Slashdot Mirror
Spam, ISPs, MAPS And Lawsuits
droleary writes: "Something of an update to this Slashdot article, a Yahoo News story reports that a number of large ISPs are caving in to a massive lawsuit brought by Harris Interactive regarding the delivery of their "online polls" (aka, spam, according to MAPS). I find it disturbing that large ISPs are so willing to let external agencies control what runs through their systems."
gotta love www.spamrecycle.com foward all your spam there they'll do something about it
Runnin' On Empty
Why not just delete the message from your inbox when it arrives? The best SPAM control is the delete feature of pine.
Thats one of the very reasons why we created sneakemail
You may want to receive spam mail of some sort but want to have to option of stopping it even if they are too inept to stop it themselves, or dont care. It may be polls, jokes, product announcements, etc, all legit but sort of spammish. Sneakemail gives you this control.
Sneakemail is to spam filters what an ounce of prevention is to a pound of cure.
Case in point, the "free" internet access programs. Netzero, in truth, uses a Java interface which forces the user to view a window slightly larger than a banner ad (which displays banner ads 24/7, fetching a new one each second). This window cannot be closed during connection. Essentially, this taints Netzero's claim of "free internet"; it should be "Free with a 7 second bandwidth cutoff every minute." The only free internet service that I would recommend was Worldspy. It used a Java client to interface with Dial-Up Networking, but could be easily configured to dial directly from a Dial-Up Networking window (and perhaps even with KPPP - no sloth-like Java shell!). This was good until Juno bought Worldspy.
What does this have to do with the story? (Moderators, pay attention.) These ISPs are allowing ad agencies to steal bandwidth from unsuspecting users who hate AOL, but don't want to pay for an analog modem connection. This is probably the first case of legalized e-extortion: letting the ads prevail. Doubleclick.net is one of the more prevalent banner-ad agencies.
There is a way you can shut out these banner ad sites for good! How? By tricking your web browser into mapping the DNS entries to localhost! To do this, find the "hosts" file (stuck in \windows\system or \winnt\system32; I don't know where for Linux). Simply place entries in like this:
127.0.0.1 ad.doubleclick.net 127.0.0.1 m.doubleclick.net 127.0.0.1 ad-adex3.flycast.com 127.0.0.1 ads20.focalink.com (use the same spacing as existing entries [there should be one already that says "localhost"])When you go to pages which acquire banner ads from these sites, they will be replaced by either a "X" icon or a similar "Not Found" message (exactly the size of the banner ad!). This is a true sanity-saver and time-saver, even better than those cookie catcher programs.
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
Just have it look for a line that reads "This is not spam." Works for me ;-)
"Well kids, you tried your best, and you failed. The lesson is, never try."
Maybe i'm naieve about the law surrounding inet but how are these lawsuits even plausible....
First, MAPS is a list and simply that... isn't that covered by freedom of speech... and since they have reasonable complaints against Harris, it's isn't libel... right??
Second, i thought that as an ISP, you were only responsible to your clients not to other hosts... if you don't want to let some data over your network, isn't that your perogative??? If the ISP's customers had sued complaining that their emails weren't getting through, then i could understand..but since harris isn't paying AOL (or MSN or whoever) how do they have the right to sue them???
11oh8...
When did a network's owner/admin stop being able to control what goes over their own network? One of the basic precepts of the Internet is consentual peering. If one of the networks is producing a lot of garbage that the other peering partners don't want, they are fully within their rights to stop peering and/or filter.
Also, as has been pointed out, time and again, all that bandwidth used costs MONEY. Do the spammers like Harris (okay, maybe they're not QUITE malicious spammers, but they have very poorly run mailing lists and they DO have abuse complaints) have a right to dictate how a network allocates it's monetary/bandwidth resources?
I'm quite disappointed in Juno and Microsoft and fully intend on NEVER using their ISP's if I can at all avoid it.
Spam is like a COD (Collect on Delivery). Notice how FEW places accept COD's anymore. Save that SPAM would also cost the post office unrecoupable money as well.
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
This is really nothing new however, and has nothing to do with the RBL. ISPs have always been able to trace everything you do, although I think the good ones will erase their logs frequently to avoid hassles. If it ever did get to the level you suggest (where they block whatever they feel like) I think there would probably still be enough free e-mail services around that it wouldn't be that big a deal. Your IP can always be traced; I doubt that will change soon.
"Well kids, you tried your best, and you failed. The lesson is, never try."
The original (and understandably biased) Harris Interactive press release which can be found at http://www.harrisinteractive.com/news/index.asp?Ne wsID=127&HI_election=HarrisInterac tive says:
Personally I think it's a perfect example of why the government should not create rules which govern Internet communications.
If it did we'd have technicalities causing the government to force us to pay for and eat spam day and night because some idiot corporation wants us to read it. MAPS on the other hand is a good example of the general population deciding whether they want to respect a certain organisation's judgement or not.
