MAPS RBL Is Now Censorware

HumpBackB wrote us about the lawsuit that ISP Media3 has filed against MAPS and its Realtime Blackhole List. The RBL, despite blocking only 2% of spam, is widely seen as an effective tool against mail abuse. I'm going to risk life and limb, and say that it has become, instead, just another censorware tool. Here's why.

Media3 has had six of its ClassCs added to the RBL: one in June, and five in November. These 1500 IP numbers are now cut off entirely from the rest of the Internet for any Internet provider who subscribes to the RBL (more on this later).

But making these 1500 IP numbers vanish from the net -- which is exactly what happens for any provider who subscribes to the RBL -- does not stop any spam from getting through. They are not blocked because those servers are sending unsolicited email, or any kind of e-mail for that matter.

Media3's service agreement is more-or-less the same as all responsible, anti-spam providers:

"M3 does not permit the transmission of unsolicited e-mail... Subsequent violations will result in suspension and/or termination of the account without refund of service fees..."

And MAPS does not even allege that a single piece of spam has been sent from any of these 1500 IP numbers. As their press release says:

"Media3 refused to require their Web-hosting customers to stop advertising their Web sites by using unsolicited commercial email..."

Even this fact is in dispute. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate Web sites which promote themselves through spam.

You can check the RBL evidence file yourself. When a MAPS representative spoke with Joe back in June, he told him that he needed to, not tighten up his sendmail rules, but "terminate the Samco [Web] sites and rewrite his AUP to prohibit the hosting of spamware."

Spamware? Yes. Media3 does host Web sites which sell software that sends bulk e-mail and harvests e-mail addresses. Take a look at MarketingMasters.com. Their IP number is 209.211.253.74, which is in the Media3 ClassC which was blocked in June. You can look them up on the RBL at http://mail-abuse.org/cgi-bin/ lookup?209.211.253.74.

Again, the blocking of that IP number, their Web site, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose Web site can't be seen by RBL subscribers.

The problem is that MAPS has put every 209.211.253.x IP number on their list. For example, if you look up 209.211.253.169, you'll see exactly the same message and same rationale.

And 209.211.253.169 is not a spam Web site. It's otherwise known as Peacefire.org, a group of young people who are advocates of free speech rights for teenagers, and -- irony alert -- longtime opponents of censorware.

In fact, if you visit their Web site you'll see many reports about how censorware blocks the good as well as the bad. Their latest, "Amnesty Intercepted," shows that sites like Amnesty International Israel and the American Kurdish Information Network are blacklisted as pornographic by overzealous censorware.

Kind of like Peacefire -- and over a thousand other sites -- are blacklisted by MAPS.

Let's be clear about what censorware does. It does not by itself block content. It "only" rates that content as unacceptable for viewing, and it is up to someone -- your parents? your teacher? your ISP? -- to apply its rules to prevent you from seeing that content.

I don't like spam any more than the next person. But I also don't like censorship, and I take a content-neutral view of these things. If someone delivers a product to be used by Alice to block Bob from seeing website because she doesn't like its content, that product is censorware.

And if that product capriciously, unfairly, and deliberately blocks innocent Web sites, then it's not very good censorware.

In this case, the "bad" Web site sells software which could be used to spam. Frankly, compared to Nazi propaganda or bomb-making instructions, it's pretty tame. But that's not important. Standing up for speech I agree with is easy, everybody does it. If you want freedom, you have to stand up for speech you disagree with.

At least with programs like CyberPatrol, SurfWatch, and Net Nanny, when overblocking mistakes are pointed out, they are corrected. But as MAPS admits in its press release and evidence files, the intent here is not to block the actual Web sites (after all, people who want to buy the software will find a way to buy it).

No, the intent is to get the ISP in question to play ball. The fact that a thousand innocent Web sites are censored is, as far as I can tell, irrelevant.

I don't see much difference between this and any other censorware. One difference is that few other censorware packages are actually free. Another is that fewer are so obviously wielding their power as a retaliatory weapon.

And, there's also the fact that the RBL is used by a backbone provider, AboveNet, whose CTO also happens to be a co-founder of MAPS. Peacefire had no idea that it was being censored until it heard from confused would-be readers. At least with traditional censorware, if your connection to a website is blocked, you have some idea of why. Peacefire's readers naturally had no idea whether their packets were traveling over AboveNet's network, and only knew that their connections were being rejected.

(I contacted Paul Vixie to ask about AboveNet and how it uses the RBL, but he refused comment, sending me to AboveNet PR, who didn't get back to me by deadline time.)

Vixie claimed in 1998 that "MAPS volunteers always contact the owner of a site before it's blacklisted." I'm guessing none of the 1,500 blocked Web sites were contacted.

But then, MAPS also advises Web providers:

"If you host Web sites, we suggest that you use one IP per domain so that if spam occurs for one Web site, we don't have to blackhole you or your other customers to block access to the spamming site."

That's exactly what Media3 does -- and exactly what MAPS did.

Oh, and one more difference. The RBL is more successful than any other censorware package. According to Upside, 20,000 companies that control 40% of all e-mail accounts (and, quite possibly, Web sites); that's up from what ZDNet said in 1998, 2000 ISPs that control 30% of Internet destinations.

I can't find much to argue with in Joe Hayes's summary:

"They [MAPS] are blocking very good educational sites, nonprofit organizations, in their attempts to get us to adopt their definitions in their entirety. They've made no bones about hurting people and while Media3 maintains a policy of not allowing unsolicited e-mails, we do not see completely eye-to-eye on MAPS's definitions because they become very encompassing and very broad. While they have a good tool, and I commend them for their efforts to contain e-mail abuse, they're a good thing gone bad and they have basically become the abuser."

And here's a heavily abridged list of the sites that cannot be accessed via AboveNet, or any of the other providers who use the RBL -- just a few of the sites on just one blacklisted ClassC:

• FulfilledLives.com, "the place for women and girls," about spirituality and relationships.
• DesktopHeaven.com, Windows themes, screensavers, wallpaper.
• TownOfCary.org, the official website for the town of Cary, North Carolina.
• StudioZito.com, yet another Web site-designer.
• Crossalizer.de, a music site which points out (in German) that it's a victim of an anti-spam initiative, and thus has moved to Crossalizer.com.
• StrikeMore.com, bowling tips and schedules.
• NewTechWellness.com: "The total balance of wholeness and wellness within the areas of Mind, Body, Family, Society, and Finances in our lives is our goal," OK, whatever.
• ElaineCoffman.com and DianaPalmer.com -- both are authors of romance novels.
  And finally,
• CraftersCommunity.com. "If you are looking for a fun and easy recipe to do with the kids, try these deliciously simple Winter Cookie Pops."

Update, something like an hour later: If you're planning to e-mail me or post a comment saying I don't know what I'm talking about because the RBL only blocks mail traffic, please take a moment to read this 1997 interview. Excerpt:

SunWorld: How do you defend your policy of Blackholing Web services that host spammers' Web sites -- even if the spam itself isn't going through their service?

Vixie: This is the most controversial thing we do because it's censorship of something that isn't spam. It's me saying to some Web provider, because you are renting space to this person [a spammer] who is doing something completely legal, I am going to Blackhole your butt.

For more on the Border Gateway Protocol implementation of the RBL, see this page (thanks to jeffg for the link); for a description of how it drops all packets to blackholed sites, see this message.

Also, Bennett Haselton of Peacefire reports, at 10:58 PM EST:

I just telnetted in to www.peacefire.org and was able to do "ping www.above.net" and "ping home.cnet.com" and "ping www.infoworld.com" despite the fact that that traceroute on all of these sites shows that they are hooked up via above.net.

Peacefire's IP address is still on the RBL, so it looks like AboveNet has, for the time being, temporarily stopped blocking their users from accessing sites on the RBL.

This means that either:
(1) AboveNet has realized the errors of their ways, and is trying to correct them.
(2) AboveNet is trying to cover up the fact that they ever censored their users' Internet access, and they are temporarily opening up the gateway so that people on AboveNet will be able to access Peacefire and will think it is all a hoax.

Idiot

Why can't you morons actually do some RESEARCH? MAPS RBL does not block ANYONE from accessing ANY web sites.. it blocks incoming mail sourcing from MAIL SERVERS listed in the RBL, get your facts right before you post crap like this..

Re:Idiot

[TA]

Oh come on! Everywhere it said 'subscribes to RBL', not 'subscribed to BGP'. When you say "subscribe to RBL" then that means the *mail* service, not something else. The BGP is indeed some kind of censorware, however if you use it then you have chosen to use it yourself.

Re:Idiot

[Cirvam]

no not if you subscribe to the BGP ROUTING updates they DROP the route to the server. that means that nothing can get though, you know like web surfing. If you could read you might of found that out from the editoral

How to remove your site from the block list?

Hmm, when they block your IP (example), they say that you can contact them through email to get it removed from the blacklist. How the hell are you supposed to send the blacklist people an email from a blacklisted address?

That's like saying "There's a lot of junk phone calls coming from the 612 area code" but they compromise by saying "You can call us up to fix it." And where do you live? In the 612 area code! Oh man!

Slashdot proves they're shoddy/knee-jerk lunatics.

MAPS is censorware, eh? This has to take the cake as the most ridiculously shallow assessment I've yet heard - Slashdot joins the "elite" ranks of Spamlords Andrew Brunner, Sam Khuri, Brad Pugh, et al in calling MAPS an organ of censorship. Either that or you're just pushing good old talk-show-host let's get the audience frothing and bashing each other over the head in violent (and ad hominem) "debate" game that accomplishes absolutely nothing productive. Yes, eBGP multi-hop (RBL) subscriptions can blackhole websites, etc. This is a consequence of an ISP disregarding sensible and ethical standards of conduct. Nobody forces an ISP or network authority to subscribe, and the MAPS block isn't made (or UNmade) because of any content issues. Get your facts straight. Spam and network abuse isn't about content, it's about consent to use MY network [MY being the authority who PAYS for the network pipes and decides to control their spamflows via MAPS or other methods]. If Media3 were serious about acting sensibly and ethically, they'd have cleaned up their act. You conveniently neglected to mention that the process of being RBL listed takes quite a bit of time [in fact, most of us anti-abuse types feel it often takes TOO long in most cases]. There's no excuse for their being unable to repair and re-implement proper procedures for limiting and curtailing network abuse on their services. NONE. They had MONTHs to do something about this. Your bogus 2% block claim is ridiculous, according to my logs, the MAPS trio along with ORBS neutralises 99.7% of all inbound spams. I have logs which put this in black and white. Prior to my using these dns-RBLs, my users received between 3-7 spams per DAY. Now, only one of my users still receives the odd spam, perhaps 8-9 a month. Your attempts to portray MAPS as an impotent tool against SPAM is as specious as it is WRONG. While it is regrettable that collateral damage occurs when a netblock like Media3's is listed, this is an unfortunate consequence when a provider has such egregiously negligent abuse handling (and prevention) practices. Peacefire should have sought a better home for their website, plain and simple. MAPS doesn't give a rat's ass about what content (other than SPAMWARE/network-abuse tools/"millions of addresses CDs", etc.) It could be end-all-world-hunger and cure HIV, but if it's a spam-spigot, it will get listed. This is simple. Vixie has made this entirely clear from the get-go. SPAM IS NOT ABOUT CONTENT, IT'S ABOUT CONSENT. This clear and simple position exonerates MAPS of being censors as you so spasmically-knee-jerkingly claim. Peacefire's block was a part of collateral damage, not based on any of their content. I fully support MAPS listing of Media3 - they were a plague of spamhaus-support websites and tacitly encouraged network abusers to roost there and spamvertise products hosted on Media3 sites. If Peacefire were serious about their commitment to be an effective media organ about censorship, they'd have chosen a more responsible provider. Anyhow, you guys have demonstrated a complete lack of understanding of the issues of network abuse, the slippery nature and tenacity of the network abusers themselves (and the babblespeak they use to try to "snowjob" people into thinking they're legitimate businesspeople), the vileness of those ISPs/providers who provide spammer-friendly havens, and the sheer volume of the problem. You have demonstrated incompetence and negligence in your "claimed role" as journalists - and as such, are worthy of relegation to /dev/null with the rest of your net-kook friends. This is the third time I've visited this silly website (directed from USENET) and I can see a consistent lack of intelligence or competence in reporting facts (in any guise or semblence). I feel sorry for anyone who comes here expecting to be told any shadow or pretence of the "Truth". Lord Apollyon

Sorry, you're a moron

Get a clue: most RBL subscribers use the DNS version. And yes, I don't wish to cooperate with anyone who tolerates spammers. And that includes anyone who distributes spamware. -russ nelson, too lazy to log in.

Re:What MAPS is...

Get a goddamn clue!

MAPS does NOT block ANYTHING.

To put it simply MAPS publishes a list of IP addresses. It's up to individual subscribers of the service to use that list in any way they want.

Some of the possible uses include:

using MAPS to block email from those IP addresses (this is probably the most common use)

using MAPS to tag Email with a X-Warning header if the Email is sent from an IP address in RBL (also very common)

block all IP traffic coming in from and going out to IP addresses listed in RBL (this is what AboveNet does)

Again, MAPS does NO blocking! Nada, none, zip, none whatsoever. They publish a list of IP addresses according to the policies listed in their website.

Clueless sheep all over this thread. Go do your research idiots!

Tero Paananen

Re:A compelling argument...

If you don't like MAPS, don't use it.

The problem with this is that you can't keep someone who subscribes to MAPS from sending mail to you! It's a one-way blackhole. Someone on a MAPS-enabled ISP can send mail to someone who is blackholed by MAPS, but that person can never reply. The MAPS using ISP's customers don't know they will never get a response.

Arguing about this with MAPS people will just get you listed in MAPS.

Spam sucks, but there really needs a better way of dealing with it. Leaving it to an autonomous private group who isn't responsible to anyone is just asking for more trouble.

Re:MAPS != censorship.

Censorship is something that can only be conducted by the government

Censorship can be done by anyone (I censor my own speech on a regular basis so as not to offend).

You have censorship confused with the first amendment -- freedom of speech can only be violated by the government (because only the government is limited by the constitution) but private individuals and corporations can and do censor every day...

right to censor

Yes: ISPs have the right to say what can go on their network and what cannot. However, if an ISP sells me internet access, that is generally on the implicit assumption that it will be _complete_ internet access. So if my ISP uses RBL without my agreement, they are breaking their contract with me and I can sue them. If a backbone uses an RBL without informing its customers (ISPs, etc.) it can be sued for a lot of money.

check max hops

[William+Aoki]

If you look at your traceroute output you'll notice that your traceroute is defaulting to 18 hops max - if its destination isn't within 18 hops it'll stop the trace. If traffic were being rejected you'd be seeing something like:

19 * * *
20 * * *

(if it's being dropped on the floor)

or:

19 bbr1.lax.netplanet.net (64.77.31.5) 250ms !X !X
20 bbr1.lax.netplanet.net (64.77.31.5) !X 260ms 250ms

Comparing your trace to mine, it looks like you're landing just a few hops short of the destination. I ran traces from two locations - the one through alter.net has bbr2.lax.netplanet.net (64.77.31.3) one hop upstream of mediamasters.org, and the one through cw.net went through bbr1.lax.netplanet.net (64.77.31.5).

If your traceroute accepts the same args as mine does, try 'traceroute -m 255 mediamasters.org' instead.

Re:Just ignore the spam?

[Chris+Johnson]

How many years do you have to live? 50?

10 secs * 356 days * 50 years = 178000 seconds
178000 secs = 2966 minutes = 49 hours = 2 days

Are you willing to let spammers take 2 days from your life? And in doing so, you are doing nothing to help others. I make more of an effort- I file reports with Spamcop.net. I spend about six times the seconds you do, per day.

What right do you have to say that I should have almost two weeks taken out of my life by spammers? I won't get those two weeks again. You won't get those two days again- and do you think it's going to _stay_ at 10 seconds a day? Soon you'll be spending 45 seconds digging through the spam (nine days out of your life) and I might be spending fifteen minutes a day spamcopping (I have a domain...) and that's SIX MONTHS off my life, just dealing with spammers! Already it seems like I spend many minutes a day on the spam, over and over and over in unending repetition. I wish my ISP used the RBL. They are considering some such action. If they go with the RBL I will fully support it even at its most extreme application.

That's no good at all.

[Chris+Johnson]

What if you're a business- or, hell, just _want_ to be a business?

I'm trying to get a recording studio off the ground (obMusicLink), and putting a lot of effort into it. I _have_ to keep airwindows.com out there publically and I get all its email, every dictionary-attack spam on the domain- and I need a solid memorable unsurprising email address to give people if they want one- chrisj@airwindows.com.

It's like some of the mp3-fan reactions to the threat of the format being suppressed- I don't care if you can hide mp3s in zips, or hide email addresses in geeky obfuscation or ever-changing 'stale address discard' rules. I don't have that luxury and never will have it- I'm stuck operating on the outside with my domain and my fledgling business (for which I keep all records of income and expense- not gonna hide from IRS either). I have no option but to use email and web resources straightforwardly and unobfuscatedly- and I won't be able to keep up with the load of spam forever unless the spammers are cracked down on. The spamload could easily just keep accelerating exponentially if nothing is done to stop it- as it seems more mainstream, more will do it, and so on.

(random side note- remember how mp3.com changed its agreement and made it evil? Well, a new music site called ampcast.com recently changed their agreement- and, get this, changed it to be MORE favorable to the artists! Color me flabbergasted. I'm still happy with besonic, myself, but who knew? Kudos to ampcast, just found out about this today :) )

Re:SERVERS CAN STOP spam EASILY!!!

[Chris+Johnson]

No good- this is trivially hackable. Haven't you seen the spams with either alphanumeric gibberish starting them off- or _language_ gibberish in a subparagraph at the bottom? Spam is already avoiding this trap- the whole purpose of randomly generated areas in spam is to bypass any such spamtrapping code. I've seen this over and over.

Re:What in god's name are you talking about?

[Trepidity]

This is just pure punishment, not even on the same track as trying to cut down on spam.

And that is why many of us dislike MAPS, because that is exactly what they suggest. In fact that is the original method by which they operated - the DNS method you mentioned was added later, and they still advocate the complete BLACKHOLING of all traffic to the sites on their blacklist.

Re:Exactly

[Trepidity]

And then, you can turn the RBL off. Victims of Censorware can't turn it off because they aren't allowed to do so.

I don't see how you can make that distinction. The only way for a user to turn the RBL off is to switch ISPs to one that does not use it. If you consider this a legitimate solution then censorware is perfectly fine too, since you can always move to an internet connection which doesn't use censorware (using one at home instead of the library, for instance).

Re:MAPS != censorship.

[cduffy]

It's not censorship if it's voluntary. If I decide not to read the /. posts of anyone whose nick starts with 'd' and encourage others to do the same, am I censoring you? No! Only if I start threatening people that if I see them reading your posts I'll throw them in jail is censorship occurring. Until that point, they make their own decision not to read your posts.

To quote from Webster's:

Censor \Cen"sor\, n. [L. censor, fr. censere to value, tax.]
2. One who is empowered to examine manuscripts before they
are committed to the press, and to forbid their
publication if they contain anything obnoxious; -- an
official in some European countries.

None of the other definitions given apply -- the first is the actual Roman officials after whom the word is named, the third to a general fault-finder and the fourth to a critic. This one, too, clearly misses the mark. MAPS is not given any special empowerment to read content, and (more critically) cannot forbid publication. All they do is publish a list, with no enforcement to back it up; thus, they do not forbid anything.

If a user is being censored by anyone, it is not MAPS but rather the ISP who chooses to use the service without their users' consultation. However, even that doesn't hold water, as the user is not forced to use any given ISP. With no forceful coercion involved anywhere down the line, any claim of censorship is certainly far wrong.

Absolutely not.

[cduffy]

The reason: the users are voluntarily paying the admins for their service. If they don't like the service, they have easy recourse -- they can withhold pay if their ISP violates the terms of its agreement, and can easily switch providers. If there are no providers that don't censor, then there's a pretty strong incentive to start one.

I'm pretty damn unhappy with my government; indeed, it's violated its own Terms Of Service (Constitution) -- but if I stop paying taxes in protest, I'll find myself in jail. And if I try starting a competing government here in town, I'll find myself in pretty bad shape.

My ISP can censor me all they want -- there's an econmic mechanism to keep it from being abusive; I'll just switch. If my government tries to consor me, there's no such recourse -- then I get pissed.

um, wrong thrice

[Tom]

MPAA is not suing for *music*, and MPAA is not suing for copying of anything.

MPAA *is* suing for removal of a software program from various websites (mine included). they are trying to make it *look like* piracy, but it's not. we may or may not be selling burglary tools, but even MPAA hasn't yet said we're burglars *in court*. what they're saying in their PR lies is a different matter.

third mistake: you can NOT define whether or not peacefire.org will work for you through your choice of ISP, because source-routing doesn't work reliably anymore and thus even if you change ISP your packets may still travel over the same MAPS-subscriber network.

Re:Bullshit

[perrin]

>By your logic, the United Nations should start >killing Iraqi men, women, and children until >Sadam Hussein steps down

Haven't you noticed - this is exactly what is happening now. The US is still bombing Iraq occasionally, almost a decade after the war supposedly was over, and the blockade has killed hundreds of thousands of innocent people who cannot get food, clean water or medicines in a country where the infrastructure has been completely devastated by bombing.

Wake up!

Tricky.

[pb]

Well, I agree that any site that sends spam should be blocked. Or, rather, destroyed in a pilliar of fire whenever possible. But if it just sells spamming software, and doesn't actually spam, I don't see a problem with that.

But then I went to their website.

My GOD, have you ever seen anything so awful?

So then I turned Java off.

There were still broken images, blinking links, I couldn't read the text...

Could we have a web proxy that blocks UGLY web pages? Becuase I'd blackhole these guys in a heartbeat!

Are they actually trying to run a business? If I saw a "business" site that looked like that, I'd run the other way!

Ugh. Unclean. Please block that site, whatever your reasoning.
---
pb Reply or e-mail; don't vaguely moderate.

Re:uhhh

[demon]

That was my question. Of course, after the article Jamie posted recently, with his whole vegetarianism rant, I have a _slightly_ hard time taking him too seriously. Even if peacefire.org IS on the RBL list (which, yes, it IS, I checked) - what proof exactly do we have that they were actually being dropped via BGP? Everyone who's tried tracerouting via above.net, and posted about it, hasn't had a problem.

Jamie, one word - PUH-LEEZE. If you checked yourself, media3 is a major source of spam - why should we care if they're being RBL'd? And the guy you talked to at media3? How do you know he wasn't just telling you what any smart PR person would? It certainly looks that way to me. If they're serious about being against spam, though, it looks to me like they need to get to work ENFORCING that policy, instead of whining about how they're being abused!
_____

This really has gotten out of hand..

[defile]

I'm totally pro-blacklisting mail servers that are pro-spammer, but don't you think this is going a bit too far?

I certainly didn't think I'd be signing up for something of this magnitude by subscribing to these blacklists.

I'm sure Paul Vixie is a nice guy and all, but in my professional life as a sys admin, whenever I come across his name I know I'm in for trouble. cron and named holes? Vixie anyone? This just adds to his legacy, if you ask me.

This is just a little vigilante group that has become obsessed with the power they have. Maybe you've gone too far, guys? Spammers suck and deserve to die, but censorship really does more harm than good.

Re:This really has gotten out of hand..

[Mark+Pitman]

cron and named holes? Vixie anyone? This just adds to his legacy, if you ask me.

Is any software 100% bullet-proof? I think not... Give the guy a break!

MAPS RBL is essential for blocking spam

[ikluft]

Well, it looks like AboveNet caught some flack for BGP-blocking RBL-listed sites. But that doesn't make MAPS RBL any less essential for blocking e-mail spams.

From what I read in this article, MAPS RBL was correct to pursue a spammer-software site whose web site is what they advertise but is not where they send their spams from. The Slashdot author who posted this story is being naive about the war on spam and trying to make an academic argument out of it.

Even for residential sites, RBL is one of a number of tools which block significant amounts of spam when used in combination. (If you're looking for censorship, you should pick on ORBS, not MAPS.)

It's very difficult to keep ahead in this battle. I condemn Slashdot for posting such a poorly-researched article to make life difficult on volunteers who are trying to help us all in the war on spam!

Be more careful with our volunteers. Shame on you!

Ian Kluft
San Jose, California

Re:"Press time"?

[The+Rizz]

So, you decided to post the article anyway rather than wait for a response from the individuals who you are attacking? That doesn't seem like very good journalism to me.

And what would seem like good journalism? Never publishing an article just because someone doesn't ever get back to you?

Innocent victims of *a bad ISP*

[Per+Abrahamsen]

The innocent victims are real victims, but not of MAPS but *their own ISP*. We had a similar case in Denmark, where a ISP refused to throw out a web hotel customer for spamming through other channels, and got a netblock blacklisted by MAPS. This was problematic, because one of the major Danish ISP's blocks all trafic to hosts listed by MAPS.

However the ISP in question they *did* move their other customers away from the netblock, while reconcidering the case. Thus, only the spammer was affected.

In general, users of ISP's who are both incompetent and refuse to cooperate in the fight against spam *will* get hurt. However, they will be in a position to do something about it, by using a competent ISP.

Irony Alert: DeCSS

[chrisd]

I am probably not the only person who found it interesting that maps, by banning an IP because of a company selling software to spam, is the moral equivalent to the MPAA suing and taking down sites that host DeCSS. Do we go after the tools to do "bad things" or do we go after those who do the "bad things".

Now, spamming software is sick messed up crap, but if we subscribe to maps, then are we as bad as Jack Valenti and his pals in the entertainment industry?

Chris DiBona
VA Linux Systems

--
Grant Chair, Linux Int.
Pres, SVLUG

Re:Irony Alert: DeCSS

[fidros]

There is a big difference between trying to get the law to send someone to jail or pay fines because of posting of tools you don't approve of (like the MPAA) and volunterily saying: "I will not communicate with you, you support SPAM" like MAPS are doing.

Anyone who can't see the difference needs to host a DeCSS mirror for a couple of months (I have ;-)

Re:Irony Alert: DeCSS

[/dev/kev]

The difference between DeCSS and spam software is that it's easy to find geniunely good uses for DeCSS, whereas you'll struggle to find good uses for the spam software.

It's okay to go after tools which can ONLY do "bad things", particularly if that's all they're designed to do. But if there's significant "good things" which can also be done with the tool, such as with DeCSS, then it's wrong to stop those good uses, and so instead you go after those who choose to use the tool to do "bad things".

Then, as always, you just have to worry about your definition of "good things" and "bad things". :/

Re:Irony Alert: DeCSS

[Omnifarious]

I feel this incredible urge to post a 'me too!' message because you are SO right. What you just said is a lot of the reason for why I'm uncomfortable about what MAPS is doing.

So, here it is. :-)

Me too!

Re:Irony Alert: DeCSS

[The+Vorlon]

I have to disagree with the assertion that suppressing DeCSS is morally equivalent to suppressing address-harvesting software. Crowbars are legal, but weapons of mass destruction are not. Why? Because although crowbars /can/ be used illegally, they also have uses which are legal, whereas land mines and biological weapons can only be used for nefarious purposes. DeCSS has a legitimate use: allowing DVD owners to watch their disks under Linux. What are the legitimate uses of email-harvesting software?

Re:Irony Alert: DeCSS

[Skapare]

MAPS is an elective service which provides me with information regarding their opinion about an address or domain. I choose to block or not block on the basis of that information.

If MPAA or RIAA or anyone else sues, they are effectively bringing in the (potentially violent) force of governments to cause a web site to be unavailable to everyone.

The irony is I can choose to block web sites hosting DeCSS if I wanted to. I've actually made that choice for a select few sites which host "web bug" (ad banners and undisplayed images designed to watch how long you are on a site or track you around).

Re:Irony Alert: DeCSS

[winnetou]

I am probably not the only person who found it interesting that maps, by banning an IP because of a company selling software to spam, is the moral equivalent to the MPAA suing and taking down sites that host DeCSS. Do we go after the tools to do "bad things" or do we go after those who do the "bad things".

The MPAA tries to forbid everyone to connect to a site hosting DeCSS, MAPS only advises providers not to connect to netblocks hosting spamware. A provider can choose to ignore MAPSs advice, it would be forced by law to follow the "advice" of the MPAA.

Now, spamming software is sick messed up crap, but if we subscribe to maps, then are we as bad as Jack Valenti and his pals in the entertainment industry?

Chris DiBona
VA Linux Systems

That is the same VA Linux that sent unsolicited email with an 1MB attachment to people that couldn't even accept the offer, that offered shares for $30, shares that are traded at $13 today? <g,d&r>

Re:Irony Alert: DeCSS

[HugoRune]

I am probably not the only person who found it interesting that maps, by banning an IP because of a company selling software to spam, is the moral equivalent to the MPAA suing and taking down sites that host DeCSS. Do we go after the tools to do "bad things" or do we go after those who do the "bad things".

Not really, because all MAPS are doing is providing a list of people that they consider to be encouraging spam. It is up to individual administrators whether or not to use the MAPS service.

I'm sure that nobody would object to the MPAA creating a list of sites that it didn't like, although they might have a tougher time persuading admins to use it.

Re:Irony Alert: DeCSS

[adolf]

Spam is bad, to some people. To some others, it is ok. And still others appreciate it.

Pornography is bad, to some people. To some others, it is ok. And still others appreciate it.

DeCSS is bad, to some people. To some others, it is ok. And still others appreciate it.

We here at slashdot tend to view a given subject only from the perspective which best serves our own interests. We are as selfish, prejudice, maliciously reactionary, and sublimely manipulative as any of the MPAA, the spamware folks, or the extremist portion of the Christian Right.

Rather than attempt to remain reasonable and retain even a hint of impartiality, we react viciously to anything deemed to be infringing upon on our rights, with absolute disregard to the rights of any others who might be in the way.

We do this as we sit high upon our assumed intellectual high horse/flimsy house of cards, shouting banters about freedom, goodness, and The Right Thing To Do; cries which typically fall upon deaf ears.

Witness our views on DeCSS, Censorware, Spamware, MP3 encoders, MP3s themselves, the iOpener, or TiVo's 'exploitation' of the Linux kernel, and try to visualize the other parties' justification (which, in these cases, is -always- legitimate) for whatever it is that they have done to offend the horrid, arrogant, nonsensical beast that is slashdot. In other words, put yourself in their shoes.

Those who are unwilling to do so are simply afraid of finding that said shoe fits their own foot perfectly, and that they'd hence not be able to remove it from their mouth. This is an obviously unacceptable outcome, given the clear superiority of the average slashdot user (let alone the top 5 percent).

With such bigotry abounding en masse, it's no wonder they can't hear us.

Choose your enemies carefully, because that is who you will become. --Lao Tzu

Re:Irony Alert: DeCSS

[crazy_clyde]

The idea that a tool can ONLY do "bad things" is absurd. A tool is a means to an end. AN END. Not a specific intentioned "good" or "bad" end, just AN END. This means the tool has no say in what it actually does, nor the moral consequences of such an act. The tool can only influence how well it performs at that act.

It's NOT ok to "go after" tools, because it doesn't solve anything. If someone wants to do something, they're going to do it. You can make it difficult by trying to remove a tool that makes that end easy, but two things happen:
1) A new tool takes it's place.
2) The general populace stays ignorant of why the end is "bad". All they learn is that the tool that does it is bad, which we've already pointed out to be wrong.

Re:Irony Alert: DeCSS

[travisd]

Not the same at all - the MPAA causes the sited to become unavailable to anyone. The RBL is an opt-in service and if you don't like the way they run things you're free to ignore MAPS and access the spammer sites anyway. Your ISP uses MAPS? Fine, find a new ISP or make a case to your current one..

Re:Irony Alert: DeCSS

[BluSkreen]

It all depends on the intent, and comparing this to DeCSS is quite a stretch. DeCSS is about a monopoly trying to constrain fair use rights and decide what you can do with your own property.

One might own the servers in the cage at Above, but not the pipes or the infrastructure. By comparison, I own the 100 plus DVDs and the players, that someone else is trying to control.

Participation in the RBL is optional. There is nothing optional about the MPAA and DVDCCA. Basically, if you want to watch a DVD, you have to use some sort of CSS. Not true for accessing the Internet, you don't have to use the RBL, and you can chose a provider that doesn't.

The guidelines for the RBL are pretty clear, and have been for years. I'm surprised that someone such as yourself isn't familiar with what it takes to get listed. They been sued before, by far bigger fish than Media 3.

