but starting to pick up)
At home I am seeing a lot more spam in my inbox. The personal account auto deletes filtered spam so I can't check absolute numbers.
Looks to me like there is less spam around but it is better disguised.