MAPS definitely has it's down side. If all the companies known to not use double opt-in were listed, nobody would use it. But that's also the strongest thing about it. If MAPS gets indiscriminite and lazy about listing organisations as spammers, nobody would use it.
===
If you don't like what your ISP is doing re spam, complain to them, or vote with your feet. Let's keep the government off our backs, eh? And if you don't like what Harris is doing, they invite your questions or comments. Let them know how you feel, at 1-877-919-4765, or at info@harrisinteractive.com. Or you can chat with them live online, at: http://www.harrisinteractive.com/about/contactus.a sp
If school isn't your thing, well, then maybe you shouldn't go
Except it's probably against the law NOT to go if he's a minor...
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
But I would be pretty annoyed if my ISP blocked those emails. If I can't get email I request, then my ISP is not providing the service I'm paying for.
Unless you are requesting kiddie porn. The issue is how much worse is kiddie porn than Harris Polls?
- My password is slashdot
U,,. actually. Harris ARE opt-in.
I never received any email from them unti. I opted in.
Then, a few months later, I decided I didn't wantr anymore, so I opted out via their webpage and I have not received any email from them since.
People should not be afraid of their governments - Governments should be afraid of their people.
> ISP's right to block incoming traffic to port 25 (MAPS blocking 23 known spam domains associated
> with "top web sites",), with some sort of censorship of traffic on port 80
>("By MAPS standards, 25 of the 25 web sites should be blocked")
The marketer knows the difference. He's just trusting that most of his readers won't.
Another case in point from the same guy - "23 of the top 25 web sites don't use the double opt-in".
The goal of the marketroid is to make "Hi. [IP address] signed you up. If that's really you, hit reply and verify that it was you" sound as inconvenient as possible.
Hence "double opt-in". There's no second opt-in, just a confirmation that's part of the single opt-in. But "double opt-in" sounds complicated and redundant.
To a marketroid, the goal is unverified opt-in, ("Hi! [Spam] To get more spam, hit reply! If you don't hit reply, we'll delete you from this list and opt you back in next week!") which is, as anyone with a mailbox knows, indistinguishable from opt-out: ("Hi. [Spam]. To get removed (and added to our sucker list), hit reply".)
Ever wonder why abortion rights advocates call themselves "pro-choice", not "pro-abortion"? Or why abortion rights opponents call themselves "pro-life", not "anti-abortion"?
Same shit, different smell.
If it comes out of a cow's ass, it's cowshit. If it comes out of a marketer's mouth, it's bullshit.
Same shit, same smell.
These ISPs are allowing ad agencies to steal bandwidth from unsuspecting users who hate AOL, but don't want to pay for an analog modem connection.
TANSTAAFL. They don't want to pay for dial-up, they should quit bitching. Since I left University, I've have to pay for net access, so why the fuck should these losers complain that their "free" access has to be paid for somehow?!
geez.
Pope
Freedom is Slavery! Ignorance is Strength! Monopolies offer Choice!
It doesn't mean much now, it's built for the future.
I'm not sure whether or not there was a checkbox at all in this case, but I doubt that it was an opt-in box. If anything, there may have been an opt-out box, or a box that you need to uncheck to opt out. Either way I personally feel that there should have been one final confirmation email (which is what the double opt-in idea is all about) just to make sure. If this company truly believes that everyone on the list actually wants to be on it, then it shouldn't have any fears about sending a friendly confirmation just to make sure.
"Well kids, you tried your best, and you failed. The lesson is, never try."
I don't think modifying a current header such as the Subject header is the right approach. What my ISP does is add an X-RBL-Warning header which I can use for filtering. Every once in a while it will catch a false email, but I write it to a separate file that never get's downloaded. I think this is much more appropriate than modifying the Subject header.
I just found that you can add IP addresses to your own RBL by putting a line similar to this in /etc/hosts
10.1.2.3 3.2.1.10.rbl.maps.vix.com
note the reversal of the IP
NetZero and their ilk aren't forcing you to use their service; if you want, you can always get AOL, some other dialup ISP, cable, DSL, etc.
All of these grant you a service in exchange for payment. For most of these services, the payment is in dollars. For NetZero & Co., the payment is in advertising you are forced to see when you use the service.
Sounds fair to me. In fact, for people who can't afford "regular" Net access, a business throwaway Pentium and NetZero sounds like an ideal way to get wired.
This is in contrast to spammers like Harris, who send you stuff without you asking for it and can't be made to stop even when you ask.
ln -sf /dev/null ~/.netscape/cookies
:P
(or something similar) works well except then you don't save any cookies.
eudas
Blessed is he who expects the worst, for he shall not be disappointed.
Date: Sun, 10 Sep 2000 01:07:41 -0400 (EDT)
From: James O'Kane
To: danh@harrisinteractive.com
Cc: comments@mail-abuse.org
Subject: MAPS and RBL
Hi, please forward this to Dr. Black or as you see fit.