Unlike CyberPatrol or other content restriction programs, MAPS tells you who is on the list, and why. Since I subscribed our network, spam is almost non existent. I'm not going to pay to support unsolicted email, and if some sites that choose to do business with supporters or providers of that type of thing, are inaccessable from my network, that's their problem, not mine. People certainly have a right (in the US, anyway) to express themselves, but that doesn't mean I have to be compelled to listen to them, and pay for the medium on which they do it.

Dave

Re:Irony Alert: DeCSS

[Error27]

A lot of MAPS users don't have a choice and don't know they are using it if their ISP doesn't tell them.

Re:Irony Alert: DeCSS

[Error27]

It's about admins censoring content for their users or governments censoring content for their citizens...

It's the same dang thing.

Re:Irony Alert: DeCSS

[Error27]

It's not a choice to use MAPS because a back bone site uses it so it's forced onto users.

If they just block people with misconfigured routers or people who spam that's not censorship.

But when people want to get spamming programs or email addresses and they can't because MAPS is blocking it that's censorship. Email addresses are private information and I don't mind them trying to censor that. I think it's pointless but I don't mind. I mind that they are trying to block people from getting to software though. And I mind that they are hurting inocent web site at the same time.

Basically censorship is when you block two people who want to communicate from doing so based on the content of what they are talking about. Sometimes that's not a bad thing to try do. But mostly the internet routes around censorship.

Re:Irony Alert: DeCSS

[terminal.dk]

The difference is: MPAA is suing people that breaks the law by copying music.

MAPS is a voluntary system that your or your ISP subscribes to, which will block access to bad sites.

You can buy your internet connection at another ISP, but you can't buy the latest Britney Spears album on another label because you don't like other artists from the same record company.

I think the only bad thing here is, that MAPS did not tell it was going to blackhole a whole subnet of political reasons.

Re:Irony Alert: DeCSS

[SmokeSerpent]

It's about admins censoring content for their users or governments censoring content for their citizens...

It's the same dang thing.

Can you change your government with two phone calls and 50 bucks?

It's not the same thing.

Re:Irony Alert: DeCSS

[Morely_Dotes]

"by banning an IP because of a company selling software to spam, is the moral equivalent to the MPAA suing and taking down sites that host DeCSS"

Excuse me?

Exactly how does MAPS profit from posting a list of spamware IP addresses?

That ought to go in the Guiness Book of World Records under the heading of "Worst Analogy of 2000."

Re:Irony Alert: DeCSS

[Anoriymous+Coward]

If the MPAA chooses to publish a list of sites that host DeCSS, which any ISP or user can choose to block, then you have an analogy. In fact, it would be interesting to see how many people outside the MPAA used it, or even if the MPAA used it themselves.

If MAPS were to bribe large numbers of US Congressmen to make being on the RBL a crime punishable by fines & imprisonment, you'd also have an analogy. I also think that there are some people on /. who think this would be a good idea, but not as many as approve of the RBL as an opt-in system.

More power to em!

[jmorris42]

Ok, a few innocent hosting customers are getting their MAIL blocked to MAPS subscribers. If they don't like it they should either pressure their hosting company to get get the spammers off their IP block or move their account to a more reputable hosting outfit. Moving would probably be the more effective option.

Hiding spammers among innocents is about as ethical as hiding military targets in civilian areas and whining when civilians take collateral dammage. Don't blame the fighter pilots whose bombs miss, blame the cowards using their own civilians as a shield.

Personally I think that blocking ALL access to spam related address is the only way to stop the problem. After all, AOL/MSN accounts are an inexaustable resource to originate the crap from, but it has to be able to point to a reasonably stable address if they are to profit from their wickedness. Blocking access to sites that are promoted by spam or sell spam related products and services is required for any campaign against it to succeed.

Spammers, and nobody else for that matter, has a RIGHT to send traffic across or into another's network without their consent. If those of us who detest spam wish to exercise our right of free association to choose NOT to associate with someone, let nobody speak against it.

Re:More power to em!

[buysse]

Dammit, it's not just mail! BGP route drops. Look at the MAPS page. Above.net was dropping all packets, whether originating from their customers or not (!), that had a source or destination on the netblocks in question.

Disagreeable Volume vs. Disagreeable Content

[Xenophon+Fenderson,]

It's one thing to block a site or cancel postings based on spam volume (ala the Briedbart index of netnews, or refusing to carry alt.binaries.*), but to block/cancel because one doesn't like what another is saying/selling/etc., that is obviously not content-neutral and is, in my mind, a Bad Thing.

Blackholing an ISP is something that requires both extraordinary abuse and extraordinary evidence. I see neither here, so in this case I'm having a difficult time supporting MAPS.

Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16

Re:Huh???

[Sabalon]

Let me explain it:

- peacefire is blocked by MAPS.
- anyone who subscribes to MAPS or whose ISP subscribes to MAPS will not be able to get e-mail from peacefire. Sure - an individual may choose not to use MAPS, but if you get your mail via your ISP and they use MAPS - you're screwed.
- peacefire has not spammed anyone...they just happen to have an IP in the same class C as some other domain that MAPS doesn't like.

As for the Website thing - I believe on that sentence where it says it block innocent websites, it should have said innocent domains, or they were just comparing what MAPS is doing to other censorware junk.

Re:Not totally correct.

[Sabalon]

Where can one find info about the eBGP RLB? I looked on their website and saw nothing mentioned.

Is the RBL really being used for HTTP?

[copito]

The author implies that Above.net is using the RBL to block HTTP access to websites. This is quite troubling if true.

It seems much more likely that Above.net and various other ISPs and users are using the RBL to block email from the IPs in question (which would be likely to be used by the website, but might not be). This is also troubling if innocent machines are implicated but much less so and hardly rises to the level of censorware since websites do not typically use email for only a tiny fraction of their content.
--

Re:Is the RBL really being used for HTTP?

[sjanes71]

Yes, it is. Above.net uses it to blackhole ALL packets to IP's listed in the RBL. I have experienced this personally in the censorship of Steve Forbes' 2000 Presidential campaign site.
_______
computers://use.urls. People use Networds.

Re:Is the RBL really being used for HTTP?

[grahamm]

But surely it would take much much too much CPU power for a backbone router to consult the RBL. Or are the static routeing tables updated periodically to incorporate the RBL data?

Re:Is the RBL really being used for HTTP?

[DavidTC]

Sadly, it is you who are mistaken. Above.net not only blocks SMTP traffic to and from RBL'd servers, but they drop all traffic to and from RBL'd server. Those addresses are routed to nowhere. For all intents and purposes, those addresses do not exist if you are on above.net. And, if your machine is used for spam, you you don't exist to any servers on there, also.

And the RBL has been putting the addresses of more then just mail servers on their list for a while now. They also put hosting companies who refuse to take down spammer's webpages, and any servers at all run by spammers.

And, BTW, I apporve of this all the way. Stopped the actual spam email is just half the battle, we need to close down the ways that people can contact them also. In fact, we need an 'Internet Death Penalty' for these people, and not only block the spanmmer's spamming acounts, but also block the legit accounts that the spammer doesn't use to spam, and their legit webpages. We need to basically keep them from using the net in any form or fashion. And block anyone willing to provide it to them.

-David T. C.

Re:Is the RBL really being used for HTTP?

[BZ]

Read the update. Yes, the RBL can be used to block HTTP traffic and is commonly used in this fashion.

Re:Is the RBL really being used for HTTP?

[Tau+Zero]

There's a legitimate reason to do that, and that's to pressure the ISP to stop hosting providers of spam-ware. Black-holing sites which provide web-hosting for spammers is probably justified too; see response 162.

"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \

RBL Usage info - READ THIS

[Acheron]

There are three ways that RBL may be used, listed at this address:

http://mail-abuse.org/rbl/usage.html

ONLY ONE OF THE USAGE METHODS results in blackholing all ip traffic, that is the Subscription via BGP. This option is only available to larger networks with routers which have an ASN (see whatis.com if you don't know what an ASN is.)

I know of very very few networks which use RBL in this manner. There must be a few, but it seems like a pain in the ass, and there are negative effects of doing it, as indicated on the RBL description of the service.

Anyone choosing to implement such an esoteric blackholing system for all ip traffic from RBL-listed hosts is likely FULLY AWARE that they will be dropping some hosts, and must consider that an acceptable risk. If you are a client of such an organization, and don't buy into that, then leave. My guess would be that most that have successful implementations of BGP RBL subscription had buy-in from their clients before they set it up.

My guess is that 95% or more of RBL subscribers use the "Direct usage via DNS lookup by mailserver" method of applying RBL blocking. This method has ZERO IMPACT on http, ftp, dns, ICMP, or any other type of traffic other than SMTP.

This Slashdot article was written by someone who does not understand the nature of the Internet and the RBL on a detailed level, and who is obviously dipping into conspiracy theories a bit... his little diatribe on above.net sounds like the manifesto of a lunatic. To the author: Get over it, sir. You don't understand the technology, and you don't understand the decisions made by ISPs who implement the RBL. I wish you well in your career, but this isn't going to be the ground-breaking story you thought it was. Feel free to write me if you'd like to speak to me further.

Sincerely,
~Acheron

Re:RBL Usage info - READ THIS

[sjanes71]

Unfortunately, I am behind Above.net which I believe does subscribe to the BGP RBL-- not something my ISP (Capu.NET) can change... During 1999-2000 MAPS RBL blocked Steve Forbes' campaign website so I couldn't get to it from home, something I found highly dubious. I've known that MAPS RBL has been Censorware for a long time now.

Whatever good MAPS RBL could have acheived has been lost with its Ivory Tower administrators who slash and burn netblocks with no accountability. "It's to fight spam" sounds more and more like "What about the children!?" to me from the MAPS people. They have made it an excuse to fuck with people's livelihoods. Pardon mon Français. That's how I feel.
_______
computers://use.urls. People use Networds.

Re:RBL Usage info - READ THIS

[buysse]

Anyone choosing to implement such an esoteric blackholing system for all ip traffic from RBL-listed hosts is likely FULLY AWARE that they will be dropping some hosts, and must consider that an acceptable risk. If you are a client of such an organization, and don't buy into that, then leave. My guess would be that most that have successful implementations of BGP RBL subscription had buy-in from their clients before they set it up.

I do agree with what you're saying... for a end-user ISP. But, if you are a backbone provider (as above.net is) and you are dropping packets that are passing across your backbone -- not from your direct customers, not to your direct customers you are WRONG.

Re:RBL Usage info - READ THIS

[Senior+Frac]

I do agree with what you're saying... for a end-user ISP. But, if you are a backbone provider (as above.net is) and you are dropping packets that are passing across your backbone -- not from your direct customers, not to your direct customers you are WRONG. You seem to be under the mental impression that a backbone's obligations and responsibilities are different from an ISP's. I disagree. Neither are they common carriers. I don't want them to be and I think they don't want to be either.
"It looks like a phone company. It acts like a phone company. It must be a phone company."
Bull****!
--

Re:MAPS != censorship.

[Amphigory]

If a government library refuses to cary 'Hucklberry fin' because of it's content then that's censorship. However private organizations should not be forced to carry or not carry a given item. You cannot compel me to carry a slashdot bumper sticker on the back of my car claiming that if I refuse I am 'censoring' your right to free speech.

No... If a government refuses you the right, with your own resources, to purchase and read Huckleberry Finn, that's censorship.

Where on earth has everyone got the idea that, for the government to fail to actively support something is equivalent to the government prohibiting it?

--

Why the Hell Not?

[Amphigory]

By your logic, the United Nations should start killing Iraqi men, women, and children until Sadam Hussein steps down. Hey, it would work. Once all the citizens are dead, Sadam will have no one to rule over, and will thus no longer have power.

Why Not? It worked to end World War II. Isn't peace worth a few cracked eggs?

(NOTE: this is called sarcasm. I am actually a philosophical pacifist, violently *ahem* opposed to violence.)

--

Re:There are no innocent victims

[David+Jao]

I understand your point and I guess their current course of action makes sense in this situation, but I am concerned about where this course is heading.

In the inevitable future where POTS modems have been obseleted and a gigantic merged company such as AT&T-AOL-Time-Warner-Verizon is the sole provider of both cable modem and DSL services in the US, would it really be the wisest course of action for MAPS to add the entire behemoth ISP to the RBL, just to spite one spam-software website?

Where do you draw the line at what constitutes spam software? I can write a one-line shell script that bulk-mails a message to an ascii list of addresses. (I can even imagine situations where this script could be genuinely useful.) Does this count as spam software? What if I simply post the mail (1) man page, together with a short shell script tutorial. Does this count?

Right now I use the RBL, and I understand full well that I always have the choice of not using the RBL. However, as an RBL user I would prefer it if the RBL remained a useful service. Blocking an entire megacorp can certainly be very effective at times (e.g. Usenet death penalty), but the prospect of abuse worries me.

Re:The problem is the innocent victims

[David+Jao]

I think it is OK to hit good customers at bad ISPs, as that is an efficient way to make the bad ISP behave in an acceptable manner.

Implicit in this argument is the assumption that people have the freedom to choose their ISP. This assumption doesn't hold any water: I myself know several people who consider themselves lucky to have even one broadband provider in their area, let alone two or three.

Although your guess is as good as mine, I predict that the lack of choice problem will only get worse as more and more companies merge.

When people have no choice of ISP, blocking innocent bystanders accomplishes no productive purpose and serves only to piss off the good guys and reduce the utility of the RBL.

drawbacks of negative feedback

[David+Jao]

IPv4 addresses are not so plentifully available that one can simply block all questionable netblocks and expect there to be any unblocked addresses left for the good guys to reside in.

Also, with the current pace of mergers in the telecom sector, it is becoming increasingly the case that many people simply don't have the luxury of choosing their internet provider. Punishing innocent sites by mere association in this case is a cure worse than the disease.

The problem is the innocent victims

[David+Jao]

Did you read the article by any chance? The problem being pointed out is that organizations such as Peacefire, who do not spam or harbor spammers or support spammers, are being blocked by the RBL, not for anything they did, but merely for being on the same netblock as the spammer websites.

Such a gaffe might be understandable if the IP addresses in question were dynamic, but they're not. They're static. There is no need for MAPS to list peacefire.org in the RBL.

Re:The problem is the innocent victims

[mistered]

I generally agree fully with what MAPS does, and I don't know the full details of this issue but I have an issue with them listing IPs of non-spamming and non-spam-hosting sites that happen to use the same provider. I believe it's wrong if they're listing IPs of sites not associated with spam in any way, if it's only to pressure the provider into dumping another customer.

Re:The problem is the innocent victims

[Tower]

no, no - it's more like tactical nuke... it only takes out a few mmediately surrounding square miles...
--

Re:The problem is the innocent victims

[alecto]

And what better deterrent to the owner of the IP block than to have them lose customers to someone with an IP block that isn't hosting spammers' websites? This is not censorship; it's providing negative feedback to people that don't play well with others on our network.

Re:The problem is the innocent victims

[terminal.dk]

If peacefire.org is blocked, it is because they put their money with an ISP that is showing bad behaviour.

I think it is OK to hit good customers at bad ISPs, as that is an efficient way to make the bad ISP behave in an acceptable manner.

If bad customers are usually do not want to pay much for the services they get/abuse, so having them drag good customers with them down hits the bad ISP on the money.

Re:The problem is the innocent victims

[BillGodfrey]

The RBL has put pressure on Peacefire (and others) to consider switching from Media3 to another hoster which does not host those who sell Spamware.

If Peacefire does move, Media3 will lose money. It's an incentive for Media3 to change thier rules to stop Spamware from thier hosts.

If you don't like the RBL, don't use it.

Bill, doesn't use any MAPS services, but (morally) supports it's work.

Re:The problem is the innocent victims

[KjetilK]

The first thing I ask when I'm researching ISPs is "You do have a good policy on spam, do you? You will make a black hole out of a spammer within 24 hours of the spam, will you?" If they can't say yes and stand by it, I wouldn't have anything to do with them. Media3 is the worst spamhaus around, and people should just go somewhere else. I have hurt so badly by spam I have no sympathy for those you pay money to a spamhaus.

Re:The problem is the innocent victims

[Twylite]

Look! He's stabbing her in the middle of a crowded room! Quick, my gattling gun so I can stop him!

Re:Huh???

[jeffg]

There are many forms of the MAPS RBL subscription.

One form that appeals to some network providers is the MAPS RBL Subscription via Multihop eBGP4 . This subscription option involves configuration within border routers of a subscribing network provider. Any traffic that passes through a router configured to peer with the MAPS RBL feed will null-route packets destined for any host or network listed in the MAPS RBL. This includes ALL internet protocol traffic -- not just mail.

If a network or host is listed in the MAPS RBL, and a router between you and that host or network is configured to use the MAPS RBL BGP feed, you will be unable to browse a website located there, you will be unable to ftp to them, and yes, you will be unable to send them mail. And they will be unable to send you mail, or browse your web site. Again, any traffic passing through a router configured in this way that is destined for an IP in the MAPS RBL will be null-routed -- for all intents and purposes, dropped on the floor.

Asymmetric routing and inadequate coverage on the border can be a noted hole, but in cases such as these, the MAPS RBL BGP feed isn't really working anyways.

This isn't right

[Bruce+Perens]

Perens.com goes through Above.net to get to most of the net. I can get to the RBL-ed sites just fine. The only thing those sites can't do is deliver me mail.

Thanks

Bruce

Re:This isn't right

[Bruce+Perens]

traceroute to MediaMasters.com (204.101.215.149), 30 hops max, 38 byte packets
1 dnai-com.perens.com (216.15.108.185) 21.416 ms 0.832 ms 0.703 ms
2 dnai-216-15-96-1.cust.dnai.com (216.15.96.1) 22.975 ms 12.134 ms 16.915 ms
3 fe3-0-br-1.sjc.dnai.com (207.181.193.1) 22.722 ms 7.364 ms 7.759 ms
4 main2-249-152.sjc.above.net (209.249.152.3) 20.723 ms 9.060 ms 7.091 ms
5 core5-main2-oc3.sjc.above.net (216.200.0.205) 23.190 ms 7.470 ms 7.776 ms 6 core1-core5-oc48.sjc2.above.net (216.200.0.178) 23.403 ms 7.579 ms 7.755 ms
7 ord-sjc-oc12.ord.above.net (207.126.96.117) 67.590 ms 67.780 ms 68.573 ms 8 POS12-0-0.GW2.CHI6.ALTER.NET (157.130.111.89) 70.829 ms 69.470 ms 69.189 ms
9 112.ATM3-0.XR1.CHI6.ALTER.NET (146.188.208.186) 69.099 ms 67.905 ms 69.813 ms
10 291.ATM2-0.TR1.CHI4.ALTER.NET (146.188.208.250) 94.485 ms 95.112 ms 93.882 ms
11 106.ATM7-0.TR1.TOR2.ALTER.NET (146.188.142.74) 95.481 ms 102.600 ms 99.372 ms
12 299.ATM7-0.XR1.TOR3.ALTER.NET (152.63.129.149) 103.557 ms 98.535 ms 98.082 ms
13 190.ATM7-0.GW1.TOR3.ALTER.NET (152.63.129.233) 98.190 ms 100.049 ms 98.933 ms
14 205.150.221.230 (205.150.221.230) 114.641 ms 100.628 ms 103.484 ms
15 mediamasters (204.101.215.149) 102.729 ms 101.457 ms 101.752 ms

So, it's not happening here.

Re:This isn't right

[Craig+Davison]

Are you thinking of the ORBS RBL? SecurityFocus.com is hosted at above.net and poorly-configured ORBS users can't subscribe to BugTraq because of it.

Re:This isn't right

[The+Madpostal+Worker]

Well, not if they use the BGP subscription.(With BGP you drop _all_ traffic). I think thats what jamie was talking about by using RBL, the BGP session.

/*
*Not a Sermon, Just a Thought
*/

Re:This isn't right

[Higher+Authority]

This also prompts me to point out that in saying, effectively, MAPS' RBL does not block a single piece of spam is pure crap.

The RBL applies to e-mail only, AFAIK. Its subscribers use it to block "known spammers" for delivering mail to a certain address, NOT to block users of a subscribed ISP from viewing their websites.

Also, because ISPs volutarily subscribe to the RBL, Media3 has no case; MAPS' does not require anyone to use it's RBL. If Media3 has a problem with the RBL, it should be negotiating with its subscribers, although that would be pointless.

And yes, as I'm sure is well noted, if you don't like the RBL, don't use it. Likewise, if you like the concept behind the RBL, but don't like the direction it is currently taking, you can take that up with MAPS', as well as other subscribers with similar opinions.

This is a much better, in my opinion, way to police the Internet, compared to legislature, as the latter has almost no jurisdiction whatsoever, and the former has many supporters behind it.

Re:This isn't right

[Higher+Authority]

To put it in more realistic terms, the RBL is simply a list of IP addresses. What subscribers to the list choose to do with that list of addresses is up to the them.

Generally, however, subscribers match the sender and/or relay server of incoming mail against the list, and discards any email which with a sender or relay in the RBL.

Thus, MAPS does not block anything; it is entirely up to the subscriber of the RBL and/or the mail server software he/she/they is/are using.

Re:This isn't right

[Orang]

AFAIAA the RBL may be used to block any traffic, it is only a list of IP blocks. Most places use it to block email out of those blocks, some to also block other things, like web traffic.

Re:That was the old system

[Bruce+Perens]

No. I clicked on that list of links and viewed the pages. I ran traceroute and saw that I was getting to them through above.net .

Thanks

Bruce

Re:Look again

[Bruce+Perens]

Look at the traceroute output I published above.

Re:That doesn't prove anything

[Bruce+Perens]

OK, publish the traceroute output so we can figure out where things stop.

I don't believe so much in my own fame that I think Above.net has special rules in its routers for me. What a laugh!

Thanks

Bruce

Moderate down, I'm wrong.

[Bruce+Perens]

Darn. I'm wrong. I typed in the wrong host. I'm human. Moderate down please.

Thanks

Bruce

Re:Moderate UP, he's right! - Proof

[Bruce+Perens]

Yeah, but I'd trust one from a customer wire more.

Thanks

Bruce

Re:Exactly

[Bruce+Perens]

My son's grandma is a webmaster.

Re:not the real Bruce Perens

[Bruce+Perens]

Everybody was getting tired of that. Note the ID number, it's stayed the same.

Bruce

Re:Exactly

[Bruce+Perens]

No, not domain. 4-letter user name at a popular free public email site.

Thanks

Bruce

Re:Mill's tries to be an absolute

[Bruce+Perens]

Say I decided to deliver my free speech in your living room, day and night, without cease, making your property unusable for your habitation. Does my free speech right override your property right?

We all accept some reduction of our free speech right to live peacefully in community. Free speech is irrelevant without community, because without community there is nobody to speak to. So much for Mill's absolutes.

Thanks

Bruce

Re:services like this

[Bruce+Perens]

How else do you get the people with bad relays to fix them?

Thanks

Bruce

Re:A compelling argument...

[Bruce+Perens]

If you pay that much, you can put an SMTP MX agent somewhere that doesn't blackhole routes.

Again, I am not getting routes blackholed through Above.net today. I can click on those links and see them. Traceroute tells me I'm going through above.net .

Bruce

Re:Exactly

[Bruce+Perens]

Well, if nothing else you can get an email address somewhere else that circumvents the RBL. If you run your own MDA, you can get an MX somewhere else that circumvents the RBL. Go into business today providing spam-unfiltered email!

Bruce

Re:services like this

[Bruce+Perens]

That would be a good analogy if the problem was only within your house. A closer analogy here would be that your burglar alarm is going off at night and waking me up. Can I compel you to fix it? Yes.

Thanks

Bruce

Re:RBL - What a hosed concept

[Bruce+Perens]

You don't have your name and email all over the web. Take pity on those who do and allow them some filters.

Thanks

Bruce

Oops. Big oops.

[Bruce+Perens]

It's marketingmasters.com, not mediamasters. I've led you astray. Sorry.

Re:Oops. Big oops.

[BlueLines]

No problem, that one works too:

traceroute to 209.211.253.74 (209.211.253.74), 30 hops max, 38 byte packets
1 main4-216-200-18.sjc.above.net (216.200.18.3) 0.694 ms 0.960 ms 2.204 ms
2 core5-main4-oc3-2.sjc.above.net (208.184.102.193) 0.829 ms 0.403 ms 0.416 ms
3 core3-core5-oc48.sjc2.above.net (208.184.102.206) 0.626 ms 0.973 ms 0.462 ms
4 core5-core3-oc48.sjc2.above.net (208.185.156.66) 0.516 ms 0.772 ms 0.454 ms
5 nyc-sjc-oc12.nyc.above.net (208.185.156.162) 89.743 ms 89.731 ms 89.742 ms
6 qwest-nyc-oc12.above.net (208.185.156.26) 90.390 ms 90.437 ms 90.125 ms
7 jfk-core-02.inet.qwest.net (205.171.30.17) 90.164 ms 89.947 ms 90.264 ms
8 jfk-edge-01.inet.qwest.net (205.171.30.94) 90.205 ms 90.032 ms 90.410 ms
9 205.171.38.14 (205.171.38.14) 97.493 ms 97.652 ms 97.937 ms
10 209.211.253.74 (209.211.253.74) 97.647 ms 97.949 ms 98.726 ms

Re:No, you don't have the right

[Bruce+Perens]

Not in the town where I live, and not in the one where you live either. The principle is simple: your right to swing your fist ends at my nose. Where I live, I would call the police who would cite you under the noise ordinance, they would fine you and require you to fix the violation, and if you did not do so they would eventually get a court order. Then, if you violate the court order you are in contempt and can be jailed. That's the way the law works most places in the U.S.

Thanks

Bruce

Re:Exactly

[Bruce+Perens]

It's more likely that Grandma will stop using her email because of all those junk messages. Try this experiment. Register a 4-character name at some of the free mail services. Don't ever use it. See if it gets mail. It will! They are scanning aaaa to zzzz and farther.

Thanks

Bruce

Re:That violates John Stuart Mill's liberalism max

[Bruce+Perens]

Mill's not an absolute. Not every annoyance is harm because there is a level of annoyance that people tolerate in order to live in community. It's when you exceed that level that harm occurrs. If you bloody my nose, that's harm. If you wake me up at night once, you might be cursed out but not hauled to jail. Do it 10 times, and it's a different matter.

Thanks

Bruce

Re:Exactly

[Bruce+Perens]

And then, you can turn the RBL off. Victims of Censorware can't turn it off because they aren't allowed to do so.

Bruce

OK, I'm a dunce.

[Bruce+Perens]

Bruce perens is human. I typed mediamasters instead of marketingmasters. I am getting to the marketingmasters class C through alter.net rather than above.net .

Bruce

Re:OK, I'm a dunce.

[Bruce+Perens]

Slashdot is so funny. I get moderated to +4 for admitting I'm a dunce :-)

Thanks

Bruce

Re:OK, I'm a dunce.

[DavidTC]

I am now offically scared by the moderators.

-David T. C.

Re:OK, I'm a dunce.

[Black+Parrot]

> Slashdot is so funny. I get moderated to +4 for admitting I'm a dunce :-)

See, none of us knew that, so you got the +4 for being informative.

--

Re:OK, I'm a dunce.

[aberkvam]

Warning: I'm human. Sometimes stuff I post here is wrong. Use your head. Question authority.

Way to prove your .sig! I don't know if I would have had the courage to do the same.

Re:OK, I'm a dunce.

[f5426]

> I get moderated to +4 for admitting I'm a dunce :-)

Not at all. It is because moderators don't follow you sig and forgot to question authority.

"Ooooh. A bruce Pernes post !. He must be smart. Let's moderate him up"

Then, the same assholes that moderated you up to 4/Funny for saying that you have been moderated to 4/Informative in a correction to a wrong traceroute moderated to 3/Informative are going to moderate me to -1/Overrated/Flamebait/Offtopic/Troll.

Cheers,

--fred

Re:OK, I'm a dunce.

[GlassUser]

Well since you're posting just like Mr Bruce now (admitting you're a dunce), perhaps they'll now moderate you up . . .

I have to agree.

[Bruce+Perens]

Signal-to-noise is a precious commodity. Of course, spam degrades it. If spammers ran rampant (more than they do today), I'd not be able to have this, an address that anybody in the world can use to reach me, even when I've never heard of you.

It happens that if you write me and I'm not at home, I get your mail via Palm VII wirelessly. Whoever you are. Even if I've never heard of you. And sometimes, that matters to people.

Spam really is a problem on the Palm, because it takes time to download it, there's only 2MB RAM so there's no space for it, and so on.

So, I want to filter spam, and I want to deter spammers because deterrence is more effective than a filter. The RBL has been a positive force for me, it's kept the S/N to the point that I can read your mail.

Thanks

Bruce

Re:I have to agree.

[Stinking+Pig]

Clearly this is a polarizing issue, and I have to say that I come down on the side of the article writer. Let's look at the relative levels of injuries:

1) spammer (shorthand in this case for "vendor of address collection software") is allowed to continue selling software. Many mailboxes get some spam, including mailboxes on tiny and or expensive devices. Users are forced to utilize their delete commands, develop RSI and brain cancer from the stress.

2) spammer's IP address is blocked. Spammer must seek another address with ISP or another ISP altogether. Process begins anew.

3) spammer's entire ISP is blocked. Spammer must seek another address with another ISP altogether. Process begins anew. In the meantime, a ton of non-related sites are blocked. Well, some of those sites are going to be run by people who know all about these issues and can get switched somewhere else quickly. But statistically, most of those sites will be run by people who haven't got the knowledge to understand what the issue is, the inclination to care, the money/time/inclination to switch ISPs, or any of the above. So their sites stay down until the MAPS sentence is lifted.

Possibility 3 sounds like a great way to perpetuate the worst things about the Internet: "B2B" usage in which people have to be paid to touch anything and "geek's playground" usage in which a bunch of stunted people bully others for lacking knowledge of the secret handshake.

I rather enjoy the fact that the Internet is widely used by lots of people who don't know a damned thing about how it works. I'd like to keep it that way. Breaking it for them because of things they know nothing about done by people they have no control over is not positively reinforcing behavior.

Re:I have to agree.

[f5426]

> it's kept the S/N to the point that I can read your mail.

This is wrong. For an unkown reason, some email I send are refused by some servers with a message:

MAIL From:<myemailadress>
550 5.0.0 We don't accept mail from spammers

I don't really qualify as a spammer. I mean that I hate spam, always reply to abuse@ adresses when I get spam, etc, etc.

What is uberfun is that I sent emails to postmaster@ and abuse@ at the site where I wanted to sent the original mail (to update technical points on a development FAQ). Those mails were returned with the very same message. I tried to mail them from two different accounts. Same problem.

I contacted the guy vhen replying to him in a public mailing list. He said that my ISP was probably supporting spam. As I used two different providers, and one of them is wanadoo.fr, this seems pretty unlikely. And, no, the various IP addresses of mail servers were not in the MAPS database.

This guy is the maintainer of the Darwin FAQ. This email is the official feedback email for the FAQ. He silently loose an unkown amount of mail, pisses off an unkown number of people.

What were you saying ?

> to the point that I can read your mail

Mmm. Maybe not. And you don't even know it.

Cheers,

--fred

Re:I have to agree.

[itarget]

You left out one important part of #3 though. ISP is once bitten, twice shy. They're deterred from hosting any more spammers.

Since colourful analogies seem to be really popular concerning this article I'll throw my own into the hat:
What would you rather do about a cancer? Pop pills to try to ease the pain while you slowly die, or would you have it cut out?
---
Where can the word be found, where can the word resound? Not here, there is not enough silence.

Re:Why should RBL block HTTP?

[Harik]

What really bothers me about this is that they're blocking all traffic to and from the IP addresses. Seems to me like blocking port 25 (sending and recieving) would be plenty-- then, if they get a few innocent web sites that don't do email it's no big deal. [ Reply to This | Parent ]

Cluebat time.
RBL just lists IPs. There's two forms. One, a reverse-DNS lookup. Two, a realtime BGP4 feed.

Most ISPs (myself included) configure sendmail to check incoming IPs against their reverse DNS. Therefore, it only blocks email coming from those specific IPs, and not email going to them.

A few ISPs use the realtime BGP4 feed to blackhole all traffic from those IPs.

Mind you, they are not REQUIRED to blackhole those IPs. They might just use it to divert to a seperate mailserver for extra spam checking. The fact is, the ISPs that do it agree with Paul Vixie and the rest of MAPS that Spammers, Spam-tolerators, Spammer-services and the hosts of spammer-services are NOT good for their network.

However, I doubt most people on slashdot are impacted by this. The worst you might be is unable to recieve email from peacefire. Darn.

Perhaps Peacefire should choose a provider NOT activly supporting 21 spammers.

