With respect to Barracuda Networks and Spamhaus.
I expect, but I do not know, that Spamhaus probes on port 25
in order to identify Barracuda Spam and Virus Firewalls and then block
their access to their RBL. Many Barracuda customers have been
cut off without warning causing them trouble and pain.
Barracuda attempted to find a deal that would work for licensing
Spamhaus for our products, however, spamhaus's desire for money
could not be met without significantly increasing the price to
each of our customers. They wanted us to charge the
spamhaus feed price to each of our customers.
We tried to find an arrangement for a long time. I personally
love the work that spamhaus has done. I was disappointed that we could
not find an arrangement once they changed into a commercial entity and
started charging customers. When they were providing a free
service we promoted them strongly, but when they started charging
the customers that really used it, we had to part ways.
It is a pity.
We recommend customers use only Barracuda's Free RBL: "BRBL"
and this is now built into the Barracuda Spam and Virus Firewall.
http://www.barracudacentral.org/rbl
The BRBL is provided at no charge to anyone who wants to use it (even
non barracuda customers).
The BRBL has a full time staff that answers phone and email
to correct any false positives and handle removal requests -- unlike competing
services that charge money and who do not provide a staff. We will consider
providing data feeds if anyone has interest. We currently provide
the BRBL as a free service. We make no claims about it being better
or worse than any other RBL. It does use a massive amount of data in
order to determine which IP's should be on the list. Others have made claims
about its accuracy and say great things about it. Others complain that
we unjustly block them, however, 99.9% of the people who are blocked and who contact
us find a BOT in their network.
Sincerely,
Dean Drako
CEO Barracuda Networks
Dean Drako <drako@barracuda.com> writes:
^^^^^^^^^^^^^
When they were providing a free service we promoted them strongly,
Translation: We made money using it and it didn't cost us anything.
but when they started charging the customers that really used it,
we had to part ways.
Translation: Our customers complained about being asked to pay for
something that we should have paid for, but it's cheaper to let our
customers hang in the wind than to pay up.
Sorry, I could let this pass without comment.
Is it your position that, as a vendor of antispam services, nobody
else should offer their services for a fee?
That would be strange indeed.
Actually I can sympathize with Barracuda on this one:
Bob's Widgets is running thier own mail server for their 25 employees. They decide the need better spam filters.
They can hire Bob's nephew to drop in a Linux server running Postfix and SpamAssassan. In this situation it's OK for Little Bobby to configure the Spamhaus RBLs for use on this solution.
They could also hire Barracuda to do essentially the same thing (assumption based on source code published at http://source.barracuda.com/source/ ). In this case Bob's Widgets is not allowed to use Spamhaus.
Their list, their rules; but it is indeed strange to me.
Is it your position that, as a vendor of antispam services, nobody
else should offer their services for a fee?
That would be strange indeed
Actually I can sympathize with Barracuda on this one:
Bob's Widgets is running thier own mail server for their 25 employees.
They decide the need better spam filters.
They can hire Bob's nephew to drop in a Linux server running Postfix and
SpamAssassan. In this situation it's OK for Little Bobby to configure
the Spamhaus RBLs for use on this solution.
They could also hire Barracuda to do essentially the same thing
(assumption based on source code published at
http://source.barracuda.com/source/ ). In this case Bob's Widgets is
not allowed to use Spamhaus.
The issue is not whether Bob's can use the list to turn a profit, but
whether Barracuda can.
Not too strange: Little Bobby probably does one or two jobs and goes
away, leaving the system to run by itself. the SpamAssassin people
receive nothing from his choice of software.
If Bob decides he wants to buy a commercial appliance from a
profit-making company (presumption being made here) who are in turn
making significant use of a "free" resource such as the SpamHaus lists
in their appliance's configuration, and those appliances become very
popular (as I understand they might be), then the infrastructure costs
associated with the appliance are shifted away from both the vendor and
the end-user onto the provider.
If said provider gets a bit shirty about this and decides that they're
going to analyse and block traffic from those appliances if they haven't
paid for a service...
If you stand back and look at this dispassionately then I would expect a
large majority of this list would probably act in a similar way (or
their companies or employers would) given a similar situation with their
services.
TANSTAAFL. Really. Someone has to pay for the meal; why should it be the
chef?
Graeme
Bob is in the widget business, he profits from selling widgets. He
doesn't profit from the spam-filtering business. Spamhaus is, out of
sheer niceness to the community, willing to accommodate one-off widget
makers with some freebies. Thank you. Spamhaus. We appreciate it.
Barracuda is in the spam-filtering business, they profit directly from
it. Spamhaus isn't willing to allow a for-profit entity to deploy their
filters on thousands of machines at substantial cost to Spamhaus in
terms of bandwidth and server load without being compensated for it.
This seems reasonable to me.
If Bob's Widgets' nephew syncs Bob's machine to the University of
Wisconsin's NTP server, it isn't a big deal. When Netgear hard-codes
UoW's NTP server's IP into a gazillion consumer boxes, it is. That's
the difference.
http://pages.cs.wisc.edu/~plonka/netgear-sntp/