Slashdot Mirror
MAPS RBL Challenged In Court Case
An Anonymous Coward sent in "Direct Magazine is carrying
the story
Yesmail
Gets Restraining Order Against MAPS Blacklist (curiously dated
July 17). YesMail has apparently obtained a restraining order preventing
MAPS
from entering it into its Real-time Black-hole List."
Company A is suing group B to prevent group B from adding company A to a list. Once you distill it that far, it is an obvious restraint on free speech. MAPS, as long as they are careful to show the reasons, has every right to put Yesmail on a list. Obviously, Yesmail would agree to be on a list of, say, the Red Herring top 100 internet companies, so they also have to be willing to be listed for their questionable practices.
This seems a bit ironic.
"If you received an offensive message that appears to be from "Nick" or from info@mail-abuse.org, it was a forged attempt to sully the good name of MAPS and its employees. We are investigating the incident; if you wish to provide further evidence or have any questions, please contact abuse@mail-abuse.org.
Thank you for your understanding and patience."
Hooray for MAPS, maybe if MAPS can win a few more high profile cases and get more media attention it might start making spammers have second thoughts about their clandestine efforts.
I don't think they are abusing their power. I applaud their efforts. Way to go MAPS.
Nathaniel P. Wilkerson
NPS Internet Solutions, LLC
www.npsis.com
Nathaniel P. Wilkerson
www.haidacarver.com
I got stuck on this list for having an open relay. At first I was extremely pissed that this rogue group was preventing me from sending mail! Once I found the hole and fixed it, I called the phone number on their site and it was fixed within 15 minutes. The ONLY way you get on this list is if you are "nominated" by someone since they recieved spam that passed through your servers. Sure, it can be a hassle- but there's _no_ reason anyone should have an open relay. As a cursory check, I scan the headers of all the spam I get, and check it against the RBL. Invariably the servers are on the list already- sometimes they've been there for months!
I can see how some people might go as far as to take them to court for it, but that takes a lot longer than 15 minutes!
I hope Yesmail gets slapped with a huge 'frivolous lawsuit' charge, the assholes.
--
--
Victor Danilchenko
that they block sites that run mailing lists that simply don't require a conformation for a mailing list subscription. These people are not spammers going through newsgroups and websites farming e-mails. They are running sites with just a simple "add my e-mail to your mailing list" and even promptly remove people that ask to be removed. The RBL team calls this "spam" because the address isn't explicitly confirmed.
I used to run RBL on a number of my mail servers until I realized who they were blocking.
There is nothing at all wrong with an Open Relay in fact if we had less spammers there would probably be many more available for legitimate use. The problem is with the Spammers, I say go after them not the ISP's and others trying to provide relays for us to use.
Nathaniel P. Wilkerson
NPS Internet Solutions, LLC
www.npsis.com
Nathaniel P. Wilkerson
www.haidacarver.com
Silly question, but what is the actual legal basis of this? The actual allegations? Slander? Libel?
I don't see how the heck this can progress -- what restriction does a private company have on using another private company as a filtering list manager for their own private business?
This would also imply that someone listed on a censorware package could sue for exactly the same thing, which is presumably restraint of trade (since they talk about the adverse economic impact?) or possibly defamation (for listing them as "spammers")?
Once more, we've got an interesting techno-legal battle that will have much greater effects than I think we immediately forsee.
But if these guys win against MAPS, I'd suggest a quick suit against censorware makers under the same principles...
I'm an investigator. I followed a trail there.
Q.Tell me what the trail was.
Recursive: Adj. See Recursive.
Surely, MAPS included a "remove" address at the bottom of its email so that the company could just reply to have its email address removed from the list. And it's not like they have reason to sue, it says it's legal right in the email right under where it says "this is not spam and complies with US spamming regulations"
icqqm [ICQ:11952102]
Thad
The Bolachek Journals
Interesting semi-neutral language by directmag.com in describing an "e-mail append service." What sort of low-life thought of this? Its nearly the same things as randomly trying to guess passwords, except that they randomly try to guess email addresses (first_initial+last_name@host.com) and compile the ones that don't bounce back. Good thing MAPS shut them down. I hadn't heard of this sort of spammer trick but I'm not surprised by it.
When someone gets an email from an e-mail append "service," is there an easy way to generate a semi-bogus returned mail so that the appender thinks your address is invalid?
*** Work like a king, command like a slave, create like a dog.
MAPS is just a list. A list that says "We feel that these mail servers may not be secure, and that they may be used to send unsolicited email."
The administrator of a system may choose to use MAPS to block servers in that list, knowing the strengths and weaknesses of the MAPS system.
Those admins are exercising control over their machines - and this is worthy of a restraining order?
---
As they said it is a opt-in email list so if perople don't read that they are going to one they should get spammed. People need to becarefull on what they do this the same problem they have with junk mail(The one the post office brings you) You sign your name on a paper for a contest but you also sign up for mailing list people need to be carefull what they it will come back and get them
MAPS are only as powerful as their subscribers make them. Any administrator signing up to MAPS RBL is saying, on behalf of all of their users, that they are happy to not recieve mail coming from any server listed on the RBL.
MAPS are not forcing this on anyone. People sign up to MAPS because we trust their judgement on what is and isn't mail abuse. If they start turning up too many false positives, people will unsubscribe from them as the number of complaints from users that can't recieve email from people they want to starts to exceed the number of complaints about spam. For example, many people avoid signing up to ORBS because they find their policy too cavalier. It's a self regulating system.
By signing up to the RBL, people are effectively saying "we don't want to recieve mail from you unless you comply with MAPS' policy. Deal with it."
The truer test of whether this case has any legs will come when MAPS has lawyers in court to defend it. Since it has an open invitation to be sued, one would presume that MAPS will defend itself.
It amazes me how companies bring these frivolous lawsuits to the courts over absurd issues. If Yesmail was really legitimate they would contact MAPS and would work out whatever issues or problems they might have. Whenever, companies are forced to bring things to a lawsuit you can usuall y expect that there is some foulplay. Obviously, Yesmail is the culprit here, not MAPS. If there business was legit, MAPS would recognize that and they would come to some sort of amiable agreement. Companies such as Yesmail are a blight and should be shut down in my opinion.
Nathaniel P. Wilkerson
NPS Internet Solutions, LLC
www.npsis.com
Nathaniel P. Wilkerson
www.haidacarver.com
What's interesting is that MAPS has posted a roadmap on how to sue it, apparently wanting to get a court to establish the legitimacy and legality of its tactics. It wouldn't be surprising to find out that they consciously provoked YesMail to get their case before a judge.
MAPS RBL is totally optional. My IT department gives me the option of opting out of email filtering that checks the RBL. RBL is for those people who have had enough of spam and want filtering. If *you* don't want it ask you IT department about putting you on their opt out list.
Putting someone's name on a list of child molesters is NOT illegal (according to the First Amendment). If you do so, AND you know it to be false, AND it causes "damages" to be incurred to the wronged party, you may be sued in civil court to repay those "damages". The wrongdoer won't get a misdemeaner or felony offense on their record, or be put in jail, though. (IANAL).
The First Amendment is there to PROTECT the kind of speech that may cause "harm" to others (like saying a certain politician is corrupt, thus harming him if they are not re-elected. Such speech is not illegal (in theory), regardless of its effect). The issue of whether you are justified to "harm" someone, is separate.
"It's overkill, of course. But you can never have too much overkill." - Anonymous Slashdot Coward
You said, "why not use intelligent filtering?". Umm.. in the future, please be more vague.
Like it or not, the RBL does a good job of stopping spam. The obvious problem is with how much other traffic it stops. So, "better" is pretty relative. It's a sliding bar -- do you want very very little spam to get through and also block lots of legitimate traffic or do you want some spam to get through and only block a little legitimate traffic, etc.
Anyhow, the discussion is not about whether the RBL is good or bad. I happen to think that it's got some rather fundamental flaws, but that's neither here nor there. The fact of the matter is that the RBL is, in every way, legal.
The Internet providers are the parties that are choosing what action to take based on what addresses are on the list. As long as you agree that the people that run the network own the network (they do), then it's obvious that those same folks have the right to say "no, I don't want my users to receive e-mail from these people."
Now, most of the reactions to this line of thinking are something like, "but the network admins shouldn't be able to control my e-mail, dammit!" -- this merely stems back to my original point: it's not about what you think is good or bad; it's about what is legal. These providers are well within their rights to make that choice. So, it follows that MAPS is doing nothing wrong, merely by publishing a list of potential offenders and letting people do what they will with it.
Dissecting the situation down to, "you are depriving your users of their freedom of choice!" is bordering in ignorance (or maybe just a severe case of over-simplification).
Like it or not, the RBL is legal.
Bottom line: The RBL is evil because it limits my connectivity to the outside world - and it does so in a transparent manner in its typical configuration. I do not want my local net admin/nazi to control *MY* e-mail - maybe I WANT e-mail from cyberpromotions, maybe not. But it is MY choice, not YOURS. And that's where I draw the line on the "free speech" of this system.