--Dan

Re:can MAPS/ORBS be advisory to users?

[Howie]

I've only got experience of this stuff with QMail, but for that MTA, there are patches to add X-RBL-Hit headers or similar, as well as the more common don't-accept-RBL-listed-connections type of thing.

I don't know if this is a specific qmail issue, but the way the server works is to accept the mail if it for a local domain, queue it and then figure out what to do with it in terms of the user to deliver to, since there may be aliases and so on involved, which it doesn't want to spend time resolving when accepting the mail. In the case where the spammer is just guessing usernames en masse with a domain name on the end, all the 'misses' become bounces. If spammers were at least halfway decent and mailed address known to exist, the load on mail servers from spam would probably be considerably reduced.

So the difference is that the ISPs mail server will then spend a large chunk of time generating bounce messages (which will typically also bounce back, as the return address of spam is often faked), rather than refusing to accept the single connection in the first place (a single connection can spawn hundreds or thousands of queued items - a large BCC list effectively).

Obviously, the time spent by the mail server clearing queues of bounce messages and double-bounces is time spent not delivering customers incoming and outgoing mail.

Personally, I agree with the RBL in it's DNS form, but not the BGP version - blocking routing to IPs and especially IP ranges completely is extreme and harms much more than the intended target.

Of course, if you like the idea but not the politics, you could reasonably easily set up a competing service - it's just DNS data. Maybe make it group-moderated in some way - slashdot for spam-prevention. *shudder*. I believe there are at least a couple of similar things for usenet spam (can't remember the names though).

Re:"Press time"?

[jamiemccarthy]

"So, you decided to post the article anyway rather than wait for a response from the individuals who you are attacking? That doesn't seem like very good journalism to me."

I contacted them this afternoon (PST) and said the story was time-sensitive. The PR person I talked to assured me someone would contact me to answer my questions "in a few minutes." No phone call or email for four hours, so I ran the story.

Or maybe they tried but my email address was on the RBL...who knows...

Jamie McCarthy

Re:Moaning ninny USian teens

[jamiemccarthy]

"I don't want to give up seeing all the YRO articles, but if I could filter out all of them posted by Jamie, I'm sure that all I would be cancelling is articles about these peacefire.org ninnies."

Go here, click on the box next to my name under "Exclude Stories From The Homepage: Authors," then scroll to the bottom and click "savehome."

Or, just ignore my stories, which works about as well :)

Peacefire was the one who drew my attention to this story which is why they got a mention.

Jamie McCarthy

Re:Good or bad, it's not censorware

[jamiemccarthy]

"censor: an official who examines material (as in publications or films) for offensive matter

Are SurfWatch, CyberPatrol, etc doing this? Yes. [...]

Is MAPS doing this? No. They are completely content-neutral. They don't examine anything for offensive material. [...] At no point is the content of the blocked traffic an issue."

Censoring offensive material is exactly what MAPS is doing in this case. Some censorware is offended by pornography or the Ku Klux Klan and is designed to block that. MAPS is offended by websites which sell bulk email software, and is designed to block that.

For the twenty spam websites being blocked by MAPS customers who use the BGP (including, until recently, AboveNet), the content of those websites is the one and only issue.

The 1000 other, innocent websites being blocked as well probably wish content was an issue for them, but, unfortunately, they were caught in the crossfire...

"...they're not blocking innocent or guilty websites, they're blocking the network.

Isn't this slicing it a little thin? When you find a website you don't like, and then block all traffic from its IP number, I call that blocking a website.

Jamie McCarthy

Re:I definately do not agree - (pro-MAPS)

[jamiemccarthy]

"Just a correction, according to spamhaus media3 is hosting not 1 but 21 spam sites, the largest on the list, and considering media3 is a grand total of a few class C networks, thats a pretty high percentage of their customers being spammers."

Just some corrections of your correction. :)

1. The Spamhaus list is here.

2. Not a single one of the IP numbers listed there sends spam. Let me repeat that: you could drop every one of those IP numbers off your network and it would not stop a single piece of spam from reaching you. Those are websites. Spamhaus and MAPS don't like ths products those websites are selling and that is why they (and over a thousand other websites) are blocked.

3. Media3 has 42 Class C blocks, which means that 0.2% of their IP numbers house websites which sell spam-friendly software (but, again, those IP numbers are not sending spam). I would not say 0.2% is a "high percentage."

The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial, but standing up for free speech means standing up for speech I don't believe in.

This situation is no different (except that, on my scale of evil, spammers aren't even close to those who want to rehabilitate Hitler).

Jamie McCarthy

services like this

[Al+Wold]

I think services like this are really annoying. They are constantly incorrectly filled with "good" hosts and they hardly help prevent any spam, anyway. I especially hate ORBS, as I've had to deal with their crap on a consistent basis. Since any mail that goes through your host that has been through a bad relay causes you to get blocked, it really really sucks.

Re:services like this

[um...+Lucas]

you can get my number blocked, but if my friend also uses the same LEC as you, you're not entitled to have him unable to receive my phone calls as well. The RBL, as it's implemented, isn't granular enough. That's my issue with it. The choice to use the RBL should be that of the end user (the person who the email account was set up on behalf of), no one else.

Re:services like this

[um...+Lucas]

Using a non-computer analogy: you don't. You can come over to my house and say "Hey, you know your doors unlocked?" but you can't come in and change the locks on me just to insure that you know that my house is now "safe".

Re:services like this

[Greg@RageNet]

but you can't come in and change the locks on me

If people come into your house constantly and make obscene phone calls to me in the middle of the night do I have the right to have your phone number blocked? I think so.

-- Greg

Re:services like this

[ahodgson]

Well, if by leaving your house open, you effectively make it easy for a crook to get into my house without a key, then your analogy would make sense. And you can be sure people would be running up and down the street checking locks to make sure they work.

Re:services like this

[mr]

And where does ORBS obtain the authority to probe *MY* machine?

What right does ORBS have in 'walking around my house and checking to see if I have open doors/open windows'?

Re:services like this

[petard]

ORBS doesn't have the authority to probe *MY* machine. Moreover, if they try, *MY* machine is configured such that their probe will likely slow down enormously

Re:services like this

[Wolfstar]

Fairly easily, actually.

I work for an ISP with a rather large self-owned backbone - OC-48 rings all over the East Coast with OC-3/DS-3 supplementing; and multiple OC-3 cross-country lines for connectivity to Chicago and San Francisco - and the process is simple. We get an e-mail about Spam into abuse.

Abuse contacts the end user and tells them to fix the open relay within X amount of time. After the expiration of X, if another e-mail comes in, abuse investigates, uses ... somewhat more firm language ... with the end user. They then have one half X amount of time. After THAT, they contact my group - Operations - and say, sink the route. We go in, route the IP of the offending open relay to Null0, and wait for the guy to call. Then we direct him to abuse. Until such time as Abuse is sure that the relay is closed, the IP stays routed to Null0. When they're happy, we route it back to their circuit.

Spammers, on the other hand, go through step one, and on step two, they get shut down by us. As in, we disable the entire circuit, not just their IPs.

As for MAPS contacting the owners, they do in fact do just that. We somewhat regularly get e-mails from MAPS about it on the Operations mailing list. When they say they notify the owner, they mean the ARIN-Registered owner of the IP block, not the owner of the individual sites. Blacklisting a Spam-friendly ISP would be significantly more effective in getting said ISP to play ball by contacting innocent site owners and making them aware of this.

That being said, we don't use MAPS, and the fact that they're punishing "innocent" - not-guilty if you prefer - website owners is totally out of line and doesn't help much. These owners most likely don't realize that they've been RBL'd, and will still pay their bills to the ISP that's treated them well. Getting them to move is the objective; not telling them that they may want to is defeating that objective.

Wolfstar

Re:services like this

[Ayon+Rantz]

Actually, I think a closer analogy here would be that a bunch of people are complaining to the landlord of a big flat that one of the tenants are selling faulty burglar alarms, that have a record of going off at night and waking lots of people up.

When the landlord fails to throw the guy out on the street, they form an angry mob and tear down the entire flat, leveling a few buildings around it in the process.

Although this might be stretching it a bit of course.
--
Pokéthulhu

Mill's *is* an absolute, but not how you think

[Old+Man+Kensey]

An AC wrote:

Property, like speech, is not a qualified right, and nor should it be. If you are allowed to tell me what I can't do with my own property, then tomorrow you'll be allowed to tell me what I can't do with my own mouth which, after all, is just a property interest of mine.

You, as an advocate of property rights, claim the right to own and use anything in any manner you want, without interference. Fine. But I, as an advocate of property rights, claim that same right. You have no more right to interfere with my environment than I have to interfere with yours. If your stereo is playing so loud that I cannot hear the rare birds that I'm trying to record on my property, then you are interfering with my right to enjoy my property as I see fit. Conversely, I don't have the right to come over and demand that you stop smoking even though it's not actually coming onto my property, simply because I dislike smoking.

When two equal and absolute rights are in conflict, both parties should back off. Usually that means you run your stereo at a reasonable hour, and I don't call the cops even though I find it slightly annoying that I can hear you listening to nothing but, say, Ricky Martin all day.

Re:Neural Net Spam Filtering!

[Kiwi]

I looked at the C source of the filter, and it looked like a potential security hole. I saw a strcat(), strcpy(), system(), and insecure use of files in /tmp.

Also, while the neural network source is available, the java source code isn't, so this is not an open-source application.

I think this kind of technology has a lot of potential, and I hope to see this implemented in a manner that can be used in a secure manner in the real world.

- Sam

Re:MAPS != censorship.

[dwdyer]

Sorry, but this hackneyed line about "only the government can censor" is utter bullshit.

Censorship is the deliberate attempt to block a flow of information. If you don't let your 8-year old watch hardcore porn at home, you're censoring his or her viewing. (Note that this is appropriate censorship, IMO)

Look up "censor" in a dictionary. Look up its origin -- show me where it means "an act committed by a government". I, as a consumer, by buying a connection from someone who uses the blacklist, am authorizing them to act as censor. Yes, it's voluntary, but it's still censorship.

If a public library doesn't carry a book, that's censorship because the library is supposed to carry everything, not because the library is a government entity. A private library operates under a different charter than a public library does. They're different entities with different purposes.

Likewise with an ISP. The blacklist is perfectly legal, and I do have the choice of going to an ISP that doesn't use it, but the question is about what the ISP is chartered to do, and what we believe an ISP should do. Does the ISP provide information or access? If it provides information, censorship is appropriate. If it provides access to information, then censorship is inappropriate.

The real issue is consumer education. When I buy a connection, and I'm told that it's spam-proof, I might like that. Unfortunately, there will be information I will be denied access to and I might never know that I'm being denied. I thought I was paying for a data pipe, and protection against unsolicited email, but how will I know that I'm paying for protection against entire sections of the net that hold no threat?

Re:Fuck off, Commie Pinko

[Darchmare]

(I fear you're just trolling, but I have enough free time, so here goes...)

Actually, you got it backwards. It's your thesis that it closer to the socialist ideal.

Private companies choose to use the RBL to filter their incoming mail. This is analogous to paying someone to throw out junk mail before you get to it. It is a business choice they choose to do in order to lessen the load on their business.

You as a private individual have the right to choose to do business with that company or not. But nobody has the right to tell that company that they can't block certain traffic from coming into their networks.

Whether or not you agree with spam is irrelevent. The RBL is totally in line with a free market. If you don't believe the RBL should be allowed to do what they do, you are essentually saying that someone shouldn't be able to kick unruly people out of their place of business.

- Jeff A. Campbell
- VxReality (BETA)

Re:RBL is for Mail-Abuse you Fools!!

[Darchmare]

---
People seem to keep saying that RBL is optional, well what about the situation, where someone is using it on a backbone, as was the case in the article? I dont see much choice in the matter then.
---

Maybe not, but who are we to tell anyone how they should treat the data flowing through their networks?

It's a free market - if enough customers of enough ISPs complain, those ISPs will move the issue up the chain and market pressure may change their mind. It's your right as a consumer to choose who you do business with, and your ISP's right to choose who they do business with. It's really quite simple.

---
One thing, it does seem that a lot of people are mistakenly thinking that it would block the website as well, but it will only prevent mail, however some companies may rely on this for their ordering system.
---

Maybe, but if I control a significant amount of bandwidth, isn't it my right to allow that traffic to flow over it on my terms? Especially if the product of that bandwidth is using CPU and drive space on my servers?

I'm not necessarily saying that I agree with the somewhat over-zealous ways in which MAPS operates (I'm in a position to utilize the RBL, but choose not to), but I agree that they have a perfectly legal and ethical right to offer their service if they wish. There is nobody forcing anyone to use them.


- Jeff A. Campbell
- VxReality (BETA)

Re:Fuck off, Commie Pinko

[Darchmare]

---
not if the ISP has a monopoly on a certain section of your neighbourhood. thats a bullshit argument that M$ was using in their anti trust trial.
---

A monopoly in your neighborhood? What are you talking about?

You can't extend the definition of 'monopoly' to any company you don't like - even if they don't happen to have competition in your area. Microsoft didn't get the smackdown because they're merely a monopoly. They got in trouble because they allegedly used their monopoly in order to illegally squeeze out any potential competition.

It is not illegal if there is only one provider in your geographic area. It's quite possible that no real competition has even attempted to penetrate your local market, or it's just not worth bothering with for various business reasons.

And to be honest, in these days of Earthlink, Sprint, GTE.net, AOL, etc. I kind of doubt very many people are stuck with only one provider. This is a market segment that very clearly does not have a single monopoly controlling it. The argument is a bit of a joke.

Face it: If you don't like the policies of your provider, you can feel free to open up a competing provider or search for another. Under our current (decidedly non-Communistic) system, you don't have a right to force the existing players to do something with their own resources.

Of course, you can always vote with your wallet. If enough people agree with you, it's quite likely you'll find success. Unfortunately more people seem to think avoiding spam is more marketable.

...

Either way, my original point was that the guy saying that supporting the RBL was 'Commie' had it all wrong and was talking out of his ass. Communism would be more likely to support right control over the ability of people to make things like blacklists.

Regardless of whether you are for or against strong 'market regulation', you have to know that stopping MAPS from publishing their list is just like banning Consumer Reports. This is definitely not in the spirit of our free market system.

- Jeff A. Campbell
- VxReality (BETA)

Good or bad, it's not censorware

[jaffray]

Let's check the dictionary here.

censor: an official who examines material (as in publications or films) for offensive matter

Are SurfWatch, CyberPatrol, etc doing this? Yes. They spider the web looking for offensive material, and sell software that blocks it. Their software is a censor. Thus the term "censorware". (The fact that they make fraudulent claims for their software is incidental here.)

Is MAPS doing this? No. They are completely content-neutral. They don't examine anything for offensive material. They evaluate submissions of networks that spam, that provide spam support services, or that maintain open relays. They provide a list of such networks, and software to use that list to block traffic from those networks.

At no point is the content of the blocked traffic an issue. Yes, this means that their list blocks "innocent websites"; they're not blocking innocent or guilty websites, they're blocking the network. There is no deception here. They didn't claim to provide a list of spamware websites and then add Peacefire; they claimed to provide a list of networks that are friendly to spammers and added Media3, and Media3 is most definitely friendly to spammers.

Is it a good tactic? Should people choose to subscribe to RBL? Maybe, maybe not.

But don't call it censorware. It's not.

Re:Good or bad, it's not censorware

[jaffray]

Censoring offensive material is exactly what MAPS is doing in this case. Some censorware is offended by pornography or the Ku Klux Klan and is designed to block that. MAPS is offended by websites which sell bulk email software, and is designed to block that.

Let's look at what MAPS RBL is "designed to" do. http://mail-abuse.org/rbl/candidacy.html lists criteria for being in the RBL.

• spam origination - simple enough
• spam relaying - open mail relays
• spam support services

The last one breaks down into:

• providing any service which uses internet resources to support spamming: webpages or email or DNS or credit card handling for spam-promoted sites, or anything-to-email gateways
• providing software or services for distributing spam, or providing connectivity to people who do
• providing lists of harvested email addresses, or software or services to create such lists

So what MAPS RBL is designed to do is keep a list of hosts and networks that spam, or of hosts and networks that aid spammers. They are being added on the basis of their actions. What they're saying is irrelevant. This is why they're content-neutral.

You are objecting to their inclusion of spamware as something which aids spammers and should be blocked. This gets into two fairly tricky points. First, if something is both speech and action (the "fire in a crowded theater" example), where do you draw the line between allowing free speech and preventing harmful actions? Second, to what extent is software speech, and to what extent is it a tool?

We probably agree that blocking spam is acceptable, despite the weak argument that saying the same thing over and over is speech that should be protected. And we agree that a list of techniques that spammers use would be speech that should not be blocked. You could claim that spamware is like the list of techniques. MAPS might claim that selling someone a software package whose sole purpose is to spam is no different from taking their money and doing the spamming yourself. You both have decent arguments.

I do think, however, that even if you're convinced that there's a free-speech right to distribute spamware, labelling RBL as "censorware" based on a fraction of a fraction of the list violating this very debateable "right" is massive overkill.

"...they're not blocking innocent or guilty websites, they're blocking the network." Isn't this slicing it a little thin? When you find a website you don't like, and then block all traffic from its IP number, I call that blocking a website.

No, not at all. Look at Media3. They've found a network they don't like, because it supports spamming in multiple ways. It hosts sites which are promoted by spam, and it hosts spamware vendors. They could change their AUP to prohibit this, but refuse to do so. And so they're blackholing the network.

This is not an overzealous or overbroad block; they are blocking exactly the network that they wanted to. They state in the docs that this approach can lead to blocking non-spam traffic, and warn you to use a different list; RSS for example; if you have a problem with this.

If you wanted to highlight the spamware free-speech argument, you could have chosen a better example. Spamware is not the only reason why Media3 is on the RBL, and there is no way to claim that hosting spam-promoted sites is anything but a content-neutral blocking policy.

Web Sites?

[cotcomsol]

Since when did MAPS block web sites? We use it on our mail servers, and yes, it blocks email from the offending sites, but I certainly can still visit their web sites if I wish.

This article makes it look like they are completely cut off from the world, which is simply not the case.

Re:Web Sites?

[Senior+Frac]

First of all, MAPS really doesn't block anything. Administrators usually subscribe MAPS' lists and use their recommendations to block email. In certain circumstances, MAPS RBL, not to be confused with MAPS RSS or MAPS DUL, will be used by an administrator to null-route TCP/IP packets. Above.net does this. What does this effectively mean?
It means that no TCP/IP packet sent across that network will reach it's destination. This effectively blocks all TCP/IP connection attempts. Including HTTP (web), FTP, SMTP (email), NNTP (newsgroups), Telnet, etc. This is not an oversight in the MAPS RBL system. Each administrator certainly has the option of applying the MAPS RBL on the SMTP layer instead of TCP/IP layer. Anyone with enough savvy to set it up should almost certainly have the knowledge of how it will affect their connectivity, as it is non-trivial.
--

Exactly

[enterfornone]

Anyone who complains about censorware yet trusts MAPS to block spam is a hypocrite. Any time you give someone else the power to control what you can read you are allowing them to take away your freedom.

Remember, if you let them censor the stuff you don't like, soon they will censor the stuff you do. Simple as that.

Re:Exactly

[um...+Lucas]

Ahhh... so why aren't linux users using winmodems? Because it' "too hard" to reverse engineer the chips themselves. Why does everyone complain about Microsoft changing their file formats with every release of office? Because it's "too hard" to create a new filter everytime there's a new revision to word.

So many of the complaints around here are based on things being "too hard" for linux developers to do. Don't bash the end user for having similar issues.

Re:Exactly

[um...+Lucas]

Say my ISP uses RBL, specifically how am i supposed to "turn it off"?

Switch ISPs? Not likely, because there's only a few DSL providers around here and they all string lines from Verizon. And there's only two possibilities (AFAIK) for cable access.

If they use MAPS and people in my address books' addresses get added to list, then effectively i have no recourse. I can switch ISPs, but how will i even know what's occuring until a couple days go by and i get a phonecall saying "hey, why haven't you responded to my email?"

ISPs, sendmail developers, RBLer's, someone's got to make a system where users opt in and opt out individually. For instance, when signing up for an account of any sort with an ISP, their web page or CSR could plainly ask "would you like your mailbox to be protected from spam using the RBL?", provide an explanation if they don't know what it is and let each customer choose for themself.

Re:Exactly

[um...+Lucas]

Great advice to give my mother or grandmother one day...

"Yeah, I know you like using Netscape as your intenet application. And yeah, i know, i took you a few months to learn that you could click an address and it would be added into your address book, let alone how long it took you to learn to create rules to filter your messages between your "personal", "business", and "possible spam" folders, non of that matters now. You need to use Hotmail from now on. Or yahoo mail. You can't bring your address book or sent mail or received mail folders with you either. Oh no, don't worry you didn't do anything wrong. It's just that someone else that happens to use the same internet provider as you did, which is why none of your friends can get your emails...."

Can you see my point from a less elitist mind set, now? And maybe help come up with an idea that doesn't punish innocent people at the same time as punishing "guily" people? Not everyone in the world knows works at an ISP, or owns their own domain, or even edits their own DNS records. A solution to SPAM take that into account.

Re:Exactly

[gimpboy]

And then, you can turn the RBL off. Victims of Censorware can't turn it off because they aren't allowed to do so.

perhaps you work at your isp but most people don't. most people wouldn't even know who to complain to, what to complain about, or even when to complain. they would hit the message listed above cock their head to the side and move on.

use LaTeX? want an online reference manager that

Re:Exactly

[tbo]

And then, you can turn the RBL off. Victims of Censorware can't turn it off because they aren't allowed to do so.

Only if you happen to be the head sys-admin for your ISP... If my ISP subscribes to MAPS, I might never even know that my content was being filtered, let alone have any control over it.

What I don't understand is why anybody is using MAPS for anything other than their mail server. I used to do IS at a software company, and we set up our mail server to reject mail from IPs on the RBL. Other than that, we didn't use RBL. The purpose of RBL is blocking spam, so why should we use it to block anything other than SMTP?

Re:Exactly

[shadowspar]

You might want to let the folks over at Peacefire know how they can know how they can know how they can turn the RBL off. Think about it.

They can turn the RBL off by switching ISPs.

Rather the point, don't you think?

Re:Exactly

[Trailer+Trash]

And then, you can turn the RBL off. Victims of Censorware can't turn it off because they aren't allowed to do so.

You might want to let the folks over at Peacefire know how they can turn the RBL off. Think about it.

MC

Re:Exactly

[toast0]

my four letter domain (advertised on /. no less) does not get a terrible quantity of spam as compared to other addresses that get forwarded to the same place (i check headers ever so often)

maybe it has to do w/ being a .orgy not a .com and having intermittent connection problems besides

Re:Exactly

[toast0]

oh gotcha, yeah... a lot of my spam comes in on the snotmail address everything gets directed to :)

Re:Exactly

[Tau+Zero]

What I don't understand is why anybody is using MAPS for anything other than their mail server.

If the spam came through an open relay but the spammer's web site was on the RBL, the spammer would not get any click-throughs nor would any of their web bugs, Javascript/ActiveX exploits, or other tricks work. It's not the best reason in the world for blackholing a site for all access, but it's at least plausible.
"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \

Re:Exactly

[crucini]

No, the advice is, "Grandma, you need to switch ISP's. It turns out your ISP is run by unscrupulous people. By obstinately harboring criminals, they've burned their bridges to the rest of the internet."
It's like changing doctors if your doctor is convicted of malpractice. No need to dig into technical arcana.

Re:Exactly

[crucini]

Also, spam consumes a non-trivial amount of bandwidth and increases the load on the mailservers even if they reject it. Dropping spammers' packets at the border routers lowers costs.

Re:Exactly

[scotch]

Great advice to give my mother or grandmother one day...

... snip ... I'm sick and tired of hearing about everyone's grandmothers, how their grandmothers can't use computers, how we should be thinking of grandmothers for every computer problem anyone deals with here. Grandmas can get their own goddamn website - this is slashdot, news for nerds, not news for grandmas. Why don't you go to grandma.com to complain about how your grandma can't do a goddamn thing for herself. I don't give a shit about your grandma, and when I use a computer or develop software as a hobby, your grandma doesn't even enter into the equation

No offense to your grandmother, of course

Re:Exactly

[Senior+Frac]

Say my ISP uses RBL, specifically how am i supposed to "turn it off"? Switch ISPs? Not likely, because there's only a few DSL providers around here and they all string lines from Verizon. And there's only two possibilities (AFAIK) for cable access. You are a victim of your situation. I don't see how your limited broadband options is MAPS' problem. (BTW. I can't get *any* broadband, cable or DSL) ISPs, sendmail developers, RBLer's, someone's got to make a system where users opt in and opt out individually. For instance, when signing up for an account of any sort with an ISP, their web page or CSR could plainly ask "would you like your mailbox to be protected from spam using the RBL?", provide an explanation if they don't know what it is and let each customer choose for themself. You obviously have no clue as to the economics of the situation. We, especially MAPS RBL subscribers, don't want to just not get spam. We want to quit paying for it's delivery! Giving a userlevel option to toggle it does nothing to solve the cost-shifting problem. All of our connections to the internet would be much cheaper if we didn't have spammers stealing our resources. I'm not just talking about our mailbox space, I'm referring to bandwidth. That is the enemy.
--

Re:Exactly

[DrSkwid]

i agree wiv ya

but if you use yahoo you can at least collect it via pop3 straight in to your regular client

mind you yahoo blocks bulk mail too !!
.oO0Oo.

Re:Exactly

[aiken_d]

Um, unless you're a mere mortal and not knowledgeable enough to question your ISP about their censorship policies when you sign up.

If my ISP ran cyberpatrol or netnanny on all my traffic, I would expect them to tell me up front. ISPs who use the RBL rarely tell their clients, because it's usually some misguided techie who configures the ISP to do so. Half the time management doesn't even know. When they do know, they've usually been told that it "blocks access to mail servers which are sending out spam" or some equally bogus explanation.

-b

Re:Exactly

[pjrc]

"tbo" asks:
What I don't understand is why anybody is using MAPS for anything other than their mail server.

According to jamie, AboveNet (a backbone provider), until this story broke, was using MAPS RBL to do exactly this. Vixie, the MAPS co-founder is the CTO of AboveNet, so it's not too hard to see "why".

According to the update, they've stopped this. Hopefully it stays that way. Filtering at the backbone level is pretty scary.

Re:Exactly

[clare-ents]

Advice for Grandmothers

Me :Hello, is that ? None of my mail is getting through - why is this?

Thenm : The internet has cut us off for sending junk mail.

Me : What are you doing about it?

Them : Nothing

Me : Right, I'd like to cancel my account please, I'll buy services off someone else.

or.

Them : We've terminated their accounts and will be reconnected soon.

Me : Thank you , please don't do it again.

Re:Exactly

[CyberKnet]

I'm guessing your sons grandma can read email at multiple different free email vending locations =P

---

Re:Exactly

[raju1kabir]

This is the first thing I've ever read on Slashdot that made me laugh out loud.

The problem isn't the RBL

[enterfornone]

The problem is the attitude of people who are happy to sacrifice their freedom to avoid things they don't like yet jump up and down when the freedoms they do like are taken away.

If you want to defend freedom, you have to defend *all* freedom.

Re:The problem isn't the RBL

[fb]

>If you want to defend freedom, you have to defend *all* freedom.

No. Now *you* are asking me to limit my rights.

I reserve my right to fight for what I like and fight against what I dislike. This is pretty much *my* own definition of freedom!

You have the right to disagree, but do not try to define freedom for me.
--

Re:The problem isn't the RBL

[fb]

>No. Now *you* are asking me to limit my rights.

Of course: that's because unlimited freedom is a contradictory concept (the old "my freedom ends where your freedom begins" saying).

Freedom for all cannot be achieved without some compromises, that's why it is important to keep fighting to conserve it.

Getting back to the case at hand: there is a conflict between the freedom of the ISP to voluntarily use MAPS BGP service to blackhole routes and the right of customers to get connectivity to blackholed sites.

This conflict can be resolved by debate - not like the present one, one between the ISP and its customers - by economic pressure or by a governmental (i.e. legislative) decision.
--

Re:The problem isn't the RBL

[Ayon+Rantz]

>You have the right to disagree, but do not try to define freedom for me.

No. Now *you* are asking me to limit my rights.

I reserve my right to persuade other people that my opinon on what freedom is is right and that others see it wrongly. This is pretty much *my* own definition of freedom!

You have the right to disagree, but do not try to define freedom for me.
--
Pokéthulhu

You don't have the choice.

[enterfornone]

Most ISPs will not tell you they are using MAPS. Even if they did, there are still enough ISPs using MAPS to cause problems if MAPS decide to block someone unfairly.

Re:You don't have the choice.

[MemeRot]

I sent email to earthlink asking if they use MAPS when I first read about it. The people answering me had no idea what I was talking about. They thought I wanted help setting up my email account. After going back five or six times and sending them a ton of info on what I was talking about they said no. I don't believe them. I think they just got tired of me and could tell that I wanted them to say no. I don't think my inquiry ever made it to anyone who could tell me the answer to my question.

By the way.... DID YOU READ THE ARTICLE ASSHOLE? This wasn't an issue of one ip being added, this was an issue of they added the first three sets of numbers 999.999.999.xxx AND ALL THE POSSIBLE last sets of numbers. So, to answer your question, it took NO EFFORT for peacefire.org to get their ip added, because it was added wrongly. Not that anyone dares argue with maps about it, lest they get added also.

Re:You don't have the choice.

[supersnail]

The key phrase here is "major backbone PROVIDER".

AboveNet bought the hardware, lease the lines, pay a substantial number of people to operate thier infastructure. If they choose not to use these resources which they own and operate to distribute 10,000 "Become Virile and attractive to supermodels for only 1$" mails they have every right to. And most e-mail users are thankfull that they don't.

The SPAM problem arises because e-mail works on an honour system. Basicaly everybody running sendmail or equvalent has agreed "I will forward your mail if you forward mine". This is great because it costs almost nothing to administer such a system.

The downside is SPAM. If media3 choose to ignore compliants from other ISPs and choose to host known spammers, and, choose to ignore any advice and warnings from. Well stuff them.

I fell sorry for peacefire.org etc. But really they ought to find a more responsable ISP.

Re:You don't have the choice.

[BinxBolling]

It seems to me despite your obviously biased viewpoint, that the RBL did what it was designed to do. It forced a company to secure its servers, so they could not be used for spam anymore.

You miss his point. The measure of the RBL's usefulness isn't merely how good it is at punishing spammers, but rather, how good it is at doing so, while avoiding punishing non-spammers. If the RBL frequently lists addresses unjustly, eventually people will lose respect for it and stop using it.

I mean, I could stop all spam by unplugging my machine from the network. Somehow this strikes me as a less-than-ideal solution, though.

Re:You don't have the choice.

[CyberKnet]

Okay, I agree its not easy to get someone on the RBL. But what choice do you have when a major backbone provider like AboveNet is using RBL? I know they've either lifted it or the C Classes in general have been cleared, or some other such resolve, but I can hardly say "My ISP runs through AboveNet, Who use RBL, so I must get myself and all my friends off my (innocent) ISP because they use RBL." That makes me JUST as bad as the people who run RBL. I am censoring internet use. Maybe not to the same degree, but its the same thing. And I hardly think that if I email AboveNet and say "Hey, my friends and I use XYZCheap ISP, and we dont want RBL, so stop using it!". It just isnt going to happen. So what choice *do* I have when RBL blackholes 5 C Classes containing at LEAST one website I visit (peacefire.org) when they have done nothing wrong; because their hosting provider doesnt live up to the moral expectations of a group of third party vendors I quite honestly couldnt care less about? (Hey, I already get in excess of 50 spam emails a day... what difference delete all to 50 as to 100?)

---

Re:You don't have the choice.

[tbannist]

Obviously the customer was upset when their customers couldn't receive so we found out what was the cause and closed the relay. Mind you, this wasn't some little fly-by-night web company that had the open relay. This was a VERY large company that is well-known in Europe and the US. Sure, spam is spam, but you would think that the RBL people would have enough sense to realize that this was a simpole configuration issue and not willfull spamming on the part of the company.

It seems to me despite your obviously biased viewpoint, that the RBL did what it was designed to do. It forced a company to secure its servers, so they could not be used for spam anymore.

Re:You don't have the choice.

[ocbwilg]

That's not true at all. I used to work for an ASP who had a couple run-ins with the RBL. The initial problem was with a single mail server for one of our clients that was set up incorrectly (open relay - yeah, I know, someone DID get fired over it too).

