My mailbox continues to be flooded with bounce messages from an email worm originating at JTLnet and spoofing me as the sender. I just have to say, JTLnet just keeps moving up toward the top of my “broken companies” list. Getting them to perform even the simplest tasks was like pulling teeth even when I was a paying customer. Now it’s almost impossible, though I’m hoping that the threat of being listed as an open email relay (which will cut them and their users off from the rest of the email world) will spur them to action.

Update 10:54: apparently my open-relay threat did indeed get their attention. I got email from one Thomas Paschal asking for more headers, and then a phone call from a tech named Adam (last name unknown). Apparently my previous report was sufficient to identify an infected machine, allegedly a customer’s, and the new headers are needed to identify the source of a second separate infection. I just have a few problems with this explanation:

  • The infected machine obviously has an address book full of JTLnet customer contacts. Would this be the case for a customer’s machine? Would such a customer have my address? I believe that the infection is inside JTLnet.
  • The odds of my being picked twice as the “bogus sender” are incredibly low, which casts serious doubt on the “two separate infections” theory. I believe that the first machine was never disinfected.
  • All else aside, if the problem was resolved a reply should have been sent informing me of the resolution. In the absence of such a reply I had no reason to believe any action had been taken, and was justified in “escalating” the matter.

There’s another interesting aspect of my conversation with Adam. Right after he’d made vague threats of legal action if I sought to have them listed as an open relay (which I admit was a stretch, but the threat seems to’ve had the desired effect) he made several comments about “wanting to keep things on a professional level”. Let me make one thing perfectly clear: JTLnet is in no position to impugn anyone else’s professionalism. Network service providers who spread worms from their own internal systems have forfeited that right. Network service providers who fail to respond to incident reports have forfeited that right. Anyone who makes vague threats about legal action against people who complain about such things has forfeited that right. The lack of professionalism is theirs, and the only legal action that might succeed would have them as the defendant. The appropriate response for them would be to buckle down and fix the problem and keep their opinions or feelings to themselves. I’ve taken enough $#@! from them already, in the form of having to wade through all this bogus email and possible damage to my reputation (as people misidentify me as the source of the worm email), and I’m not inclined to take even one little bit more.