This is your choice, so go pay for an account with an ISP that doesn't subscribe to the RBL. People pay good money for ISPs that *do* subscribe, because it saves them from wasting money downloading spam (yes, in some parts of the world people still pay for their time online). If people object to this form of censorship, they can go buy an RBL-free account. Most people are perfectly happy with MAPS' judgement on this.
Your argument makes little sense. No one forces you to use the RBL. If you disagree with their policies don't use RBL on your system. If your ISP implements it on their server, call them up and tell them to opt you out.
If, as you implied, your provider does force you to use the RBL, I don't see what the big deal is anyway. Where is the evidence that MAPS is blocking sites they shouldn't be? If this happens how long does it take them to be unblocked? Show some examples of this and then I'll listen. Until then I don't see how the possible dangers of the RBL outweigh its benefits.
"Well kids, you tried your best, and you failed. The lesson is, never try."
I think perhaps you don't know what you're talking about.
The RBL allows system administrators to reduce the complexity of their job, by using a trusted source of information regarding open relays.
This is entirely optional, and not all system administrators use it.
You are free to ask your ISP if they do, and to ask them to send you your email before applying the filter.
This has nothing to do with censorship. The people sending spam still have the opertunity to send you email without using an open relay, just like everyone else does.
Even if I didn't use RBL, I suare as hell want to nuke anything coming from a place that use legal posturing to force themselves off the RBL rather than clean up thier act.
So MAPS needn't put these bozos on the RBL -- just publish & publicize WHY they are not. The effect may be even more effective. And it will surely be deserved.
DIE EVIL SPAMMERS! DIE! DIE! DIE!
From here: "Finally, don't waste our time with threats. We get all kinds of threats. If you intend to sue us, then get on with it. If you don't, then don't waste our time or yours telling us how actionable our activities are."
Fine. Then don't subscribe to the MAPS RBL. If your upstream provider is doing so, then see if you can find another one who doesn't...and tell your current provider why you're leaving. It works for the Christian Coalition; if there are enough people who "think" like they do to do it, maybe you can find enough kindred souls to make a difference.
Personally, I think that the RBL is a good thing to have around. There are a lot of people who think that they can do whatever they want with electronic communications because it's their computer. Well, MAPS and the Usenet Death Penalty and subscribers all over the world, as well as individual users with their own filtering schemes are here to say that "your freedom to swing your fist stops at my nose". The spammers can do whatever they want...until their crap hits my network. Then I get to have some say about it. And that's a libertarian sentiment, too.
Oh, go on, check out my job.
But if your email addy is "completely free and availiable," wouldn't that promote spamming?
--
LoonXTall
~~~LXT~~~
Life is like a computer program: anything that can't happen, will.
---
I dunno. I'm just a stupid libertarian
---
No you're not. You're seriously suggesting that companies shouldn't be able to choose what they can and cannot do to stop their customers from receiving spam. That's not libertarian at all.
Like any industry, you will find some companies use the RBL, and others don't. It's no more censorship than a private corporation not allowing someone to shout obscenities within their building.
A libertarian (which is what I generally consider myself) would laud the RBL for providing a service - a list of confirmed offenders - to the public. The public can choose if they want to use the list or not. It's that simple. If you'd rather receive mail from known spam sources, then you can switch to a competing company.
- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)
- Jeff
Second, they don't even go after people unless they have recieved complaints about them, and have investigated those complaints and found them to be valid. If they get an open relay reported to them, the first thing they do is verify it. If they get complaints of spamming, they check to see if there realy is a problem, and once again, they don't immediately drop them into the killfile, they discuss the matter with the person who has been accused, and try fix the problem if possible. And fixing the verification problem with a properly built mailing list program is easy if you're using something like MajorDomo, it's the default setting once you properly install it. The people who don't do things right are typically using spamware, or poorly configured systems, and they can get free help fixing it if they're willing to listen.
Unfortunately, there are some people out there who don't listen, don't care, or want to have something to fight about. After all, court fights make great publicity. I wonder how much yesmail.com's web trafic has gone up since they filed this lawsuit? Do you really think they're not profiting from the increased attention?
Okay. I want to see the lawyers talking about this. I don't want bored sysadmins who read a few Nolo Press DIY law books; I want the guys who do this for a living. What do you think? What does this really mean? Is this just smoke-blowing, or should we all start funneling money into the MAPS legal defense fund?
Oh, go on, check out my job.
>that they block sites that run mailing lists that simply don't require a conformation for a mailing list subscription. These people are not spammers ...
You neglect to mention that they don't do this without a complaint involving involuntary subscriptions.
Many universities run very, very large non-confirmed listserv ops. I don't see several on the RBL... presumably because they're not causing a problem.
If you're dumb enough to operate an unsecured maillist program in public view, you're creating a hazard that should be on the RBL.
You're right, it *is* your choice whether or not you want mail from cyberpromotions, or yesmail, or RealNetworks.
You exercise that choice by deciding whether or not to use the RBL.
You see, the RBL will *not* prevent you from getting mail, unless *YOU* decide to use it.
It's that simple.
Intelligent filtering doesn't solve the problem. The problem is not people *getting* junk mail, it's people *sending* it. This is a network abuse problem.
The internet is a cooperative network; if you don't cooperate, we don't network with you.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
Well, yeah, actually, it was a U.S. Military project to protect their network data from loss, and improve communications - if anything qualifies as a "Mine! Mine! Mine!" organization, that would be it. It wasn't until all the philosophically inclined (read: hippie ;) University researchers and students got their hands on it that it became a "Sharing is good!" thing...
Everyone hates spam. I hate spam.
But the RBL has gone so far from its charter that I don't support it these days. Today, the RBL is more a tool of vengeance than a way to protect networks from spam.
Did you know that the RBL not only blocks networks that send spam, but also networks that they believe do business with spammers? Many of the entries on the RBL have never, ever been accused of spamming people or allowing spam through their networks, knowingly or unknowingly. But as far as the RBL gods are concerned, they faciilitate spam, or they don't do enough themselves to fight spam. And that gets them on the RBL.
There's also the blocking of email lists which don't comply with the RBL's opinion of how to run an opt-in list. And now this new case.
So I'm happy to see them in court. There is a free speech issue here, but there is also the issue of gross misrepresentation, as the RBL no longer even follows its own charter. The way I see it, the RBL is committing fraud by promising a service that is completely different from what they actually do.
-b
If I wanted a sig I would have filled in that stupid box.
So Yesmail wants to "opt-out" of the RBL, huh?
:)
I can't believe the irony
Eternity: will that be smoking, or non-smoking? I Corinthians 6:9-10
This is exatcly why we should keep the law weenies locked up in a courtroom instead of letting them out into the real world.
.sig
I feel that the Internet should be a 'no-mans-land' regarding law, the Internet is already pretty self regulating. Just as an example, the MAPS RBL didn't pop up for nothing, there was a need and it filled it. I know this can start problems with crackers, script kiddies and the like, but this would also be self regulating. Do you really think that any ISP would let anyone that could possibly harm them use their backbone?
I hope everyone that reads this uses the MAPS RBL on all of their mail servers, I sure do!
You've got to be kidding. If there was no spammer ... hell if there was no robbers there would be no need for locks either.
Damn it, this open relay problem has been documented and well-known for years, I've had a mail server completely stuck while I was on vacation (yeah that's usually when that kind of things happen ...) because some fucking spammer was able to send thousands of messages a minute thanks to an open relay, and happened to use a domain I administrate as a fake return address ...
And in that case the RBL (which I use) was of no help since all I got was all the bounces ...
Aww, poor little snookums. Here's a suggestion - run up rackspace.com, order a server, and configure it howyou please. Run your open relays, accept your spam, do whatever you damn well please (assuming you're actually capable of running a system). The only freedom you get on someone else's system is the freedom they decide to give you.
I guess that a significant number of sysadmins using the RBL will add those fuckers to their blocking list manually ... and now good luck getting unblocked!
Why should there be an active opt-out required?
Why not phrase it the other way, so it isn't censorship?
This is why there is a sister to the RBL called the DUL which lists dialup accounts, the idea being that they should use their ISPs SMTP server to send mail which the spammers don't want to do...
Not opt-in is when you simply get spammed.
Opt-in is when you or someone else can give your email addressed and you will be spammed from now on. Since someone else can "kindly" "opt you in" it can easily be equiv of not opt-in.
Double opt-in is like opt-in but it at first send confirmation email, and if you confirm that you really want this stuff, then you will receive it.
alexc
Join Majestic-12 Distributed Search Engine
Yes, and car dealerships should stop bothering with gates and locks on the cars. After all, the problem is with car thieves. If they would just let anybody drive off with a car, it'd make many more cars available for legitimate purposes, like test drives.
I say unlock the cars, leave the keys in the ignition, and go after the car thieves.