Unfortunately, neither the ASP or the customer received a single notification from the RBL folks that we were a condidate. Apparently they were sending their notifications to a non-existant email address. Can't remember what address it was off-hand, but it was a variation of postmaster@servername.com instead of postmaster@domain.com. So when they got no response, they blackholed the server.

Obviously the customer was upset when their customers couldn't receive so we found out what was the cause and closed the relay. Mind you, this wasn't some little fly-by-night web company that had the open relay. This was a VERY large company that is well-known in Europe and the US. Sure, spam is spam, but you would think that the RBL people would have enough sense to realize that this was a simpole configuration issue and not willfull spamming on the part of the company.

It then took us several weeks of fighting with the RBL people to convince them that the relay was closed and they should take us off the list. We would get one of them on the phone and ask them to try to use the relay, and it wouldn't work. And they still wouldn't take us off of the list.

Eventually we were taken off of the list. Hooray. I don't know if they periodically check back with people who managed to get off the list or what, but a few months later we were back on the list. Apparently someone tried to use the relay, and the firewall would accept the packet and scan it and then drop it. The relay wouldn't work, but they didn't get any kind of denial message either, so the RBL people ASS-umed that the relay was open again. The best way to explain it is this: instead of blackholing us because of concrete proof that the relay was open, the blackholed us because of a lack of concrete proof that the relay was closed.

Needless to say, I'm not interested in anything that the RBL has to offer. Especially because they are volunteers who do this "out of the kindness of their heart," there is no accountability. Maybe you can get off the list, maybe you can't. Maybe your company loses boatloads of money because your site is blocked and the person who has the power to take you off the list is a power-tripping moron. Who's responsible?

Re:You don't have the choice.

[ocbwilg]

You've taken it completely out of context. My point was not that the RBL forced a company to secure it's servers. My point was that once the servers were secured, we still had a great deal of trouble getting off the list. And once we were off the list for awhile, we wound up back on the list again for no apparent reason.

I don't have a problem with asking people to secure their servers. But once it's done let it be done. The attitude that we got from the RBL people was more of a sarcastic, "sure you secured them...I bet. We may get around to taking you off the list sometime soon..." rather than a "thanks for fixing that problem, you're off the list." And since the company was a recognizable brand name that is essentially a household word, it should have neen obvious that our intentions were not to "deceive the folks at the RBL so we could spam some more."

The internet portion of our customers business hinged entirely on the goodwill of the people at the RBL, and this is wrong. They need to be accountable to someone other than themselves.

Re:Horay!

[Nermal]

About 7 months ago I submitted an Ask Slashdot about how I could take action against above.net because of this very thing. I used to work at an ISP that was regularly put on the RBL. When I moved and signed up for an account with another ISP I asked them if they subscribed to the RBL and they said no. Nonetheless, not only could I not get mail from my old ISP I couldn't even see their web page. Traceroutes broke down at above.net so I mailed them. Got one email back saying the they excercised the RBL to its fullest abilities, ie blocking all traffic. All subsequent emails were ignored.

Anyway, my point is that when I sign up for an internet account, I want the internet, not the Paul Vixie approved internet. I'll filter my own spam, thank you. An upstream like above.net using the RBL like that means that to possibly MILLIONS of users whole chunks of the internet just cease to exist. It is wrong, plain and simple.

That, and how come my story wasn't good enough for an Ask Slashdot but then shows up as an editorial 6 months later? =:\
"(no knowledge of subject matter) + (crack cocaine) = (journalism!)"

Re:Fuck off, Commie Pinko

[Jonathan+C.+Patschke]

Not to sound insulting, but there's nothing (well, short of capital, possibly) to stop you from starting up your own ISP. That's what my company did (I'm the senior network administrator for an ISP) four years ago because service in our area sucked due to single-ISP monopolies.

We've got several thousand rural-area customers in central Texas now. Now, we're largely a monopoly simply because our service is better, and the other ISPs lost too many customers to our (equally- or higher-priced) service.

My point is that people will vote with their pocketbooks. If spam-filtered email bothers people, they'll complain. As for us, we clearly and proudly announce our use of the MAPS RBL (for email-only) and DUL to our customers, and they love our hard-line policy on spam (esp. those coming from spam-ridden providers).

Say what you wil about ``pinko'' ISPs who use MAPS, but I've got all the proof I need. The response from my customers when we added ORBS (initially we used ORBS; switched to MAPS later after ORBS went insane with blocking everything in sight) was overwhelmingly positive. After the announcement, I got so many messages to the tune of "Hey, that was great move! All that sh!t stopped coming into my mailbox!".

As someone else mentioned, the idea behind an ISP is that you get cheap Internet access at the expense of a little freedom. If you get your own leased line to the backbone, snag your own IP block from ARIN (or borrow one from your backbone), you can run your connection how-ever you want. When you buy service from an ISP, you are investing in their practices, nodding your assent with a credit card or check. You pay less, of course, but you are also giving up the freedom of running the connection yourself. If you disagree with their practices, there's nothing to stop you from using (or starting) another ISP.

You can't have a monopoly in a service-market. If you piss your customers off, they'll get together and fund a competitor. That's how we got our start-up funds.

That being said, if someone wrote a sendmail ruleset to allow activating/deactivating the DNS-based spamhaus-lookup services (RBL, DUL) on a per-destination-address basis, I'd install it in a heartbeat to give my customers the choice to unfilter their mail.

Re:Fuck off, Commie Pinko

[Jonathan+C.+Patschke]

Yeah, but we've already got a fairly-heavily customized (and stable!) sendmail solution. We use accessdb (fed via MySQL) to add/remove spam entries (in case we disagree with the RBL or DUL). What I'd like to see is a ruleset run before the RBL-checks (ie: checks an ACL to see if a username/domain is present, like accessdb) that determines whether or not the RBL checks are even run. A little more enhancement, and our fussiest customers could even switch back to ORBS (I know of at least one customer who gets a -lot- of spam through <very-large-ISP>, who happens to be in ORBS).

Switching MTAs seems pretty drastic, especially when what we're running now is very stable *knocks on wood*. I'd write the rules myself, but sendmail.cf isn't one of my areas of expertise. I'll gratefully accept any ideas on how to do this. :)

Re:"Press time"?

[waldoj]

So, you decided to post the article anyway rather than wait for a response from the individuals who you are attacking? That doesn't seem like very good journalism to me.

This is standard practice. For all that you know, Jamie contacted AboveNet 3 months ago, and still hasn't heard back. It's reasonable for him to contact them, say that there's X days until he's running a story, and do so if he hasn't heard from them. Surely you don't think that media outlets should fail to run stories if the subjects won't talk to them?

-Waldo

Re:Huh???

[waldoj]

PD wrote:
2) Listing the website IP and blocking mail from that IP doesn't prevent anyone from seeing the Peacefire webpage, does it? No.

Jamie wrote:
Again, the blocking of that IP number, their website, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose website can't be seen by RBL subscribers.

Any questions?

Argh...

[Pierre+Phaneuf]

My company web site, http://ludusdesign.com/, is on Media3...

--

Re:So what do you propose?

[grahamm]

Should it not be up to the customer, not their ISP, what blocking to use?

Re:A Better Analogy

[grahamm]

Free speach implies the right for me to have to right not to listen. It does not give anyone else the right to censor/filter the speach and prevent me from listening.

Re:Sounds like the role of the RBL has expanded..

[scrytch]

> I wonder if anyone's considered sort of a democratic RBL?

UseNet has something called NoCeM (pronounced No See 'Em), which is essentially "advisory cancel messages". Instead of cancel messages being sent to control by usenet admins, it has advisories sent to the newsgroup itself in periodic postings, with the message id's of messages that get killed by a compliant newsreader (such as gnus). These messages are PGP-signed to authenticate the issuer.

It still requires a provider that doesn't itself honor NoCeM messages on the spool, as some do, but the nature of usenet makes this somewhat more feasable than it is with mail. The mail server I use (CommuniGate Pro), has support for RBL, but sends all such mail to blacklist-admin, which I can connect to a script that simply tacks on a "X-RBL-Listed" header and sends it on to its recipient. It's a new site right now, so it hasn't received any mail yet, much less spam.

And if I find my ISP, the phone company, is using the BGP RBL, I'll have the PUC on their asses ASAP :)

--

? stay of the inet if you don't like censorware?

[Barbarian]

b[If you don't want Cyberpatrol filtering your connection at the public library, stay off the internet!]b

In reply to:
i[If you use an ISP that has MAPS, it is your choice. Only ISP in the area? Then stay off the net if it offends you. They are running a private business and feel that the reduction in spam outweighs the complaints of some users who don't like MAPS]i

Re:Huh???

[Barbarian]

Right, and I don't know of any tier 1 ISP that would be actually implement this. There is just too many ways that this could hurt the ISP.

Maybe, but a backbone provider does. ABOVE.NET Read the article.

get YOUR facts straight

[Barbarian]

OMFG. MAPS can be fed into router tables, which is what Above.net was doing. Read the other 20 comments that have pointed this out.

burn the witch!

[Barbarian]

Why don't you open the commitee of unMAPS activities now?

Huh???

[PD]

So what if MAPS lists Peacefire's website?

1) It's just a friggin list. Individuals choose to block the IP's on the list.

2) Listing the website IP and blocking mail from that IP doesn't prevent anyone from seeing the Peacefire webpage, does it? No.

The article was damn confusing, claiming that the Marketing Master's website cannot be seen by RBL subscribers. I thought the RBL was supposed to block the MAIL, not the WEBSITE.

Chalk it up to "yet another dumass writes an ill-considered story."

Re:Huh???

[winnetou]

Right, and I don't know of any tier 1 ISP that would be actually implement this.

Teleglobe.net does:
traceroute to marketingmasters.com (209.211.253.74), 30 hops max, 40 byte packets
1 129.125.101.252 (129.125.101.252) 0.788 ms 0.618 ms 0.6 ms
2 AR1.Groningen.surf.net (145.41.81.133) 1.008 ms 2.312 ms 0.862 ms
3 BR2.Enschede.surf.net (145.41.7.241) 4.877 ms 3.87 ms 4.026 ms
4 BR7.Amsterdam.surf.net (145.41.7.169) 7.638 ms 7.382 ms 7.328 ms
5 BR2.NewYork.surf.net (145.41.0.90) 81.094 ms 82.464 ms 84.262 ms
6 if-1-9.core1.NewYork.Teleglobe.net (207.45.196.69) 81.191 ms 79.558 ms 80.556 ms
7 if-7-1.core1.Montreal.Teleglobe.net (64.86.80.29) 86.712 ms 87.256 ms 86.903 ms
8 if-1-0-0.bb1.Montreal.Teleglobe.net (207.45.221.163) 148.554 ms 96.395 ms 107.36 ms
9 * * *
10 * * *
snip: it goes on to 30 hops.

I am glad they do, it makes a big difference in the amount of spam. DUL, RSS and ORBS take care of the small spammers.

Re:Huh???

[halbritt]

Right, and I don't know of any tier 1 ISP that would be actually implement this. There is just too many ways that this could hurt the ISP. I can believe that above.net used MAPS to block spam by implementing the RBL on their mail servers, but I just don't think there's anyway they would've blackholed this traffic, particularly to their transit customers. Their customers would be paying them to give them the whole Internet and probably wouldn't be too pleased to learn that they were blackholing traffic on the advice of some third party.

Re:Huh???

[thogard]

Maybe peacefire should find an ISP with some ethics?

Re:Huh???

[noweb4u]

This is using the RBL at the router using my favorite protocol eBGP4.... It completely drops routes, making that portion of the internet as good as someone cutting the fiber with a pair of scissors when someone tries to access that site using any protocol.

Re:Huh???

[fmouse]

Negatory on a couple of counts!

1. The RBL is not used by individuals, it's used by ISPs. Some ISPs give individual subscribers the option of using the RBL to filter mail or not. Others don't

2. The RBL comes in different flavors. One flaver, provided as a router Border Gate Protocol feed, can be, and apparently sometimes is used to block access altogether to sites listed in the RBL.

Re:Huh???

[fmouse]

I didn't see this myself but I'm inclined to believe the evidence presented on the Peacefire technical list. Bennett Haselton was getting some pretty puzzling reports of people within the AboveNet network unable to access the peacefire website, and he used the usual probe tools from the peacefire website to track the problem. I'm not sure how it was found out that it hinged on the RBL. These folks are professional programmers and very savvy about the Internet.

Paul Vixie, who helped develop the RBL, is on the advisory board of AboveNet, which owns PAIX, which houses MAPS, so there's ample room for collaboration there.

Re:Huh???

[sulli]

I thought the RBL was supposed to block the MAIL, not the WEBSITE.

That's exactly what the RBL does. It doesn't block the website - MAIL servers subscribe to it! Now I might not like the fact that Peacefire.org's web site can't send me mail, but it's really not that big a deal.

Re:Huh???

[0_KrUsH]

Actually, they may only be implementing this at the gateway to their subscriber network. Awkward?!?! Explanation: They maintain a somewhat distinct core(backbone) network which carries the transient traffic and implement the filtering where it is handed off to got to their actual customers as an ISP.

Jamie, get a grip

[consumer]

Again, the blocking of that IP number, their website, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose website can't be seen by RBL subscribers.

There are several ways to use RBL. Using sendmail to implement RBL just blocks e-mail from those sites. So, it's exactly the opposite of what you said - it stops spam from those sites but doesn't block their web pages from being viewed.

Maybe you should take a little more time to understand the story before you try to turn it into a piece of drama.

Re:Jamie, get a grip

[Cirvam]

RBL also provides BGP routing updates to routers it turns the blocked hosts into null routes. Therefore no traffic can get to the host weather it is mail or surfing. If you would read the whole editorial you would see that it isn't talking about the filtering of mail but the dropping of routes by a backbone provider. The sites that are being dropped don't even send out spam they just provide software. If someone disagrees with your new program do you want them to censor thousands of users because of it. And the person who also runs their web page company off an ip that is one diffrent from your should suffer too because of you?

Re:This is exactly what we want them to do.

[Cederic]

Yes, but that's like all the photo shops in my town saying "We're boycotting you."

If I don't want to boycott them (maybe the guys making the paper are selling it to hustler magazine, which I don't have a problem with, even though all the local photo shops do) then I'm still shafted and still can't get the paper, because all my local shops wont sell it.

Which is the same as, if I want to receive email from Peacefire, I can't, because some backbone provider I don't even choose explicitly to use has gone and 'boycotted' their packets.

~Cederic

Re:The RBL is supposed to be narrow

[/dev/kev]

The fact that that few spams are caught in the RBL is ... a testament to ... the success of MAPS of driving spam support services off of the web.

BZZZT!

10 years ago I wrote this program which stops elephants from walking down the highway. Since there's only been a couple of elephants found walking on the highway since then, my program must work.

Sorry, but few emails caught by MAPS is evidence both for and against the success of MAPS. You can't use it for one or the other.

It is, however, evidence to restraint on their part.

Re:Thats not what its for...

[/dev/kev]

Fine. Put Media3 on the list. But what about PeaceFire? How would you feel if your site was RBL'd by MAPS simply for having an IP next to someone MAPS didn't like?

Re:Sorry, Jamie, you are way off base

[/dev/kev]

Ehrrm, it isn't a spammer, it is a seller of spamware.

Fine.

You don't need to. Just block the spamware seller's website. This still cuts off the money - the spamware seller will get less, since they've been RBL'd, and if the spamware seller goes elsewhere, then the ISP loses their money...

If MAPS blocked the website, spammers could still reach the website, buy the spamware

If that is the case, then why does MAPS even bother with spamware sellers? If they were only going to block the seller's site, then as you say, that doesn't stop the spammers from getting their spamware, so would acheive very little. MAPS goes after these sites because they want to see the sites taken down, so that noone can access them (not just MAPS subscribers). They can't do that by just blocking the site, so instead they're unjustly blocking whole sections of the ISP, in an effort to submit and remove the sites. Make no mistake, these are bullying tactics.

MAPS is not censoring, subscribers to MAPS have chosen not to spend their money for the transport of packets send to or from Media3.

MAPS is doing more than this. They are trying to abuse their influence to get the site itself shut down. You appear to have completely missed that point. My point is that MAPS isn't "merely blocking for MAPS subscribers", as you claim, but they are trying to get the site removed altogether, which is entirely different.

A newspaper that doesn't put your opinion on its frontpage isn't censoring either.

No, but if the newspaper were to reject stories based on content, then that would be censoring. Similarly, if some agency were applying pressure to get the newspaper to not print particular stories, then that agency would be attempting to censor those stories. In this case, the 'newspaper' is Media3 and the 'agency' is MAPS. The analogy's not perfect, but it's a hell of a lot better than yours.

Re:Sorry, Jamie, you are way off base

[/dev/kev]

So, what do you do to get Media3 to close down the spammer?

You don't need to. Just block the spammer's website. This still cuts off the money - the spammer will get less, since they've been RBL'd, and if the spammer goes elsewhere, then the ISP loses their money - but not at the (unnecessary) expense of other customers. Repeat the process with wherever the spammer goes next.

That's how MAPS should work, by blocking the bad stuff so that RBL users just don't see it. There isn't any need to punish innocent sites who happen to be on the same class C. MAPS should concentrate on blocking spammers and their sites, not trying to twist ISPs arms.

If MAPS successfully got Media3 to shut down the spammer's site, then MAPS WOULD be dealing in censorship, wouldn't they? They'd no longer be this optional advisory guide you could use, rather, they'd be going around getting websites they don't like shut down. If that's not censorship, I don't know what is.

MAPS seems to want to have it both ways - to the public: "Oh, we're not censoring anyone", but to M3: "Shut this site down now, or we'll punish you by blocking lots of your sites". I'm sorry, but to me, that's just terrible.

Spam Filtering Has *ALWAYS* Been Censorware

[AviN]

You're trying to censor the content you don't want (spam), and in some cases trying to censor it for other people (such as the MAPS RBL).

Now whether or not it's bad, I don't know. But it is censorware, and if you don't see that, you're terribly biased.

Re:Spam Filtering Has *ALWAYS* Been Censorware

[raju1kabir]

Spam is not content, spam is a method of communicating content. The content is the ad itself, and I have no problem with that. Purveyors of home-brew viagra are more than welcome, in my opinion, to set up a web site or buy newspaper ads or communicate their content in any appropriate manner.

As the First Amendment is generally interpreted by US courts, the government cannot take action based on content (with certain well-known exceptions), but it can make restrictions on the time, place, and manner of communication. For instance, the police can tell you that you are not allowed to stand in the lobby of city hall with a megaphone yelling at people as they come in.

Anti-spam measures are the same thing. They are actions against a particular manner of communication.

And if the police go to shut down a megaphone store, it has nothing to do with the First Amendment.

censor v's filter

[Kris_J]

I think the emotive use of the words censor and censorship are counterproductive. Censorship conjures up images of bookburning and government oppression -- and no-one wants to be associated with that.

The word "filter" is far more suitable. I have a personal proxy that tries to nuke ads and protect my privacy. Does it censor web sites? Maybe. Does it filter websites? You bet!

I personally believe that the mechanisms of filtering and the choice of what to filter should be separated so as to remove the label "censorware" from what are otherwise just filters with rules. Imagine that MAPS simply provides a mechanism to allow automated filtering of content based on a list (or lists), but then creates a process whereby anyone in the world can create such a list. In addition to subscribing to MAPS, ISPs would also subscribe to one or more filter lists as per their own values.

Perhaps then these valuable filters could not be so easily condemned as an attack on free speech...

Re:Mill's tries to be an absolute

[DavidTC]

So...you're basically saying it should be illegal to block traffic on your own network?

Sorry, but ISPs don't promise you have access to any other computer in existance. They don't even promise you have access to the one at the other end of the phone line. Read the contract again.

Then ask yourself if it's legal for a group of storeowners to hire someone to stand guard during the day and remove known criminals from their property. Why, I believe it is. It's also legal for a mall to do that without informing the stores inside it...and you know why? Because it's their mall, and it's not specifically listed in the contract they have with the stores that they can't do that.

Likewise, it's the ISP's networks, and they can do whatever damned thing they want with them they haven't agreed not to do.)

It would even be 100% legal for MSN, as an example, to block all access to Netscape's site. You know why? Cause nothing in the contract says otherwise. (Technically, they could get sued for restraint of trade, as could an ISP if they blocked a competitier simply because they were one. But that's not the case here.)

-David T. C.

Re:censorware.

[DavidTC]

ORB!=RBL

ORB are a bunch of wackos, they run though all IP addresses and see if they find one that either an open relay, or refuses to allow them a connection, then they block it. They have refused all arguements this is an attack, and all arguements that that simply blocking their IP isn't a blockable action.

The MAPS RBL waits for people to forward messages from a spammer, confirm it, and then block it.

They also run the MAPS RSS, which, when people complain about a machine. they, tries to relay a message though it. In no cases do they ever touch or consider a machine unless someone has said that machine is forwarding, and even then they investigate it.

They also run the MAPS DUI, which is simply a list of dial up IPs.

The ORBS people are completely seperate, and completly insane. I'm suprised you managed to get your server unblocked.

-David T. C.

Re:What in god's name are you talking about?

[Dg93]

TROLL: This only blocks SMTP ****MAIL****, not websites. What kind of bullshit is that? "They can't go to their websites" blah blah blah, some more stuff i made up, blah blah blah.

Let's respond to this one... You're wrong here. Very very wrong here, and ignorant. If you couldn't be bothered to look up what you were blathering about, what right do you have to rip the author of this article?

Let's see, look around the maps site, a little bit, ahhh, here it is... two clicks from the front page...

"Subscription via Multihop eBGP4. This is the oldest (and for a while, the only) mechanism for MAPS RBL usage by third parties (which means anybody other than us)."

Wow, they were doing this before the dns method you were talking about.

In the future, check your facts before spewing them out, in the case of INFORMATIVE, your fingers, or in the case of TROLL, your ass.

Security Focus Listservs saw this comming

[LWolenczak]

I remember maybe.... 6 or 8 months ago, One of the Security Focus listserves had a decussion about realtime blacklists and weather they should be used, I remember reading several opinions that said stuff like this would happen, it seems they were right..

Re:A Better Analogy

[CodeMonky]

Who is forcing you to visit a website? The problem lies in the fact that when you do want to visit, you may not be able too.

Re:jamie has a point.

[Omnifarious]

Opinion based moderating. *chuckle* That was _not_ a troll by any stretch of the imagination. I hope you get clobbered in meta-moderation.

jamie has a point.

[Omnifarious]

Arguments about whether or not RBL is a censor because it doesn't wield the power of a government are sort of missing the point. The point is if it provides a useful list. Censorware is censorware because it provides a very unuseful list. The fact that schools and libraries use it is almost irelevant to its name.

From what jamie has said, it sounds like RBL isn't so much trying to block spam as trying to apply political pressure to get an ISP to do what it wants.

Essentially, they're using the fact that hundreds of ISPs suscribe to them and trust them to help them block spam as a club to beat other ISPs into doing what they want. That doesn't seem like a terribly wholesome thing to do to me. I don't want my subscription to be used that way. I simply want them to tell me what sites send spam.

Re:jamie has a point.

[Senior+Frac]

From what jamie has said, it sounds like RBL isn't so much trying to block spam as trying to apply political pressure to get an ISP to do what it wants. And this is the key phrase. Some people don't care about fixing the spam problem and just want spam out of their mailboxes. Any admin who uses the MAPS RBL expecting only this functionality needs to better understand the MAPS RBL system. The goal is blocking and education; to get providers to start policing their own netblocks for spammers. If someone wants blocking only, MAPS RSS, MAPS DUL, and possibly ORBS would be a better bet. The argument that MAPS is "too powerful" is empty. (Not thatOmnifarious said this, (s)he didn't.) This has been the goal of MAPS for a long time; to build confidence and consistency among admins in order to influence a greater and greater portion of the net. The more who sign up, more and more networks will have to comply with a minimum set of standards. Disclaimer: I don't work for MAPS.
--

Spam is censorship

[Buddy]

This article has made me realize that 'censorware' isn't actually a bad thing; as long as users are informed of the fact that it's being used (and what caused something to be listed).

I'm satisfied that MAPS excercises a lot of restraint when listing IP's; in fact, I would like MAPS to be much more aggressive at times. If MAPS didn't escalate to larger netblocks, companies like Media3 would only move their spammers' IP's around, and they would still be profiting from spam.

Yes, this causes collateral damage. In fact, it is intended to cause collateral damage; people like the owners of peacefire.org should be talking to Media3 about terminating spammers like the ones found at Media3's entry at the Spamhaus Project, all but one in the same netblock as peacefire.org.

Spam is censorship; it fills up mailboxes and causes legitimate email to bounce. It consumes network resources paid for by unwilling recipients; I think it is not acceptable to ask these recipients to eat their spam because peacefire.org doesn't want to move to a different hosting provider.

Have a look at the site that caused this netblock to be listed, and at Media3's Service Agreement. Media3 is obviously not willing to enforce that, so they themselves are supporting spam.

If MAPS' careful process of education, listing and escalation causes it to be in the same category as the censorware, then so be it. I use MAPS because it prevents my network connectivity from becoming prohibitively expensive; as long as I can do that, I can avoid going to places that use censorware to filter 'net access.

Goodbye, peacefire.org. See you when you've found another web host, or Media3 cleans up their act.

Re:Sorry, Jamie, you are way off base

[Buddy]

"Interesting ... I always thought that self censorship meant that I decided what I did not want to see. Not that my company made that decision, or my ISP, or their backbone ISP, or anyone else ... but me.

MAPS does not give you the choice of self censorship - it gives service providers the choice of whether to subject you to censorship or not."

And how does this prevent you from choosing service providers who don't use MAPS?

Why should I be prevented from deciding that I do want to use MAPS' lists to decide what I do not want to see?

Self-censorship, by the way, means that you decide what not to say, not see.

MAPS' list _is_ Free Speech

[Buddy]

"The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial, but standing up for free speech means standing up for speech I don't believe in."

So, you're saying you don't like MAPS' published policy, and you don't like the fact that MAPS has a list of network blocks that contain spamware vendors.

But as I understand your point, you will stand up for MAPS' right to publish this list, correct?

I feel the same way.

The right to Free speech is extremely important, but it does not, I repeat not impy a right to be heard, or a right to use other peoples property to make the speech be heard.

MAPS and MAPS' users have the right to voice their opinion that the owners of the netblocks in MAPS' lists are irresponsible, and that they feel responsible admins should drop packets to and from those networks, or refuse SMTP connections from them.

Network and mailserver owners have the right to actually drop those packets, and actually refuse those connections. Or do you feel that we don't have that right?

On my scale of evil, by the way, spammers are much worse than holocaust deniers. Holocaust deniers are evil, and should be exposed. But most of them limit their activity to speech, and nothing forces me to deal or argue with them. (I do, from time to time, but that's beside the point). Spammers are different. They attempt to make me listen to their message, without my consent, and at my cost (and often at the cost of irresponsible, but otherwise innocent third parties - open relays). Spam costs me real money to receive, money I could have used to excercise my right to free speech.

I have no choice but to defend myself from them - and MAPS' lists are some of the most valuable tools to do that.

Re:MAPS' list _is_ Free Speech

[0_KrUsH]

Little secret guys, spammers do not even register on an "evil scale". Their annoying but not evil. On with the on subject info, your argument breaks down to support the argument that all silverware should be barred from sale and not be available online because they can be used to commit a crime. Let's be real. By having their IP's (those that are not the 21 discussed) listed on the maps list, these innocent parties have been wronged and slandered so as to appear to be spammers. IF MAPS chose to block the specific IPs of the offending sites I could accept that as within what they claim their service is chartered to do. Instead, they are using what amounts to excessive force to get others to live by their rules. Basically they are attempting to dictate to others who they can do business with. This qulifies THEM to be viewed on an evil scale. BTB I work for an ISP and have not utilized others to supply our brains. We research and respond to customer complaints and blackhole offenders for ourselves. The bottom line is that MAPS is operating as a bully rather than a guardian. They need to step back and look at what it is they should and should not be engaging in.

Here's a first

[xrayspx]

I've never been one to complain about the articles themselves. Sometimes they're spurious, sometimes they're wrong. But this is a boneheaded article. Should a site be in MAPS or ORBS if it doesn't act as a relay, or actively send spam? NO. But, the article clearly states that Peacefire is inaccessible due to its being RBL'd. Not true, at all. None of these sites are inaccessible. If www.myisp.com uses MAPS, I am more than free to browse to any site I want. It's possible that I couldn't receive EMAIL from them, fine. But the article tries to make MAPS out to be censoring web-content, which it can't.

Lame article. MAPS did a REALLY bad thing, and there should be AN article in YRO, just not THIS article. MAPS is so much of a PITA anyway, they almost deserve their own subset of YRO, alongside DMCA and UCITA. Hmmm, sub-slashboxes. Good idea.

Re:Mill's tries to be an absolute

[um...+Lucas]

Well, then i can lock MY door and keep you out. I might even tell my neighbors about you if you're really annoying. But i'm not going to lock my neighbors houses in anticipation of you arriving at their houses.

ISPs provide bandwidth. And that's all they should. People (mostly people who work there) around here think that an ISPs responsibility should extend beyond that. It doesn't and shouldn't. When people sign onto an ISP (aside from AOL which eases people onto the internet) they're generally expecting unfettered access to the internet. The terms of services' that i've read at numerous ISP's all prohibit spamming. Fine. But they make no mention that i might not be able to receive mail from friends of mine that happen to share ISP's with a spammer.

Slashdot generally doens't like America Online and their potential to either censor other sites or at least give their own sites premium placement above others. If bandwidth or disk space is getting chewed up to the point where they can't make a profit because of SPAM, they need to lower their prices, not cut off service to the end user, especially without telling them about it in advance.

Yes, we'd like to be a community. But with one small, unelected, unaccountable group making decisions that can effect millions of people, that's not community anymore. We're not cooperating. There's rows of thugs prodding, shoving and herding people back into line. Stray outside the line, you're dead.

MAPS RBL blocks MAIL, not the net!

[TA]

I don't know how you are using MAPS if you think it disconnects WEB SITES from the network! Are you using the RBL as your name server or something? MAPS RBL is for sendmail, not for anything else. Sendmail blocks incoming mail from the sites in the RBL, and that's all. Sendmail doesn't control your Cisco router or your Netscape client! Get your setup fixed.
TA

Bad experience with MAPS at our ISP

[jking]

I Work for an ISP and we were almost blackholed for not taking immediate action when an individual emailed one of our admins claiming that one of our customers was sending spam. The person who received the spam demanded that we cancel the spammers account. Because the person provide no evidence that the spam had actually been received from our customer and because we have never received any other reports of this customer sending spam we did nothing. After dealing with MAPS (who never even tried to contact us and discuss the situation) we were able to be removed from the blackhole list but the person we had talked to said that failing to take action is a good enough reason to be blackholed. The worst part was that they were willing to take the spam victims word without ever trying to fix the problem.

(Whoohoo, my first post after using Slashdot for the past 2 years)

There are no innocent victims

[Sloppy]

The problem being pointed out is that organizations such as Peacefire, who do not spam or harbor spammers or support spammers, are being blocked by the RBL, not for anything they did, but merely for being on the same netblock as the spammer websites.

But being on the same netblock as the spammers is something that Peacefire did. They are keeping a spam-friendly ISP in business.

---

Re:There are no innocent victims

[itarget]

I'm not quite certain where the author got this particular notion; That they were RBL'ed due to having spam software sites.
Hosting sites for software expressly created for the purpose of bulk emailing from a home connection, I'd consider a valid reason to be blackholed if they chose not to do anything about said sites... but that's not the reason they were added to the RBL.
Media3 got RBL'ed because they refused, despite their own anti-spam policy, to deal with people advertising their media3-hosted sites via spamming methods
---
Where can the word be found, where can the word resound? Not here, there is not enough silence.

Re:There are no innocent victims

[itarget]

An addendum because I'm never satisfied with only the current. :-P

I just looked up past MAPS dealings with media3... they DID block for spamware before, but they didn't block all of media3. Looks like their recent blacklisting is for more than just refusing to deal with spammers. It's also for repeat offending (although this isn't stated).

I can't really say if a 1-line script I haven't even seen and thus don't know the capabilities of could constitute spamware, but THIS is rather blatant. I can't say really where to draw the line, but I'll be damned if a 25million address list and email address extractors aren't a lightyear over that line.

---
Where can the word be found, where can the word resound? Not here, there is not enough silence.

