When a provider hosts a phishing site for _weeks on end_ and does _nothing_ despite being notified repeatedly, sometimes a blacklist is
the
only cluebat strong enough to get through the provider's thick skull.
If they are notified that they are an accessory to a crime and do not take any action, then doesn't this make the provider liable to criminal charges? Did you really inform the provider's legal department of this fact or did you just send an email to some dumb droids in the abuse department? Quite frankly, I don't consider messages to the complaints/abuse department to be "notice". How long does it take to find a head office fax number and draft up a legalistic looking "notice" document addressed to their legal department? Some people in this industry seem to want to manage it as a secret club for insiders and solve all problems of the industry in one cliquish venue. I just don't think that is an appropriate way to operate on the scale of today's Internet. --Michael Dillon