----------------------------
You have to sign up for the list, and then reply to a confirming email to verify that you're you and that you want on the list. Otherwise, your 'sign up' can be a forgery by someone else.
"If I have seen further than other men, it is by stepping on their glasses." - Michael Swaine
What gives you (or anybody else for that matter) to decide what mail should or should not be allowed?
You misunderstand, or misrepresent, what is going on.
A lot of people don't want to receive unsolicited commercial eamil. And a lot of ISPs and business sites don't want their resources used to forward it, or their employees distracted from doing work while deleting it.
MAPS publishes a list of sources of unsolicited email. ISPs, businesses, and individual users may chose to use this list to filter out mail they don't want to bother to read or forward.
Use of the list is strictly voluntary.
Having your email forwarded, on the other hand, is not a right. It is a voluntary service of whomever forwards it. If a site does not wish to forward unsolicited commercial email - or any other email - originating from you, that's that site's prerogative.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
You know, it's funny, but I was thinking the same thing about Yesmail, but more in terms of doing it for the attention that the inevitable overblown media frenzy on such a trial would produce - they can even lose the lawsuit, and fix their mailing list the way the MAPS people wanted to afterwards, and the increased attention may profit them more than the costs of the lawyers. As long as they maintain a very vocal and loud set of protestations about how they did no wrong, and they're a decent, respectable web buisness (and our address is www.... - go see!) then they can get all of the free big-time media coverage that they want, and can use it for advertizing.
In the RBL's defense, though, they won't add a site until they have made a VERY thorough effort to contact the people responsible for the open relay. This means that your server won't be added unless you are either unresponsive, or dumb.
The real solution, of course, should be strict spam laws. The penalty for spam shouldn't be on the end user, it should be against the spammer.
--
I never thought that blackholing someone manually could feel so good. Quite freeing, really. More if us should put the Slashdot Effect to good use and give Yesmail a really big headache. :)
In space, no one can hear you moo.
So sorry, but unfortunately I must inform you that it is, in fact, my network of which I speak. I didn't claim to control the office network. I control my network. I have DSL coming in to my apartment, and I have a network here.
Bzzt. You lose.
Oh, go on, check out my job.
Not too long ago, there was a discussion here on Slashdot about a person applying for a job, who almost lost it because of an erroneous credit report. I think most people agreed that a credit agency should be reliable for the information they put out, even though the employers/businesses who reject people based on the credit information CHOOSE to do so themselves. And I don't see why information about spammers should be any different. Now, if MAPS have proof that Yesmail is in the spam business, then why shouldn't they be able to tell others? On the other hand, if Yesmail is innocent, I suppose MAPS would be liable of slander?
I belong to the libertarian party and hold certain views concerning my personal liberty. I believe that I should be in control of what information I receive, not a 'big brother' type organization. I was under the impression that RBL was an Opt-out type list, but I have been informed otherwise. In my opinion, a person should not be required to opt out of a service, but rather volunteer him/herself. There is no true definition of a libertarian by the way. The party seems to be a conglomeration of people with different viewpoints who all hold personal liberties (be it governing one's business or one's choice in phone companies) Don't tell me what my political affiliation is or isn't. Maybe we just see one situation differently. A libertarian isn't neccessarily a carbon copy of you. Josh
I love the euphemisms that spammers use to further their lies. What we call using confirmation emails, they call "double opt-in", as if there were any acceptable "single opt-in" solution. With their "single opt-in", though, they are free to use their dirty lists as they please because if you complain to them they can just say "oh, sorry, someone else must have signed you up!" or, "You dummy, you must have signed up at one of our 'affiliates' and asked to be put on their mailing list". If you had to confirm all the lists you were on, they know that their dirty practices for putting you on lists would never work.
--
A: First off, maps represents 3 types of blocking lists.
1: The RBL, which contains IP addresses of spammers
2: The DUL, which contains IP addresses of machines that should not be able to send mail to your server directly. Ie: a user at earthlink should always send mail to their mail server and then it should be routed to you. If they have a system that connects straight to you, it most likely is spam,
3: the RSS (relay spam stopper) that contains a list of open relays. This is a nice trick of spammers to send mail through someone else's machine and have them do the job of mailing everything out.
B. Getting your address.
Now, my take on the philosophy of MAPS, is that you should only receive what you elect to receive. ie: getting mail-bombed from 100's-1000's of companies just because you once posted to usenet without masquerading your e-mail address just should not happen. (This is not an exaggeration).
So, if you sign up for a newsletter, you receive the newsletter. Also, you should have a clear way on how to be removed from the newsletter. etc.
You also should have a choice in that they should not sell the e-mail addresses on the newsletter.
C: Legality, from the receiver's point of view
As to the legality of maps?
Personally, I like it.
Its 100% opt in, and you choose for yourself what list(s) you want to subscribe to, and away you go.
If you go to an ISP, you can usually find out very quickly if they subscribe to MAPS, and which particular lists.
D: Legality from the sender's point of view.
The basic idea, is that if you do nothing wrong, you have nothing to worry about.
To actually be listed on the RBL is not a slam dunk. You will be contacted more than once and you will have ample opportunity to make changes.
Ok so some of the changes may be considered completely rude by some, lets give examples:
1: the ability to unsubscribe yourself
2: The ability to make sure that only you sign yourself up, and not someone with a bogus e-mail address
3: Not to add users by a "buy 50million users on cdrom for $20" import utility.
4: if you are an ISP, not willing to do anything about people complaining you have spammers.
Usually, you can get by #4 by having a strong AUP against spam, and kicking user accounts that send UBE
E: Legal arguments
1: Restraint of trade?
Not in my opinion.
I consider and trust MAPS to be a meta-introducer. I want them to let me know who I should talk (receive e-mail from) to and who not to.
Its my/my companies/my ISP's choice, as its their machine.
2: Malicious
Not hardly, You will receive every chance not to make the RBL list.
The DUL list is usually contributed by the ISP themselves
the RSS is contributed by vitcims. Usually the Sysadmin of the victim's machine will ask for help to get it fixed, and maps will help do that.
Harly what I would consider malicious, when they help upgrade a victim's sendmail.
F: how to use it,
if you know how to make your own sendmail.mc insert these lines:
FEATURE(rbl)
FEATURE(rbl, `dul.maps.vix.com', `Dialup - see http://www.mail-abuse.org/dul/')d
nl
FEATURE(rbl, `relays.mail-abuse.org', `Open spam relay - see http://www.mail-abu
se.org/rss')dnl
and away you go.
-- C
Ah, I see.
You intend to spam everyone in sight with your opinions about yesmail.
How clever.
I personally think this lawsuit is a great thing because I don't think YesMail has a hope in hell of winning.
I'm no lawyer, but I really don't think you can sue someone who simply publishes a list. Think about it... all MAPS does is compile a list of IPs it doesn't like and various ISPs act as subscribers to this information and choose to block them.
If MAPS were to lose, it sets a nasty precident that would allow anybody to sue anyone (such as NetNanny) simply because they are listed as "bad". Think of how far-reaching this could be... you could publish a list of crappy video cards and be sued because sales dropped.
--
All opinions presented here aren't mine.
Maybe then they'll get the point.
--
Ooh, moderator points! Five more idjits go to Minus One Hell!
Delenda est Windoze
Ooh, moderator points! Five more idjits go to Minus One Hell!
Delendae sunt RIAA, MPAA et Windoze
God, I don't need internet censors deciding what I can and cannot see.
So open an SMTP port on your machine, publish an MX record pointing to it, and don't filter the mail with the MAPS list.
I don't believe that ISP's should turn to censoring their client's mail.
Isn't that a matter for the ISP and the client to agree on by contract? Isn't it the client's right to switch to a different ISP if he doesn't like the way the service is handled?
Why should ISPs be constrained to filter or non-filter mail according to YOUR preferences, rather than that of their clients?
And if all you're asking for is a signup option, why don't you try asking an ISP for it? If enough people ask for an option to have their mail unfiltered, I'm sure some ISPs will be willing to provide it.
Perhaps at an extra charge, to cover all the extra processing. B-)
But somehow I doubt that there's all that much demand for this "service".
Meanwhile, you can always sign up with an ISP that gives you a fixed IP address and a nameservice, open an unfiltered SMTP port, post an MX record pointing to it, and get all the spam you want.
Post a few netnews articles to get your ID on a few spammer lists, while you're at it. It might change your mind.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
The Cypherpunks mailing list was recently hit by the fuckwits at sparklist.com . They've sent literally hundreds of spam messages to the list. They were called about it when it all started July 10th, and assured people that they would fix the problem and send an apology to the list -- they lied. Now on July 15th, the list is STILL getting crap from Sparklist.
As far as I'm concerned, what Sparklist is going is basically the same as having a "spam this address" button which people can click for a cheap thrill, and they're no different than someone who is running an open relay.
Maybe MAPS will RBL sparklist.com. I hope so.
