Spamhaus has enemies out there.

Last year, e360 Insight objected to the U.K.-based non-profit listing it as a spammer and filed an action in an Illinois court. Spamhaus did not appear and e360 won a court order by default, and then demanded that ICANN strip Spamhaus of its domain.

ICANN, of course, responded that it did not have the authority to take such action.

This week, Spamhaus is again staring down attackers, who are attempting to discredit the organization and DDoS their phone lines, according to the researchers at McAfee Avert Labs.

A few notes about the attack from McAfee:

“The spammer in this case also had to fake the sender’s address because Spamhaus’ SPF record is of the ‘-all’ variety which sensibly denotes that they *only* permit one IP address to send mail for their domain and so affecting the bot’s ability to deliver further.

Obviously Spamhaus does not use botnets to send out promotional material.”

And here’s the text being used in the attack:

From: Christy June
Date: Fri, 5 Jul 2007 20:34:52 +0100
To: “some, one”
Conversation: Which shalom myself magnetic
Subject: What shalom herself magnetic

WORKING TO PROTECT INTERNET NETWORKS WORLDWIDE
Spamhaus tracks the Internet’s Spammers, Spam Gangs and Spam Services, provides dependable realtime anti-spam protection for Internet networks, and works with Law Enforcement to identify and pursue spammers worldwide.

The SBL database is maintained by a dedicated international Spamhaus team based in 9 countries, working 24 hours a day, 7 days a week to list new confirmed spam issues and - just as importantly - to delist resolved issues.

The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.

The Exploits Block List can be used by all modern mail servers, by setting your mail server’s anti-spam DNSBL feature (sometimes called “Blacklist DNS Servers” or “RBL servers”) to query xbl.spamhaus.org. Use of the XBL is free for users with normal mail servers (but networks with high email traffic should see DataFeed).

You can get MUCH MORE if you contact us:

The Spamhaus Project Ltd. 50 Churchill Square, Suite 6, Kings Hill, West Malling ME19 4YU United Kingdom, Tel (+44) 870 766 xxx