Sir.
Thank you for bringing MAPS and RBL to my attention. We have
looked it over and have decided to install this system on all of our
current running mail servers.
With a system that does not use an opt-in with confirmation,
anyone can find our addresses on the web and enter it into your system
forcing us to do extra work to remove ourselves. When Harris Interactive
comes out with a proposal to compensate us for that time, we will consider
uninstalling RBL.
I learned, while researching this, somethings that I should point out. The
term 'double opt-in' is different from the proper term 'opt-in with
confirmation'. One implies doing the work twice, the other, as the words
suggest, is asking for confirmation that you want to do this. There is a
difference. There is also a difference between blocking webpages and
blocking mail.
Thank you
James
President & CEO of Midnight Linux
But I find it concerning that large ISP's trust so few people from an outside company to make decisions about what mail is and isn't delivered.
--
In any case, our customers would be much MORE angry of they did not get important mail. So I think it is a good idea to let the end-user decide.
you must be trollig....why should linux worry abt compatibility here.../etc/ was there way before /winnt came into existence
At the intersection of computation and biology.
The hosts file is under
\windows
on windows9x;
\winnt\system32\drivers\etc
on winnt
and
/etc
on unix/linux.
Donate free food to the hungry at The Hunger site.
I filter on any *@hotmail.com account that dosn't come from their gateway server. (now MSN, I believe) same with yahoo, altavista, etc. If it dosn't come from their web interface, it's spam.
It's hard to spam efficiently USING the actual interface.
Beeing a sysadmin for a company with about 2000 users spam can really be a problem, especially if users start to complain about beeing bothered by spam or demanding to prevent mails like this.
Generally I think one should be able to decide wether he is willing to accept it or not, if I decide not to want spam and therefor Im using MAPS, RBL or other stuff it my decision and if they get forced to remove certain sites from their list, I'll be forced to maintain a manual blocking list also - it will be more work for me but still the same effect. So, if the spamming lists get compromised by legal decisions, it will be time for an "Additional Open Source Spamming List" as an addon.
"I find it disturbing that large ISPs are so willing to let external agencies control what runs through their systems."
Is there a listing or rating on how close to a wet noodle a particular IPS's backbone is? Is someone like the EFF doing a freedom friendly isp list? Why should ISPs fight back if no one pays attention.
Novel theory: Modern Man evolved from psychopath
Slashdot seems to have a couple of lameness filters aimed at preventing people from screwing up the page layout with extremely long lines. From what I can tell, very long lines are broken with whitespace at some fixed length. The threshold seems to be around 127 characters, but I could be wrong. (I haven't downloaded and looked at the Slashcode.)
I've occasionally run up against this filter when I try to make a "table" of some sort using 's inside a <TT> block. Slashdot will insert a space at a nearly-arbitrary point in the line (usually landing inside one of the 's, resulting in a real ugly mess). Annoying, to be sure, but far less annoying than having Slashdot render at 3x the total width of the screen.
It seems like there should be a better answer, but I'm at a loss as to what that might be. At the very least, the lameness filter should insert spaces outside of tags, since it seems to be regularly breaking URLs.
--Joe--
Program Intellivision!
"I find it disturbing that large ISPs are so willing to let external agencies control what runs through their systems."
I agree. Let's have your ISP censor your content by themselves. Having 50,000 unwatched small companies deciding on filtering standards is much better then one publicly-watched one. And much more effective against rapidly changing open SMTP relays.
Let me start by saying that MAPS is a required evil for dueling spammers. While I do not like what they do, the simple fact is that you need a service like this.
The thing I find disturbing is that MAPS can be so obviously wrong. MAPS is a very powerful regulating and filtering authority for email, and their human-contact protocols for filtering spam are top-notch and well-intentioned. If MAPS did not exist, you would be getting 100,000 spam messages per useful one.
MAPS is specifically designed to establish human contact quickly to prevent any people who are not spamming from being added to a RBL. MAPS is very good at making sure postmasters and sysops know that they are being added to an RBL, and telling them why.
The fact that they can be so obviously wrong about spam shows that something has happened at MAPS's organizational and response level that prevented them from improperly filtering out someone.
Either that, or the suits who run Harris poll need to answer their god-damn email and fix the problem. I find that possibility much more likely.
I am not suprised that Hotmail has caved to Harris. The spam on any Hotmail account is an unbearable onslaught. At least they let you "filter" about 60 percent of it now. But obvious address spoofing and such still slides right through the filters. I gave in and paid for a second email account at my ISP instead of using Hotmail for my second account.
All kings is mostly rapscallions. -Mark Twain, The Adventures of Huckleberry Finn
I guess my view comes down to this: When they signed up for Hotmail, did they check a box saying they wanted to receive these mailings or did they fail to uncheck a box?
If it's the former, I hardly think it's "spam" to send them a mailing. If the latter, I don't recognize that as "opt-in" in the first place. Maybe I'm just giving them too much credit for the permission they did supposedly solicit.