Yes, you have right to free speech, but I also have the right to not listen to your speech. I also have the right to use a trusted source of my choice. If your speech costs me money (Time and resources dealing with your speech) then I have the right to block your speech towards me. You can talk to whom ever you want, on whatever topic, but I have the right not to listen.
If a customer, that gets email through my machines and resources, does not like that I block some speech for whatever reason, they are free to find a new ISP. There is plenty of competition in the free market.
Linux O Muerte!
Surely the restraining order lists the exact entries that MAPS is prohibited from adding. Otherwise, how could they comply?
-russ
Don't piss off The Angry Economist
There are several ways to send spam, for more information, look at the MAPS website.
One type of SPAM comes directly from a dial-up account to your ISP's mail-server. This type of spam can be prevented if your ISP uses the MAPS DUL (Dialup User List). The idea is that no-one should be using a dynamically assigned IP to send mail, they should forward through their ISP's mail-server. Spammers don't want to do this though, because their ISP's mail-server will keep a very detailed log the messages sent.
Many times spammers will find what is known as an open relay. An open relay is a system which is accepting mail from anywhere and sending mail to anywhere. In the old days (that is, a few years ago) that was common practice. Now that spammers abuse this, any system which is an open relay and has been known to have had spam sent through it and has been reported to MAPS will be placed into the MAPS RSS (Relay Spam Stopper). Again, you must encourage your ISP to use the RSS to filter mail. There is one drawback to the RSS though: it blocks ALL mail from an otherwise legitimate mail-server. However, if the sysadmin of that mail-server gets his act together and stops the open relay, the system will be immediately removed from the MAPS RSS. The sysadmin can even contact MAPS for help, and there are volunteers available to help with server configuration.
The final list is the RBL, which is the one that is being challenged. The RBL is very unlike the other two lists. The RBL exists to stop known spammers. By using the RBL, a sysadmin is really putting his/her trust in MAPS. Personally, I do use the RBL because it does help keep the spam problem down. To get on the RBL, there must be a repeated abuse shown. The reason MAPS wants to add yesmail to the RBL is because they are being bad net citizens by allowing anyone to enter anyones e-mail address to subscribe to one of yesmail's mailing lists. So basically, one of your friends (or enemies) could send them your address and you would start receiving "marketing materials" from them on a regular basis. It is then your responsibility to opt-out of the list that you didn't even opt-in to in the first place!
What MAPS would rather see is for them to send one and only one e-mail to the address that contains further instructions to verify that the e-mail should really be subscribed to the list. If the person who receives the e-mail actually wants to be subscribed, then it is only one extra step for him/her. If the person does not want the e-mail, he/she does not have to do anything because yesmail should never send further correspondence unless requested to again.
Those are the basic facts about what is going on. I am sure several people have submitted yesmail to the RBL. Obviously, there are plenty of MAPS RBL subscribers who want yesmail on the RBL. Note that your ISP must subscribe to the RBL to actually have the e-mail blocked.
Now, for those of you saying that you don't want your ISP to use the services of MAPS, I say, tough shit, take it up with them. Do not forget that it is your ISP's server space and you are merely leasing the rights to use it and have an e-mail account and accesss and so on. If you don't like them filtering by the MAPS lists, then either ask them specifically not to filter your mail (which can be done) or get another ISP. Personally, I think you are crazy if you don't want your mail filtered by the MAPS lists, but to each his own I guess.
Anyway, talk to your ISP about filtering using MAPS and see if they will do it. Mention that it does reduce the load on their server resources because they no longer have to store and transmit mail that you don't want to see anyway!!
MAPS, as well as orbs.org are really doing quite a service for the entire internet community.
After upgrading Exchange to sp6a (yes, 6, and yes, a. Ah, the life of an NT admin...), the server suddenly started relaying mail for outside machines, despite all of the changes I'd made to it pre-sp6a.
If I hadn't gotten the email, I wouldn't have known. MS never would have mentioned it, I had to dig for a day through their "KnowledgeBase" to find out what the problem was.
It's sad to see that companies are trying to stop these services from listing them.
I've worked in ISP's before. The abuse queue at one of them (a very large one) jumped from an undercurrent of about 1000 outstanding items to over 1200 on the basis of one single spam incident. The ISP costs each abuse incident requiring action at $25 to reply and fix. Thus this one spam incident cost the ISP more than $5000 to manage and resolve, and that doesn't take into account the good will aspects. The bandwidth stolen from the ISP and the customer costs money as well, and to maintain a responsive system, most tier 1 ISP's have excess capacity. Spam is not really a big consumer of bandwidth unless you happen to be the sucker with an open relay, but the management costs are astronomical. In addition, of the twenty or so times I saw the results of abusive "customers" who bought $20 pre-paid internet accounts and injected several million messages per account before having it closed, the account costs this ISP many hundreds of dollars. The headers are all forged (who do you want to be today?), the recipients entirely unwilling. The mail administrators in one of the worst incidents worked until 2 am fixing this problem up. Does the spammer pay for this? I don't think so. If the local mail relays are full of unwanted messages from non-paying (or abusive) customers they cannot service the other 100,000+ customers legitimate traffic in a timely fashion. If they paid *all* the intervening ISPs (as if) for the full cost of their actions, and everyone opted in rather than the other way around, this would not be a major problem. It's not about free speech, but simply this: A is stopped from sending to C,D,E...n by B. A is stealing from C,D,E,..n's ISP and from C,D,E,..n, and from many intervening networks, and thus many managers and administrators do no like this loss, thus signing up for B's service. "A" does not pay for the privilege and they forge their identity. Why does "A" think they have a *right* to steal? UCE is theft of service. End of story.
Andrew van der Stock
Great work, guys!
Umm, why don't you just use hotmail, or one of the other *free* mail providers. I'm sure you can find one that doesn't subscribe to the RBL, and then you'll be able to get all the wonderful spam you seem to want, plus some.
How is this any different from a mass boycott by subscribers of the RBL? Last time I checked, that was still a valid method of protest.
This
Heh, just because they were in charge of it before, dosen't mean they've got it now. (damn. It was much less cluttered with crap back then too.)
'Scuse me, I think I'll go have a USEnet-flashback now... (woah... content...)
Everyone seems to be skirting around the main point of this: MAPS is a voluntary system. No one says you must use it. ISPs that use MAPS normally tell their customers that they use it (or likely should). If you do not like that your ISP is using the MAPS system, you can ask for your account to be excluded (if they can), or find another ISP to use. Choosing an ISP with MAPS is choosing features, like choosing what areas with an ISP you have local dialups in.
Now IANAL, but you can say all you want. Talk and talk and talk if it makes you feel happy. If I put earmuffs on my own head (or let my ISP do so on my behalf), you have no right to take them off. I chose to have them put them on.
This is like Yesmail saying I can not hang up on a telemarketer because I must listen to what they say, no how matter how little (i.e. the subject line) I pay attention. This is not a good precendent.
Spam wastes significant ISP resources, and the vast majority of people are happier with ISP-side filtering (they wouldn't have the first clue how to set things up on their own, or they just don't want to deal with it).
If you really have a problem with it, it's your right to chose an ISP that doesn't do it, or run your own mail server.
--
This space unintentionally left unblank.
This is incredibly moronic. The only thing yesmail achieves with an action like this is to land themselves on thousands of private block lists. I have made sure to update my access.db with all of their netblocks. Numerous others have been doing so as well, according to the comments in news.admin.net-abuse.email. It will be much harder, if not impossible for yesmail to get off of these blocks than it would have been to get off of a single list.
/16 blocks of their network being effectively routed off of the Internet.
If I were yesmail's upstream providers, I would dump them like a hot pototato. Remember what happened when AGIS refused to dump Spamford Wallace? The rest of the Internet decided to route around them. Upstreams don't need entire
Remember, the average user may believe in the "Just hit delete" crap, but most of the people running networks are vehement anti-spammers.
Well hooray for them. I'd define spam as "content delivered to a user without desire or request on the part of the user and prior warning/confirmation on the part of the deliverer"
I've had email since '90 (a moment of silence for the late, great BBSes), and though spam wasn't nearly as bad back then as it is now, I still quickly got over my timidity of telling everyone from strangers to close friends, "Don't bother sending me blonde jokes, political action reports, or anything that begins with 'FWD: FWD: RE: RE: Fwd: Re: READ THIS!!!!!!!!!'. I refuse to read such crapola -- I intend to use email as a way of increasing meaningful, first-hand COMMUNICATION between human persons."
Of course, not everyone was happy with this simple directive. Either they got over it, or *I* got over *them*, but it was/is not tolerated.
In any case, some of the people with whom I have casual, unprotected e-mail do not bother to conceal recipients when they send out a mass forward of "top ten reasons dogs are better than men having sex with dogs" or whatever putrid meme-virus is going around that week. One particularly annoying episode last year was due to morons who indiscriminately use the Reply-All button. I ended up getting harvested onto the mailing-list of a political interest group I didn't really like (let's just say if I had been in the military it could have been grounds for a discharge), receiving a long newsletter update about their URGENT ACTION ITEMS!!!!!! almost every day.
