Slashdot Mirror

A. Free speech for all, no matter how offensive!

B. Your mail server offends us! Fuck your "frea speach", spammer!

A. Free speech for all, no matter how offensive!

B. Your mail server offends us! Fuck your "frea speach", spammer!

I don't think this sounds too different from a normal restraining order.

The difference is the place. In real life restraining orders are necessary because there is nothing you can do to prevent being accosted.

On the net, this is what kill files are for.

If the individual resorts to mailbombs or proves able to evade a well constructed kill file (they rarely are) you apply pressure to their provider:

1. Complain to their provider.
2. If that doesn't work, complain to the next provider upstream.
3. Even if that doesn't work, a solution such as those used against spammers and their unresponsive providers (RBL, negative press campaigns, etc.) is less prone to abuse than the law.

If the law was used as a last resort, it would be directed against the provider, not (directly) against the user.

Can anyone think of additional methods that might be used before the law? (In addition to switching to a more modern forum with karma and moderation (like Slashdot)).

sklein

Of course, in reality, not much spam gets sent from hotmail's actual mailservers. (I have quite a bit of data on spam complaints here at WebTV. I'm not making this up.) What does happen is that people use random open relays, and use hotmail (or yahoo or aol or any other free email) for the From or Reply-To headers. It may look like it's coming from hotmail, but they didn't have anything to do with it, and couldn't have prevented it. That's part of the nature of being a free email provider - spammers will put your name on things, and there's nothing you can do to stop it. All that a site can responsibly do to prevent creating spam is to make sure they're not an open relay. (see this link for information on closing an open relay.) You could also get creative and put some throttling limits on outgoing email - particularly on dialup ports. Most spam comes from either dialups where people set up mailservers and blast out spam, then disconnect into the night, or from open relays. Very little spam comes from actual ISP mailservers.

They make it a crime to send unsolicited commercial e-mail to a recipient whose ISP has a posted policy forbidding it. Tying in the source ISP might be part of the issue, but this is hard to pass the courts (free speech, prior restraint, all that sorta stuff tends to get in the way). At most forcing the source ISP to submit usage/registration records under force of court order is probably sufficient. Of course for obliging ISPs "conspiracy to commit a felony" (if the crime is a felony) is likely sufficient to keep ISPs from "knowingly" harboring spammers.

As far as tracing spam, yes, Virginia, much of the unsolicited email out there is essentially forged. However, most forgeries are poor, and few forgeries are truly hard to trace. In addition, open SMTP relays are becoming harder and harder to find. In addition to any legislation that exists, resources like the RealTime BlackHole List make it harder and harder for the spammer to even send or relay spam.

Of course this discussion is completely independent of whether I believe illegalizing spam is a good idea. I personally think the government shouldn't have its nose in the issue, and it reeks of censorship. Given a little more time users will be more savvy, tools like the BlackHole List will be more prevalent, and spam-ridden ISPs (like AOL) will be forced to filter more actively or lose a noticeable number of customers to places (like Mindspring/Earthlink) which do more filtering. I have had a Perl source and content-based spam filter in place for over two years now and have filtered over 700 spam mails automatically (about 10 false-positives...). Between that and the judicious use of spam-drops (like the hotmail address listed above) my life is generally spam-free.

It's to prevent spam. Ah, that wonderful catch-22. You can complain about spam but the only way to *deal* with it is to prevent everyone from running their own smtp server.

And now, even if the ISP doesn't block the smtp port, it really doesn't matter because large e-mail services, bigfoot.com, juno.com, and others are using MAPS the Mail Abuse Prevention System. So mail is blocked from dynamic IP's anyways :-(

Freedom with spam, or no spam with no freedom? I think I'll take the spam.

I think "unrestricted" refers to web filters and newsgroups. Not ports.

> On the other hand, if you want to get lots of spam, just post regularly
> to a Usenet newsgroup without munging your identity. :-P It always amuses
> me when I get "Dear fellow X" (X being something that has zero commonality with
> the relevant newsgroup) emails on accounts that I create for RPG characters.
> That'll teach me to post to News with a valid return address.

I actually post to Usenet with a valid address, because I don't believe in munging; I think it defeats the purpose of the Internet. I mean, isn't this medium for *communication*? I'm not going to make it at all harder for people to communicate with me. I don't condemn others for munging, because not everyone has the same ideals, but I won't do it myself.

But yet, I don't get much spam at all; maybe once a month, tops. My server is using the RBL, and I've been having good luck with it.

If these jokers are "spam-friendly", then they're surely on the MAPS RBL already; convince your ISP to join the RBL (words to the effect of "I'm really pissed off at this spam, and if you don't do something to stop it, I'll be forced to switch providers; the MAPS RBL is the best way to protect your customers from being harrassed like this.")

It's important to be as polite as possible.. try to present it as a solution that would help their customer base, as opposed to hurt it (most ISP's cringe at the though that one of their customers might not be able to send/receive email to a particular domain; for whatever reason.)

