On Sat, 7 Apr 2012, Rich Kulawiec wrote:
I recently had a similar run-in with another ISP unrelated to Yahoo. It
involved a phishing site on one of their customers. Countless emails to
their abuse@ email went unanswered. Then one day I bumped into their VP
who was trying to sell me something. I asked him about why they apppear
so high on Ironport Senderbase with a huge spam pool as well as phishing
sites that are not taken down.
His answer, which might mirror Yahoo's (or not), was that at a corporate
level they decided to only handle issues like this via a court order.
They did not think it appropriate to interfere with their customers data
in any sort of way unless a court order told them to make it stop.
Clearly, this is idiotic reasoning and only when others start blocking
their IP ranges and DNS servers will they ever wake up. But when the ISP
is big enough, they think no one will block them and if they do it will
just be small cases and nothing massive that would make them into a 2nd
league ISP. This therefore becomes a cost savings area since you no
longer need any abuse staff to handle your customers. You just ignore it
all.
-Hank
Yahoo's "personnel" have long since demonstrated that (a) they couldn't
possibly care less about the spam, phishing, and other forms of abuse
that they're emanating, supporting or hosting on a systemic and chronic
basis (b) they are incapable of recognizing their own users, hosts,
and networks even when same are explicitly pointed out to them (c) under
no circumstances will they take any prompt or effective action -- they
will, however, repeatedly lie about it and/or pass on complainers' personal
information to the abusers so that they can retaliate.
---rsk