So I took some URGENT ACTION!!! of my own:
1)Reply to sender of the message, requesting removal (subject, body, non-script english).
no response, two days later, received newsletter.
2)Go to website look for unsubscribe area.
none there, receive four newsletters over the next week.
3)Send email to designated "Contact Us!" including copies of their newsletter along with my request to be removed from list; also suggest webpage removal form.
no response, receive several newsletters over the next week.
4)Send to abuse@ webmaster@ postmaster@ [domain.org] requesting personal removal, including copies of past requests and newsletters; re-iterate webpage suggestion.
no response, receive newsletters over the next four days.
5)Use DNS lookup to find addresses for the registrant, send request for removal including history (numbers 1-4).
finally, someone removes me from the list. although to be honest, it would have been nice to receive an apology from the bastards, or some indication that "we are adding a new form on our page whereby users may request removal in the future".
THE POINT IS: by having mailback-confirmation of list-adds (providing info on removal) they could have saved:
a)their time and resources
b)MY time and resources
c)my newly-earned, personal opposition to their cause (amusingly, protesting to end violations of civil liberties)
nmx is absolutely right on this.
___
the problem with teens is they're looking for certainties.
Hollywood, Television, has become the dream machine. We need to take that back; each of us is a Dream Machine
You need to take your troll detector in for a checkup. If the last sentance of his post didn't tip you off, I'm amazed you can operate a keyboard.
One of the forms of hacker humor is to respond literally to a totally outrageous statement or question.
B-)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
While in most cases any publicity can be good, Yesmail would be foolish to try this. Why? Because every ISP out there has the capability (and the right) to add Yesmail to their own private blackhole lists (not shared with anyone else; just preventing their own email servers from acception email from Yesmail, which is entirely within their rights). Yesmail will wind up on thousands of individual blacklists. Worse, because of the inertia of such lists, they'll never get back off all of them. It's already happening -- check out news.admin.net-abuse.email (NANAE). Precedent exists for this -- look at the history of AGIS, which was (for a time) a spam-friendly provider. They wound up on so many blacklists that they essentially became just a private network. They cleaned up their act, but could never get off enough private lists, and finally delared bankruptcy a while back. In a sense, MAPS was doing Yesmail a favor -- at least you can get back off the RBL.
Maybe I could volunteer name, address and what time I'm about to rob which bank to the police. Very libertarian?
I'm not really going to rob a bank, this was just illustrating a point.
Even the injunction wouldn't be able to keep MAPS from publishing their address in a way that is NOT automated.
If MAPS had put them in the RBL, they could get things working again within hours after cleaning up their act. If thousands of individual sysadmins start adding them to their sites' individual black hole lists, it's likely they'll NEVER get their domain's mail working right again.
I think that even if the suit succeeds they're dead meat - as is any other domain operator that uses the legal system to block MAPS from black-holeing them.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
It seems to me that you need to read up on what the RBL is, then, before you pass judgement.
This is how it works:
1. People report open relays and the like to the RBL.
2. RBL puts that on a list.
3. Various ISPs receive a copy of that list, and make it so that email from those sources is not received.
Note that step 3 is 100% consensual. As the owner of an ISP, you can choose to receive mail from those on the RBL. You can even ignore the list entirely. Each ISP gets to choose if they want to use the list or not, and by virtue its customers get to choose whether or not to use that ISP. Basically, it's a way for people to ignore known spam sources if they want to.
It's not a 'big brother' type organization as you don't have to use their list of spam sources if you don't want to. They simply provide a service to those who trust them to root out spam sources (and they are very open on their criteria for putting people on the list, as well as providing proof of their actions).
Now, my guess is that you spoke before doing your research - and that you ARE a true libertarian. However, saying that the RBL doesn't have the right to publish a list of spammers (that your ISP can and can not choose as a commercial organization to filter) is antithetical to libertarian thought. Yeah, there are variations on the same theme, but this is basically a free speech issue. They're not forcing anyone to use it, after all.
- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)
- Jeff
I worked with YesMail as a consultant a little while back, and have a little insight into this.
When I was working with them, they were very interested in making sure people could get off their lists if they wanted, and that they didn't get on them unless they wanted to be on them. One of their big selling points is that the people on their lists want to hear from them, and they don't want to jeopardize that. If people don't want to hear from YesMail, YesMail doesn't want to bother them.
That said, I'd absolutely hate to see them prevail in this lawsuit. However they got on the RBL, it's a strictly voluntary service for e-mail administrators. If YesMail is on the list, you can pretty well bet that the admin doesn't want YesMail traffic passing through their systems. I'd hate to see a court interfere with that.
---
First off, 'spam' is a subjective term used to describe a lot of different things.
---
While some people use it incorrectly, the generally accepted definition of spam is 'unsolicited bulk email' - commercial in nature or not.
Regardless, the RBL focuses on open relays - those aren't subjective at all. It's either open or it's not.
---
Companies shouldn't be deciding much of anything for their customers where it comes to filtering the content they receive.
---
Sure they can, as long as they are open about it. That's why an open marketplace is so vital - you as a consumer can choose who you want to work with. If a given ISP filters stuff based on known spam sources and you don't like it, there are a number of competing ISPs that would be more than happy to take your business away from them.
---
They're certainly no longer a 'common carrier' once they've started applying filters....
---
Hrm.
If I block incoming mail from a given ISP due to their listing on the RBL, should that lose me common carrier status? It's not really being 'published' in a public space, and you're not really censoring existing _content_, so it's hard to say.
Where does it stop? If I apply a block to a certain IP range due to a denial of service attack, does that lose me the common carrier status? If so, that needs to change. I consider spam to be the equivelent to an attack of sorts, so I'm not sure why there would be a difference. In either case it's the hijacking of 3rd party computing resources for an insidious purpose.
- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)
- Jeff
Alas, this whole area is heading in the direction of law and the courts, and there's nothing they hate more than vigilantism.
Whatever we may think of the arguments ourselves, aiken_d makes a strong case why blame for spam cannot be transitive: if Ibill is RBL'd, then so should the electricity and water boards, supermarkets, McDonalds and everyone else that supplies the spammers with indirect support. It's all a matter of degree, and you can bet your life that the courts will not see Ibill as being in the spamming business any more than those who indirectly support (say) the financial (banks and the US Treasury!) or stationary needs of spammers. It's not transitive.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
Okay now. Opt-Out: Basically they can send you stuff until you send them a notice or fill out a form stating that you don't want their content. The only problem with this is, there's nothing to prevent you from being put right back on a similar list later on. Also, the act of notification probably gets you chucked onto a couple more lists. Opt-In: Basically it's as simple as "fill out your e-mail address and we'll send you our content". There's no verification that the person submitting the address is actually the person utilizing that address. So, if someone wanted to be a real idiot, they could simply submit your address to the Opt-In for "Fill your mailbox with "SOMETHING". Double-Opt-In (or Verified): Like a properly set up majordomo mailing list. You submit yourself to the list. The listserv sends back an e-mail saying, essentially, "Someone subscribed you to this list. If you really want to be on this list, just reply to this message, or go to this webpage and confirm it". Once you've confirmed it, you're on the list. DOI makes sure you actually WANT the content BEFORE sending any of the content your way. The only problem with some DOI's is that some of them allow your e-mail address to be submitted over and over again. Causing you to receive multiple confirmation requests, and essentially amounting to mailbombing. Some better DOI agents will accept a particular e-mail address once, then won't accept addition submissions for it. At least until confirmation is received.
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
>court in Illinois,
Okay... this is something that's bugged me in in a number of other stories here on
By what streach of the law, imagination, or simple arrogant presumption does an Illinois judge claim jurisdiction over people in California?!?!?!? Or vice versa, for that matter (MPAA's restraining order on 500 john does, many of which most certianly live outside CA comes to mind)?
Is this a *FEDERAL* judge, whose bench just happens to be in Illinois? Or does any old state judge have carte blanche to order around people outside their jurisdictions? Seems like MANY states would STRENOUSLY object to such a violation of what little sovereignity the states have left (Texas and Mass come to mind, for starters) And if the latter *IS* the case, why do we bother with jurisdictions at all?
Of course, it *IS* a common arrogance for our legal system to presume that it has domain outside its jurisdiction (certian OTHER DeCSS-related actions, in Norway, for example, come to mind).
I'm *SURE* that there are at least a FEW bona fide lawyers who read Slashdot. Could one of you PLEASE shed some enlightenment here?
john
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
Addendum - I made a mistake. you don't report to the RBL, you report to MAPS. The RBL is a list they keep. There are a number of similar lists that network providers can use to decide who they should and should not accept connections from.
Of course, it's all voluntary. You don't need to use these blacklists if you don't want to...
- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)
- Jeff
What do I think of this injunction? its a crock of shit - interlocutory injunctions arent hard to get in practise as long as you have;
at least an arguable case.
a good trial lawyer
no opponent - an emergency ex-parte application is, therefore, best for the spammer.
My quick view is that just because YEsmail have contracted with X to deliver spam to Luser via ISP there is no legal relationship between YEsmail and ISP. It can however be argued that there may be an implied term in the contract between Luser and ISP to deliver communications by Yesmail or X. And this maybe the case if Luser has requested spam from X or YEsmail. This would not apply if the email address Luser@isp.com had been harvested but it might be so if it had been given voluntarily by Luser in response to an offer or suchlike. And in any event privity of contract would only permit Luser to sue not Yesmail (disregarding arguments about equity)
This is basic contract law and provides no good basis for an action. however things get a little foggier when one considers tortious acts such as nuisance, defamation, interference with contractual relations, etc etc. Defamation could be argued but it depends on the detailed facts so I cant say. Interference with contractual relations is a possibility but the question here is interference between whom? if between Luser and X its quite a good cause of action. If however its interference between X and Yesmail? dont make me laugh! ISP doesnt exist to help Yesmails business or X's, only to link Luser to the Internet. If ISP makes Yesmails life harder, or refuses to make it easier, tough titties: "I am not my brothers keeper".
Additionally MAPS can argue two other things.
/. lawyers could chip in...
1) that Luser can still receive email from non-RBL users. Though that wont be possible if Lusers ISP uses RBL. But if upstream ISPs dont all use I guess routing is still possible allbeit slower and less certain. Id want a technical view on this argument.
2) Public policy. Spam has all but rendered Usenet useless.Makes the uses of email a hassle or the giving out of email addresses undesireable. this all reduces the utility of the Internet which most people politicians and judges think would be a "Bad Thing(TM)"
There are a lot of other legal considerations/angles and I could say a lot more but you aint paying me
maybe my brother US
(any chance of decent karma for a change....)
-he who laughs last, is a bit slow.
journal
Let them know how you feel!
Fuck the lawyers
:wq
Firstly let me say that I agree entirely with what MAPS does.
That said, I think it would be ethically right for ISP's that use MAPS to announce to users in an agreement or contract that they might block some incoming email in accordance with the list supplied by MAPS.
As long as they do this, MAPS can strengthen it's case even more because it can argue that the users themselves have agreed with their ISP's that they don't want to receive email that MAPS considers annoying.
===
If MAPS lose their case against Yesmail, they could always relocate to Sealand.
>(yes, in some parts of the world people still pay
> for their time online)
In most parts of the world outside the USA, people pay hourly or per minute rates for internet access.
This is why us funny foreigners have very little time for USAn 'free speech' wibble from spammers.
Spammers *cost* *me* *money*! They are a net drain on my pocketbook. I have to *PAY* to find out about illegal moneymaking schemes, cheaper long distance carrier inside the US, etc.
Spammers are thieves. Stop them stealing from everyone.
dave ""
More ISPs should have liability clauses in their AUP.
'You cost us money to clean your shit up, you pay for it.'
dave
(I once was "Ungrounded Lightning Rod" but slashdot slashed off my " Rod".
Oh dear God, they slashed off your rod?! Was it found in time to reattach it?
--
In Majordomo 1, the confirmation feature is at best useless, and at worst it provides a false sense of security. Daniel J. Bernstein has this to say about it (under the section ``Subscription cookie prediction'').
I've had a look at the cookie generation code in Majordomo 1.94.5 (the current version 1 release) and it's quite trivial, given a cookie and the email address you used to get that cookie, to make a cookie for any other email address. So if the list actually allows public subscription (e.g., open+confirm), be prepared to subscribe anyone.
This claim is substantiated; there is, for example, a working implementation.
Some people argue that the cookie algorithm can be changed; however this is no longer the ``default setting'' that you were referring to.
In my quick perusal of the Majordomo 2 code, they have got it ``right'', in the sense that you can't just spoof the ``confirmation tokens'' (as they're called in the code), which are randomly generated (using the standard Perl rand()---I don't know how secure or insecure this is).
Now that they have, I now know about this outfit. So, MAPS can't list them (for right now), but I sure as the hell can put in a filter.
/dev/null.
It is truly amazing to me how folks like Yesmail don't seem to understand that the RBL is not the only group that filters. They have to deal with us, the public - be it some guy with LookOut filters, or sysadmins at large ISPs/companies. Either way the mail is gonna get sent to
And MAPS will be destroyed. MAPS postures itself as a "voluntary" thing, but if you actually read how it works, you get put on the list for blocking MAPS' looking around.
Gee.... MAPS can't be any more hypocritical there. MAPS' whole reason to be is because they claim spammers are tresspassing on peoples' net connections. Yet, if you ban MAPS, no matter whether you have an open relay *OR NOT*, you are listed as being an open relay.
It's astounding how many otherwise intelligent people think this is a good thing.
--
Ben Kosse
Remember Ed Curry!
One is free: paste any spam email you receive into a form on their site, and it will analyze the spam's headers to find out who's responsible for that spam getting to you, then it will automatically email a complaint to the relevant postmasters and system administrators, and also pass information about open relay abuse to ORBS. I've been using SpamCop this way for a few months, and I've already received several dozen responses from ISP's that the offending email accounts have been shut down due to terms-of-service violations. It gives me that warm fuzzy feeling that I'm doing some small part to help stop spam.
The other service comes for a paltry fee: you can get a 'spamcop.net' email address which filters out email for you. I believe that it will still let you see spam if you want to, and I think you can customize it to make absolutely sure it doesn't block legitimate email, so this might satisfy the people here who want more control over the way their mail is filtered.
I can see how you would be initially pissed that RBL was 'preventing' you from sending mail....
But everyone must remember one other thing:
RBL is not an authority. IT works because ISP's DECIDE that they *WANT* to use RBL to get their block lists. They understand and know how RBL works, and are willing to live with the consequences.
REmember, email is not 'the phone system'. It's not centrally planned, and you have no common 'right' to send email to anyone, anywhere. It works because everyone agrees on common protocols, and to freely accept data from each other under certain terms. Period. Much like the internet itself.
So.. perhaps this company needs to SUE the ISP's that are actually USING the RBL. RBL doesnt' make them, it just publishes a list.
IF you don't want your ISP to use RBL, then find out if they are or not, and don't use that ISP.
Perhaps you are unaware, but a large number of mail servers are *privately owned* by collectives of people, companies, individuals, etc, and I will *NOT* have anyone dicatating to *ME* what *MY* mail server will or will not accept. I am *perfectly* happy with RBL providing me with a list of sites; I understand their method and think they are fair, and I don't care if someone gets wrongly listed from time to time. It's *MY* mail server. And people who have accounts on it can either live with it or go elsewhere.
So.. while you are complaining, does your ISP actually use RBL? Did you ask them?
Hmm. Many ISP's have size limits on outgoing mail (so you don't mail 20GB files). Is that censorship? SOme only allow 20 recipients to a message at a time. Is that censorship? WHo decides what 'email' means. If it's my mail server it means 'incomign message meets certain RFC's, plus my own filters, plus doesn't get a match in RBL'. If it doesn't meet those criteria, it's not a message.
I hold in my hand a list of the i.p.'s of known communists. Ergh...wait...There's something feeling a bit redundant about all this.
"My religion is to live --and die-- without regret." -- Milarepa
If they didn't spend so much effort putting regular people on their damned spam lists they wouldn't have this problem.
Well.. how it is done is simple.
There is absolutely nothing special, network-wise, about a mail server, other than the fact that it's running mail server software.
If all you want to have the mail server do is send mail out.. you don't need any 'special' privelege. YOu can do it with your own computer.
Special settings in DNS and such are only required to receive mail...
What about people who sign up for a mailing list, receive the mail they signed up for, decide they don't want the mail from the mailing list, and instead of following the instructions for removing themselves from the mailing list, send a complaint to MAPS claiming "I've been spammed!!!" ?
I've seen it happen on more than one occasion. MAPS never checks to see if the complaint is valid, they just take the complaint at face-value, and add the "offending party" to the list.
It's a battle I've fought on numerous occasions. When I first heard of MAPS and ORBS, I respected and supported what they did. Then I got bitten by their over-zealousness. They attempted to punish my company for offering our customers an opt-in mailing list service (a service which is only available to our customers, and only allows communication between our customers!) We have a legitimate business reason for this service, but apparently the chaps at MAPS don't care; we don't fit into their narrow view of "how things are done on Our internet."
If they change their holier-than-thou attitude, their service will prove beneficial. If they keep going like they are now, then I deeply hope that they and ORBS are wiped off the face of the Earth.
This is not a free speech issue, it's a property rights issue.
Your right to say what you want to say doesn't include a right to use my property to do so.