Nonetheless, maybe there should be some middle-ground terminology for mailings that aren't as properly solicited as they ought to have been that distinguishes them from 6 identical copies of a "Make Money Fast" letter with forged headers and a misleading subject line sent through an open mailer in Chad.
---------
Is this a fair analogy? maps is to email what Consumer Reports is to consumer products. Both simply advise an invidual of "products", pointing out aspects that the individual may not like. Faulty wiring in a washing machine, don't buy it or you'll zap yourself. Email from a known spammer? Filter it.
----
----
Am I the only one who thinks Microsoft is a misnomer? Perhaps Macrosoft would be a better fit?
Help Requested/Appreciated c:\windows\Hosts This file seems to have no effect. I am running Win95, connecting via ethernet to my schools T1. I also have (!) lmhosts, which seems to be for NT...
Note: Tried rebooting after the file change. Neither Netscape nor IE seemed to notice the file.
On the other hand, it seems to me that MAPS went overboard in claiming that the failure to use double opt-in creates the status of spam that should be blocked. Who uses double opt-in? It definitely sounds like they're applying a double standard to Harris, and acting out some grudge against the company.
Double opt-in is a name spammers use to refer to the practice of requiring a confirmationg e-mail to confirm that the person who signed up for the list actually receives mail at that address. That is, someone types an e-mail address into a web form, but they are only added to the list once they reply to a confirmation e-mail. This prevents people from signing other people up for e-mail lists.
You obviously don't get the point. Spam is seen as a cheap way to reach masses, because it doesn't cost the spammer. It costs the delivering ISP's, if you're trying to provide good service, and your pipe is plugged up by spam, then it's costing you your bandwidth. Harris is not paying for the ISP's bandwidth, so why should they get the privledge to use it??
My question is this. What business does a web site have sending me email at all? If I want to see information from a web site I will find it on (surprise!) the web.
---
Faulty wiring in a washing machine, don't buy it or you'll zap yourself. Email from a known spammer? Filter it.
---
Right. But if you buy a few duds from a given manufacturer, you'll quite often never buy from that manufacturer again. If I get a lot of spam from a certain provider, it's my right to never receive their email again.
Filters are a half-assed solution to spam anyhow. My bandwidth and CPU time is still being eaten away. When you report spam (or report something to MAPS), there's nothing stopping a given ISP from still doing what they want. MAPS just provides a tool that you can choose to use or not use - basically using the experience of others as an easy way to sample to 'product' of a whole bunch of ISPs.
- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)
- Jeff
---
Netzero, in truth, uses a Java interface which forces the user to...
---
There is where your complaint falls flat. They're not forcing anyone to do anything. It's basically whole point. If a user wants a quality ISP, they'll go elsewhere. If they're cheap, they'll go through these guys.
It's not like anyone is forced to give money to them. If it's too annoying, you just stop using it.
- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)
- Jeff
Do you want me to opt you in again?
Just a mo, that means it cannot be opt in , as *****YOU***** would not have opted in!
Starting to understand yet?
F
Both in time and money. You may have unmetered telephone access, I don't. I have to pay for the spam that I receive. I also resent the time it takes to transfer it. I'm on a POTS line and if some spammer sends me a 1 MB file, then that take a long time to download. Time is money.
qts
spam filtering is a nice thing and should be considered at all costs. for the ISP users not to get spam would be a great thing.
in this hayday of lawsuits though, is it a wise thing. assume that you are the mail admin of an ISP and you put a spam filter on all incoming mail. sounds good.
one of your users gets some pedo file from a subscribed to list and gets caught. the lawyer for said person finds out that you filter spam. thw lawyer then points out that the ISP could have filtered out the pedo files from those email, but chose not to. forget the cost involved of putting in a machine that filters jpgs of certain titles (or even crazier, filters on content filtered by some other strange contstraints), you are shown to be a non-carrier, and are thus shown to be acceptible of pr0n of children but not of get rich schemes.
at that point, the lawyer might take this a bit further and go to town and get the perv off (from a guilty verdict).
remembering, offering only transport gives your company the ability to say "what our users do is their own business".
b&
All but God can prove this sentence true.
Yeah, but now they've added a few extra options to allow Harass spam through...
Still, at least we can do something about it (hits "Block Sender".) I wonder how long it'll take Harris to realise *that* exists?
Guess who's getting pride of place in my upcoming site, under the "CULPRITS" section? I wonder.
The link in the story is broken. Here is the correct link.
Hm, if they really avoid .edu and .mil etc. now then that really shows that the way to handle the spammers is to really late them feel the heat. In other words, it's of no use at all to simply filter spam with a procmail filter or something. Somehow we must let them feel our reaction, and the first thing to do is to detect the spam while the SMTP connection is still up, and reject it at that stage. Then either the open relays in between will notice what's happening, or the ISPs. And finally the spammer. Even better if this makes somebody trace the spammer and file a suit. But don't just filter or delete spam, passive action is of no use!
