Statement Ref: S013
Blocked? To check, get info and resolve listings go to
|Spammers love to make up stories about Spamhaus. Ever since we began tracking spammers in the late '90s spammers have attempted to circulate disinformation about us by posting fabricated 'astounding revelations' and 'shocking truths about Spamhaus' to public forums, websites, Twitter and Usenet.
Spammers masquerading as "freedom activists" to try to get public sympathy often put up anti-spamhaus disinformation websites which attempt to spin even wilder variations of these myths. Usually these sites copy previous fabrications by other spammers and embellish them further. In some versions we are not only heinous criminals but we work for the CIA too, we are part of a global conspiracy to limit Internet Freedom (their freedom to spam and scam internet users they mean), we are hackers, blackmailers, criminals, wanted fugitives, tax-evaders, money-launderers and of course, terrorists. The reader, if one has got that far, is always left thinking "why do no news agencies ever report on this amazingly criminal terrorist organization?".
In this section we address some of the more common myths spammers love to circulate about Spamhaus.
Myth: "Spamhaus are Criminals and Terrorists"
Spammers have for years claimed that Spamhaus is a criminal organization, with claims ranging wildly from the CEO of Spamhaus being a "wanted criminal on the run" to our staff being "convicted criminals" to our organization being linked with Al-Queda or other such nonsense.
Were any Spamhaus staff, from our CEO and senior management to our cyber threat researchers, to have any type of criminal record whatsoever, let alone be "wanted" by any Government, Spamhaus would not be listed as a member of International Law Enforcement work groups, including:
Nor would Spamhaus receive awards from Law Enforcement such as from:
FBI NCFTA: http://www.spamhaus.org/organization/ncftaaward/.
Likewise, were we to have any connection whatsoever to cybercrime or terrorism the FBI would not publicly declare a partnership with Spamhaus such as at:
These spammer rants seem to be in many cases a mirrored "projection" of the spammer's own character and actions. Often, quite criminal.
Myth: "Spamhaus commits Blackmail and Extortion"
Spamhaus's SBL Blocklist lists not only IPs directly sending spam, but importantly also CIDR ranges assigned to spammers and spam operations. Spammers naturally do not like this, and neither do some small hosts whose business models (such as "cheap instant signup with 100 IPs" and lack of proactive abuse controls) attract snowshoe spammers.
Spamhaus SBL Policy additionally allows the SBL to escalate a listing further in cases of serious chronic spammer infection or persistent cybercrime hosting. No different to a Restaurant denying access to a patron not respecting the dress code, this policy effectively states that Spamhaus will not recommend to SBL Users the acceptance of electronic communications from such listed IPs or CIDR ranges while the host continues to allow a spam operation to operate from them. This policy makes it difficult for hosts who would otherwise carry on hosting serious spam operations to continue doing so if they also want to communicate with SBL Users.
Because the net effect of this policy applies pressure on them to cease abuse, spammers and some spam hosts call this policy "Blackmail" or "Extortion" in an attempt to misrepresent SBL Policy as being "illegal".
(Both blackmail and extortion are criminal offences. Spamhaus strongly recommends that all criminal acts always be reported to the Police.)
Myth: "Spamhaus is a censorship organization"
Spammers claim that by blocklisting their spam services and websites selling spamware Spamhaus 'censors' their adverts/scams/pitches. Spammers further claim that Spamhaus ROKSO policy, which lists on the Spamhaus SBL any IP addresses and domains belonging to known ROKSO spammers, means we additionally censor 'non-spamming content' belonging to the spammer. In reality Spamhaus has no interest whatsoever in the content of web sites (unless the content is selling spam services or distributing spamware/malware), we only list such IP addresses because they are under the control of known spammers and any IP under the control of a known spammer is a threat to Spamhaus users.
Myth: "Spamhaus blocklisted Wikileaks"
Never happened. This myth was circulated by a Russian malware hosting gang known as "Heihachi" in 2010 and further propagated by a blocklisted Dutch spam and malware host known as 'Cyberbunker/CB3ROB' who attempted to trick members of the hacktivist group Anonymous into attacking Spamhaus on his behalf. Quite the contrary, in December 2010 Spamhaus had contacted Wikileaks to warn them that a Russian malware gang was trying to trick Wikileaks readers into visiting a fake 'Wikileaks' mirror in Russia on which the gang was hosting trojan malware poised to infect anyone who visited. In fact the same russian IP that was hosting wikileaks.info was also hosting the rest of the crime gang's sites:
The Spamhaus malware warning report concerning this is here.