Re:There are no innocent victims

[itarget]

Not to mention the fact that MAPS must add WHOLE companies to the RBL if the listing is to have any meaning.
Case-by-case RBL'ing isn't really an option because new spammer sites would pop up on unblocked IPs (media3 is spam-friendly, so they're likely to add more such sites), non-spam sites may be moved/added to blocked IPs (then we'd see media3 crying foul for some sympathy), and the point simply won't get across unless it's made clear that those of us using the RBL want NOTHING to do with them as long as they're harboring or assisting parasites.

Yes, I know the word "parasite" sounds harsh, but what would you call someone who makes money while you foot the bandwidth bill?

I volountarily use the RBL knowing that I may not be able to access some sites or receive mail from some people. I accepted that possibility when I chose to boycott spam.
---
Where can the word be found, where can the word resound? Not here, there is not enough silence.

Re:This is exactly what we want them to do.

[Sloppy]

This is the difference between locking up the kiddy pornographer and locking up the people that made the high quality photographic paper and the ink used to create the images!

No. There's one little flaw in your analogy, but it's important.

It's not like locking up the people who made the photographic paper. It's like choosing to not do business with the people who made the photographic paper, and telling them that you will remove your boycott if they stop selling photographic paper to the kiddy pornographer.

Nobody's rights are being infringed. Nobody is having force used against them. There's a huge difference between locking someone up and boycotting them.

---

Re:Horay!

[Wiseleo]

Are these measures drastic?

Yes.

Are they necessary? You bet.

I have filed hundreds of spam reports. Would you care to guess what percentage of them is acted upon?

I'll give you a hint. UUnet (MCI Worldcom) currently is the #1 spammer provider on the 'Net. They were warned repeatedly and most of their clients have cleaned up their act. You will find that most of the spam comes from da.uu.net and fl.uu.net.

I know who is behind those spams. I also know that UUnet simply refuses to implement a technological suggestion to deal with the problem.

As soon as they do it, the volume of spam will drop dramatically.

Even if you can't read the headers, if you forward just about all spam you get to abuse-mail@uu.net, you will find that most of it was originated from there.

I am really looking forward to the day UUnet gets RBLed.

A typical report includes all parties involved unless they are the sender.

Media3 hosts spamvertized and spamware sites. Thus Media3 supports spammers. Spam support promotes further network abuse. Mail Abuse Prevention System is doing its job by listing Media3 in the RBL.

It's easy to get out of it once Media3 cleans up its act and joins other ISPs actively terminating spamware.
--
Leonid S. Knyshov

Re:Crime?

[Wiseleo]

Computer crime act 1030.

Avaiting a proper case to set a precedent ;-)
--
Leonid S. Knyshov

Re:Have you looked at the site?

[Nater]

Sendmail is a piece of software that can be used to spam. The folks at MarketingMasters offer software that is specifically designed for spamming, plus it comes with a bunch of addresses, probably including yours and mine. You see the difference?

Peacefire.org is a site about empowering people. They encourage people to exercise their rights under the law and dig up dirt on the people who would try to abuse their positions in the censorware market. Peacefire.org is currently blocked by RBL because MarketingMasters is selling spamware from a site hosted by the same service.

Put yourself in Peacefire's position. Suddenly your site is inaccessible from large portions of the Internet. You have no idea why and the people who are trying to connect to your site have no idea why. Some time later when the situation develops enough that you can start to figure it out, you realize that it's not related to your site at all. What would you do about it? Yes, I understand that they voluntarily chose their web hosting service over many many others, but in all honesty, are you going to tell Peacefire.org to switch providers now because they're using the same service as MarketingMasters?

This is precisely how jamie has drawn this analogy. RBL is a service that blocks access to sites, that makes it censorware. The fact that MAPS has arbitrarily decided to block an entire web hosting service because of one of their customers is abuse.

RBL needs to be replaced. The original intention was to keep it as a list of sites that send spam. That why you could (theoretically) stop getting spam by not accepting mail from those sites. That system has grown the point that it can now be used to affect changes in IP routing. And now that a significant population of net users are either directly or indirectly beholden to RBL, MAPS has taken the power they have and abused it.

Let me repeat... RBL was a list of sites that send spam that you could use to block incoming spam. RBL has become a list of sites that have disappeared from the net, and a lot of innocent bystanders have just disappeared. You see the difference?

Re:MAPS != censorship.

[Nater]

Censorship is something that can only be conducted by the government. Private organizations such as ISP's or MAPS can choose to carry or not carry whatever they like. The difference is of course that everyone 'owns' and funds the government which therefore has no right to moral or policical content it makes available. However private individuals have full discression over their own property and how they choose to utilize it.

This is the sort of mentality that easily degenerates into... well, I'll be completely frank... fascism.

AboveNet is a backbone provider that RBL. Why is that a problem? Because 1) a lot of people's traffic crosses AboveNet without them knowing and without them being able to do anything about it and 2) AboveNet won't carry certain content. According to you that's Ok, because, hey, it's their equipment.

Imagine, for a moment that it's not spam that's at issue. Suppose that some backbone provider subscribes to a service that blocks sites that provide information about the assination of JFK. According to you that's Ok, because, hey, it's their equipment.

Imagine for a moment that we're not even talking about the Internet. Instead we're talking about the phone network. Suppose some phone company decides to block calls to Russia, because in the opinion of the executive board of that phone company "they're all a bunch of commies". According to you that's Ok, because, hey, it's their equipment.

Do you get it now? Some services need to be universal, because if they have the authority to block based on content, then whatever means they use to do it is no longer voluntary by all parties involved. It's someone else deciding what other people can't have.

By the same token you should not be able to force a private entity such as an ISP to carry traffic they choose not to carry, i.e. traffic identified by the MAPS RBL. If you don't like MAPS then don't use their service or use the services of ISP's who do.

Services like RBL are supposed to end-user services. It's supposed to be a list that individuals like you and I use to block incoming mail. When backbone providers and ISPs use it, it becomes involuntary. You think it's easy to switch ISPs? You think everyone chose their ISP? How about students on the campus network? How about small towns with a local monopoly? How about big towns where every ISP has chosen to use RBL? It's none of the ISPs business what their customers are doing nor should it be. When an ISP subscribes to RBL, that's censorship, and no, it's not just the government that can censor.

Re:Have you looked at the site?

[Nater]

I don't know if you've looked closely at any of your spam in the last couple of years,...

Yes, I have. And you know what? I control it using a method that is infinitely more accurate and infinitely less controversial than RBL. What is this godsend?

Delete.

Re:An old and silly argument

[Nater]

what if your an ISP and your customers demand less spam?

That's like asking the postal service to deliver less junk mail. You should point that fact out to your customers. As an ISP isn't your responsibility to decide which mail your customers get and which they don't. If they don't want to get spam, then they need to take the time to set up their own blocking mechanisms.

Re:MAPS = DOS

[Todd+Knarr]

Yes, it's a denial of service. And yes, it will prevent spam. What's been done by just attacking the e-mail accounts the spammers use to send their mail is the equivalent of going after a car-theft ring by trying to nail down the little guys who nick the cars. What MAPS is doing is attacking the other end of the problem, the dealers who buy the stolen cars from the ring, knowingly or otherwise, and resell them to the public ( ie. the ISPs who host the spammer's Web sites ). Yes it'll be a problem for everyone, because shutting down those dealers also stops them from selling legitimate, not-stolen cars. Tough. If hosting spammer Web sites starts costing ISPs larger amounts of legitimate business, maybe they'll stop hosting spammer Web sites, and the spammers will have a lot more trouble staying in business with nowhere to receive contacts. Certainly nothing less seems to have gotten rid of the spammers, and I find it hard to have much sympathy for Media3 who I consider an accessory after the fact. As for Peacefire and the others, the best suggestion I can give is this: tell Media3 that they'll have to decide whether they want to stop doing business with the spammers or stop doing business with you.

Re:MAPS = DOS

[Todd+Knarr]

The ISP is, as I said, essentially in the position of the dealership that buys cars and parts from the chop-shop. MAPS is identifying not only the dealer, but all the people who buy cars from the dealer. When I agree with MAPS, I'm essentially telling everyone who buys cars from a dealer who is buying cars from the chop-shop that, until they stop doing business with a supporter of and accessory to unacceptable things, I'm not going to do business with them. And whether spamming is illegal or not depends on whether you consider forcing me to pay for your mail to be theft or not. And whether or not it is doesn't affect whether I consider spamming and supporting spammers acceptable behavior or not.

Targetting just the spammer would be nice, but then there's no incentive for the ISP to shut them down. They'll just move their site around, the spammer doesn't suffer financially since they're still reachable, and the ISP doesn't suffer from hosting the spammer since they still get both the spammer's money and all their other customers' money. What MAPS does, and what I do by using their RBL, is force the ISP's customers into choosing between doing business with a spammer-friendly ISP and doing business with me. Which hopefully will force the ISP into a choice between keeping the business of the spammers or the rest of their customers.

Moaning ninny USian teens

[Taurine]

So this becomes worthy of reportage the day that darling peacefire.org gets blocked. Am I the only person sick of hearing about Jamie's pet project?

The article filter needs a new feature, the ability to filter the intersection of two or more categories. I don't want to give up seeing all the YRO articles, but if I could filter out all of them posted by Jamie, I'm sure that all I would be cancelling is articles about these peacefire.org ninnies.

I mean what is this guy on? One day YRO is about what an infringement of YRO it is to be spammed, the next it is about how YRO are being infringed by people that are trying to stop the promotion of tools that make it possible to spam - lets face it the only people that spam are actually those without the ability to ever understand how it is done well enough to implement it themselves.

Re:You've totally missed the point...

[The+Vorlon]

Why would it not be ok to put this kind of pressure on Media3?

ISPs are driven by economics, just like any other business. A lot of people like to think the Internet is as yet untainted by money, but the truth is that if you see ISPs doing something that you find morally objectionable, appealing to their conscience isn't nearly as effective as appealing to their wallet. If we want Spam to stop, we'd damn well better be prepared to put financial pressure on the people who are currently making money off of it. Media3 is not exactly without recourse here, you know. If they don't want to be on the RBL, the solution is simple -- get rid of the customer that's selling spamware. But they'd rather sue MAPS than work with them, so tough cookies to them.

Should their customers be caught in the crossfire? Well, don't the customers have options, too? I haven't seen anything in this discussion to suggest that the poor customers are tied into service contracts, and even contracts can be broken.

And don't forget that the RBL only affects communication with sites that have CHOSEN to subscribe to the list. Do you believe it's wrong for individuals and ISPs to CHOOSE not to deal with those who make their money from Spam?

Re:You've totally missed the point...

[seebs]

>I'm amazed that so many readers here think it's
>ok to apply pressure to Media3 (who did support
>a spammers web site) by blacklisting a large
>block of Media3's legit customers, not just the
>spammer.

Well, look at it this way: What else can you do that Media3 cares about? Media3 has made it clear that, as long as the spam *itself* doesn't go over their network, you can host whatever you want on their pages, advertise it in spam, advertise it in faxes, advertise it by printing your URL on the flayed skins of your enemies, it doesn't matter, it's not *our* fault.

As long as they believe that, the spammers whose pages they host will have a very compelling *reason* to send out spam - they will be able to collect responses, collect money, and rake in cash, and they can do it because they're getting cheap, reliable, spam-friendly hosting.

Media3 has nothing to lose if we block a few spammer sites; the spammers don't care about a mere few percent of the net not seeing them, and since they don't send mail over their Media3 connection, the rest of the RBL users (those who just use it to block mail) aren't doing anything.

So, how do we communicate to Media3 that they are doing damage to the network? How do we tell them we want them to be good neighbors, or no neighbors at all?

We block *everything* of theirs. It's that simple. They won't *listen* to anything else.

If Media3 wins a suit against the RBL, I'm going to go add their blocks to our *local* blackhole list. And they'll stay there. Forever.

Or, they can admit that this is a *cooperative* network (you don't cooperate, we don't network with you), kick their spammers off, stop accepting spammer cash, and *POOF* no more RBL listing.

Imagine if Peacefire had bought its connectivity from Cyberpromo. They *did* host web pages, after all. Would you be surprised that they lost a bit of connectivity?

When you pick a hosting provider, one of the things you need to look for is "anti-spam policy". If they don't have one, you are likely to end up on the wrong side of a number of blacklists.

You've totally missed the point...

[seebs]

The problems with censorware are: 1. Inaccurate or undocumented listings. 2. Listings for things other than those said. The RBL has neither of these problems. Media3 is actively and knowingly supporting the people who flood your mailbox with all the crap we call "spam". Does blocking Media3's sites, in many cases at the IP level, result in you getting less spam? Today? No. Today, it just means those sites don't get as much traffic. Tomorrow? Sooner or later, Media3 will have to decide whether it wants to be on the network where spammers do business, or on the network where RBL subscribers do business. If they pick the spammer network, they will eventually be totally removed from the network, as they find their way into more and more blacklists. If they decide they want the other network, they will stop supporting spammers and people who sell spamware. With no way to sell their products, the spamware vendors will stop sending you ads for them. People will stop *buying* the products, because there will be no way to buy them. You will get less spam. It's an educational tool. Media3 has the option of being on the network where you host spammer pages, or on the network that RBL subscribers see. They have made their choice. Your list of sites "also affected" misses the point entirely. Those people are paying Media3, and as long as Media3 makes money, Media3 has no real reason to care whether or not hosting spammer sites is damaging to the rest of the network. If your hosting company is supporting spammers, you will be fucked. Don't buy hosting from companies that are unwilling to terminate spammer websites. The RBL isn't about stopping spam *today*. It's about encouraging the policies that we *absolutely need* if we are to have less spam *tomorrow*. Thanks to the RBL, a number of very large networks have put in strong, effective, anti-spam policies. Every day, you don't get dozens of spams that would once have been sent via netcom. Every day, hundreds of spams that would have advertised sites hosted by companies with a policy just like the Media3 policy *aren't* sent, because those sites got taken down, because the policies got fixed. Media3 is wrong. MAPS is right. Media3 is trying to support the theory that, as long as the actual spam is relay-raped or sent via throwaway dialup accounts, it's not their problem where the page is hosted. MAPS is educating them. As soon as Media3 fixes its policy to unequivocally prohibit the hosting of spamware sites, address list sites, and sites advertised in spam, and starts enforcing that policy, everyone is happy.

Re:You've totally missed the point...

[Felinoid]

>The problems with censorware are: 1. Inaccurate or undocumented listings. 2. Listings for things other than those said. The RBL has neither of these problems.

The RBL has quite a history of questionable listings and mistakes...
They deal with the problems in quite the same way as any censorware filter. Meaning they ignore it..

Re:You've totally missed the point...

[pjrc]

I'm amazed that so many readers here think it's ok to apply pressure to Media3 (who did support a spammers web site) by blacklisting a large block of Media3's legit customers, not just the spammer.

2. Listings for things other than those said. The RBL has neither of these problems.

Assuming that the facts presented are accurate (difficult to verify if above.net has stopped blocking packets based on MAPS)... then how could you conclude that blocking peacefire, FulfilledLives.com, DesktopHeaven.com, and the others is not "Listings for things other than those said".

If the facts are true, innocent customers are getting blacklisted simply because they happened to pick the same ISP as a spammer, and the ISP didn't want to drop the spammers website (because the spammer abused other ISPs, not them).

Perhaps Media3 is wrong for not dropping the spammer's website. But if MAPS is targeting a large group of Media3 customers because only one is a bad apple... even if you hate Media3.... it's amazing that you could overlook the injustice MAPS is doing to all the other innocent bystanders (Media3's other customers). Perhaps those customers should move to a different ISP, but how would they pick one? How could any of those other customers pick a new ISP? Media3's AUP looks ok and looks like all the others. How could a custoemr know, in advance, if they'll eventually be on the same class C as another customer that Vixie doesn't like but is acting within the ISP's AUP?? Even if the other customer is a nasty spammer, and even if Media3 is slow or won't terminate the spammer's web site, the fact (if it's true) remains that MAPS is targeting a large group of unrelated customers when only one is a spammer. The others are just poor innocent bystanders who could not have know in advance that they'd be in the same block of IP numbers as a spammer.

Re:You've totally missed the point...

[KjetilK]

The RBL has quite a history of questionable listings and mistakes...

Yes, and they've learned a lot from it.

I've have written two RBL nominations, both times, it was a spammer who had been spamming me heavily for almost a year. Neither of those went through. Nowadays, RBL is extremely conservative in what they list. It's really, really bad before it's a listing on RBL. And the poinbt that Jamie's missing is that that's the reason why RBL is ineffective in the short term in stopping spam. They are extremely conservative. They don't use the whack-a-mole tactic of blocking only where the spam comes from. To use that tactic, you'll have to respond within a few minutes, don't do any research beyond the reports, and certainly commit more mistakes. It would have been useful to have service that did that in addition to RBL, but that would have been really demonic. Those who say that MAPS should only block where the spam is coming from simply needs to get a clue.

Re:This is exactly what we want them to do.

[Skapare]

BS!

Kiddie porn is a miniscule use of photographic film or paper.

Spamming software has NO use but for spamming.

My RBL config stays ON!

Re:MAPS != censorship.

[Skapare]

Maybe I just don't want this universal connectivity.

I have been around long enough on the Internet to know what it was like when "universal" didn't include scum. Things change. So I make my view of the network the way I want, and MAPS RBL/DUL/RSS help me do that. It's not perfect, but when weighing the tradeoffs, it is preferred to use it than to not. If you think you can do better, and make something that would make me interested in switching from MAPS RBL, by all means go for it.

And, BTW, I do know how to make individual case exceptions to RBL/DUL/RSS in my DNS server. Convince me that I should in this or any other case.

Re:Power, unchecked, corrupting as usual

[Skapare]

MattW (ma++@ender.com) on Thursday December 14, @12:29AM CST
(User #97290 Info) wrote:

(1) If you're a bulk provider, with hundreds of web sites, it isn't even worth batting an eye to keep hosting a spam software provider. If they wanted to follow the money, they may refuse to remove them, but they certainly wouldn't defend them when MAPS came knocking. MAPS scares providers.

I'm glad that it does scare them.

(2) How much is enough? Should MAPS block every single IP address that the provider has, just to force them to stop hosting the software seller? How many innocent sites have to be taken down in the name of shutting down the spammers? And do you really think people looking for spamming software won't be able to find it because you shut this down? When these software sellers move, should we shut down a thousand more? Will you feel the same when its YOU?

MAPS RBL may be doing exactly what I would do if I were running such a service. What I would do is look up the ARIN/RIPE/APNIC records to determine the smallest level of IP assignment administration. The theory here is that it is easy for a web site to get a new IP in the same block. In fact, they may already have one. It can be difficult to determine exactly which IPs are to be blocked if done invidually. And it happens already that web customers to ask for IP address changes to try to get around various forms of being blocked.

If the spam supporter is running their own network, AND if the ISP they use properly registers their suballocation to the appropriate database at ARIN/RIPE/APNIC, then I'm quite happy to block ONLY that customer and not the whole ISP. But if the ISP can't be bothered to submit that information, then I can't be bothered to pin down an exact network for them.

(3) No one ever stops to think how insidiously powerful MAPS has grown. As their filters have become useful, it has gone far beyond good sysadmins using them to protect their users -- it has gone corporate, with millions of addresses obeying the filters MAPS dishes out. What happens when it is abused?

You're assuming that it will be abused. While I cannot say it won't be, I don't see that trend at this time. The view MAPS uses is in line with my own. If they do end up abusing it (by my definition) then I may quit using it. That decision will be made on the basis of whichever choice has the better results for me. If the choices are MAPS or nothing, then it will take quite some abuse to make me choose nothing. If the choices are MAPS or someone else's service that isn't doing the abuse, but is better than nothing, I could be more likely to make the switch. Currently I see no other viable choice (I don't like ORBS' approach).

Think that won't happen? Wrong, it already has. MAPS blocked 209.211.253/24, because it hurt a lot more than just blocking 209.211.253.68-89, or even 209.211.253.64/27. I shouldn't need to repeat it, Jamie made a great point: Paul Vixie said MAPS contacts all blocked websites before blocking them. Ah, but that must date back to before MAPS was so powerful, such an icon of internet protection, with supporters lining up to buy them lawyers.

I would need to see evidence that blocking 209.211.253/24 is an abuse. I haven't seen any, yet.

(4) MAPS is tied far too closely with AboveNet. The fact that Vixie was an Abovenet VP (who knows what he is with Metromedia, who bought Abovenet), should absolutely chill people. There's something absolutely creepy about the power to block email to 40% of addresses being thus controlled. I'm sure the small-time sysadmins would remove MAPS configs from sendmail if it were abused -- but would corporations be so quick to follow? With change control procedures, possibly even total apathy?

I'm small time, and from reading all the information posted on /. I don't see any reason to not block Media3. The current situation is commensurate with why I use MAPS RBL/DUL/RSS in the first place. If you do decide to provide some evidence as to why I should make an exception and allow Media3 into my network (which I know how to do), please also tell me why:

• There are not IN-ADDR.ARPA reverse PTR records for these IP address that correctly resolve forward to that IP address.
• Media3 has not submitted SWIP records to ARIN to indicate a different administrative control over these addresses.

At this point, a lot of these points have been intentionally sensationalized to provoke a bit of thought. I think that MAPS has just selected an overbroad block to filter this time -- and I agree with filtering spam software sales. You support spam, down you go. But I also think that the cheerleading, here and elsewhere, and the lack of concern over the fact that MAPS has run roughshod over so many innocent sites, shows that people have a tendency to follow net luminaries far too blindly. If you're going to run MAPS filters, then you're handing that project power. Best keep an eye on that, if you don't want to contribute to the abuse of that power.

I will keep a watch.

Re:Screw Vixie and his goon friends at Above.net

[Skapare]

My servers use his services so I guess I elected him policeman.

ASN is NOT required

[Skapare]

You can use RBL w/o an ASN. You just have to run BGP4 and peer with the RBL eBGP4 server and let it route to your black hole address. You then default route everything else out your single backbone connection. No other BGP peering is needed. Since you're not announcing routes (and RBL certainly isn't taking them) you can use a reserved ASN to configure your router.

Re:A Better Analogy

[Felinoid]

A perfict annolog.... Napster... DVD DeCSS Decode.

Ok not perfict... The tool is admittedly for spammers...
But they themselfs aren't spamming...
The software is insainly easy to write after all..

On the other hand the music industry has made up it's mind that Napster IS a piracy tool. The movie industry has similer views about DeCSS..

At the same time anyone who'd like to voice discontent to the authors of this program won't be able to do so...

I personally would like to reverse engenear this program and see if I can't just add something to my procmail filter so it'll reject e-mail sent by this software.

Re:A Better Analogy

[Felinoid]

I hear that free software thing is really dangerous to the economy.. Big communist plot.. dangerous to capitalism and inovation..
We should crush it...

Just ban a few IPs at the DNS level...

That Linux thing is just far to dangerous..

Re:A Better Analogy

[Felinoid]

Ahh so the lynch mob is more trustworthy than a cort order...

Pot kettle black

[Felinoid]

As one website put it soo well..
Anyone who points out the flaws of the MAPS gets thrown in with the worst of spammers...

But I'll put in it my own more umm jerk knee.. way...
Blasphamy.. how dare he say something about our all perfict god Vixie..

The fact is Slashdot isn't above reproch.. Mistakes are made.. Taco and crew screw up..
But Vixie is put on a pedistal..

Mistakes are made... and when you ignore the mistakes it just gets worse...

As http://www.ifn.net/ puts it.. no accountability...
It wouldn't be a problem if he'd just make the effort to deal with defects

Re:Screw Vixie and his goon friends at Above.net

[Felinoid]

You elected him to police your users..
AboveNet placed him in power over the whole Internet.

There is a diffrence...
Say AoL picks up a filter.. then any e-mail rejected by that filter dosn't get past that filter to AoL... fair enough...
Say AoL dosn't pick a filter but it's traffic passes through AboveNet... gets filtered FOR them...

Well thats not the case anymore becouse AboveNet dropped it's filter..

So now Vixie only polices ISPs the let him...

Re:Horay!

[Felinoid]

It's a fine tradition of USENET not of E-mail...
(I am refering to CancleMoose... His activitys has helpped battle spam on Usenet for years)

At one time the RBL was just a list of known spam friendly ISPs.
It has sence become a tool to force ISPs to comply to Vixies standards.

It was a feature to costummers.. they wanted spam free e-mail. They didn't care if they lost some lagit e-mail in the process...
Thats when spam was a major problem.. when CyberPromo was on the attack...

Now costummers don't care if they get spam.. they want to get all the e-mail ment for them...

yes ISPs have every right to provide whatever services they see fit. Consummers have every right to know what "services" they are getting. ISPs as a rule keep costummers in the dark about filtering policys.

Also the RBL has changed significantly over the years.
There was a time when backbones would kick off spam friendly ISPs..
They don't do that anymore.. becouse it isn't much of a problem anymore...

In the absence of a problem to solve.. the solution itself is a problem...

Re:A Better Analogy

[Felinoid]

You give them a chance to remove the item from the shelfs or your protest is slammed as a 'crank'...

Re:My objection to the MAPS RBL is over

[Felinoid]

>Do you believe everything you read on the web?!
No.. and I don't expect you to eather...
What I expect is for you to research this yourself. I hope you come to the same conclusions I have.
However I didn't need the webpage to convence me sence I was costummer of IFN at the time...

However... you seem willing to accept a third party repost of an auto-responder to usenet as "from the horses mouth"...

I went ahead and verifyed the text was infact athentic...
It is the last item in the e-mail just after this:

Please recognize that control of your online activities, including email, belongs to you, not us. We are prepared to assist and take action when necessary, but you must make the first attempt to solve the problem.

In otherwords... "We WILL do what WE can to eliminate spam but you have to do your part"

Given what IMAPS did to IFN I'm not supprised they are being more than a bit jumpy when it comes to abuse complaints.

Spammer sets up website on IFN..
IFN and IMAPS gets complaints...
IFN shuts down website.. IMAPS lists IFN anyway..
IMAPS refuses contact with IFN for almost a month.
IFN is delisted...
Spammer clames website is back...
I checked.. it wasn't back...
IMAPS acknoladges the website isn't at the advertised location.. lists IFN anyway..
Refuses contact....

I'll ask IFN to clarify it's policy.. it seems you don't get it...
They are charging a fee to help deal with abuse that is outside IFNs services...IE Spammers adveritsing fictional websites...

My objection to the MAPS RBL is over

[Felinoid]

I've long had an objection to AboveNet filtering peer traffic.
I was once all for the RBL and MAPS before I discovered how they operate.
Basicly they have lost prospective. I still refuse to have anything to do with RBLs filters. For more on RBLs past go here
Now that AboveNet has discontinued it's peer filtering it dosn't matter to me how slipshot the RBL is.
If ISPs willingly filter e-mail this way and users don't object then great.. Horray.. I myself will never trust my spam filtering to MAPS.
My ONLY objection is the packet filtering that AboveNet did..
They have stopped.. and my only objection to the RBL is gone...

Re:My objection to the MAPS RBL is over

[Doug+Lim]

> Basicly they have lost prospective. I still refuse to have anything to do with RBLs filters. For more on RBLs past go here

Do you believe everything you read on the web?!

Here's something citing something straight from the horse's... er... IFN.

http://www.deja.com/[ST_rn=ps]/getdoc.xp?AN=670664 883&fmt=text

In particular, note the following excerpt of IFN's response to those who dare complain about spam sent by IFN customers or spamvertising IFN hosted web sites

Finally, we reserve the right to charge a fee to the complainant to pursue complaints about email messages not in violation of California or federal law.

Yep, since there's a lot of real spam that isn't considered illegal under current California laws and there are currently no federal laws stating that spam is illegal, that essentially boils down to, "Yes, we know our customers may be responsible for spamming (directly from our network or from elsewhere to promote their IFN-hosted web site), but we really don't want to hear about it or take responsibility for our spamming customers, and we'll do whatever we can to discourage people from even filing otherwise appropriate complaints."

can MAPS/ORBS be advisory to users?

[Lumpish+Scholar]

Can an ISP, instead of filtering mail from "bad" sites, add identifying header lines to messages from such hosts? That way, users could add fiters to block such messages, but have filters with a higher precedence to allow mail from friends and family. (I know this requires a fair level of expertise. Also not clear how you could set it up so users wouldn't even have to download spam.)

Re:can MAPS/ORBS be advisory to users?

[dubl-u]

Yes. I I use blcheck for this, with to put it right into the SMTP chain, although you can use it with procmail, too. That way users can use their mail clients to decide what to trash and what to keep.

Re:can MAPS/ORBS be advisory to users?

[Senior+Frac]

Can an ISP, instead of filtering mail from "bad" sites, add identifying header lines to messages from such hosts? Sure! MAPS doesn't tell subscribers how they should implement their usage of the list; aside from limitations on republishing it out to others. That way, users could add fiters to block such messages, but have filters with a higher precedence to allow mail from friends and family. Certainly possible. However, this doesn't curtail the primary problem with spam in the first place; that of cost-shifting. Filtering at the user level, instead of the server level, doesn't prevent the cost-shifting of the advertising on the the recipient. If I share a server with you, and you want this capability, I'm having to pay for the cost of delivery just as much as you. If I don't want that, then I'll walk to a provider that filters on server level. Bang! We're right back where we are now. Half the net can't talk to the other half, and the non-filtered side starts whining (of course, it's got all the abusers too). I would like to see all responsible parties move to the "filtered side". This will isolate the businesses that don't conform to the good net neighbor practices in their down little spam circle. They can send to each other, but not to us. :) (I know this requires a fair level of expertise. Also not clear how you could set it up so users wouldn't even have to download spam.) Exactly the problem. I don't want to pay to download it. Content based filtering (i.e. pretty much anything other than IP filtering) carries with it all the costs and negatives of just accepting the spam in your inbox in the first place. The only difference is you don't have to wear out your delete key as much.
--

Re:Huh?

[boots@work]

Most subscribers use the RBL from their mail server as a way of deciding whether to accept connections or forward mail.

However, it can also be fed directly into routers through eBGP4. I think larger networks might be more likely to use it that way. In this case, the blacklisted addresses simply become unroutable, and not even web access to the domain will work.

This only happens if your network, or your upstream, voluntarily and consciously decides they want to follow MAPS's advice about abusive networks.
--
Martin

Re:You can't fool all the people...

[Fishy]

"I am all for blocking spam. But MAPS isn't about blocking spam, as this /. article points out"

Err, yes it is, the article was just plain wrong in that regard (well in most other regards aswell). Supporting an incorrect assumption based on that assumption is not a good idea.

"Technical people like us know that MAPS is a political organization out to stiffle speech they don't like"

*lol*, is that black helicopters I see....

F

Re:So?

[Adam+J.+Richter]

Yes, it is relevant, because the chief technology office of AboveNet is Dave Rand, one of principals of MAPS. Whether MAPS lists ORBS in their database or not, they (through one of the principals) are censoring ORBS. Of course AboveNet provides some lame excuse about how their blocking ORBS is for our own good, but we have never been able to get AboveNet to unblock ORBS from our class C.

Re:So?

[Adam+J.+Richter]

AboveNet has constructed their criteria so that they do have "fig leaf" excuse for their censorship, as is done in virtually all real world examples of censorship. If you want to be fooled in all of these cases, that is your choice.

In this case, AboveNet's excuse is ridiculous, in light of the fact that AboveNet claims to be doing this for customer welfare, and we, the effected customer, do not want them to do it.

Re:So?

[Adam+J.+Richter]

I am not saying that AboveNet is trying to prevent people from learning about what relay blocking is. I am saying that they are censoring the specific exchange of information needed to do the relay checking (albeit with some lame excuse). This would be akin to allowing a few books on what democracy is but not allowing people to actually communicate to implement it. In this case, we have two consenting parties that want to communicate with each other and an intermediary is actively blocking the communication.

Obviously, we cannot be the only AboveNet user that objects to this given all of the discussion you say there is about the issue (not from us). So, it would not be reasonable for AboveNet to claim that allowing ORBS probes is just too much work for just one customer request.

And, yes, we do intend to vote with our dollars, losing our setup costs after our annual contract with our AboveNet-based ISP expires.

Re:So?

[Adam+J.+Richter]

<P>
Again, the primary censorship in AboveNet's interfering with ORBS's ability to test our gateway. (AboveNet's interfering with our ability to read the ORBS information is also censorship, but that's another matter.)
</P>
<P>
Even when censorship is incomplete (for example, as you point out, we can spend thousands of dollars to avoid this particular case), it is still censorship.
</P>

Re:So?

[Adam+J.+Richter]

One more thing, for the benefit of other readers: If you search for "AboveNet" or "Above.Net" in the spamtools archive at http://wx.iecc.com/cgi-bin/spamtoolsearch, I think it's pretty clear that the only defense offered for AboveNet's activities is that they have written their Acceptable Use Policy to allow it (again, it's just their fig leaf excuse).