TA (I wonder why my postings show up as AC lately, I'm really TA)
...that's why I wanted to ask some other Linux users: to make sure. Thanx for the advice, but don't kill the messenger for wanting to be sure.
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
The Realtime Blackhole List is simply a list of IPs that have sent spam (or host spamware sites), and whose owners have refused to do anything about it. MAPS isn't "trigger happy" - in fact, many spam fighters wish they were faster, even if we can see why they aren't.
This is just one part of MAPS operations. One of their other lists, the DUL, can certainly be described as "trigger happy". As well as the result of someone failing to read RFC974 thus pulling the idea out of the air that using a third party relay is not only "legitimate" but should be the prefered way to function (even for users of fully internet standard software.)
Err.. My ISP states it up front when you sign up. In addition to that, you can also ask your ISP... They will usually answer you, unless they have something to hide, in which case you don't want them anyway.
The day Microsoft creates a product that doesn't suck, it will be known as the Microsoft Vaccuum Cleaner!
But "23 of the top 25 Web sites don't use the double opt-in," Black said. "By MAPS standards, 23 of the 25 Web sites should be blocked."
In my opinion, yeah 23 of the top 25 web sites should be blocked from sending me e-mail. I'm sick of automatically getting a bunch of crap from web sites that I don't even frequent.
But if you look at the quote, he's not saying that at all. He's talking about blocking web sites, which of course, MAPS isn't about at all. I'm glad all those big corporations are cowering to such genius.
If you dont want to get spam, you should put a message filter into your mail reader or install some filtering proxy software. The ISP should not be responcible for doing it, especially if you have not asked them to do it for you.
Even with the spam filters we use now (and the only real way to stop it for good is to turn it back when the smtp link is still up, otherwise the spammer (and the open relays in between) will never feel any burden. They should.)
The only way to do this is get rid of relaying i.e. insist on everthing following rfc974 (except where there is very good reason not to. Not being bothered to write a few lines of code is a very poor reason.)
With maps we have the almost contradictory "non ISP relay bad", "ISP provided relay good". Unless ISP's insist of customers proving who they are, then an ISP provided relay machine is little better than a random open relay machine.
Somehow we must let them feel our reaction, and the first thing to do is to detect the spam while the SMTP connection is still up, and reject it at that stage. Then either the open relays in between will notice what's happening, or the ISPs
If they are using a relay, especially one which allows a large number of RCPT entries they will most likely have gone before anyone can realise what they are up to.
Here at where I work I'm trying to get them to add auto-filteration of spam for those who want it. (We already use MAPS and RBL). Basically it'll go through and if it's suspected to be spam, it'll add 'SPAM:' to the beginning of the Subject line in the email. On the user's end they can just set up filters to move all mail that have 'SPAM:' in their subject line to the trash.
This is something that all ISPs and web hosting companies should do besides just using RBL and MAPS.
US businesses that currently accept chip and PIN/signature
If it makes you feel Big and Important then do what you like. As I have already pointed out, opting out is exceedingly easy. Og course, you'll need to obtain my email address first. Here, use puppet@dial.pipex.com if you like.
"Just a mo, that means it cannot be opt in , as *****YOU***** would not have opted in! "
Wrong again, Fishy. It is "opt-in" because a request is made toi be added to the list (rather than Harris buying mailing lists and requiring you to specifically opt-out - a request to oipt in has to be made).
What YOU are thinking of is Double-Opt-In where I opt-in and get an email confirming myt request, which I need to acknowledge before I am actually opted-in.
Yes, I agree double-opt-in would be a better approach, but the fact remains Harris is opt-in (albeit single-opt-in).
"Starting to understand yet? "
Good question. Well, are you?
People should not be afraid of their governments - Governments should be afraid of their people.
I signed up for the Harris Poll long ago. Did a dozen Polls, got bored, and decided to get off their list. Unfortunately, it wasn't that easy...
To unsubscribe seems pretty simple, click on a link, enter your email address on some web page, hit "ok". Too bad it doesn't work right... it took me 6 or seven tries over a period of 6 months to get off their damn mailing list. I tried contacting humans over at harrispollonline.com, but never received a single response.
In the end, I was only partially successful.
I don't get any more invites to participate in Harris Polls, but I still get their damn Harris Poll Newsletter. I don't want to deal with this anymore, so I just filter all their stuff now.
Moral of this story: Harris Poll may not be Spam, but the mailing list is poorly run. Poorly run mailinglists deserve to get blocked until they fix the problem. If they don't suffer the consequences of getting blocked, then they will never fix the problem. Tough shit for them.
"Can of worms? The can is open... the worms are everywhere."
Depending upon how far you want to take your paranoia, Mr AC, any company using double-opt-in could easily claim that they got a request and a confirmation - prove you did not send the email.
See? Isn't paranoia fun!
