Yahoo Store Hits Spamhaus Block List
"Suddenly, e-mail that I send to my customers on Pacbell.net to confirm orders is bouncing back as undeliverable," said Kevin Lohn, owner of UncommonRose.com, a Yahoo Store retailer. "It was refused by the recipient because it was considered spam by a service known as Spamhaus.org."
Like the well-known Mail Abuse Prevention System LLC, The Spamhaus Project (Spamhaus.org) publishes a list of what it deems sources of spam that system administrators can use to block incoming unwanted e-mail. The Spam Prevention Early Warning System (SPEWS) is another of these services.
These services are reportedly quicker on the listing trigger than MAPS and make it tougher to get removed from their lists. Also, both are outside the United States, making legal action against them difficult.
However, it is unclear how effective Spamhaus and SPEWS are.
The Yahoo Store e-mail blocking started in December, when Spamhaus determined that "two or three spammers" had set up stealth spamware sites on Yahoo Store.
"The sale of stealth spamware is illegal in eight U.S. states, as well as being against the AUPs [Acceptable Use Policy] of most ISPs. So we blocked the Yahoo Store mail servers until Yahoo management woke up (which didn't take long)," said Steve Linford, director of The Spamhaus Project.
Linford said the block on two mail servers for Yahoo Store originally had ended after about a week in December because the sites in question had been shut down. However, he later found that e-mails on one server were still blocked in January because "neither Yahoo nor the site owner had informed us they'd taken care of the problem (removed the spamware from the site)." That block was removed Jan. 16.
"Yahoo is particularly bad for spam," Linford said. "Its management simply doesn't care, so Yahoo has become the all-time favorite domain for spammers." For example, Yahoo had nearly 14,000 complaints about spamming, compared with Hotmail's 2,138 complaints for the week of Jan. 14, according to SpamCop.net.
An anonymous Yahoo Store retailer said he contacted Yahoo Store administration about the problem but was told to work the problem out with the Internet service provider, Pacbell.
Yahoo issued a statement saying that it takes spam cases seriously and that "we encourage anyone to report a user they believe may be violating our Terms of Service ... and we will take appropriate action after reviewing the complaint, generally within 24 hours." Yahoo declined to comment specifically on the Spamhaus incident.
For Yahoo Web sites that were not selling the "illegal spamware" yet were affected, Linford said it likely occurred because "Yahoo Store ... is probably using what's called 'Virtual Server' hosting ... only one Web server with many domains sharing."
Lohn handled the problem by sending e-mails to customers via a different server.
"As soon as I figured out what was going on, I switched over to a backup e-mail server," Lohn said. "I was able to move [e-mails] to that server in a couple of hours."