Above.net IS STILL not routing to ORBS

[Adam+J.+Richter]

As of 1:46am PDT, 14 December 2000, I still cannot traceroute from yggdrasil.com (connected via AboveNet) to www.orbs.org, but I can from my personal Pacific Bell DSL line:

traceroute to www.orbs.org (202.36.147.16), 30 hops max, 40 byte packets
1 yggdrasil-port.yggdrasil.com (209.249.10.1) 0.348 ms 0.304 ms 2.811 ms
2 cisco-ethernet.yggdrasil.com (209.249.10.250) 2.676 ms 2.944 ms 2.260 ms
3 proteon-t1.yggdrasil.com (209.249.10.254) 291.109 ms 264.186 ms 264.251 ms
4 216.200.192.main.above.net (216.200.192.4) 315.453 ms 425.357 ms 361.949 ms
5 * * *
:

Re:Fuck off, Commie Pinko

[SpacePunk]

"Neither do I see what communism has to do with it. This is the kind of thing that would only occur in a near anarchic free market where lack of any real, effective regulatory due process means that self apointed bodies like this have to resort to bully tactics to get anything done." Bullies always, inevitably, get their asses kicked.

Re:A compelling argument...

[Wntrmute]

Or, if you're spending 5 digits each month, you won't notice another $20, so you buy a dial-in or shell account with any fricking ISP of your choice on Earth and access its servers via TCP/IP over your five-figure account.

Yeah, ok, here's a hypothetical situation for you. Let's say I am paying 5 figures for my DS-3, and in my building are several mailservers, for myself, my colo customers, my webhosting customers, etc. I find out my provider uses the RBL. (There are providers that will *not* tell you they use it. I personally know of one, the only reason why I know they use it is because a new employee at my company used to work there. I have friends who have had similar experiences.)

Now, I don't want to deal with the RBL. It causes potential customers not to be able to email me, or *my* customers. So you are seriously suggesting that this is no problem, I can just go get a $20 account and use some other ISP's POP3 server? Yeah, that one POP3 account will handle all the mail for the several mailservers in my building with no problems... Right...

-Wintermute

Try *reading* the article...

[Wntrmute]

Ahh yes, another /. poster that doesn't read

I have no sympathy for the author. His firm is hosting a site that is selling spamming tools.

The author is *not* hosting a site that sells spamming tools. The author (Jamie) happens to work with a site (Peacefire) hosted by a company (Media 3)that has another customer (Marketing Masters) which is selling spamming tools. So he gets his site blocked because of the actions of his provider's customer.

Reading comprehension. A valuable skill.

-Wintermute

Armchair QBing makes me sick.

[augustz]

I for one like that a few people with a vision are sticking to their guns. They don't like spam and are working to stop it. If you don't like spam, use the FREE product they offer, if you do like spam signup at hotmail.com and disable the RBL on you account and you will be flooded.

Frankly, unless you've got a better solution, and are actually spending the time to do it, shut up. I'm tired of hearing armchair quarterbacking by people who are probably sitting in their armchairs. Especially if it is attacking one of the few effective tools to combat spam.

So right on to Vixie and the rest of the crew at MAPS. You've got an opinion which you share on a list, and we can all choose to follow it or not.

MAPS has the right spirit.

[augustz]

Voluntary opinions, no thugs at your door or lawyers involved. It appears that the authors solution to Spam is to get rid of organizations like MAPS and bring in something better. Either it'll be a group like OFTEL in the UK which caves in to everyone, or it will be legislation and lawyers and all the rest (and fat chance of those laws passing).

Thank goodness MAPS is sticking to their guns in the face of the legal crap they are forced to deal with, and now the half-though out (MAPS does NOT block packets, web access, etc, it blocks mail) ravings of this lunatic. Go over their and donate some money to them and work to create a better internet.

Re:MAPS has the right spirit.

[augustz]

Certainly, but in this case they are not. Please try this traceroute or this one yourself.

Grow up, and get a life.

Wannabe Actavisits and Bad Facts

[augustz]

How I wish facts where checked (or at least read) before this stuff gets posted to slashdot. Can we get an UPDATE on this?

"And here's a heavily abridged list of the sites that cannot be accessed via AboveNet, or any of the other providers who use the RBL -- just a few of the sites on just one blacklisted Class C:" MAPS does not block web sites. If your looking for something to be an activist over, pick something worthwhile and get your facts straight.

To Contribute to MAPS Legal Defense Fund

[augustz]

If you're like most of us, and want to allow MAPS to continue publishing its opinions, head on over to

PayPal

and donate some money to their LDF. I have, and so should you. With MAPS you get a clear benefit as well as knowing your doing the right thing.

Proof that Abovenet does not block:

[augustz]

Please try this traceroute yourself.

Moderate UP, he's right! - Proof

[augustz]

Please try this traceroute or this one yourself.

See?

Re:Sorry, Jamie, you are way off base

[augustz]

I say the same thing. Go donate to their LDF!

Spam: A Receiver Decision

[Codeine]

Spam is like porn, in that control of its distribution is the goal of some organisations.

Unfortunately the problem is always the same, what is spam/porn? This problem is exacerbated by the fact some people want spam/porn.

Thus it is properly a Receiver decision, not a third-party one.

The trick, is to give the end-point control.

The difficulty with spam is protecting your email address.

This cannot be done easily, the answer is to have many addresses.

Many people use web-based email this way, dumping compromised addresses and signing up with a new id. This is a temporary respite, as it starts the cycle again and imposes the burden of notifying all your correspondents.

SneakEmail, on the other hand provides you with:

1. An infinite number of email addresses (that all deliver to a single email box).

2. The addresses can be filtered in such a way that email which doesn't come from an acceptable address is held, or dumped.

3. A range of useful management tools for the multiple addresses.

The important difference is it is the end-user, not some self-appointed group who makes the decision.

Re:Sorry, Jamie, you are way off base

[The+Asmodeus]

I have to agree to this. Many of you newbies probably don't remember Spamford and what a pain in the behind he was. It wasn't until Ageis's network was basically lopped off most of the internet did they stop taking his dirty money. This isn't censorship. This provider isn't being blackholed for saying or doing something certain people may disagree with. They are involved in criminal activity. Spammers are criminals (theft of resources), those that harbor them are, by association, criminals. Saying otherwise equates spam with protected free speech which I don't think any of you are dumb enough to do.

Re:A Better Analogy

[winnetou]

In fact, bust down the doors of all their neighbors, yank those folks off their couchs and their kids away from their game consoles, and lynch them too.

Noone is lynched, it is only IP packets that aren't accepted. Free speech also implies the right not to listen.

They're living in same appartment complex (Class C IP address range), so let's crucify everyone in the surrounding area, so that the apt complex managers who tolerated the porographers will lose money and noone will move back in.

Why do want to force me to visit someone that chose to live in a slump? I don't deny them the right to live there, but I have no obligation to go there.

Re:Sorry, Jamie, you are way off base

[winnetou]

You don't need to. Just block the spammer's website. This still cuts off the money - the spammer will get less, since they've been RBL'd, and if the spammer goes elsewhere, then the ISP loses their money - but not at the (unnecessary) expense of other customers.

Ehrrm, it isn't a spammer, it is a seller of spamware. If MAPS blocked the website, spammers could still reach the website, buy the spamware and spam from dialups.

MAPS seems to want to have it both ways - to the public: "Oh, we're not censoring anyone", but to M3: "Shut this site down now, or we'll punish you by blocking lots of your sites". I'm sorry, but to me, that's just terrible.

MAPS is not censoring, subscribers to MAPS have chosen not to spend their money for the transport of packets send to or from Media3.
A newspaper that doesn't put your opinion on its frontpage isn't censoring either.

Re:You can't fool all the people...

[winnetou]

There are lots of dangerous people in the world. Spammers count, but really they're just vermin in need of some better legislation. The people you really have to watch out for are the ones who tell you "the ends justify the means," or "we just have to take a tiny bit of your freedom to make you safer."

MAPS doesn't take anything of your freedom, if you don't like their decisions, you just don't subscribe to the RBL. If you aren't an ISP, you can choose an ISP that doesn't subscribe to the RBL.
OTOH, if there would be a law against spam, it would probably tell that pr0n is forbidden, but that big companies could spam you as much as they wanted.
To summarize: if you don't like the decisions of MAPS, start a better list yourself. If it really would be better, more ISPs would subscribe to your list and you would be more influental than MAPS.

Re:Additional data

[Black+Parrot]

> Here's some other interesting data on Media3

Could we get a recount on that, please!

--

Most odd - why the /24?

[kieran]

(Point of view of me as a Network Admin...)

From the MAPS evidence file:

> Here is what I am aware of:
>
> http://209.211.253.68/
> http://209.211.253.69/
> http://209.211.253.70/
> http://209.211.253.71/
> http://209.211.253.72/
> http://209.211.253.73/
> http://209.211.253.74/
> http://209.211.253.84/
> http://209.211.253.88/
> http://209.211.253.89/

So really, MAPS should be blocking something like:
209.211.253.68/30,
209.211.253.72/31,
209.211.253.74/32,
209.211.253.84/32, and
209.211.253.88/31.

Blocking the whole /24 is punitive, and if you're going to act like that why not block the whole AS? That said, I'm not exactly bursting with sympathy for Media3, and as for peacefire.org: perhaps they could put their business in the way of a more responsible provider?

My personal view on these lists has long been that ORBS is not worth using but is worth listening to (to aid in hunting down customer relays before they get abused), MAPS is worth taking as a BGP feed (so that all traffic to those hosts is blackholed) and the DUL (dialup-list) is worth setting up on your MTA so that mail directly from those hosts is refused.

Re:Most odd - why the /24?

[Senior+Frac]

Most odd - why the /24? I don't know the details about this specific case. Usually a /24 doesn't get listed unless a good percentage of it's IP addresses wind up spamming. Another reason could be Media3 moving a spammer around to avoid the existing blocks. This happens more often than you might think. I think the track record (see the links to spamhause.org in some of the replies) of Media3 makes it pretty clear they've been ignoring complaints or aiding spammers by reassigning netblocks. The listing of 6 /24s indicates this to me.
--

A regex that matches 90% of spam I receive

[Fiery]

Someone's been surfing ebay and collecting spam addresses, and sending me lots of spam from different accounts at yahoo, msn, hotbot, compuserve, etc. Fortunately, I found a way to collect all their spam into one mailbox. Here's the perl regex for it. This matches about 90% of the spam I receive, but I guess I'm too careful with my email address - I only get 4 or 5 a week, max.

/^Subject: .* {20,}\[[a-z0-9]{5}\]$/

Re:censorware.

[matth]

Mine has never, to my knowledge, been an open relay.. I'm just saying assuming it must have been open here or there and mAPS got it.. cause I was on the list.. though to my knowledge I was never open... ARG! makes you wonder if there are other innoccent servers on the list.

censorware.

[matth]

I personally feel that MAPS, ORBs are more trouble then they are worth. I used to work for an isp which used orbs and it was really truely nothing more then a headache for the Tech people. People woudl call in wondering why they were not able to get e-mail from someone, or why someone could not get e-mail from them. And most of the time it was ORBS. Another example is that open mail relays are blocked. My own mail server was blocked by ORBS one day. it was fine.. the next day blocked. Never (except for perhaps a few minutes here and there) had it been an open relay, yet orbs had blocked it. When I requested they take it off, they promptly did, but again, there was no reason for it to be put up there!

Re:censorware.

[drinkypoo]

Never (except for perhaps a few minutes here and there) had it been an open relay, yet orbs had blocked it.

You like that? Mine had NEVER been an open relay, period. End of story. I got blocked anyway.

Re:censorware.

[itarget]

This is a problem with implimentation more than it is with MAPS and ORBs.

What ISPs should do is set some of their mail servers up to use spam blockers and some not, then give their customers the choice of which server they want their email account on. The services provided by MAPS and ORBs are volountary, and they should be.

"Would you like spamming or non-spamming, sir?"
Sorry, I couldn't resist.
---
Where can the word be found, where can the word resound? Not here, there is not enough silence.

Re:censorware.

[duffbeer703]

I recieved a warning that my mail server was an open relay. One small problem --- the ip address in question was beind a firewall which only allowed ports 22 and 80!

I had to waste several hours emailing back and forth with some idiot at ORBS to clear the whole issue up. I am considering blocking ORBS and RBL subnets at my site to avoid more nonsense and wasted time in the future.

Re:censorware.

[shokk]

Sounds like someone was a little sloppy with their "few minutes here and there".

Re:A compelling argument...

[Tripster]

I agree, I use RBL on all my mail servers, one server I also throw in the DUL and RSS, that one is mostly for my own domain names.

It is effective, when I started getting over a dozen spams a day in each mailbox on my domain I figured enough was enough.

Sorry, but I don't really care if the odd person has trouble emailing my domain, mostly they're trying from crappo free email providers anyways and I tell them to find another one, their most compelling argument is "oh, but this domain name is cooler than those other ones", franky I don't give a damn how cool your email domain name is, if they've been branded as spam sources I don't want mail from them.

I work with a hosting company, during the 2 years I've been here we've had 2 spammers sign up, in the first case we shut them down within 6 hours, zero tolerance, we didn't even receive a complaint but one look at their log file showed they were hiding IP's and it was obvious coming from a spammed email.

In the second case it was a newbie spammer who got right upset when we cut them off, what we've learned so far is that most spammer types seem to hang out in Florida, they're mostly dumb as rocks and are usually the type of morons who fall for the "get rich doing nothing" schemes you see around.

Media3 are obviously spam friendly, hell we wouldn't even accept a client who had "bulk" in their url and seemed to indicate that was bulk email, not worth the hassle of getting blacklisted and that should be enough to police the rest of the ISPs out there.

Chances are Media3 are owned and operated by spammer types to begin with, these marketing geniuses always seem to group themselves together so they can pray on the weak and stupid side of society, which is really their only clientelle.

Email, now page viewing

[searcher]

Using MAPS blocks email from that particular
domain. While it may block email from other domains
on the same box, if used properly, it doesn't
block viewing of the page. Which is what this
article seems to imply.

Re:Email, now page viewing

[Orang]

*bong* MAPS does not block email *bong* MAPS does not block you viewing whatever you like I suggest you read what they do actually do before making public statements.

Re:MAPS is in the right

[searcher]

Once you have seen spam from an ISP's angle you
realize how beligerant something like MAPS
must be in order to be at all effective.

Agreed.
Spam is horribly abused. Harsh methods are sometimes necessary.

If MAPS claims to contact providers before adding
them to the blacklist, that is wrong and can be abused as well.
From my perspective, MAPS has done
more help than harm.

Re:That doesn't prove anything

[BlueLines]

Not true. My company has several racks worth of machines at above.net, and i can see these ip's fine:

traceroute to mediamasters.com (204.101.215.149), 30 hops max, 38 byte packets
1 main4-216-200-18.sjc.above.net (216.200.18.3) 0.460 ms 0.548 ms 22.097 ms 2 core5-main4-oc3.sjc.above.net (216.200.0.213) 0.438 ms 0.707 ms 0.329 ms
3 core1-core5-oc48.sjc2.above.net (216.200.0.178) 0.748 ms 0.435 ms 0.476 ms
4 ord-sjc-oc12.ord.above.net (207.126.96.117) 60.749 ms 60.551 ms 60.689 ms 5 POS12-0-0.GW2.CHI6.ALTER.NET (157.130.111.89) 62.042 ms 62.046 ms 62.066 ms
6 112.ATM3-0.XR2.CHI6.ALTER.NET (146.188.208.182) 61.435 ms 62.329 ms 61.414 ms
7 190.at-2-0-0.TR2.CHI2.ALTER.NET (152.63.65.102) 63.525 ms 63.280 ms 62.999 ms
8 126.ATM6-0.TR2.TOR2.ALTER.NET (152.63.7.102) 75.048 ms 74.651 ms 74.853 ms
9 198.ATM6-0.XR2.TOR3.ALTER.NET (152.63.129.201) 75.971 ms 75.700 ms 75.437 ms
10 191.ATM6-0.GW1.TOR3.ALTER.NET (152.63.129.237) 75.506 ms 75.527 ms 76.023 ms
11 205.150.221.230 (205.150.221.230) 89.191 ms 89.263 ms 88.758 ms
12 mediamasters.com (204.101.215.149) 88.596 ms 88.603 ms 89.945 ms

Re:MAPS != censorship.

[lytles]

corporations are liscenced by the state, and as such should have similar responsibilities as the gov'ts that liscense them.

furthermore, the corporation has become the most likely path to totalitarian rule in america.

Re: Above net do not block them, only ORBS...

[@madeus]

Above.net block only domains relating to ORBS.org AFAIK (As do, it would seem, a growing number of backbone providers) See:

http://www.above.net/cgi-bin/trace?www.orbs.org

http://lg.carrier1.net/

While I do not believe the idea of an RBL is bad one, it must be run responsibly. Not the way Alan Brown (who in a very real sense *IS* ORBS) does it

Re:We're a victim too....

[Menthos]

We had the server open for a brief period after recompiling sendmail and having a misconfiguration, the ISP catched it and informed us, so I think they do a lot to make sure that doesn't happen.

Your ISP "taking care of" open relays doesn't prove that they are opposed to spam. They might still host spammer's web sites, and won't refuse to deal with that type of businesses.
In the later case, they still belong on the RBL, and personally, I have no problem with that. They can't just say that they are fighting against spam and on the same time be hosting the very people they say they're fighting against. To me that would be the definition of hypocrisy.

Re:This is exactly what we want them to do.

[mwa]

Or locking up the DVD pirate and locking up the author of DECSS...

Re:Horay!

[jpayne]

Umm, Abovenet make it clear on their website that they use the RBL. Any customers or prospective customers that don't know that, didn't do any research.

Re:Horay!

[jpayne]

I doubt that anyone in a position to decide whether or not to use the MAPS lists is foolish enough to take everything they read on /. without a large pinch of salt.

I don't think its up to MAPS to contact the websites on the block they're hitting. I know that they would have contacted Media3... so I submit that it was Media3's responsibility to warn their customers of the pending lack of connectivity. I also submit that the customers that suffered should claim compensation from Media3.

Re:Horay!

[jpayne]

Abovenet's customer e-mails don't touch any abovenet mail servers. They're not the type of ISP you can get DSL or dial-in from.

The *only* way they can reduce spam by utilising the RBL is via a BGP feed, which blocks all connectivity to the RBL listed hosts.

Re:Horay!

[jpayne]

Nope, this is another example of a poorly researched /. article. /. is rapidly becoming somewhere to go for a laugh to see how badly wrong they've got it this time.

RBL listing of spamware sites is a long established tradition, its public knowledge and is one of the listing criteria: Spam Support

Escalation of listings past single hosts is also known about, this happens when the provider continues to allow the spamming to continue, or moves the host around the netblock to avoid the RBL listing.

You have to go after what hurts the spammers. They don't care if they lose their hotmail account, or their MSN dial up account... as long as people can still view their website.

Oh, and BTW... ISPs have every right to decide what goes on their network. Its *their* property. Abovenet have decided not to allow hosts that are in the RBL to transit their network. Thats fine... as a customer of an Abovenet customer, I'm ecstatic that they've done this, as it saves me a DNS lookup for every e-mail that comes in :) However, its still their decision... and its my decision to stay a customer of Abovenet's (albeit one hop removed)

Re:This is journalism?

[gmhowell]

In traditional journalism, this is more akin to analysis or editorialising.

In modern journalism, this is serious, hard-hitting investigative reporting.

Re:This is exactly what we want them to do.

[gmhowell]

>Nazis vs. Jews

And, in fine Usenet fashion, the discussion is now over!

BulkIsp.com

[Voivod]

For proof positive that Media3 knowingly hosts sites which spam, visit BulkIsp.com. Some quotes from that site:

"The agenda for our company is that 75% of our activities should be to promote our own products and services. Thus you know that we have to be good at what we do, as it is the way that we market business to business and business to consumer for ourselves."

"We guarantee that the mail that you hire us to send is based on the delivered pieces. We also guarantee that your site will stay up the full amount of time that you need to get the full results of the mailing."

So, to review:

• BulkIsp.com sends spam to promote themselves.
• BulkIsp.com sends spam for others for money.
• BulkIsp.com guarantees your site will stay up because they don't have to worry about any pesky AUP.

Media3 has gotten complaints about them, and has decided to leave them running. To see some other spam sites Media3 is hosting, check out SpamHaus.org where they are by far the leader in spam hosting.

I'm amazed that the poster continues to quote the Media3 AUP and its CEO as if they had any credibility. Media3 hosts Spammers. This is not being debated. What this says about his character speaks far louder than his quibbling over whether they actually "spam" from his "service" per se. The fact is that Spammers pay a lot of money for bullet proof hosting of their mailservers, and Media3 is only too happy to take their checks.

MAPS is just a resource. We're the people who decide to apply their list on our mailservers and routers as a boycott against bad Net citizens until they learn to play by the rules. It works. I hope that PeaceFire chooses an alternative besides all out war against this important tool and our collective decision to use it.

Re:This is exactly what we want them to do.

[ibbey]

What an absurd analogy. This software is specifically designed to send spam. It is actively marketed to send spam. It even includes 25 million email addresses to get you started. Maybe if the film was marketed as "Perfect for all of your child pornography needs" you'd have a case. Otherwise, you're not even close.

Re:Many use RBL to create black-hole routes!

[mistered]

Well, it wouldn't really be right for him to comment on what any ISP is doing with the IP lists. He didn't tell them to blackhole either just mail or everything from this host, that was their choice and they're the ones that should explain it to the press if they want.

Re:You're way off base

[Kvan]

You're willing to shut off someone's connection for distributing spamming software, but if someone posts instructions for making a bomb, that's free speech?

No, he's willing to let private entities use any kind of filter they want. The issue here is not one of free speech. These are a bunch of people who have decided to use a filter on their network. Hell, they would be perfectly within their right to filter completely arbitrary IPs, or, to stay in your analogy, to filter according to a list which someone claimed contained IPs of people who made bombs (or had ever thought about making bombs, for that matter).

That said, this is very poor practice on the part of MAPS, and definitely something which would make me find out whether my provider used RBL, and switch if that were the case. But then, I wouldn't support a provider who used any kind of filter.

"A *person* is smart. People are dumb, panicky, dangerous animals and you know it."

According to S.P.(U.T.U.)M.

[Vryl]

How, then, do we apply this strategic analysis concept to our enemy du jour: the Spammer?

First, we must translate the Five Spheres (or Rings) of the enemy system into modern Net.War counterparts:

• Sphere 5: Fielded forces-- throwaway AOL accounts, hired consultants, dedicated spam domains
• Sphere 4: Population-- Spam-related customers, support employees (secretaries, etc.)
• Sphere 3: Infrastructure-- Primary non-rogue ISPs, Websites, ftp sites, cgi scripts, mail relays, reputation
• Sphere 2: System Essentials-- Money, bandwidth, telco access, computers
• Sphere 1: Leadership-- the SpamBoy himself, his partners and business associates

By alliances, we mean those reciprocal relationships the spammer has formed with: news media (Cyber-Clueless First Amendment activist newbie journalists, for example)

• other spammers
• ISPs, whether rogue or non-rogue
• hacker consultants
• fringe associates (Meowers, Kook Cabal)
• banks, business organizations, and other sources of economic power
• politicians

We must then examine our assumptions. If our Spammer runs his own ISP, then attacking an AOL account he controls (by complaining to abuse@aol.com) will be of negative value-- a waste of our time and resources. If his ancillary server is somehow "taken down", but his primary SpamServers keep pumping out ECP spam via open NNTP ports worldwide, what will we have gained? If he is (like Gr*bor or our own deeply psychologically troubled Doktor Funway) only marginally rational, abuse and punishment that would persuade a reasonable Yeti to leave the field of battle may only enrage the Bull(shitter) like the pricking of a picador. Finally, if we do not have the necessary intelligence to pinpoint our enemy and her crucial Strategic systems exactly, our efforts will either be wasted entirely, or increased by orders of magnitude over what they could have been with accurate and timely information. In our final strategic translation matrix, we shall endeavor to identify what we mean by a Spammer's Political, Economic and Military powers; as well as the proper role of the semi-tautological Net.War attribute of Information.

• Political power: news media (online and traditional), lawmakers, friends and acquaintances, usenet Kooks
• Economic power: cold hard cash earned both legitimately and by Spam; frivolous lawsuits (to tie up opponents' assets/time)
• Military power: Net.war capabilities of spammer's own systems (mail bombs, Usenet binary bombs); hired gun hackers; open NNTP and mail servers ripe for exploitation
• Information: Positive and Negative--> Positive: Spammer's ability to gather intel on foes; ability to adapt to changing laws, standards, and software affecting/enabling internet communication; ability to slander and defame enemies and thus provoke them to rash deeds;
• Negative: the ability to cloak himself in anonymity, pseudonymity, and false faux-open identities, thus denying his enemies that first prerequisite of strategic analysis: identification.

Freely stolen from: http://www.radix.net/~revjack/snotwad/snotwad3.htm

Re:This is exactly what we want them to do.

[rking]

And, just for the hell of it, I'd like to point out that MAPS has effectively become socialist thanks to their discrimation by association [to a given IP network number].

I think maybe you should invest in a dictionary, or better still an education, before trying long words like "socialist". You clearly have no idea what it means.

Re:This is exactly what we want them to do.

[rking]

After arguing philosophy with you and trying to persuade everyone else listening in, the next thing is to apply the similar pressure to you that you are applying to them.

At this point I'm dropping RBL, and I won't deal with anyone who is using it.

Ah.. I can't honestly say thatv I feel "pressure" from your er.. was it suposed to be a threat? But goodbye and good luck all the same :)

Re:MAPS != censorship.

[itachi]

Well, in response:

1) Just because the courts have said they aren't common carriers doesn't make the courts right. I would agrue that backbone providers should be common carriers for situations such as this. If then end user wants to filter based on content, that's fine - you or I can very easily screen phone calls based on caller ID, but think about what life would be like if telcos decided that the 212 area code was offensive and wouldn't get to your phone for you to deice. I wouldn't mind, but you might.

2) RBL is based on the netblock, but the decision to carry or not carry the netblock is based on contect originating in the netblock, therefore it is making a decision based on the content at a fixed point in time. It's still a content based decision, it's just a question of when the content was examined.

itachi, enjoying work through office party induced beer goggles...

Re:MAPS != censorship.

[itachi]

Re: common carrier status, iirc, a company has to apply for common carrier status, and they give up certain rights when they do so, although it gives them a number of privledges as well. In this case, I feel that backbone providers should be asked to apply for common carrier, since they fit the definition.
But you can't change phone companies if you don't like the service. If I don't like the service that Verizon provides here (Philly), I can deal with it or lose the landline. There is no other company providing POTS. (btw, 212 is new york) There are still areas where the same is true of ISPs. Also, MAPS offers the BGP based spam blocking, where spammish netblocks are null routed in BGP. Without a valid BGP entry, you obviously can't talk to that netblock. Using netblocks is simply not granular enough. Even basing it on IP might not be granular enough, as one host might be serving several domains through aliasing.
Arguing that MAPS only publishes the list isn't a valid argument, because of the ways that the list is published and the methods suggested for blocking. Either way, the RBL is based on content - spam is content, too. If the list is overly broad, as it may be in this case, then stuff that isn't spam is getting blocked on content as well, however invalid the content judgement. If the RBL was only available as a procmail filter, this problem wouldn't exist. Offering it as a BGP filter is just plain wrong - everything on the netblock gets filtered based on partial content, like every other piece of badly specified censorware. A better design would be a procmail filter, because that will do the filtering and leave the option of still receiving the mail in case it truly isn't spam and it wouldn't interfere with other traffic from the offending netblock. Blocking the website because the website offers spamware is just as much (corporate/organizational) censorship as blocking a website because it offers porn or viewpoints offensive to the local admin/manager.

itachi

Re:MAPS != censorship.

[itachi]

Right, but blocking all of 123.456.0.0/16 because you don't like the spam you get from abc@xyz.com is still wrong. You can procmail the spam away, or you can filter sendmail, or you can refuse SMTP from xyz.com, but null routing the netblock's BGP advert is wrong.

itachi

Re:MAPS != censorship.

[itachi]

Censorship is something that can only be conducted by the government. Private organizations such as ISP's or MAPS can choose to carry or not carry whatever they like.

It's not quite that simple, though. Common carriers, although private organizations, don't have the choice to carry or not carry based on content. Now a local dialup provider is hardly a common carrier, but I would say that a tier one provider really should be a common carrier. After all, a local dialup in Peoria can't reach Bangladesh without crossing some backbone provider's network.

itachi

[OT] Bible reference

[Pont]

And God said, "It is easier to port Linux to a TI93 than for a rich man to enter the kingdom of heaven"

Re:A Better Analogy

[segmond]

I hate spam as much as everyone, but please don't attack who ever makes the software, especially not after we have defended encryption, decss, napster and such, it doesn't matter if those software are designed specifically for spamming, we can't step on other people's freedom and try to preserve ours. If you think and firmly believe that those softwares are illegal, then all people who believe that napster, decss, gnutella, pgp, etc are illegal are correct...

unwelcomed opensource tools?

[segmond]

As I read most of the posts, I was not surprised to see how many people hated spamware. It got me thinking tho, if someone was to write an opensource spamming tool, what will the community do? I mean, can it be hosted at sourceforge? If so, will sourceforge make it to the blackhole? Will sourceforge refuse? If so why? Why would they then host something like napster/gnutella clones? I hate politics, but I do like to know how much the community fights for the rights of others even if we don't agree. Or is this all about "us"?

Re:Software DESIGNED to spam

[X-Nc]

Sendmail could be used to spam. This website sells software that is DESIGNED to extract email addresses and then stealth email them, most likely through hijacked mail servers with forged headers and from addresses.

So!?! What's this got to do with the price of tea in China? Yes, spam is a Bad Thing©. Yes, the people who write and sell software to harvest email and send spam are bad. Hasen't anyone ever heard of the phrase "Vote with your feet!"? If spam generating software is bad, don't buy or use it. Help others to understand why it's bad. Education is the way, not wholesale draconian domain blockings.

Additionally, RBL should be blocking domains/IP's from addresses that actually send spam. If an ISP has an entire Class B and one IP/domain is sending spam then that should be the only one blocked. Even if the ISP will not do anything about the spamer. It's not the job of RBL or ORBS or any of the anti-spam projects to decide what others can and can't do. They should only block IP's and domains that send spam. Period!

This article just reaferms the old addage that power corrupts and absolute power corrupts absolutely.

---

Re:Bullshit

[tiny69]

Thanks. I couldn't remember.

Re:Bullshit

[tiny69]

How did this get modded up? While the original posters "logic" leaves something to be desired, your reasoning has fallen into a logical fallacy itself.

Post hoc ergo propter hoc - "after this, therefore because of this"

You are assuming cause-and-effect relationships were there are none. You are assuming one event presedes the other, the first being the cause of the second. i.e. - you are making shit up that has no possible way of being related to one another or being true.

"Assumption is the mother of all fuckups." - quote from some movie.

When people start using "logic" as an argument, they usually have no idea what logic is themselves.

"I reserve the right to refuse service"

[Grand+Facade]

Has something changed? Have I lost this right? Am I legally required to do business with anyone waving cash?

This lawsuit has no merit.....

RB

Re:Neural Net Spam Filtering!

[look]

It looks cool to me. I'm going to check it out.

You could designate some one else to maintain it, if you don't have the time.

Luke Francl

Re:Fuck off, Commie Pinko

[Zurk]

not if the ISP has a monopoly on a certain section of your neighbourhood. thats a bullshit argument that M$ was using in their anti trust trial.

Re:So you check up on it..

[Zurk]

you forget that in some areas customers have no option to decamp..the ISP has a monopoly. and theres a financial cost to decamp too. this sort of thing is *disgusting*. Block the single static ip thats being used for abusing...thats ok..but blocking large groups of addresses is a DoS attack and nothing else. your attitude to forced censorship of major routes/backbones on the internet is totally disgusting. i dont know how you can live with yourself.

Re:So you check up on it..

[Zurk]

no they most certainly do NOT have the option to decamp. if you do colo you want to do it in your area since you might have to do emergency hardware surgery on your server at 3am. blocking single ips DOES have impacts on the ISP. MAPS isnt voluntary if its shoved down the throats of customers at an ISP.

I definately do not agree - (pro-MAPS)

[congiman]

After reading all this, I'm guessing it all boils down to this

1: There is 1 hosted site by this company that is a spam related site. (makes spam software, supports spam, spams etc).