People should not be afraid of their governments - Governments should be afraid of their people.
remove\.html|for full details|huge savings|act now| mlm[^a-z]|works!|here.s how:|here.s how [^I]|remove[0-9-]*@|order now|now revealed|chain letter|100% guaranteed|money back|like to order|easy to order| to order.*free|age.* to order|year.* to order|for detailed information|free copy|special offer|cost\?|To be removed|absolutely free|no risk involved|absolutely no risk|with no risk|entrepreneur|added bonus|extra income|don.t delay|[^e]send check|money-order|dear sir|1-[89]00|Visa|under 18[,. ]
Call on God, but row AWAY from the rocks!
That would be ORBS, not MAPS.
This is just one part of MAPS operations. One of their other lists, the DUL, can certainly be described as "trigger happy". As well as the result of someone failing to read RFC974 thus pulling the idea out of the air that using a third party relay is not only "legitimate" but should be the prefered way to function (even for users of fully internet standard software.)
The DUL is one of those things that I'm not totally happy with (mainly because I do generally email direct-to-MX), but I can see their reasoning - a large amount of spam is sent via this method, instead of people using their ISPs smarthosts. Most people these days will just use Outlook/whatever to send to their smarthost.
Like I said, I don't especially like it, but I can appreciate the logic. It's explained somewhat better on the website.
My ISP (www.azc.com) without asking me if I want to, began to block the email I receive from a subscribed list of egroups.com. They say that egroups.com is in a blocking list such as RBL, ORBS or the likes (they refuse to told wich one). I asked them to stop filtering my SOLICITED email but they replied that nothing can be done... Is there something I can do? (after switching for other ISP) Is it legal for an ISP to apply filters to an user email without asking?
NEOCA - Custom LED Flashlights
There seems to be quite a lot of confusion about what the RBL actually is and does, so maybe it should be cleared up. Apologies for the length of this - it just kind of grew.
:-) To actually be placed on the RBL, an entity has to really work at it, and being removed is a lot easier than going on. There are other lists that MAPS run, but none of them are indiscriminate in what they block. Relay Spam Stopper, for instance, only lists a relay *after* it's been used (not as useless as it sounds :).
:-)
The Realtime Blackhole List is simply a list of IPs that have sent spam (or host spamware sites), and whose owners have refused to do anything about it. MAPS isn't "trigger happy" - in fact, many spam fighters wish they were faster, even if we can see why they aren't.
MAPS itself doesn't block anything. ISPs that subscribe to one or more of the various lists will generally just refuse connections from IPs listed in the RBL. There's no "erasing" of email going on - the sender gets a message saying that it was refused, so they can deal with it. If they don't, their ISPs mail server is seriously broken.
If you don't like the idea of an ISP filtering email for you, even based on the fact that anything in the RBL is almost certain to be junk mail, then talk to your ISP and see if they'll make an exception for you. Trying to get MAPS closed down is a stupid reaction.
Harris' suit is also a stupid reaction. They may or may not succeed in bullying companies to override the RBL on their servers, but the longer this goes on, the more filters (private and otherwise) they're being placed in. They're already in mine, for example, and they're not coming out. Ever. I'm a lot less forgiving than the RBL.
Hope this reduces the mess, anyway, so we get a somewhat more intelligent collection of articles than we did last time this came up.
AFCArchvile, the past few days i have been rackign my brain on how to stop loading the banner ads, i was about to figure out a way to stop ads that are the size of a banner ad, but this works great... thanks alot :)
Runnin' On Empty
wc -l
hmmm. . . maybe I should start an underground hostz trading site.
www.ultimatehostz2000t150.ce.org
Actually, ISPs do not have to check your mail at all. I am the de de facto abuse dept. for a small Canadian ISP (18,000 users or so) and I can tell you exactly how I go about dealing with spam, which, from talking to other sysadmins for other ISPs, is almost standard.
- check the abuse mail account (or postmaster if there is no abuse account)
-
respond to client complaints, requesting the full mail (headers intact) be sent to you for analysis.
-
If the mail address is legitimate, deal directly with the spammer, failing that, talk to their ISP/carrier, inform the relevant party that you have received complaints, forwarding the SPAM if relevant.
-
If no action is taken by the other side, filter them, by address, domain, or net bloack, selecting the option that will have the least impact on your clients
Simple, and non-intrusive.As to MAPS, while my ISP does not use the service, I'm all for any agency that helps pin down people who insist on harassing users. Some tools tend to be annoying to work with (Spamcop can be annoying to deal with since sometimes I'll get mail that has nothing to do with us directly...) while others can be very useful (MAPS, RBL, ORBS) and transparent, as far as the end-user is concerned. Hell, reporting open-relays that are spamming my clients sometimes makes me grin, and the clients get what they want: less spam.
I personally think that Harris, by engaging in tis legal action, is potentially damaging something that helps keep the customer satisfied.
If Harris wins this will we see similar lawsuits against the censorware companies?