Kavalier yammered:

eah I guess you're right.. I'm not considering spamming, I'm just trying to view this from all directions.. however, if I have a good standing relationship with my provider and he with his provider, and me with his provider, which has a direct connection to a major backbone, nobody could stop me right? like say my best friend works for splitrock.. nobody would risk cutting off a whole backbone for a simple spammer so it wouldnt be pushed too far if my ISP ignores the requests. I'm just saying this because I've noticed alot of spammers that I've been spammed with have their own mail server and had a direct connection to a major backbone provider and its possible they had inside connections that would prevent them from getting disconnected. right?

Not only could many ISPs blackhole an entire backbone to "get rid of a single spammer", entire backbones have historically been blackholed to get rid of spammers.

Some examples I can think of off the top of my head:

AGIS, a backbone which was given the "Internet Death Penalty" (had all Usenet posts shunned or cancelled, and many sites shunned all email and blocked all other connections, including web and FTP, to sites that got feeds through AGIS) due to their hosting of several major spam sites associated with the IEMMC (a now-defunct spammers' trade group) including sites associated with Nancynet and Sanford Wallace's spams. AGIS refused to remove IEMMC sites, even when confronted with info that IEMMC "remove" lists were actually being used to add folks to spam lists. It literally took a large portion of the sites on the Internet refusing to exchange ANY packets that went through AGIS's backbone before AGIS finally dropped Sanford Wallace and company like a hot potato.

UUnet's dialups have been periodically blackholed by ISPs because of severe problems with net.abuse (including spam) from the dialups and UUnet being slow to provide tracing info. It took the real threat of possibly the largest backbone's dialups being left to talk to the ether bunnies for UUnet to shape up.

While not backbones, national-level ISPs and servers have been blackholed for reasons of spam and/or net.abuse. (Among a short list: AOL, Netcom (has been IDP'd at least twice), Earthlink (in association with Scientology-related net.abuse), Zippo (pay news service; was unblocked after strong AUP enforced), Altopia (blackholed due to "Hipcrime" related net.abuse and refusal of admin to investigate), Demon Internet (open NNTP servers), etc.) In fact, there is serious talk of blackholing an entire name domain registry due to spam (Network Solutions, aka InterNIC).

An increasing number of sites--largely because it's been shown that People Just Plain Don't Like Spam and because spam does consume a gawdawful amount of system resources (I've done a rough essay on the subject)--are joining blackholing mechanisms. Spam-cancels and UDPs were the first of these; a later incarination is the famous Blacklist of Internet Advertisers, then NoCeM was developed to replace spam cancellation (as well as provide for global killfiles for end-users) and now blackholing mechanisms such as the Realtime Blackhole List; the RBL is now explicitly supported by most modern mail daemons, including sendmail.

In other words...don't assume that people won't blackhole an entire backbone if the backbone won't wack people who are using it to spam. Some folks will. They've done it before, they'll do it again, and it is literally easier than ever to leave a spamaceous site--backbone or no--talking to itself and the ether bunnies. This way of dealing with Bad Folks is as old as the Amish and it's not gonna go away anytime soon. >;)=

Like Cyberpatrol it's horribly, unfairly implemented and causes all kinds of crappy things to happen to people who have nothing to do with the "problem". The problem is, how do you stop it?

You stop running a promiscuously open mail relay, as described on the MAPS Transport Security Initiative site.

If you can't be bothered to run your mail server competently, then the hell with you.

This problem with CyberPatrol seems almost exactly the same as the one presented by Paul Vixie's Realtime Black Hole List. It's a list that ISPs subscribe to. Any domain even accused of having spam sent from it is automaticaly blocked by every ISP using Vixie's naeserver. Thus, no mail from ANYONE at any domain on the list gets out to ANY subscribing ISP. He's had major universities, MSN.com and the ISP I used to work at all on the list at one time or another.


Like Cyberpatrol it's horribly, unfairly implemented and causes all kinds of crappy things to happen to people who have nothing to do with the "problem". The problem is, how do you stop it? Like the users who install cyberpatrol (if I understand what cyberpatrol is, a "child-protection" client like netnanny?) the ISPs who subscribe to the RBL do it of their own free will so who has the right to tell them that they can't? It's their mail servers, they can refuse service to whoever they want. Likewise, if someone wants Cyberpatrol on their machine then that's their prerogative.


So I'm stumped, kids. Vixie is totaly unapologetic about the way he runs his list, so how does one try and knock some sense into these idioticaly implemented, destructive "services" without unjustly trying to violate the rights of others?

There is the MAPS RBL too which blocks "e-mail entrepreneurs". This can be used to filter out entire spam friendly subnets on your border routers.

If you have control of the mailserver, setup whatever MTA you're using to use the MAPS RBL, which maintains lists of spammer IP addresses. If you don't have control of the mailserver, ask your mailserver admin to do so.
---
"'Is not a quine' is not a quine" is a quine.

