Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

Comcast's defense

Comcast's defense

  • Comments 1

I just posted on e360 losing its case against Comcast, so I thought I would look a bit into Comcast's defense, available at this link here.

e360 had a long list of allegations against Comcast.  Many of them were answered by Comcast saying "Comcast is without knowledge or information sufficient to form a belief as to the remaining allegations of this paragraph 20, and therefore denies these allegations."  Let's look at the ones Comcast specifically denied:


24. Comcast has transmitted fraudulent bounce information to e360’s mail servers specific to email addresses contained on e360’s opt-in marketing list. The responses sent by Comcast mail servers to e360 are fraudulent because they contain information indicating that the email address is invalid and not active. <snip>

ANSWER: Comcast denies the allegations of paragraph 24.


The complaint basically alleges this: Comcast is sending NDR notifications back to e360 indicating that the user does not exist.  However, the user really does exist and the only reason that they are bouncing them back is because they don't want e360 to transmit any more mail to Comcast users.  Thus, they are fraudulently representing the status of the accounts that e360 is trying to send to, and therefore infringing on e360's ability to do business.

This is certainly an interesting angle.  It's also a lot of work in real life.  The fact is that default behavior of mail servers is to attempt to deliver the mail and if the mailbox doesn't exist, bounce it back to the originating sender saying "Mailbox doesn't exist."  In other words, it is doubtful that Comcast is singling out e360, it is simply their mail servers working by design.

At least they bounce back these notifications.  They could do a catch-all and simply accept without acknowledgement all mail and then subsequently delete them.


40. Comcast intentionally and knowingly engaged in denial of service attacks upon e360’s system by slowing process times of its emails by hours. Such delay slowed and all but stopped e360’s systems from being able to function.

ANSWER: Comcast denies the allegations of paragraph 40.


Near as I can tell, e360 is allegedly that Comcast is bouncing back email notifications and slowing e360's servers down, and thus is engaging in a denial-of-service attack on them.  This is wrong, e360 is the one sending email to Comcast to non-existent email addresses and Comcast is responding back with NDR notifications (ie, bounce notifications that the mailbox does not exist). 

While it may be true that the volume of mail is slowing down e360's servers, e360 is the one who is originating the mail, not Comcast.  In other words, even if this were an actual DOS attack (which it isn't), e360 is doing it to itself.


51. Comcast’s arbitrary and capricious use of its network to systematically deny e360 the ability to send commercial emails to its customers and consumers who have asked to or agreed to receive such emails is a violation of e360’s First Amendment rights.

ANSWER: Comcast denies the allegations of paragraph 51.


e360 is alleging that Comcast's filtering of their emails denies e360's First Amendment rights.  This is ridiculous, Comcast is a private institution and the First Amendment specifically prohibits the government from infringing on the rights of citizens to freedom of speech and freedom of expression.  Comcast is a private entity, they are allowed to filter their mail as they see fit.

Leave a Comment
  • Please add 1 and 4 and type the answer here:
  • Post