It's in /etc/hosts under Linux.
--
Proud member of the Weirdo-American community.
I did. Just this week.
If Windows gives you headaches, don't use it.
Well... duh.
If you don't enjoy school, don't go.
Fine advice, depending on where you are in school. Up to a point, what you're advocating is illegal, but after that... sure, go for it!
(Still trying to think what the problem is with being "the kind of person who thinks... if windows gives you headaches, don't use it.")
!
---
>An ISP should not apply the MAPS blocking list >to any user who hasn't requested it -- you >should have to opt-in, just like for the emails.
but the harris lists are not opt in, thats the whole point!
If you disagree with the policies of your ISP you can leave, thats called freedom of choice.
Harris want to destroy this, as it wants to be removed from the list, which means that every user with every type of filtering (both user defined at the ISP, and full ISP filtering) get no choice at all.
The whole point is choice, and Harris want to make sure you don't get one.
Yet again, bend over and enjoy the big biz internet.
F
TCPREMOTEIP=`/usr/local/bin/origip.pl || echo 127.0.0.1`
:0 /usr/local/bin/rblcheck -q "$TCPREMOTEIP";
:0 fwh
:0
* ! ? if [ -n "$TCPREMOTEIP" ]; then
fi
{
SUBJECT=`formail -zx Subject: || echo "no subject"`
| formail -I "Subject: SPAM: ${SUBJECT}"
}
${DEFAULT}
Now they know how it feels when I have to sort through hundreds of "SELL YOUR PRODUCTS ON THE INTERNET!" spams.
Rather than take responsibility for the time they are wasting and the money they are costing us (and spam DOES cost you money -- whether you realize it or not), they would rather place the burden on you, the consumer.
Uhhh, do you realize that using the RBL is OPTIONAL? No one is required to do so. Many sys admins, though, agree and use the info. I do. I'm glad it's there. Most of us, do because we know who Vixie is (and if you don't, why the hell are you reading /.?) and respect his judgement and agree with the methodology involved.
Don't like to filter? Then don't, your choice. If you don't like the fact your ISP uses the RBL, then change. It's that easy.
Dave
there's are also proxy ad blocking software. Much more flexible than fake DNS entries. Can block a regular expression, so you can say block ads*.com. If you're interested, check out http://www.junkbusters.com
Just realize that a lot of sites pay for bandwidth with advertising dollars. Not a moral thing, just a practical one. Do you wanna kill a site you visit?
I tried adding the sites to /etc/hosts, but found that the Javascript banners that companies like burstmedia use tend to completely flake out the page. Netscape stops and doesn't display the page at all.
I/O Error G-17: Aborting Installation
Having said that, fuck Harris. Someone make a client that attacks Harris with HTTP requests and let's get everyone to just run it. Enough is enough. As long as we make a DDOS client that is no more illegal or unethical than the way Harris does business we should be well in the clear.
They want less rules on the internet? They want ISPs to sit back and do nothing when people are fucking around? Good. It works both ways.
sig:
sig:
See the "..for smart people" banners Wired runs here? Look elsewhere guys.
I guess I'm weird but, I really do enjoy getting those Harris polls... I don't consider them spam. They aren't trying to sell you anything, and unlike those annoying people in the mall trying to get you to take a poll, you can do it at your own leisure. While ultimately, yes, they are making money, but in the US, we are a capitalist society, so we HAVE to make money to survive.
A slip of the foot you may soon recover, but a slip of the tongue you may never get over. -Benjamin Franklin
Because I signed up for them. At one point many of the polls offered chances to win something if you completed the poll, and that was why I signed up. I learned about it through a web page, not unsolicited messages. I haven't bothered to fill out a poll in while, and most of them don't even offer prizes anymore, so it's probably time to save some bandwidth and drop that list.
But I would be pretty annoyed if my ISP blocked those emails. If I can't get email I request, then my ISP is not providing the service I'm paying for.
An ISP should not apply the MAPS blocking list to any user who hasn't requested it -- you should have to opt-in, just like for the emails.
So, by your definition, we are all paying for TV and Radio too, because there are ads?
... for me is do they want MAPS to have better safeguards, a challenge process or to die on the vine? The first two are all right with me. If it is the last one I think I will start looking for Spamford and his old buddies under a rock nearby.
On the other hand, it seems to me that MAPS went overboard in claiming that the failure to use double opt-in creates the status of spam that should be blocked. Who uses double opt-in? It definitely sounds like they're applying a double standard to Harris, and acting out some grudge against the company.
---------
I am bandwidth billed. If I accept a spam, I'm paying for it with my time and money. I strongly begrudge spammers every damn cent they make me pay. It's RBL+DUL+RSS for me, thank you mail-abuse.org.
Copyright? On this post? I think not.
Damn, I thought I put a smiley in that post.
Looks like my unintentional troll caught a fish (not you, the other responder).
--
Ben "You have your mind on computers, it seems."