2: The rbl has blocked 6 class C's belonging to this provider.

3: There are other sites that the provider hosts that have lost connectivity.

In the RBL's defense:
If you are a hosting provider and you were to have the IP address of one of your servers blocked by the RBL, the most sensible thing to do would be to move it to another IP address. This would only make sense. So if the RBL blocks all of your netblocks, then you cannot move your offending site around.

I see the RBL blocking the entire netblock as a good thing. It makes the hosting company try and resolve the problem, rather than just rsying the web site across to another machine, changing DNS and voila the site is up again in just a few minutes.

The best way to make this problem be fixed is to have people take notice.

Rationale:
Now, back in the day, (and still) the rbl is also a BGP feed as well as a DNS based subscription. That being said, what the RBL does is announce the bad netblocks in a BGP feed,and in turn above.net subscribes to that BGP feed and Null routes it (drops the traffic on their exterior routers).

The average companies just use sendmail and you see error messages like "553 see mail.abuse.org". However with a null-route, you will see nothing, traffic going to it, will get dropped, traffic from it, will never have an established session.

As for the RBL being censorware, I do not see that. The message mentions samco and not peacefire or any other sites.

I believe that its more that peacefire has a bad provider that condones spam. Reading the evidence file shows that. The true test of this of course is either for
a: peacefire to move and see if their rbl nomination follows. My guess is not as they are not spam providers.
b: the offending sites to move and see if the RBL nomination follows them and media3 gets lifted.

Vixie has stated many times that the RBL does have its shortcomings, that yes good mail can get lost along with the bad mail. However, it is important to remember that the RBL is a full OPT in list. You can pick a provider that subscribes to it (either via BGP) or by DNS for mail. You as a company can choose to subscribe to it via BGP or by DNS for mail.

In my opinion the RBL is one of the best things out there. I use it, all the customers I work with use it, and I set it up every chance I get.

I wish Paul and Nick and Crew only the best.
-- C

Re:Fuck off, Commie Pinko

[leighjames]

Unfortunately that is the way of it when talking about internet access.

<rant>

The local telco here has what is essentially a monopoly on DSL internet access. They own the lines, the equipment and the ISP service. Their service is priced such ($40/mo) that no other ISP could offer service and hope to make a profit. Their service sucks for anyone who doesn't want just basic web browsing/email. No static IP is available; no *routable* IP either. They have a "business" offering which is the same, but at a faster speed for around $600/mo.

The alternative: leased line. Cost $500 for ISP service alone, plus whatever line charges said telco would impose.

For me to start an ISP (and I have looked into it) would be hideously expensive, and I haven't a chance of making any money. If I thought I could break even, I'd do it in a flash, but there's no way I could convince people to pay more for the better service.

</rant>

To sum up: unless you have $$$$ you have to stick with what other people offer you.

Re:MAPS != censorship.

[Greg@RageNet]

You are very good at reciting mindless socialist propaganda. Marx would be proud.

Technically you are 'licenced by the state', through the form of a birth certificate. So you have 'similar responsibilities'?

The only path to totalitarian or any other form of government is through government itself or the application of (deadly) force to overthrow said government.

Doesn't anyone realize, the more 'laws' you urge the government to make to protect childeren, workers, minorities, turtles, ad nauseum the more power you give to the politicians who you also accuse of abusing their powers to 'hold down the people' for the deep pockets of 'big [evil icon of the day]'?

-- Greg

Re: MAPS == censorship.

[Greg@RageNet]

Would you be reffering to a public bridge built by the government? You prove my point.

-- Greg

Re:I definately do not agree - (pro-MAPS)

[Greg@RageNet]

The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial, but standing up for free speech means standing up for speech I don't believe in.

MAPS only publishes a list of people who it views as spammers or those providing assistance to spammers. Akin to someone, for instance, publishing a list of people who run 'Holocaust denial' websites with their personal view that they disagree with the authors of these sites. People can do with that list what they wish.

Media3, on the other hand, is seeking to use the courts, and ultimately the (physical deadly) force of government, to end publication of the MAPS list.

Yes there is censorship going on here, but opposite way than which you claim. You should be standing up for the free speech of MAPS to publish whatever they want, in this case a list of who they belive are spammers; instead of advocating the government censorship of these lists via the proxy of court action.

Another analogy I'd like to put forward, in defense of ISP's using the RBL, is to say that this is a 'consumer boycot' situation. If the ever popular *snicker* starbucks coffee chose to no longer buy coffee beans from indonesia because of it's human rights violations then is it justified for you to take them to court to compel them to buy coffee beans from indonesia because you happen to like indonesian coffee? After all, if you have to now go a mile out of your way to visit a different coffee shop that carries indonesian coffee then you are 'suffering at the hands of the tirranical starbucks corporation'.

If ISP's don't want to accept packets (coffee beans) from bulk-mailers (indonesia) thats their right as property owners, and it's your right as a customer to take your business elsewhere.

-- Greg

MAPS != censorship.

[Greg@RageNet]

Censorship is something that can only be conducted by the government. Private organizations such as ISP's or MAPS can choose to carry or not carry whatever they like. The difference is of course that everyone 'owns' and funds the government which therefore has no right to moral or policical content it makes available. However private individuals have full discression over their own property and how they choose to utilize it.

If a government library refuses to cary 'Hucklberry fin' because of it's content then that's censorship. However private organizations should not be forced to carry or not carry a given item. You cannot compel me to carry a slashdot bumper sticker on the back of my car claiming that if I refuse I am 'censoring' your right to free speech.

By the same token you should not be able to force a private entity such as an ISP to carry traffic they choose not to carry, i.e. traffic identified by the MAPS RBL. If you don't like MAPS then don't use their service or use the services of ISP's who do.

This also carries over to 'censorware'. Government institutions should not censor internet content through manditory filtering. However it's morally acceptable to me for a parent to by some software (that arguably does a poor job) to filter the content on their privately owned computers.

-- Greg

Re:MAPS != censorship.

[robl]

Bullshit.

I remember back in my college days when the premiere of NYPD blue came on the local ABC affiliate. The local affiliate decided to not air it due to an apparently provocative scene which scared the moral minority, airing in it's place some religious offering from the local churches. I distinctly remember reading a newspaper story telling the reader that the station "censored" the NYPD Blue premiere.

I'll play along for a sec. So I, the paper, and another 20 million americans got our definition wrong. Apparently they merely "filtered" the "content".

Problem is, it's the same evil but with different words. You can call it whatever you want, "removing morally objectionable content", "filtering", "moral processing", whatever the hell you'd like to call it, but the word that best fits it is still "censorship".

Any objection you raise to its proper place in the english language is simply a technicality on proper usage, and not a centerpiece for an argurment.

Re:MAPS != censorship.

[dbarclay10]

That's like saying only a government can have an army and go out and raid people.

Sure, that's what it's supposed to be like, but something like that has to be enforced.

If someone is censoring someone else, it's still censoring, even if they're not the government.

Dave

Barclay family motto:
Aut agere aut mori.
(Either action or death.)

Re:MAPS != censorship.

[clare-ents]

"
Look up "censor" in a dictionary. Look up its origin -- show me where it means "an act committed by a government". I, as a consumer, by buying a connection from someone who uses the blacklist, am authorizing them to act as censor. Yes, it's voluntary, but it's still censorship.
"

From www.dictionary.com

Censor :

2. One who is empowered to examine manuscripts before they are committed to the press, and to forbid their publication if they contain anything obnoxious; -- an official in some European countries.

[source Websters Revised Unabridged Dictionary]

I suspect the ISP is a acting as censor *if and only if* they forbid the publication of material and have a statutory power to do so. In this case they aren't a censor since the publishers can move to a different ISP - if the material was censored this would not be the case - i.e. the publication has not been forbidden.

This is discrimination, not censorship.

Censorship
"
It is illegal for you to publish the material because we don't like it. If you try to publish this material we will lock you up.
"

Discrimination
"
We will not publish you material becuase you are a member of a set of people with whom we have chosen not to associate with. You may ask someone else to publish your material.
"

Re:MAPS != censorship.

[duffbeer703]

Thank you for a voice of sanity!

I have never understood the fanatical hatred that people harbor regarding spam. Spam is annoying, but it is not something that is worth sacrificing any rights for.

The whole ideal behind the internet is universal connectivity. Allowing major backbone providers to block off entire networks because they may or may not contain spammers in fundamentally wrong.

Remember that injustice can be committed by companies other than Intel, Microsoft or some other Slashdot-approved "evil" corporation

Re:MAPS != censorship.

[Orang]

1) AFAIK ISPs have not been established as Common Carriers in law in the US or any other country I know of (in fact in at least one country, recent cases seem to indicate quite the opposite, but of course IANAL)
2) The ISPs (/backbones) are not choosing to carry 'based on content', they're choosing to do it on the basis of a list of IP blocks.

Re:MAPS != censorship.

[Orang]

Just because the courts have said they aren't common carriers doesn't make the courts right
No, but it means that they cannot claim common carrier status.

think about what life would be like if telcos decided that the 212 area code was offensive and wouldn't get to your phone for you to deice
I'd change phone companies. Where is 212, anyway? What you suggest is not based on the content that might come down the 'phone line if I made/received a call from there (for that to be the case they'd have to be bleeping out whatever words they found offensive, or terminate the call when it got that way - see the difference between 'content' and 'origin'?).

RBL is based on the netblock, but the decision to carry or not carry the netblock is based on contect originating in the netblock, therefore it is making a decision based on the content at a fixed point in time. It's still a content based decision, it's just a question of when the content was examined
No. That would be the case if MAPS
a) blocked anything (they don't, they only publish a list); and
b) they only included the IPs relating to the spamming s/ware websites because they are selling spamware (they don't, they publish the netblock for media3 - not the content of those webshites that sell spamware).

Re:MAPS != censorship.

[Orang]

Either way, the RBL is based on content - spam is content
No, spam is _unsolicited_ email, it matters not what is in it - begging letters, adverts, MMF schemes, newsletters, or anything else. If you have not solicited, it is spam. "Content is not the issue."

If the list is overly broad, as it may be in this case, then stuff that isn't spam is getting blocked on content as well
No, it is a block on origin, not content. If I killfile abc@xyz.com in my newsreader that is not a block on content either, but on the origin.

Re:I definately do not agree - (pro-MAPS)

[Greg@RageNet]

Just a correction, according to spamhaus media3 is hosting not 1 but 21 spam sites, the largest on the list, and considering media3 is a grand total of a few class C networks, thats a pretty high percentage of their customers being spammers. My understanding is that it's a similar situation to the AGIS thing awhile ago. media3 won't cancel sites who spam using other accounts to advertise a site on media3. Because media3 won't wipe out these sites it's become quite a spammer's haven.

-- Greg

MAPS vs ARIN: Round One

[mindhaze]

Here's lame:

Maps says this:

But then, MAPS also advises Web providers:

"If you host Web sites, we suggest that you use one IP per domain so that if spam occurs for one Web site, we don't have to blackhole you or your other customers to block access to the spamming site."

But then:

"ARIN (the guys who hand out IP addresses) has a policy change where they will no longer allocate IP addresses for IP-based virtual hosting" ( read the slashdot story here)

Who's going to win? ARIN? or MAPS?

My vote is on MAPS!

Re:Horay!

[MadAhab]

The conception that they can block because it is *their* property goes against thousands of years of social and legal tradition in most cultures.

For one thing, they don't own the wires. For another, as soon as data is being routed *through* you on its way from one place not yours to another place not yours, you essentially become a public thoroughfare, paid or not. In order to guarantee the general public trust and public welfare, not to mention the stability of the society that depends on these roads, you give up certain controls over the traffic passing through your domain, and must allow passage freely unless the rule of the greater society dictates blocking passage to certain parties. Your concerns about certain controls over the traffic that passes through must be arbitrated through the larger society you have willing chosen to become a part of. There is an alternative; parts of Africa today, many distant precincts of China, certain zones of the former Soviet Union, and most of Europe through the dark ages exemplify the right of local authorities to do whatever they fucking please - the rest of you be damned. I am not sure that you really intend to promote barbarism and savagery, but you are.

AboveNet may have the right - for now - to arbitrarily victimize innocent third parties, but thousands of years of human history show that either they will lose this right, or the Internet itself is in danger of falling into non-functioning anarchy. Having the "right" by "owning" a route across the Internet as you claim (and that's a pretty thin example of "ownership"), does nothing to justify the arbitrary excercise of power by AboveNet, nor does this make it ethical or fair. It may yet be legal, but it's still medieval. No one forces AboveNet to participate in the Internet. If they really hate spammers so badly that they are willing to destroy the freedom of others, perhaps they should disconnect themselves entirely, or at least give up routing traffic anywhere but to and from their own customers, who have at least some choice about whether or not to bow to these savage chieftans.

Put another way, far simpler; what is different from their policies and China blocking 'net traffic they consider to be harmful?

It's worth noting that I don't use AboveNet, I do use MAPS filters in Sendmail, I don't know these guys personally, and I don't know - or care - to detail their actual motives or character. I do care about the effect of their behavior on the Internet as a whole.

Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.

Re:This is exactly what we want them to do.

[befletch]

What an absurd analogy. This software is specifically designed to send spam.

Software doesn't spam people. People spam people.

I love boilerplate rhetoric.

Re:This is exactly what we want them to do.

[alecto]

Calling that software that "could be used" to spam is like calling the electric chair a device that "could be used" to kill. Did you look at the site, that caused the RBL nomination for crying out loud?

This is exactly what we want them to do.

[alecto]

They're put on the RBL to punish them for willingly harboring spammers who advertise their sites with stolen services from other providers and clog millions of mailboxes with crap.

Those who host websites for spammers even after its brought to their attention that they're spamming deserve to be blackholed--I praise the RBL for their continued action in this regard.

Should they wish to rejoin the RBL using net, they may terminate their spammers and tighten their policies. For those who cry about "free association," remember that subscribing to the RBL is voluntary, and using an ISP that subscribes to them is voluntary. If individuals want their subscription fees to support spam and their packets to be dumped, they're free to subscribed to an RBL'd provider.

Re:This is exactly what we want them to do.

[cbull]

So, ISP's should examine a site's content and determine what's appropriate or not? Doesn't that go counter to a lot of what gets discussed here? On one hand people claim censorship is bad. On the other hand, it seems that you want ISPs to effectively censor their customers.

In general, I think the RBL is a good idea. However, stories over the last 6-12 months have me thinking that maybe they're starting to get a little overzealous in their policies and actions.

Re:This is exactly what we want them to do.

[Karl_Hungus]

And, just for the hell of it, I'd like to point out that MAPS has effectively become socialist thanks to their discrimation by association [to a given IP network number].

Socialism? Try this. You know, just for the hell of it.

Re:This is exactly what we want them to do.

[ckedge]

They're not harboring spammers!! This is about someone who makes a piece of software that can be used to spam. This is the difference between locking up the kiddy pornographer and locking up the people that made the high quality photographic paper and the ink used to create the images!

This is not right.

Re:This is exactly what we want them to do.

[ckedge]

> and locking up the people that made the high quality photographic paper and the ink used to create the images!

WRT the replies: The analogy between paper makers and these guys may not be 100%, and I completely understand you not liking the fact that this software is available, and I agree technically that you have a right to block anyone you choose, and that the RBL is just a list of people who have done a set of things. An 'advisory'.

Hell if you want to blackhole Yahoo for some screwball reason, there's nothing stopping you. Except your own customers and clients abandoning *you* yourself!

But I will strongly argue with people who want to make 'certain software' illegal or unobtainable, where 'certain' can be a nice big fuzzy thing on the slippery slope to who the hell knows where. (Do you also RBL people who host databases of actual viruses? Why not? Oh, just the once that you decide have 'evil' intentions at heart, eh? That's nice and clear cut!) After arguing philosophy with you and trying to persuade everyone else listening in, the next thing is to apply the similar pressure to you that you are applying to them.

At this point I'm dropping RBL, and I won't deal with anyone who is using it. This is no longer "prevention", nor "applying pressure", this is extortion, not simply against the person who owns the building where handguns are made, but also the other 1000 people that live in other buildings owned by the same landlord. After handguns, then what? Hunting rifles? Cars? Baseball bats? Big ugly dogs?

"That was the line back there, and you stepped over it..."

Re:This is exactly what we want them to do.

[Higher+Authority]

using an ISP that subscribes to them is voluntary

That's not entirely correct; this is: using an ISP is volutary.

While you may choose to use an ISP, sometimes you may only choose not to use an ISP using the RBL by choosing not to use an ISP at all.

Furthermore, it would be unwise not to note that subscribers to ISPs who use the RBL can protest (or support) their ISPs uses of the RBL if they so desire.

Lastly, from what I gathered from the posting, Media3 does not willingly support spammers in any way. Moreso, their sites are including in the RBL because Media3 choose not to cooperate very well when a third party choose to add 6 entire Class C networks to the RBL, almost regardless of whether sites residing in that network engage or otherwise support spam.

And, just for the hell of it, I'd like to point out that MAPS has effectively become socialist thanks to their discrimation by association [to a given IP network number].

Re:This is exactly what we want them to do.

[Higher+Authority]

Try this (i.e., actual English, not PCism):

society - n. A group of human beings broadly distinguished from other groups by mutual interests, participation in characteristic relationships, shared institutions, and [or] a common culture. [e.g., people using a particular web host]

society - n. An organization or association of persons engaged in a common profession, activity, or interest.

social - adj. Of or relating to society.

-ism - suff. Action, process; practice.

-ist - n. One that performs a specified action.

Thus, using actual English, and not PC English (which naturally sucks), we have working definitions of socialism (not Socialism, the political idea, not the cap. S) and socialist:

socialism - n. The practice of grouping [e.g., without evidence].

socialist - n. One who practices socialism.

Of course, I could have gone with a PCism and used McCarthyism, but (God forbid) I decided to go with good ol' fashioned English.

Re:This is exactly what we want them to do.

[Yorkshire]

No, that would be locking up the creators of the language that the spamware was programmed in, or maybe the ppl who wrote the operating system that the spamware runs under.
This is more like locking up the lookout that the kiddy pornographer has on his house door, an accomplice to the actual act not just someone who made a product.

Re:An old and silly argument

[Jerrry]

Sure, you can use delete on your own inbox. But what if your an ISP and your customers demand less spam? Will you delete for them?

No, if I were an ISP I would not delete spam for my customers. I'd operate my ISP as a common carrier, just like the phone company. Just try calling your phone company and ask them to filter out calls from telemarketers and see how far you get.

Re:I will continue to use MAPS RBL

[thogard]

Chances are you use Paul Vix's root name server about 1/5 the time you use a domain name. How about bind? Sure he is abusing his power on a number of major routers but hes not getting any complaints from me. If there is a "god of the net" Paul is it.

One common sense rule that most people in the real world know is "dont fuck with the guy with the big stick". Paul has a big stick and I think he needs to LART more bozos.

Re:Screw Vixie and his goon friends at Above.net

[thogard]

My servers use his services so I guess I elected him policeman.

read RBL's definition of blacklisting!

[vladkrupin]

The article says: "Spamware? Yes. Media3 does host websites which sell software that sends bulk email and harvests email addresses" Yes, that's right. Media3 itself does not spam. However, quoting from RBL description of what gets you blacklisted, "This list is composed of IP addresses that are known to have generated SPAM or Unsolicited Commercial Email, or provide SPAM support services" Doesn't hosting SPAM'mers means providing "SPAM support services"? And what about email addres harvesting software? What can you harvest them for except for SPAM? (BTW, IMNSHO this software should be outlawed as well as SPAM itself for it has ony one purpose - extracting addresses for SPAM'ming) Anyways, you can't complain that RBL is not fair - Media3 falls right in their definition for being black-listed, and if you don't like it - tough luck..:)
---------------------------------------- ---------

how legitimate is the intention?

[vladkrupin]

Problem is... if I buy paper and ink I might do something legitimate with it, like I can print a picture of my friend and post it on the wall in my office. Now, give me *one* good reason for using a program that "harvests" thousands of email addresses of people I never knew? Can I use it to invite them over to my next birthday party? :) They're not harboring spammers!! This is about someone who makes a piece of software that can be used to spam. This is the difference between locking up the kiddy pornographer and locking up the people that made the high quality photographic paper and the ink used to create the images!
------------------------------------------------ -

Re:how legitimate is the intention?

[shepd]

>Now, give me *one* good reason for using a program that "harvests" thousands of email addresses of people I never knew?

Add your friends to the list, and you now have most of the valid email addresses on the internet.

Now just refuse email from addresses not on the list, and presto-changeo, you've got an anti-spam tool.

There's one. I bet I could come up with another if I was pressured into it.

Only 2%? What a load..

[empath]

At the ISP I'm a sysadmin for, we run MAPS RBL on our external mail gateways. It blocks a good 4-6% of incoming mail (total of about 60k messages a day), which is a *ton* more than the 2% of supposed "test spam" mails they claim.

I don't buy their test, only because of the real-life results that I see every morning in my mailbox saying how well MAPS works.

To top it off, we get very few people asking "Why is my mail blocked?", and they seem quite understanding when it's explained to them what we're doing and why.

Just my thoughts..

On the picking of hosts to add to MAPS

[empath]

You say: don't like spam any more than the next person. But I also don't like censorship, and I take a content-neutral view of these things. If someone delivers a product to be used by Alice to block Bob from seeing website because she doesn't like its content, that product is censorware.

I think this is quite a non-issue here, since MAPS states quite clearly under what conditions hosts are tested, added, and removed from the list. I happen to completely agree with this philosophy, so we subscribe. This is not like most other censorware, where it appears that people randomly pick things they don't seem to like and then sneak them into a subscription servive.

It's just two different things, and I'm glad MAPS came together and that they provide a well-defined service as a single tool that belongs in any decent spam-blocking arsenal.

Re:On the picking of hosts to add to MAPS

[ndintenfass]

Respectfully, that is bullshit.

As one of the Media3 people (changemedia.com) who have suffered from this debacle I have a hard time accepting that "oh well, a few innocent people get hurt". When I started finding out that people's emails to me were not getting through, and vice versa it was not a "ho hum" moment -- it is a dramatically bad moment. Try imagining yourself without reliable email -- not knowing if someone didn't write you back or if you just never got it; wondering what mail never came through that you'll never know about!

I'll echo the responses to those who say "it's voluntary" -- it is not voluntary for me, and 99.9% of the people who send me email haven't ever heard of MAPS and certainly aren't going to go changing their ISP because I suggested it.

The issue is not whether web content or email content is blocked, as some have complained on this topic about the original posting. The issue is that innocent people get screwed because of bad policy -- one that doesn't even solve the problem it tries to solve anyway.

Re:Huh?

[Afterimage]

Bulk friendly hosting... While i've not looked at Media3's AUP, I'd like to think that a "hand's off" policy under other circumstances (they won't kill your MP3's or your Unreal T. server) would be lauded. If the AUPmakes provisions for shutting down a site based on violations of applicable law (and that's a fuzzy area), and it's *enforced*, their business should be allowed to continue. Basically, I think MAPS, to which I subscribe, is not using enough discretion to prevent Media3's non bulk distributing customers from being affected by other clients.

Nmap... Love the tool, use it freqently to check network security. But, note the argument has been made that it is a "Script kiddie" tool and for that reason, folks want to make it and other tools illegal, by international treaty.

As for legit uses of bulk software (Millions Vol. 6, say) not sure. I think it'd be interesting, from an administrative standpoint, to see what the main domains listed are... Do AOL/Hotmail/Yahoo e-mail users fall prey to name guessing schemes to be included in such a product? Are they careless about posting their address in forums and in the clear on webpages? In essence, use the tools the spammers use to limit your own vulnerability...

Re:MAPS is necessary

[Afterimage]

I had to chuckle at points throughout the article. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate websites which promote themselves through spam. Of course not! But software to spam the customers of other ISPs, well that's just fine!

So, and I'm drawing some conclusions here, Napster should have been shut down because they provide a service that enables distribution in methods that the rightful copyright holder has not agreed to?

Censorware blocking of nmap's site is legit because it (conceivably) could be put to evil uses. At least, that's what I think you're suggesting here.

The point is, while I don't know where you stand on the issue, it's hypocritical to proclaim freedom for one favored product that can be used within the realm of the law and say another product under different circumstances (but with a potential legal use) isn't worth the same protection. Even if we disagree with their philosophy.

Alternatives

[VaNTeCH]

OK the article made some valid points, I can't argue there. And I don't think anyone can argue that SPAM is a real pain in the arse.

As part of my job is sys admin for our main mail servers I need to look at options that limit the amound of SPAM and crap that comes into our systems everyday. I prefectly understand why MAPS blackholed the web services of Media3 and I think it was fairly well explained by MAPS in their press release:

"The proprietors of these websites send massive amounts of unsolicted mail from an account with an ISP, then when that account is shut down for violating that ISP's terms of service, they just move on to another ISP. In these cases the only way to get them to stop sending the unwanted email is for the company hosting the advertised site to get involved. If they don't, there is no incentive for the unsolicited email to stop, and then we are forced to protect our own mail servers from the onslaught of that unwanted email."

If the owners of these websites were doing the spamming off the servers that host their website they are bound to have the plug pulled on both their website and their mail. But because they are abusing another ISPs services for just their email they aren't having anything done to them.

Now what MAPS did by blocking whole Class C netblocks is probably a bit of overkill, but I am sorry if I had the choice of having to enter about 10 - 20 IPs in a list or entering just one entery I would opt for the one.

I would just like to query the author of the story and any other sys admins who thinks what MAPS has done is wrong, with what should we do to stop the SPAM affectively? The only suggestion I have seen is to use somehting like sneakemail.com. but that is only viable for end users and not for network administration. So instead of saying something is crap, why don't you work out a better way of ridding the world of SPAM?

Graham

Re:Fuck off, Commie Pinko

[cicho]

Bzzt, wrong. Consider:

1) I have a list of domains that I block from my private machine. That OK?

2) Whenever the list is modified, it gets autoconverted to HTML and posted on my site. On top it says: This is a list of domains I block (for whatever reason). That OK, or am I not allowed to publically display a list of domains I block for whatever reason?

3) Some people trust me to compile the list wisely, and use it for their machines too, but they have to copy the list and write the rules manually. I don't know who these people are and don't care. That still OK?

4) The same, but automated. Now you have MAPS.

If I post a list of "Places where I spent holidays and didn't have much fun" am I "deliberately interfering with" hotel business in those places?

Shutting down MAPS - _that_ would be censorship.

Since when does MAPS censor websites?

[oneiros27]

I admit that I haven't been keeping up on the spam filtering stuff as much since I changed jobs, but from my reading of this article, the author suggests that people using MAPS can't get to the sites being hosted by sites blacklisted by MAPS.

Unless something's changed dramaticaly, this just isn't how MAPS works, or any of the half dozen or so mail blacklists. They just keep people from being able to send mail to the system using MAPS.
[It's actually more complicated than that, as it may just flag it as questionable, it may reject, etc.]

But I've never seen someone set it up to filter all traffic, not just incoming SMTP. [That's not to say it happens, but I'm guessing that if people do it, it's a small percentage of MAPS users, and so a fraction of a percent of systems out there, and not the 2% claimed by the author]

Again, it's quite possible that I'm wrong, but this article just reeks of fishiness to me.

Voluntary

[Hard_Code]

Um, isn't the RBL *voluntary*? So why the hell are we getting so worked up? If the ISP is mindlessly blocking valid sites on the RBL, then yell at them...or tell them to tell the RBL that those sites are OK.

Re:Bullshit

[Hard_Code]

I thought the RBL was a list that ISPs could *voluntarily* use to blacklist sites. So, if Iraq is brutal and violent, then the message is "stay away from this country, do not make any deals with them, etc.". If Napster is infringing on copyright wholesale, the message is "stay away from this service, do not let any of your copyrighted materials pass through it". If you are shooting people in your dorm, the message is "stay away from this dorm, it has a bloody psycho in it running around and killing people".

Are those *unreasonable* precautions that can be voluntarily followed by subscribers? Man, it almost sounds logical.

Crying all the way to the bank

[dustintodd]

If you have never run the tech team for hosting company and been asked by management to put aside your convictions to support a large $$$ customer. Your not $$really$$ going to understand this post. The courts have yet to set standard that really addresses the harm done by most spammers. MAPS as grass roots effort by the sensible none greedy people running the gear is logical out come of this gap in public policy. MAPS is the results of the sensible, spam is result of the greedy, choose your team and start running.

No, this isn't censorship

[dubl-u]

This isn't censorship, any more than banning spam is. Censorship is the banning of ideas, not of actaions.

They are blocking sites that sell spammer tools, which is providing support services to spammers. They don't ban sites that talk about open relays or holes in the e-mail system. They do not ban any of the organizations that use reasonably safe versions of opt-in email. They also don't ban organzations like the DMA, who advocate making spam legal. And as far as I know, they don't ban any of the many frothing sites devoted to hating them.

The freedom to speak freely is vitally important to a democratic society, but I don't see that being infringed.

Re:No, this isn't censorship

[Cirvam]

They block Peacefire. That site has nothing to do with spam or spam tools. they blocked the whole class C ip address, that's 255 address because 1 was selling spam software

Evidence?

[dubl-u]

This claim has often been made, but I've never seen anybody come up with decent proof for it.

The only remotely real thing I've seen is that above.net was, for a time, blocking all traffic from ORBS, because they objected to the ORBS scanning methods and didn't want their machines bugged. Unfortunately, ORBS gets some of their connectivity from an ISP that uses above.net. This may not be very neighborly, but I don't know how evil it is, either.

And either way, if you want to prove your claim that above.net is dropping all RBL traffic, you have some work to do.

Re:Evidence?

[dubl-u]

This could just mean that AboveNet uses the RBL to filter mail delivery to their direct customers. That's what it usually means, as the bulk of RBL subscribers just use it for SMTP as part of a Sendmail ruleset.

People have repeatedly made the claim that AboveNet internally null-routes based on the RBL and then advertises those routes, thereby sucking innocent packets in to their doom. That's the claim I was responding to, and that's the claim for which I still see no evidence.

Re:Evidence?

[nlvp]

NOTE: The MAPS RBL is used by AboveNet to help reduce the amount of spam received by customers. AboveNet cannot remove you, your customers, or remote sites from the RBL. Please contact the RBL workers at rbl@mail-abuse.org with RBL-related questions.

That's from the above.net anti-spam policy - one click away from their front page, so I can't be bothered to go find the link again.

I take this to mean that if you're on the RBL, you can't be seen by above.net customers, or customers of their customers.

Re:Evidence?

[nlvp]

Sorry - didn't understand at first.

In a way, if the RBL was managed brilliantly and only ever listed incredibly bad sites, I would be cheering at above.net's gung-ho attitude, but with what I've read more recently, I have to side with you on this one.

Whilst I appreciate the spirit in which the RBL was originally conceived, they are now behaving like a bunch of geeks on a power trip. It *is* a case of David slaying Goliath when they list huge sets of packets in a widely used black hole list, but what do we do when many innocent people are relying on Goliath, David's getting cocky and he isn't always right?

Too cheap, eh?

[dubl-u]

The only way that you get cheap internet service (or really, cheap anything) is by taking advantage of economies of scale. That means a lot of users, most of whom have different opinions from you about the tradeoff between limiting spam and blocking a few sites. So if you want to get those economy-of-scale DSL prices, you have to put up with what the vendors offer you.

If you want special, invidivualized service, you'll have to pay the price. And if you think you aren't alone, start an ISP and make some money off all those people who are being oppressed by the evil goons at MAPS. It looks like it's easy to do. If there are enough of you, you'll get the price as low as your current options.

To ostracize spammers and their pals

[dubl-u]

Note that a lot of people use the RBL in just that way. For my users, I have it set up so that headers are added to each message indicating which lists (ORBS, MAPS RBL, MAPS DUL, MAPS RSS) the message matches. That way they can filter it as they please.

But we're considering moving to the more extreme version, where all traffic gets dropped. Why? Because the people on the RBL are not good neighbors, and we don't want to have anything to do with them. I don't want to hear from a spammer; neither do I want spam-friendly ISPs using the stuff I offer to the world.

As I mentioned elsewhere, this is analogous to the ancient greek concept of ostracism.

Ancient code

[dubl-u]

The only reason you see his name on that stuff is that he wrote useful code back at the dawn of time, stuff which has survived to this day.

Almost any code from ten or fifteen years ago was less paranoid than modern code; it was written for a simpler, more trusting world. It wasn't all that long ago that open relays became a problem, for example.

So don't knock him too much; it's just that most of the code that started back then wasn't even good enough to be in use today. And as a recent Slashdot article shows, he's well aware that a ground-up rewrite is needed to fix the problem.