If you're in the RBL, then I don't want to hear from you, because you're probably a spammer. It's my prerogative to ignore what you're trying to tell me. If you don't like it, TFB.
You're not entitled to paint a billboard on my garage door, either.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
I have mail logs of over 1000 postings from YesMail to email addresses @somewhere.com that never existed. So not only do they accept email addresses without verification, they don't clean their lists of bounces--every one of those messages bounced, yet they keep sending to them.
The real scam though, is that they are charging customers for mail sent to those addresses.
And of course, YesMail never responded to any of my complaints.
for bringing this frivolous lawsuit.
I say lets ban all mail to/from YesMail, even if they manage to get out of RBL.
I don't like companies who pull these sorts of tactics.
People don't get onto the RBL by doing nothing, they get on by letting spammers use there service, and not doing enough to stop it.
So yesmail *****ARE***** spammers, theres no question about it.
Now all they need to do is a change to there mail lists, but oh no, they prefer people to recieve spam.
Its as simp-le as that.
F
What gives you (or anybody else for that matter) to decide what mail should or should not be allowed?
Ownership of the system receiving the email. I own the system, I get to decide under what conditions I accept email. Among those conditions is that the sender not appear on the RBL, DUL, or RSS lists.
3rd party spam:
My take on it was:
1: If you get a $20 generic account and spam hundreds of thousands of people at a different web address your web address will be blackholed.
IE:
1: you log onto earthlink and spam advertising www.myspamsite.com.
2: your earthlink account will get banished, due to earthlink's aup.
3: Your website will be pontentially RBL'ed as you are advertising it through spam... even if that site never sent spam in itself.
Again, there is usually a extensive review that goes into being rbl'ed, so its usually not instantaneous, and you usually have to be an ass about it. ie: "I will sue you" are usually the appropriate words, for a nice listing.
As for the scenario described above, with 3rd party sites being blacklisted for spammers as clients, well I havent seen that.
related:
I had a friend of mine who works at a online payment service actually speak to maps, in advance (as people were trying to spam others to use their service, so the users could get referral bonuses. He was told pretty much the same thing as the web site says:
If people are promoting spam, relating to your site, please discontinue the account, in a prompt fashion. This is my friend's company's standard policy and so everything was fine.
Sounds like Ibill just does not care, but i'm not familiar with it.
-- C
er.. did i say "DNS LOOKUP" ???
I meant "whois".
heh, too bad there's no +1, Informative With Error(s)
the problem with teens is they're looking for certainties.
Hollywood, Television, has become the dream machine. We need to take that back; each of us is a Dream Machine
I just added yesmail.com to my list of bad domains from which not to accept email. Had they not made such a fuss about RBL I guess this would have never happened. We don't need RBL to block spamming addresses and they can't come after me for blocking them (at least not yet).
Yesmail has requested preliminary and permanent injunctions restraining MAPS from listing yesmail on its RBL. It also asks for compensatory and punitive damages and attorneys fees.
It appears they want to not only "protect" themselves, but to exact what they feel is their pound of flesh (compensitory damages) and then take even more (punitive damages). Punitive damages often just amounts to lawyer speak for taking money from someone out of spite. And then ask MAPS/RBL to pay for the attorneys used to inflict all this.
Is that fair? I wonder how many ISPs will put them on their private blackout lists because of this... Both from a need to stop spam (if its not on the public list, they'll need to on their own list) and out of outrage... Someone else said that getting off private lists will be much harder. Due to inertia and outrage at them I agree...
suing people is not the way to make friends...
Just because it CAN be done, doesn't mean it should!
I use it on Downside because, as a site that makes negative comments on failing dot-coms, it attracts unwanted, and sometimes hostile, mail. One nice thing about running mail through Spamcop: if a threat makes it through the filters, you have a solid E-mail address for it.
There are hidden costs with spam. We all know and agree with that. There is the time that people waste downloading and deleting it.
But noone mentions the hidden costs of trying to BLOCK spam. Filters don't work perfectly. Good email gets rejected and blocked. Which is worse? Blocking 10 legitimate emails while blocking 1 spam? Blocking 10 spams while blocking one legitimate email?
Which is worse for the users and which is worse for the ISP?
If an ISP blocks legitimate email, first-time senders will forget it or not try again. Neither you nor they will never know what happened to; you'll probably blame it on the net-gods. But if the ISP doesn't block spammers they get complaints out the wazoo. Which will they choose?
That's what pisses me off about the RBL, they *are* a vigilante group. Would they have condoned DDOS against CyberPromotions? I'd say yes!
If I go with an ISP, I expect my ISP to *not* add my dialup range to the DUL. If I want to connect manually to a destination mail server (use the local sendmail to queue up mail) I'm paying for that service. Similarily, if they block any email destined for me without my consent, I'll change service providers.
I don't like the Spam, and the RBL's targets somewhat justify what they get, but I won't condone how the RBL acts.
They're like the ALF arsonists who would `` `bring to a screeching halt what countless protests and letter-writing campaigns could never stop.' '' by arsoning a slaughterhouse with some homemade napalm.
MAPS is just the coordinator; it's the people who use the list who are at fault and liable for the damages. It's harder to sue the thousands of people who use the RBL than it is to sue the coordinators. The coordinators just make a list.
But the courts may not see it that way. The First Amendment doesn't apply terribly much these days.
... abridging the freedom of speech ..."
Oh, get a grip. To quote: "Congress shall make no law
No where in there does it say "Everyone has the right to say whatever they want, whenever they want, about whatever they want."
People seem to think that the First Amendment to the Constitution of the USA grants protection to all forms of speech. In reality, all it does is keep Congress from passing laws restricting speech. There's a world of difference there.
(Note: I happen to think YesMail's case doesn't have a leg to stand on, but that isn't because of the First Amendment.)
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
Im use MAPS on all my mail servers. In my opinion its a great service. Unforntunatly for yesmail there suit has forced me to add them to my manual filters for my domains. With MAPS they can answer the complaints of the people an actually be removed. I dont remove anything Ive added. Gone forever is yesmail from the ability to send mail to myself or any of my mail users. If they wont work with maps, I wont accept them. I suggest everyone else just block as well.
--- Always remember. 99.36% of all statistics are inaccurate.
This lawsuit isn't about open relays, address-surfing, or other not-nice tactics. If you read the article, its about subscription methods.
If I say "yes, I want this newsletter," and then complain to RBL that I got the newsletter, RBL will blacklist the newsletter. That is just silly. According to the RBL, I have to say "yes" and then later "yes" again.
RBL really ought to change its definition. Double opt-in is too much of a pain in the ass. YesMail is because I said "YES!", not because they bought my address off some porn site.
Oh come on, the guy doesn't profess to be a genius or even to be taken seriously:
- Here are raw feelings and thoughts typed in to the beat of loud, raccous music. They are not meant to be taken seriously. If you are in doubt as to what is humor, truth, crap, or absurdity there is always feedback.
Delusions of web design cluefulness aside, the kid is alright.Besides, didn't his dad play drums for Iron Butterfly?
"I will gladly pay you today, sir, and eat up
Sacred cows make the best burgers.
> What gives you (or anybody else for that matter) to decide what mail should or should not be allowed? Actually what gives me the right is the fact that A: I pay for all of my own domains B: I own the servers they reside on C: I run my own dns servers and D: Its my fucking mail server. I dont have to accept anything I dont want and Never will have to. If they courts say I have to accept mail from someone Ill allow my server to recieve it but block traffic at the firewall. If they say i have to lift that Ill accept it and deliver it to /dev/null. As long as I am the server admin I will make the determination who can use my machine. Unless there paying for my CPU cycles which there not I dont have to accept it. The minute I am forced to accept it they will get a cpu cycle bill which I will take them to court over. I already sent one fax spammer to collections over an unpayed bill for fax fileing. Ill be happy to do it to mail spammer too if there dumb enough to sue me and provide me with a buisness address.
--- Always remember. 99.36% of all statistics are inaccurate.
I love you too.
What MAPS is complaining about is, if anybody anywhere submits your email address to 'yesmail' as having opted-in, they will immediately add you to the mailing list, without first verifying that you really did choose to 'opt-in'.
The verification process is enabled on a subset of the yesmail lists, which is what they call 'double opt-in'.
There have been NUMEROUS cases of spammers submitting the addresses of ardent anti-spam activists as 'opt-in' addresses, it's not an uncommon revenge tactic.
The only solution to this problem is to do 'double opt-in', where an address that has been submitted is sent just one single message, stating 'reply to this message to confirm mailing list subscription', and including a non-trivially-guessable magic cookie to prevent somebody from falsifying the confirmation message as well.
I do not deploy Linux. Ever.
OK, so some business you buy services from (your ISP), is doing something you don't like (using the RBL). If you want them not to use the RBL, and they still use the RBL, switch to a different ISP. Not all ISPs use the RBL, because no one is forcing them to. You cannot force your ISP to provide you with the exact service you want. Vote with your wallet, get a different ISP.