And there is a further trick behind this-- the spammers themselves can gather addresses, spam you, and when you complain, claim that somebody else must have signed you up, a "circumstance beyond their control".
My roommate and me got some emails early this year from some matchmaking company, thanking us for having subscribed to their service, telling us that they had already charged our credit cards for it, and that we could use the service by going to the URL they gave us. I complained loudly to their ISP, and got back an angry reply from the company itself (not the ISP; the ISP just forwarded my complaint to them, apparently) saying that if we had gotten that email was because either we had signed up, or sombody had signed us up, and that in the latter case it wasn't their fault.
i'll be marked as offtopic--- but make sure it doesn't have an extension. Edit it w/ dos edit. Notepad likes to appened .txt to it the file must not have any extension: c:\windows\hosts This will work, i use this trick on my own Win95 machine.
Why aren't you encrypting your e-mail?
Just purge out your cookies. Doubleclick.net and their ilk will keep pushing new identifiers out there, totally inflate their "seen" numbers and won't be able to generate meaningful demographic information.
MAPS should get a name change. Make it sound more like an association of sysadmins against network abuse. (ASANA?) People would understand things better that way.
--------
"I already have all the latest software."
Why does Linux have to be gratuitously incompatible with Windows like this?
--
Ben "You have your mind on computers, it seems."
They are wasting valuable resources that could be used for ... well, pr0n ;)
Actually maps has a press release they sent out yesterday:
h tml
h tml
http://mail-abuse.org/pressreleases/2000-09-08.
Good chunks:
. "They insist on using dirty email lists, which contain the email addresses of people who do not want to receive their email, and who did not themselves sign up to receive email from Harris".
Ahh - so they are buying internet lists and sending them to people. Now thats not even single opt-in. Ok so thats a BIG problem. I dont want my e-mail address reaped just because I posted to slashdot once.
Another good snippet:
We are absolutely fine with Hotmail and AOL deciding to let Harris email enter their system" continued Thompson. "In fact this is how our system was designed to work, and it confirms our position in this lawsuit! MAPS does not dictate policy to anybody - we simply publish a list of Internet addresses known to originate or enable spam - what the individual Internet service providers ("ISPs")choose do with that information is up to them. They can choose to block email from those addresses, or, as AOL and Hotmail have done, they can choose to accept it. Perhaps now that Harris sees that MAPS does not control whether their email is accepted or rejected by the ISPs, they will realize that suing us makes very little sense indeed. We are entitled to publish our opinion, and in fact are guaranteed a right to do so by the First Amendment."
-- Thats right, *I* choose what I want to accept on my mail system, and I trust maps to be an introducer of what I want (or do not want) to receive. And yes I can choose to accept mail from RBL'd sites, but I would not want someone to force me to accept their mail. That smacks too much of losing my rights.
If I dont want to listen to what someone has to say, why should I be forced to? If i dont want someone to send me files that fill up *my* disk, take cpu resources, why should I have to?
I think maps is great in what they do, and I hope they win,
Harris already lost their request of a Temporary restraining order agains maps, and I hope its the first of a long line of losses against them. Link:
http://mail-abuse.org/pressreleases/2000-08-08.
You can show your support for maps by
mailing comments@mail-abuse.org (see http://www.mail-abuse.org) for info.
I think maps is doing a GREAT service, and I hope Paul and Nick, and the others keep fighting and dont give in.
-- C
I think RTBH services should be optional at all ISPs. There should be some sort of web-based interface where you can turn the block on or off, and a menu to deselect services you don't want blocked. You should also be able to block certain titles and content, i.e. "Degrees based on your current life experience" and things like that. That way, ISPs cold simply say they are providing the block as an option for users, and a highly precise, configurable one at that.
I'd like it if my ISP did that. But I wouldn't like my ISP erasing e-mails based on other peoples' opinions on what is spam.
Michael Tandy
...another comment from Michael Tandy.
"Goodness me, how unlike the FBI to abuse the trust of the American public." -- The Onion
It was a serious pain getting off of the Harris list. I went through the process of requesting I be removed from their list several times and nothing happened. At that point any mail from Harris is spam. Furthermore Harris is benefitting commercially from their polls, and has no incentive to stop delivering invitations unless someone forces them to follow their own rules.
To do this, find the "hosts" file (stuck in \windows\system or \winnt\system32; I don't know where for Linux).
/etc/hosts
=================================
I pledge allegiance to the flag...
of the Corporate States of America...
"Nearly half of the Harris Poll participants are registered when they sign up for Hotmail, for instance. They have to opt out in order to be removed from its e-mail lists.
The Mail Abuse Prevention System, known as MAPS, has done a good job keeping trollish garbage like this off of mail servers, and they should consinue without altering their practices. Harris has a home page that claims they are the leader in "internet market research". If it looks like Spam, and it walks like Spam, it's Spam.
On the other hand, Opensurvey.org has already gotten in bed with Harris.