- wikileaks.info = 22.214.171.124
- carder-elite.biz = 126.96.36.199
- carding-world.com = 188.8.131.52
- dark-elite.biz = 184.108.40.206
- darkcoder.net = 220.127.116.11
- elite-crew.net = 18.104.22.168
- h4ck3rz.biz = 22.214.171.124
- injection-crew.biz = 126.96.36.199
- paypal-24.com = 188.8.131.52
- paypal-securitycenter.com = 184.108.40.206
- postbank-kontodirekt.com = 220.127.116.11
- team-crime.com = 18.104.22.168
Myth: "The Russian Government has declared that Spamhaus is an illegal organization"
Never happened. Russian spammers love to spread this myth, especially in responses to Russian ISPs who disconnect them. Occasionally a naive Russian ISP believes the myth and quotes it back to us confirming that stupidity is not limited to spammers.
Myth: "Spamhaus take bribes to remove blocklistings"
The Spamhaus Project is a self-financed organization that has no external income whatsoever. There is no way for anyone to make payments to the Spamhaus Project, there is no "Donations" button on our site or bank account anyone can send anything to. We occasionally hear of spammers bragging to other spammers to have paid Spamhaus for removal of their records, but no spammer has ever been able to show any evidence of doing so. The notion that Spamhaus can be bribed to remove records is a myth propagated in the bars of bulk mailing events after a few too many Red Bulls and vodka. The obvious response of the intelligent listener should be "Do you have evidence? Send proof of it to the press!".
(Note: Any demand by anyone for payment to remove any listings from any Spamhaus database is always a fraud or scam)
Myth: "Spamhaus blocks whole ISPs because of one spam"
There has never been a case in the history of Spamhaus where an ISP has been blocklisted because of one spam, nor even a small amount of spam. To reach the point of listing an entire ISP on the Spamhaus Block List requires a very serious volume of unchecked spamming or chronic spammer or cybercriminal hosting infestation. The listing of a whole ISP's netblocks can only occur where an ISP has gone 'rogue' and is overrun with spammers, has intentionally ignored all reports and listing warnings from Spamhaus and is intentionally providing a "Spam Support Service" for profit. It is extremely rare for any legitimate ISP to reach that point and usually only occurs with very small Eastern European and Asian ISPs in financial difficulty. Most cases where Spamhaus blocklists "whole ISPs" is where the 'ISP' involved is actually the spam gang simply pretending to be an 'ISP' and has no customers except for spammers.
Myth: "Spamhaus claims to be a non-profit to evade taxes"
The Spamhaus Project is a non-profit corporation. Non-profit very simply means the company is structured not to make money for shareholders but to fulfil a mission. In Europe, any and all income earned by a non-profit company must be accounted for in annual accounts and standard corporation tax on profits applies. In Europe a non-profit status can not in any way be used to evade taxes.
Myth: "Spamhaus claims to be a non-profit but they make lots of profit"
This myth speculates that there must be undeclared income flowing into The Spamhaus Project, a non-profit company, deriving from services sold by a commercial company of which the Spamhaus Project's founder is a major shareholder. The myth's logic of why a for-profit commercial company would want to pass its profits not to its shareholders but to a non-profit company which is neither a parent nor subsidiary, and which thus becomes new taxable income for the non-profit, escapes us.
The unexciting reality is that The Spamhaus Project has no such profits flow, no income, no sales, no customers, and no desire to be involved in commerce. Our focus is entirely on fighting spam. Over a decade ago The Spamhaus Project chose to leave all commercial endeavours (such as commercial Datafeed Services) to 3rd party Strategic Partners such as SpamTEQ, to enable The Spamhaus Project to concentrate solely on fighting spam. Details of The Spamhaus Project's Strategic Partnerships are published here.
Myth: "Spamhaus gets information by hacking servers"
Spamhaus does not even test for open-email-relays, let alone any other form of computer trespass. We do not do 'penetration testing', test for server vulnerabilities, or do any other sort of "hacking." Our systems watch for overt, publicly accessible indications of spam and spam support, all things which can be publicly verified.
Myth: "Spamhaus wants to stop spamming so that they can control the 'spam industry' for themselves"
That we are secretly spammers just out to eliminate our competition is one of the oldest myths, and almost too silly to dispel. Spammers often are just not wired in a way where they can understand that life is not all about greed and making money by annoying others. They do not realize that there are people on the internet who work to keep it usable for the world. Spamhaus works to stop spam so that email can remain the powerful communication medium it has become.
Myth: "Spamhaus was created by a 'Lumber Cartel' who wish to stop junk email so they can keep profiting selling paper to the junk mail industry"
Another very old myth. Actually proffered by a (now deceased) spammer in a posted online manifesto. This was turned into an online joke/meme by many who campaign against spam who then claimed to work for this non-existent Lumber Cartel.
Popular Spammer Myths About Spamhaus
Case Dismissed: Ames & McGee v The Spamhaus Project
EMarketersAmerica v The Spamhaus Project
Case Answer: e360Insight vs. The Spamhaus Project
Spamhaus IPv6 Blocklists Strategy Statement
Fake DNSBL uncovered: nszones.com
Report on the criminal 'Rock Phish' domains registered at Nic.at
TRO Answer: e360Insight vs. The Spamhaus Project
DDoS and Virus Attacks on Spamhaus
Spamhaus Position on CAN-SPAM Act of 2003