"Some people online claim that we are not accountable and can just 'censor' anything we want," said Vincent Hanna, a spokesperson for the Spamhaus Project, Wednesday via email. "This is obviously not the case. Not only do we have to operate within the boundaries of the law, we are also accountable to our users."
"If we started advising our users not to accept mail from certain places where they actually do want email from, they would be very quick to stop using our data because it's obviously not working right for them," he said. "We take pride in the quality of our data and the fact that the biggest ISPs and networks all over the world use our data is a big vouch to the quality of our data."
This was the biggest attack ever directed at Spamhaus, Hanna said. However, the organization is constantly under attack and tries to ensure that its users will continue to have access to its data, he said.
The core Internet infrastructure may certainly get overwhelmed by the amount of traffic involved in a large-scale attack, Hanna said. "When this happens other traffic may get impacted too. Compare it to a big highway: If the traffic jam gets big enough the on-ramps will slow down and fill up, and the roads to the on-ramps will fill up too."
The Dutch Public Prosecution Service has launched a criminal investigation into the DDoS attacks targeting Spamhaus after being notified by the Team High Tech Crime (THTC) of the Dutch Police, said spokesman Paul van der Zanden. There is enough cause for an investigation, he said.
(With reporting by Loek Essers in Amsterdam.)