I'm on a large mailing list that will remain nameless. It has a policy of allowing anybody to post to the list, whether they're subscribed or not, because we believe in openness and tolerance of anonymity, and are willing to tolerate a certain level of spam as the cost of open access. Unfortunately, some harasser has recently forged subscriptions to lots of non-confirmation mailing lists, so the list is getting hit with them. Even with confirmation-based lists it's a problem, because the harasser (who's presumably subscribed to the list) can receive the confirmation requests and reply to them, but it does cut down on the harassment, and it makes it easier for other people to do unsubscribes.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
This is likely to be worse for Yesmail in the long run than any simple 'being added to the RBL' could be.
Here's why: even now, many sysadmins that use the RBL are reading this story, and are going in by hand and adding Yesmail to the list of domains they don't accept mail from. Even if Yesmail and MAPS come to an agreement where Yesmail follows MAPS's policy, all those sysadmins that added in Yesmail by hand aren't just going to take them out again overnight. While not as widespread as if they were on the RBL, they will be on many systems' blackhole list permanently.
---
At least mafia-owned pizzarias make excellent pizza. Compare to Bill Gates.
In this case, MAPS RBL is a content-rating service, and you might or might not like their ratings. If you like them, you might use an ISP that provides MAPS as a blocking service; if you don't like them, you should pick a different ISP. I use pobox.com's optional spam rating service, with the "mark but don't block spam" option, and it's right about 90% of the time.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I use pobox.com as my stable email address, and their anti-spam service has a choice of marking or discarding spam. I use marking, and find it's 90-95% accurate.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
"In my experience, it really isn't that hard to get listed on MAPS. My previous employer decided to harvest Usenet one time to gather addresses of people that might be interested in our service. A couple of months later, MAPS listed us after one person spent some time harassing us to remove his and other's addresses (which we did, promptly, when asked)."
Hmm. "harvest Usenet one time to gather addresses of people who MIGHT be interested
in our services." Translation: You grabbed e-mail addresses from newsgroups and then
sent people at those addresses an UNSOLICTED advertisement. That sounds like SPAM
to me. You may have been one of the few companies that act on good faith and actually
opt-out people who ask for it, but you were still spamming people. These days, maintaining
an
opt-out list (or more accurately, CLAIMING that you maintain an opt-out list) isn't
any excuse
to spam. Most people won't dare to respond and ask to be opted out, because
that marks their e-mail address as ACTIVE and makes it much more likely that they will receive much more spam.
So what really happened here was:
1) You spammed a bunch of people.
2) Someone got really pissed off about it (actually, most of the people probably got pissed
at your company, but didn't respond because they didn't want their e-mail address to
be marked as "active").
3) That person reported you to MAPS and gave them evidence of your spam.
4) MAPS RBL'ed you for being a spammer. (Not just RELAYING spam, but actually being
the source of it.)
"When he finally submitted his "evidence," MAPS listed us right away, without even so much as asking us if his take on things was accurate (which it was not in certain key areas). We were notified, but not until after the listing was made. The damage was already done."
What wasn't accurate about it? They didn't notify you because this wasn't a spammer sending mail through your open relay without your knowledge, this was you KNOWINGLY spamming people!
Once you stopped spamming people (an opt-in list means that your e-mail is no longer unsolicted), MAPS stopped blacklisting you because you stopped spamming people.
amen.
---
They're certainly no longer a 'common carrier' once they've started applying filters....
---
My phone company allows me to filter my phone calls by forcing people to disclose their phone number when they call me. I can further inform the phone company that I do not wish to receive phone calls from a certain number. They then filter these calls, and the other side gets a busy signal or other indication that I do not wish to receive calls from them. Is my phone company still a common carrier even though they block some phone calls from some phone numbers?
- No matter how subtle the wizard, a knife between the shoulder blades really cramps his style.
I really should get back to studying for the bar exam...
The Full Faith & Credit Clause doesn't really have that much to do with Federal court jurisdiction. However, the Supremacy Clause says that federal laws are supreme to anything the individual states can pass (with a lot of exceptions these days).
Generally, Federal courts have exclusive jurisdiction over questions involving federal laws. That's why you'll almost never see a copyright or patent case in a state court -- most IP laws are federal laws.
DHartung, you said, Yesmail is "suing in Federal court because they are seeking injunctive relief under Federal law." This hasn't been established yet. Federal courts, under 28 U.S.C. s1332, have jurisdiction to hear ALL CIVIL ACTIONS in which the amount in controversy is over $75,000 and the parties are citizens of different states.
I've seen nothing in the article or on the MAPS webpage that a federal question is involved. According to the article, yesmail's complaint states that MAPS "would disrupt yesmail's contractual relationships with its advertising business". This type of "tortious interference" isn't covered by any federal law, so we're dealing with diversity jurisdiction.
Anyone up for more civil procedure discussion?
I hope the publicity generated from this court case causes lots more mail servers to start using MAPS (and ORBS) to block spammers.
Since I switched to using their realtime blocking lists on my server my spam has dwindled to a tenth.
--
In *THAT* case, I reverse my stance. MAPS is the good one. It's ORBS that is evil.
--
Ben Kosse
Remember Ed Curry!
--
That was exactly what I did after posting my note here. I wish I had some of the content that was sent instead of just the logs. In the future I'm going to start bouncing messages but collecting the headers and some of the body.
And the makers of internet censorware also only provide a list, which you can choose not to install in your computer.
So if yesmail were to win, wouldn't that mean peacefire.org could sue the makers of censorware?
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
For what it's worth, a comprehensive list of IPs belonging to yesmail has been posted. I haven't personally verified it.
There is a spellbook here; eat it? [ynq]
There were factual errors in the report. He talked to certain people at the company and claimed they said things they did not. He claimed to receive messages from us at specific times, when our system logs clearly show that he did not. There were one or two other minor things.
Let's stay on topic, though, shall we? I'm not arguing that what the company did was right (it most certainly was not). The point I was making is that MAPS doesn't check up on an evidence report. They accept it as correct and factual, and list the offender, regardless of the report's accuracy.
I stand by my claim: it isn't hard to get listed in MAPS.
No on all counts.. I have a dedicated line from an ISP. THe type of line is largely irrelevant; it's not dialup.
And as I said, I use MAPS because I *choose* to. Should I choose not to, then I won't.
If ISP's want to get together and form some kwierd kind of anti-spam alliance that blosk all non-registered mail servers, THAT IS PERFECTLY FINE WITH ME! It's their perogative to create their own private mail system by whatever rules they want.
The point is, it's up to me how I want to run *MY* mail server. If I want to incorporate MAPS into it, that's my business.
As for me not being able to send mail.. should that happen, it is up to those servers that are using the service to decide if it is acceptable to them. If it is acceptable to them to not allow me to send them email.. that's their choice.
MAPS is doing *nothing*. IT is up to the ISP's individually to go with maps or not.
Granted I'm not a lawyer but I have been using MAPS for many years now personally and professionally... If you read the agreements and all pertainant information on MAPS site you will find that YesMail really has no grounds at all as MAPS just provides the list, it's up to the invididuals or companies that find value in the list and make use of it... Therefore if YesMail has any beef to sue someone over they should instead be going against *EVERY SINGLE COMPANY* using the MAPS list not MAPS as MAPS does not force anyone to use the list in the first place...
I manage my own email system, and together with many other sysadmins I choose to block probable spam. I have a constitutional right to associate with others who share my ideas, interests, and goals. One way that we in the anti-spam community pursue our common interest is by sharing information through the RBL list -- reporting violators to MAPS and using information reported by others. Allowing a company to prevent one sysadmin to block sharing of information with another by censoring the RBL list prevents us from banding together to pursue cooperative action. In the words of Justice Harlan in NAACP v. Alabama: It is beyond debate that freedom to engage in association for the advancement of beliefs and ideas is an inseparable aspect of `liberty' assured by the Due Process Clause of the Fourteenth Amendment, which embraces freedom of speech.
[great, now I get rbl'd for that AOLism . . . :) ]
:)]
:)
I am a lawyer, this isn't legal advice. If you need a legal advice, see an attorney licensed in your jurisdiciton.
I'm a US lawyer, and agree with geeklawyer. Our procedure isn's all that different than the brits--where do you think we got it from? [but we don't have to wear wigs
A TRO is *really* easy to get--but *all* it does is protect the status quo; you can't get something ordered *to* be done.
I'd be surprised if the preliminary injunction issues at the hearing in a week or so. I expect the free association issue to utterly blast everything else out of the water. Even without that, this does not seem to be the type of behavior that would be a tortuious interference with contract (It's *really* hard to commit that one), and a libel action would seem difficult, as the yesmail description makes it sound like they commit the behavior described in the list.
As a side note, the protections for speech in this area tend to be stronger (for the speaker) under US law than british law.
Personally, I'm adding yesmail to my own list--just as soon as I figure out where debian keeps it
hawk, esq.