I guess you've never heard of the MAPS RBL (Mail Abuse Protection System Realtime Blackhole List.)

This is pretty much what you describe, and isn't limited to "the top ten ISPs" - any ISP can use it (in fact, Sendmail 8.9 has a configuration macro to use their database.)

MAPS is very successful, and has been turned against such 'giants' as Microsoft and AOL (forcing them to close open relays.)

By all means give Inprise a piece of your mind, but unless you love spam don't give them your address. (They flirt with the RBL constantly.)

When I was running an ISP I managed to get fairly close to the idea with PC hardware running NetBSD. NetBSD has had for a long time the ability for both the kernel and the bootloader to use a serial port for the console. I still had a switch box to get video and keyboard access to deal with the BIOS, but this wasn't that frequently needed, so I saved a lot of trips to the server room.

We did have a couple of SPARCs running NetBSD as well, which of course Just Work when it comes to serial consoles.

I understand that some Intel server motherboards have a BIOS that will also talk to the serial port. Given this, you'd be set.

Another idea that a friend of mine was looking at was to build a little ISA card with a serial port on it that looked to the computer as if it was an MGA and keyboard. It would have to have logic to generate appropriate VT100 sequences to get the screen updated correctly for those things that assume the screen is fully addressable, but that shouldn't be a big deal. And, of course, it would have access to the reset line on the ISA bus (or it could plug into the reset button header on the motherboard itself). It would basically be a little console computer, much like the sort you used to have on minicomputers.

Once you've got some sort of serial console working, I suggest using Paul Vixie's rtty program to monitor the machine. I bought a couple of eight-port BOCA serial boards and dropped them in an old 486 to make a console server.

cjs

Perhaps the people who have been affected by this spam should consider starting the process of complaints to the offending open relay postmaster with a view to getting them listed on the RBL if they don't close it.

Details about reporting available here

Here's how to use it to filter spam.

Perhaps the people who have been affected by this spam should consider starting the process of complaints to the offending open relay postmaster with a view to getting them listed on the RBL if they don't close it.

Details about reporting available here

Here's how to use it to filter spam.

No, we don't need no stinking laws. The internet can heal itself without involving the slow creaky wheels of justice. If they keep it up, the pipe dumping raw noise into the internet will be simply cut off and blackballed. Things like that happen if you have a mail relay and allow abuse.

Here are a few great antispam links:

http://maps.vix.com/
http://www.orbs.org/
http://spam.abuse.net/

http://spam.abuse.net/
http://maps.vix.com/

It will help you understand why spam is morally and *technically* evil.

If every admin would utilize the MAPS, the ORBS database, and participate in these UDPs, the world would be a remarkably spam-free place.

Be careful about giving Real your e-mail addresses. They'll spam your inbox to slag.
(See their policy) and don't seem to have any scruples about sharing it with others as well.

They've been in and out of the RBL and look to be headed back in again.

check out http://maps.vix.com/. using this database is not limited just to sendmail...

I'd be interested in hearing what the RBL folks have to say about this situation.

I'd be interested in hearing what the RBL folks have to say about this situation.

Consider the especially repulsive example of e-mail spam. Whenever someone tries to tell me that e-mail filters are censorship, I refer them to Paul Vixie's excellent writeup of the issue. Free speech only covers your right to say something. It does not give anyone the right to force me to read what they are saying and have me pay an ISP for the privilege!

I really wish Katz had drawn a line somewhere in between Web filtering software and e-mail filtering. The former is imposed upon users who don't wish to use it and have no control over how it is used. The latter is embraced by users as a sad necessity of modern life, and typically these users have full control over how to filter their mail. Much as in the case of open source software, user control makes all the difference in the world.

See: MAPS Realtime Blackhole List

There are a wide range of philosophical stances one can take on the free software issue. Rather than expound them here, I refer you to my (lengthy -- approx 70KB) essay on the matter. Interested parties can find it at the Nutters.org website, or a marginally out-of-date but slashdot-effect-proof mirror copy.

The Famous Brett Watson, famous@nutters.org

I try to avoid the practice of obfuscating or protecting my e-mail address, on the grounds that there are better ways to protect yourself from spam. Hiding your e-mail address is just dodging the main issue. No matter how much you hide it, they will get your address. You'll have to put up sooner or later.

Here's what I do to avoid e-mail spam. I think these steps work rather well. My e-mail address is publicized on slashdot, my home page, Usenet archives, and various other places, and yet I get very little spam (once a month at most, never more than once from the same place).

1. Subscribe to the Realtime Blackhole List to dodge known spam hosts.
2. Use the Spam Bouncer to filter out all the spam that the author of the program knows about (which is quite a lot; 200 kb of filters at last count), and send simulated bounce messages back to the spammers.
3. Run blackmail over sendmail to block relays and allow for additional manual filtering (e.g. if Netscape, Microsoft, or some loser sends me unwanted mail, they're not ever mailing me again :)