Sigh

[dubl-u]

If you're willing to do business with a company that supports spammers, then I don't want my boxes to talk to your boxes. But that's my choice to make, isn't it?

I also boycott a couple of companies whose business practices I don't like. Does this hurt their suppliers and their employees? Yes. Do I like that? No. But it's a price I'm willing to pay to put pressure on people who do things that I consider bad for society.

Re:"Press time"?

[dubl-u]

He had no "press time"; this is the web fer chrissakes. And there's nothing urgent about this story; it'll be just as relevant next week as now.

If he did contact MAPS three months ago and still hasn't heard back, then he should have said so. Journalists often write things like, "despite repeated attempts to reach Paul Vixie and other MAPS spokespeople over the last three weeks, this reporter's calls were not returned."

Evidence?

[dubl-u]

Who are these "many" ISPs that create black-hole routes based on MAPS RBL?

I know that some ISPs block RBL-listed machines talking on or through their networks, but I've never seen a credible case of an ISP advertising bogus routes to RBL-listed sites.

Works for me

[dubl-u]

Punishing innocent sites by mere association in this case is a cure worse than the disease.

The goal is not to punish the innocent sites; it's to refuse to trade packets with ISPs who support spam. If you want to show your support of such ISPs by putting your web servers there, go ahead. But I reserve the right to tell my computers not to talk to yours.

IPv4 addresses are not so plentifully available that one can simply block all questionable netblocks and expect there to be any unblocked addresses left for the good guys to reside in.

Well apparently one can do such a thing, as the RBL has been going for quite a while. And last I looked, major ISPs were not turning away new customers because they have run out of IP addresses.

Re:Works for me

[Deosyne]

But I reserve the right to tell my computers not to talk to yours.

And to tell all of your customers computers not to talk to them as well. Unless, of course, you are some insanely rich guy that has a pipe directly into a backbone and doesn't pay for it by taking money from other people in exchange for Internet access, in which case I revoke my last statement. Ain't it great being an end user in these techie pissing contests; you just never know what the fuck you'll be able to access because the people that you pay for service have a personal agenda.

I hate spammers more than anyone I know, and would love to execute every one of them personally, but the RBL is just a tool for ISPs to screw their customer base as a means of making a statement. Its using a shotgun to treat an parasite; sure, the parasite's dead, but the patient is severely fucked as well. Being a tech support puke for an ISP myself, the people I feel most sorry for are the support folk at the ISPs who are RBL members once this shit hits the mainstream press, considering the fit that customers will throw just because their access to some sites is slower than others. When they find that they're being cut off from huge numbers of websites because MAPS decided to start playing dick size games with web hosting services... *shudder* The end and the means, blah, blah, blah.

Deo

Terradot.org: Growing Awareness

Re:Works for me

[Scriven]

When they find that they're being cut off from huge numbers of websites because MAPS decided to start playing dick size games with web hosting services...

But here you're blaming MAPS for offering the service, not the ISP for using it. It's a voluntary service for the ISP, so if the customers don't LIKE the policy of their ISP (to choose to use the service offered by MAPS), then they can get another ISP. The places where there aren't ISP choices are getting fewer and farther between every day.

I used to work tech. support for iStar a few years ago, and I would have PROUDLY explained the problem to my customers, had iStar had the balls to do the right thing and join MAPS.

What is it with people wanting to take away choices? MAPS offers a SERVICE, they don't force it down anyone's throats. ISPs can choose to use it, OR NOT. Innocent customers of spam-supporting web-sites can choose to move to a new host, OR NOT. There's nothing saying you need to host your web-site in your own city, or even country! Hell, I live in Toronto, and quite happily host my website in Colorado! If Peacefire.org has been caught in the cross-fire, that's unfortunate, but they need to make the moral choice and either stick by their ISP and remain on MAPS, or leave.

Keep up the good work, MAPS!

This is my .sig. It isn't very big.

That's how the "marketplace of ideas" works

[dubl-u]

MAPS isn't "hiding behind" free association. All they do is publish a list; other people decide whether or not to use the list.

If indeed many people feel that MAPS is too extreme, then competitors will indeed appear. But to date, the only serious competitor I've seen is ORBS, which is more extreme than MAPS.

I agree that there is some collateral damage, but that strikes me as necessary. I use the RBL because I don't want to talk to spammers or anybody who supports them. This includes the ISP who is hosting the spammer software site. How could you block an ISP but not block its IP addresses?

Still not censorship

[dubl-u]

They are blocking an ISP who is hosting a spamware site and is therefore spam-friendly.

It is true that this ISP has other web servers, but how can you block an ISP without blocking their IP addresses?

As a guy who donated money to Peacefire, I'm disappointed that they're using a spam-friendly ISP. Hopefully they'll move to a more respectable service shortly, and they won't have these problems.

Caller ID is a great analogy

[dubl-u]

Here in California, you can ask the phone company to set things up so that anybody trying to call anonymously is automatically rejected. In a year, this has caused only one problem with a legit caller, but I get telemarketing calls maybe once a week now.

Hooray for voluntary blocking! I wish I could get a service like MAPS for my telephone or my fax machine. Hell, I wish I could just block all phone calls from Florida; I don't have any friends there, and about half of the junk faxes I trace back come from there.

They already have three different lists

[dubl-u]

For just such reasons, they already have three different lists:

• Realtime Blackhole List - a list of netblocks involved with spam origination, severe spam relaying, or spam support services
• Dialup User List - A list of dialup netblocks
• Relay Spam Stopper - a broader list of known spam relays

I guess you're asking them to split the RBL into two or three more parts. I personally don't see the need for this; in my eyes supporting spammers is as bad as being a spammer. But opinions differ, and if enough people ask for it I'm sure they'll add those lists (as they did with the DUL and RSS lists). Have you asked them yet?

Flamebait?

[dubl-u]

This comment was not intended to be flamebait, despite what a moderator seems to think. I mean it as a serious and legitimate critique of the site.

Is this an article, and therefore theoretically objective? If so, it's a pretty poor fit with what I like to see in my news sources.

Is this just the usual news commentary? If so, where's the news, the carefully researched article by a journalist who has been picked by a publication and helped by an editor?

Or is this an editorial? And if so, is it considered a Slashdot-approved editorial, or just an opinion piece by some guy called "jamie"? And if so, what are his qualifications to speak?

Personally, I like Slashdot best when it posts news articles from other sources, possibly with a wry comment or two, and then lets us comment on them. Journalism is a tricky thing, and I'm generally not impressed when Slashdot tries it themselves. That's why I've turned off display of the Jon Katz articles, for example.

If they think this is a news article or an opinion piece that's worth publishing, then they should submit it to someplace like Salon or ZDNet or Wired, rather then using the power of Slashdot to push their own articles like this. They might discover that professional journalists and experienced editors at real news sites would have some suggestions that they missed. And once they get it accepted elsewhere, then they should by all means post it back here for discussion.

Have you looked at the site?

[dubl-u]

These people offer "25 million free addresses" with the purchase of their bulk software. They have ads for "bulk-friendly" hosting services. This site is all about enabling spammers, bucko.

Sendmail is a piece of software that can be used to spam. The folks at MarketingMasters offer software that is specifically designed for spamming, plus it comes with a bunch of addresses, probably including yours and mine. You see the difference?

Re:Have you looked at the site?

[dubl-u]

[...] in all honesty, are you going to tell Peacefire.org to switch providers now because they're using the same service as MarketingMasters?

Yes. Although I support Peacefire's work (and even donated money to them), they should move. And if they want to stick with their spam-friendly ISP, then that's their choice, but my computers will stop talking to theirs. (And I probably won't give them money again, either.)

MAPS has taken the power they have and abused it.

It's not like they're pulling these judgements out of their collective ass or doing something secretive. They have a clear policy on what gets you in. According to a recent press release this ISP got listed for hosting spam-advertised sites. They are also clearly continuing to host sites that sell bulk-mail software and addresses. According to spamhaus.org, Media3 is the largest spam site hoster currently active.

RBL needs to be replaced. The original intention was to keep it as a list of sites that send spam.

I don't know if you've looked closely at any of your spam in the last couple of years, but the the vast majority of it now is from dialups, open relays, and weird foreign hosts. Making a "list of sites that send spam" won't do much good anymore; that's why they have expanded it to include relays and spam support services. As another poster mentioned, you have to follow the money to stop spam.

Still, if you think such a service would be more useful. you're welcome to start one. Note, though, that the only serious RBL competitor, ORBS, was substantially more aggressive than MAPS; I doubt an RBL-minus would be very popular.

---

The point here is not to punish a single spammer site; it's to punish an ISP that's been so badly behaved for so many months that there's nothing left to do but to ostracize them. It's unfortunate that banning an ISP harms their legit customers. (It's also unfortunate that boycotting, say, Microsoft or Starbucks or Nike harms a lot of perfectly nice employees.)

But how else do you suggest that we deal with a rogue ISP?

Re:Have you looked at the site?

[uglyduckling]

It's not like they're pulling these judgements out of their collective ass or doing something secretive. They have a clear policy on what gets you in. According to a recent press release this ISP got listed for hosting spam-advertised sites. They are also clearly continuing to host sites that sell bulk-mail software and addresses. According to spamhaus.org, Media3 is the largest spam site hoster currently active.

But if you read the article, MAPS suggested that ISPs have different IP addresses for the customers' domains, to avoid exactly this situation.

The blocking of sites that sell spamming software is (IMHO) dubious but understandable; blocking 1500 addresses is appaling, and contrary to the cooperative spitit that makes the Net work. Also, RBL is used in a backbone and those using it have no choice in the matter.

The RBL is supposed to be narrow

[dubl-u]

The point of the RBL, as opposed to the DUL or the RSS, let alone ORBS, is to only block those who are known and recalcitrant supports of spam.

The fact that that few spams are caught in the RBL is either a testament to their restraint in listing people or to the success of MAPS of driving spam support services off of the web. Either way, I'm still very glad it exists.

Re:The RBL is supposed to be narrow

[dubl-u]

BZZZT!

10 years ago I wrote this program which stops elephants from walking down the highway. Since there's only been a couple of elephants found walking on the highway since then, my program must work.

When MAPS started the RBL, a lot of the spam was direct and obvious, coming straight from the spammer's network and advertising something on the spammer's network. Now, almost all of it is cloaked in a variety of ways; I almost never see a spam that obviously originates from the site that it is pushing.

So if ten years ago highway elephants were a big problem and today people were regularly caught disguising elephants as dump trucks, semis, and Yugos because your program didn't catch that, then you could rightly feel that you had made a difference.

And so it is with MAPS and the RBL.

It's called a "joe job"

[dubl-u]

When that happens, it's called a "joe job". Generally, they're pretty obvious; people who spend their time doing things like this are usually pretty dim.

Occasionally, it's a real problem telling, in which case it's generally up to the judgement of the ISP, which can go well or go poorly.

Note that the RBL generally only contains recalcitrant spammers; I'm sure if they contacted somebody who said "it wasn't me", gave some reasonable explanation, and then put up a note saying how deplorable spam is, then MAPS would just keep an eye on 'em.

You carefully choose who you do business with

[dubl-u]

As with anything else, you should try to do business with reputable companies. These days, this is much easier than before the internet.

With an ISP, the first thing to do is read their AUP and the other agreements that you sign when you get service from them. Next, search for information about them.

With Media3, for example, it's pretty easy to find that they are a known spam-friendly ISP. If you think that's cool, then by all means use them. If not, maybe you should look elsewhere.

Re:You carefully choose who you do business with

[sqlrob]

You mean the ISPs that override their AUPs with a pink clause in contracts?

How do you know whether or not that happens, unless it gets revealed (as in PSI and ATT)?

Re:Sorry, Jamie, you are way off base

[dubl-u]

That's how MAPS should work, by blocking the bad stuff so that RBL users just don't see it. There isn't any need to punish innocent sites who happen to be on the same class C.

Wrong. Media3 is currently the number one ISP for live spam sites accoring spamhaus.org. MAPS has been talking with these guys for months about their various spam-friendly activities. If an ISP keeps allowing spammers in, MAPS should block 'em.

If MAPS successfully got Media3 to shut down the spammer's site, then MAPS WOULD be dealing in
censorship, wouldn't they?

These aren't just people who say that spam should be allowed. They are people who spam to draw traffic to their websites, people who sell spamming software, and people who provide spam-friendly hosts services.

If MAPS blocked people for advocating spam, like, say, the DMA, then they would be censoring. But they don't; they only block people who spam or those who help spammers. Their criterion is based on an activity, not an opinion. That's not censorship as far as I'm concerned.

In fact, MAPS even goes so far as to give links to its various opponents on its web site. Censors? I don't think so.

Oops! Bad URLs

[dubl-u]

One URL there was mangled; here's the right post:

Yes. I I use blcheck for this, with qmail-qfilter to put it right into the SMTP chain, although you can use it with procmail, too. That way users can use their mail clients to decide what to trash and what to keep.

Huh?

[dubl-u]

And what would the potentially legitimate use of spam software and 25 million addresses be? Decorating your apartment? A little light reading before bed?

And I'm sure there's a potentially legitimate use of "bulk-friendly hosting", too. Web pages for my bulk foods business? A place where bulky guys can get clothes?

Nmap is a tool which can be used for good or evil; I use it to check up on my own hosts to make sure my users aren't running anything insecure. Napster, as we've seen, is more ambiguous; it can be used for good, but the bulk of the activity is copyright violation, which is why the courts have taken such a dim view of it.

But bulk e-mail software that comes with millions of addresses and software for spidering sites to get yet more addresses has no purpose but spamming. There's nothing "conceivable" about the evil use here.

An old and silly argument

[dubl-u]

Is this just a troll?

Sure, you can use delete on your own inbox. But what if your an ISP and your customers demand less spam? Will you delete for them?

And really, this just ignores the potential size of the problem. Sending a spam costs practically nothing to the sender. There are two million registered businesses in the US alone. So if spamming isn't fought tooth and nail, how many spams do you think you'll get once everybody does it?

Or another way to look at it: spamming a few million people costs about as much as the smallest newspaper display ad. How many ads like that are there in your daily paper? And how many daily papers are there in the world?

If you want to keep up with your "solution", you'll need to remap about half your keyboard to delete.

Re:An old and silly argument

[dubl-u]

No, if I were an ISP I would not delete spam for my customers.

Then you should start your own ISP and see how far you get. Many large ISPs and mailhosts are very excited to tell people about their anti-spam efforts.

A lot of this is probably customer demand, suggesting that your style of ISP wouldn't be very popular. And as others have pointed out in this thread, spammers shift the cost burden to others, especially the destination ISP, so any ISP takes your view of spam will end up with higher bills (and therefore higher prices) than ISPs that allow their customers to block spam.

But hey, best of luck to you; if it turns out that you are right, then nobody will use MAPS anymore, making the argument moot.

Re:An old and silly argument

[bobv-pillars-net]

what if your an ISP and your customers demand less spam?

That's like asking the postal service to deliver less junk mail.

No, because:

1. The spammers have to PAY the postal service to deliver their mail. This alone tends to limit the level of abuse.
2. The postal service doesn't worry about you switching to a different delivery service.
3. The courts provide specific remedies in the case of postal mail-abuse, including the right to have your name taken off the list, the right to know how they obtained your information, and the right to collect punitive damages in the case that your requests are ignored.
4. Delivery of junk-mail does not prevent delivery of legitimate mail, even if your mailbox is full.
5. The post office does not send you a monthly bill for the right to receive mail.

In short, any analogy comparing a sender-funded message service with a recipient-funded message service is poor logic.

Re:An old and silly argument

[tbannist]

That's like asking the postal service to deliver less junk mail.

Don't be a dumb-ass. It's like asking the postal service to stop delivering junk mail *for free*.

The distinction is *very* important. Spammers don't pay to spam, they do it for free. Everyone else pays for them instead. That's why it is different than the post office.

As an ISP, even if my end users block all the spam that comes to them, and stop asking me to block, I still have to pay for the extra bandwidth to pass these unwanted messages on. So no matter what my end-users do the spammers cost me money.

Re:An old and silly argument

[raju1kabir]

Just try calling your phone company and ask them to filter out calls from telemarketers and see how far you get.

Works for me. I called the phone company and told them I no longer wanted to receive calls from people who blocks their caller ID data (even though I don't have caller ID). It's pretty much put a stop to the telemarketing calls. I'm pleased that I can do the same in my choice of ISP: I can select one that uses an imperfect but fairly effective mechanism to screen out crap.

It's the ISP

[dubl-u]

They are blocking the ISP, which has hosted a whole mess of spammers for at least six months.

The ISP is the one who is violating the "cooperative spirit that makes the Net work"; MAPS just lets us know who the bad guys are so we can block 'em if we choose.

Also, RBL is used in a backbone and those using it have no choice in the matter.

Many have made this claim; despite many requests, I still have seen no evidence. I say it's bunk.

Re:It's the ISP

[raju1kabir]

They are blocking the ISP, which has hosted a whole mess of spammers for at least six months

To be fair, if you look at the data behind the graph, you'll see that it's only 2, and not really 21 spamhäuser. There are 20 ostensibly distinct Hormel subsidiaries on the same /24.

On the other hand, it's pretty clear that Media3's well aware of what's going on. All their spam customers are on the same two machines: ss2.media3.net and ss3.media3.net, a group that starts and ends there.

So?

[dubl-u]

That may be true, but that has nothing to do with MAPS and the RBL; ORBS isn't even listed on the RBL. So even if above.net is choosing to block ORBS traffic on their network, that doesn't seem relevant to this discussion.

Re:So?

[dubl-u]

The notion that MAPS is some insidious conspiracy that uses its pod people to push its secret agenda throughout the industry is not one I'm buying without more proof than your assertion.

You should also be careful how you sling around that term censor. From what I can tell, AboveNet blocked ORBS for their behavior, not their opinions. Censorship is the suppression of ideas, not actions.

Personally, I think ORBS is a good idea, but that they go about it in an agressively rude fashion. I wouldn't block 'em, but I see it as a reasonable decision to keep their probes off of one's networks. I've seen no evidence that AboveNet it doing anything more than that.

If you come back with some proof that AboveNet blocks, say, ORBS, mirrors of ORBS pages, and usenet discussions that say nice things about ORBS, then I'll take you a little more seriously.

Re:So?

[dubl-u]

AboveNet has constructed their criteria so that they do have "fig leaf" excuse for their censorship, as is done in virtually all real
world examples of censorship. If you want to be fooled in all of these cases, that is your choice.

Let's just say I'm willing to give them the benefit of the doubt. I've been reading SPAMTOOLS for years, and this issue got quite a bit of play there, and I'd say that rational people can disagree over this issue. Although like the goal of ORBS, I wasn't so sure about their methods. And I was very sure I didn't like their stubbornly boneheaded refusual to see that there might be other points of view.

If ORBS really wants to claim censorship, then they should move their ideas (e.g. their website) away from their actions (their arguably aggressive network probing). If AboveNet suddenly starts blocking their web server, then I'd agree that they are after censorship.

You could also test things yourself. Use an external proxy server to make a mirror of orbs.org on your network and announce it to the world. That way, all AboveNet customers will have access to the ideas of ORBS without risking exposure to what AboveNet sees as network abuse. If you get the smackdown from AboveNet, then you'd have a reasonable claim

In this case, AboveNet's excuse is ridiculous, in light of the fact that AboveNet claims to be doing this for customer welfare, and we, the effected [sic] customer, do not want them to do it.

A quick check of ARIN shows that you guys are about 0.06% of their address space. No offense meant, but I can see how they wouldn't be willing to futz around with their routing tables for such a small customer.

If this is such an important issue to you, you should consider voting with your dollars.

Re:So?

[dubl-u]

I am not saying that AboveNet is trying to prevent people from learning about what relay blocking is. I am saying that they are
censoring the specific exchange of information needed to do the relay checking (albeit with some lame excuse).

Note that there are other relay checkers which they do allow, MAPS RSS being the most popular one. What exactly is it that you feel they are trying to censor?

Also note that what you consider to be a "lame excuse" is seen by a lot of other people, including many strong anti-spam advocates, as a reasonable argument. See, for example, the archive of SPAMTOOLS from around the end of May. Your adamant refusual to see any merit whatsoever in their position doesn't make you convincing; it makes you look clueless.

This would be akin to allowing a few books on what democracy is but not allowing people to actually communicate to implement it.

Well, you seem to be doing a pretty fair imitation of communicating about it.

Or if you wish to prove your point that it's the information rather than the actions, then set up an ORBS secondary within AboveNet's network. I'm sure ORBS would cooperate; you'd just need to find somebody to secondary the data so you could reach it.

So, it would not be reasonable for AboveNet to claim that allowing ORBS probes is just too much work for just one customer request.

Well, they still could claim that it's too much work (or, more likely, too risky for their routers) to allow ORBS probes for just a few customer requests. Indeed, if routing table size is what worries them, then a larger number of requests would be worse, not better.

And, yes, we do intend to vote with our dollars, losing our setup costs after our annual contract with our AboveNet-based ISP expires.

I'm glad to hear it.

Put up or shut up

[dubl-u]

As other posters have mentioned, those of use who use MAPS offerings have indeed elected him policeman of the Internet.

Get off your high horse and try building a constructive way of dealing with spam that does not punish innocent users.

Given that you're shouting this from your own high horse, this is a pretty silly statement to make.

The people at MAPS have carefully thought out their stand on the issue, and then offered their services to anybody who agrees with them. Name-calling probably won't change their minds.

If you have a different view on things, then you're welcome to make your own offering. Once you get it working, I may even subscribe. (Or I may not; ORBS, for example, is to extreme for my tastes.) But put up or shut up; don't just run your mouth telling other people what work they should be doing.

Eh?

[dubl-u]

My recollection was that eBGP4 was the first format they offered it in; I have the notion that the DNS version came later. But either way, they've offered both for years.

In any case, using MAPS in this way is just plain wrong. I support only blackholing via mail, not anything else.

Well then you should certainly use it that way. I think it's probably right, and I hope you support my right to make my own ethical choices.

Here's why I think it's probably a good call by MAPS: Banning an entire spam-friendly ISP should be a solution of last resort, but MAPS has been after these people for six months to fix things. And still, they are listed as spamhaus's number one spam-friendly ISP. As an RBL subscriber, I fully support their action.

And the non-bad things are?

[dubl-u]

Since you have such a deep insight into this issue, perhaps you can enlighten us as to the many beneficial uses to which a spamming program (plus 25 million addresses, free with every copy) could be put?

And actually, going after tools solves quite a lot. The purchase of explosives, for example, is highly regulated. This a) make it harder for people to blow other people up, and b) makes it easier to track those who use explosives to violate the law. And the purchase of, say, atomic bombs is strictly forbidden, even though an A-bomb, like any other weapon, is just a tool.

Another fine example is the automobile. Before you are allowed to drive one in almost any country, you have to prove that you can use it safely. And before a car is allowed on the road, it has to meet many safety standards. Sure, it's just a tool, but government regulation of this tool has saved a lot of lives.

So which tool is it that has taken the place of the a-bomb or the automobile? And how is the general populace ignorant of the possibilities of misusing them?

They're blocking the ISP

[dubl-u]

As I've said elsewhere, MAPS started by blocking the spammer site. But it turns out that Media3 is the most spam-friendly ISP around. And as the article mentions, MAPS has been after Media3 for months with no results; they've even taken on new spam-friendly clients in that time.

What do you want MAPS to do? Blow kisses at Media3? Send 'em cookies and say pretty please?

As an RBL subscriber, I'm glad they list spam-friendly ISPs. And maybe Peacefire is an innocent bystander, although perhaps they stay there to make a political statement. If they truly didn't know what was coming, then they should yell at Media3, 'cause Media3 has known this was in the works for months.

But if you don't like it, don't subscribe to the RBL. The Internet I envision doesn't have spammers or their pals on it, and the RBL helps make that vision a reality.

Two?

[dubl-u]

I count at least three, maybe four. There's an outfit called SamCo that has at least 8 IP addresses; another one called the PPM group with at least three, somebody named Said Al-Zalzalah with at least two, and a guy called Mike Zuber, with one.

How'd you get two?

Re:Two?

[raju1kabir]

How'd you get two?

I just counted the number of separate machines.

I guess it's possible that they stuck several of them together on the same machine, but if I were a spammer, the last thing I'd want on a server with me would be another spammer.

And never underestimate the joy spammers get out of making up fake names and addresses.

It's about who plays nice

[dubl-u]

As an RBL subscriber myself, I support this action, even to the extent of blocking other web sites.

When I started using the internet more than a decade ago, it was a neighborly place. When the green card lawyers did their massive spamming and followed it up with a big "fuck you", it was a shock to all of us.

To me, the RBL is about sorting out who has that old-school community spirit from those who don't. The jerks and idiots are welcome to talk to one another (and anybody else who cares to listen to them), but I want to keep them out of my inbox. If an ISP isn't playing by the same anti-spam rules, I cast my ostrakon for them. And if people want to support that ISP by doing business with them, that's swell too, but I don't much care to hear from them either.

As a practical matter, spam-friendly ISPs are often willing to move spammers around in a netblock to avoid a ban, so it could well be that MAPS has given up on anything less than netblock bans. Of course, we don't know the MAPS side of the story, because you didn't take the time to talk to them.

MAPS vs ORBS

[dubl-u]

You shouldn't tar MAPS with the ORBS brush. For the last year or so, all of my mail gets extra headers added based on which of the lists (ORBS, MAPS RBL, MAPS RSS, MAPS DUL) it matches.

I frequently find that ORBS would block mail I'd like to receive, whereas the MAPS RBL and RSS never do, and the DUL would only rarely. For a normal ISP, I'd guess that ORBS would be a nightmare, but the RBL would be pretty much OK.

Of course, for me, I keep all my spam so I can feed it to SpamCop.

Peacefire is fine

[dubl-u]

I think Peacefire is fine, and I'm sure the people from MAPS like them, too.

But the point here is that the ISP has been spam friendly for ages, and they've been warned for at least six months. Despite that, they are still taking on new spam clients. And spamhaus.org considers them the the biggest host of spam-friendly domains.

The ISP, as far as I'm concerned, is spam-friendly. And I don't want my boxes to talk to spam-friendly ISPs. If Peacefire chooses to to use a spam-friendly ISP, that's their business, I'm not one to stop 'em.

Oh, you say the didn't choose? That they just didn't know? It's funny, isn't it, that Media3 didn't even warn their clients about a possible loss of connectivity to large parts of the Internet?

That's not the behavior of a reputable businessman; it's an ISP trying to shield its spammer clients by mixing in legit sites. The ISP has known this was coming for months; they should have warned their customers.

New details on MAPS procedures

[dubl-u]

One of the gripes in the article was that the MAPS evidence file for these guys was scanty. That's because the nomination for the extension was kept here:

http://evfiles.mail-abuse.org/rbl/ev/63.74.120-24. txt

This paints things in a pretty different light; it's a shame that this wasn't read by the author of this article.

Yawn! This is old "news"

[albin]

Don't people get sick of complaining about the RBL? There's nothing new in this article. When I read it through, I kept waiting for some big news about the RBL that I missed when I read through all the MAPS literature ages ago (hint, hint).

It's so easy to forget, I suppose, that the terms and implementation of the RBL have been the same for quite a long time. I happen to love the RBL, but if you don't like it, a) you have a lot of nerve being surprised at this stage, and b) don't use it! And if your upstream uses it and it actually prevents you from seeing websites, etc., then complain to your upstream.

It's not MAPS' fault if the info is used too strictly (to block more than SMTP in inappropriate instances), and at the same time if the RBL is to be effective it must adhere to its own terms, and that means putting providers like Media3 on the list when they don't "play ball," that is, deal responsibly with their customers who spam.

To me, complaining about the RBL is like panickingly posting about the Good Times virus.

You're way off base

[cameldrv]

Perhaps signal-to-noise is a precious commodity. Free speech is a way more precious one and to throw it away for something like this is outrageous from the biggest free-speech advocates of them all. I don't like spam either. I take measures to stop it, and when that doesn't work I hit the delete button.

Let's put this in perspective. You're willing to shut off someone's connection for distributing spamming software, but if someone posts instructions for making a bomb, that's free speech? Free speech isn't always pretty. Sometimes people yell in the street, sometimes the Nazis march around the neighborhood. But what about when you have something to say? Who's going to stand up for you when you agree to be a vigilante for mere association with spammers?

Think about it.

Thats not what its for...

[Rix]

They provide a list of IPs which are friendly or neutral to spammers. Media3 is friendly or neutral to spammers, they belong on the list. I want my subscription to be used that way. If you don't, make your own RBL.
Cheers,

Rick Kirkland

Re:Thats not what its for...

[Rix]

Peacefire is funding a company that provides service to spammers, putting them at least in the neutral, if not the friendly category.

If I was RBL'd in a similar way, I'd be pissed off, but with my provider, not MAPS. And I'd have all the more reason to take my business elsewhere.
Cheers,

Rick Kirkland

Re:Thats not what its for...

[radja]

so now there is an effort to pressure on known spammers to stop. Not by rules, regulations and law but by consumer pressure. Everyone here always shouts about how bad regulation and law is.. This is what you get from it.. lawsuits, lawsuits and more lawsuits. make some bloody laws that mandate opt-in for spam, and the whole thing becomes a moot point. But we want self-regulation (well.. not me..). This is the internet self-regulating, and once again people whine about it.

//rdj

Re:A compelling argument...

[QuoteMstr]

The problem is that you are forced to use it --- with abovenet using it and broadcasting null routes, there is no way in hell you can avoid it.

Huh?

[ddmckay]

Maybe I'm confused, but I thought the RBL is used to block e-mail, not web access. I use it and I can view all of the sites listed.

Re:A Better Analogy

[Chalst]

Let me see if I understand you: you are saying that the rule of law
depends upon people regularly engaging in bullying, lynching and
illegal intimidation? And that this follows from the second law of
thermodynamics?

Free Speech & Spam

[multiopsys]

A modest proposal for making spam easy to deal with while dodging free speech issues:

Pass federal and state laws requiring that the subject line of all unsolicited commercial email begin with the following:

UCE:

Add in jail time & big fines for noncompliance.

Anyone who doesn't want spam could stop it with one filter, or create absolute hell for the noncomplying spammer; they've got to have *some way* for people to contact them in the message.

The First Amendment guarantees a right to speak, not a right to be heard.

Re:Fuck off, Commie Pinko

[?erosion]

Um, yuo spelled teh word 'fagot' wrong

Re:Sorry, Jamie, you are way off base

[Pseudonym]

Whether or not you think it's right, it's still censorship. Someone is taking it into their own hands to block us from seeing something they don't think we should.

That couldn't be further from the truth. What's happening is that I decide that someone else has sufficiently similar opinions to mine about what I don't want to see, and ask them to do it for me. That's not censorship, it's outsourcing. Well, I guess you could always call it "self-censorship by proxy" or something equally convoluted.

Now if the RBL isn't what it advertises to be, that's a different question. But that wouldn't be censorship either, it'd be false advertising.

Sometimes, the best thing to do is nothing.

[Convergence]

There are many evils in the world, but we let them continue because to not let them continue would violate privacy, or freedom.

Incest happens, one way around it is to require that everyplace that allows children is tape recorded to catch the bastards. A simpler and cheaper alternative is to kill all children.

This is my solution.

Sometimes, when the only way to stop an evil is to do an even greater evil, the only sane thing to do is nothing.

You totally miss the point.

[dunster]

You are quick off the starting line to point out that the RBL is a voluntary thing. We've heard that before, and it is even true.

But, this article is about the fact that MAPS uses a very broad brush to paint its spammers. In its zeal to stop spam, it is hurting people and organizations that have never done anything wrong. MAPS has been accused before of being arbitrary with its power, and this is some pretty compelling backup to those accusations.

Frankly, I wish that a more moderate group than MAPS had taken the lead in writing a blackhole list. I find their definition of spam to be to far-ranging. I find their tactics to be abominable. I find their superior-that-thou attitude to be offensive.

I hope that press like this will lead an alternative list-group to form, and more press will steer people to it.

MAPS can hide behind "free association" for a while. But if they continue with practices and policies like this, I suspect that they will find few willing to associate with them.

As I read the %2 article

[z4ce]

I was rather shocked as I read RBL only blocks %2 of spam. I had heard it blocked more around %90 of spam. As I clicked the article I learned the "independent" study was sponsored by at&t's brightmail. Mindcraft anyone, please?

Re:As I read the %2 article

[Senior+Frac]

The MAPS RBL has different goals than MAPS DUL and MAPS RSS. MAPS RBL probably does, indeed, block only 2% of spam. Why? It targets mainly the dedicated spamhauses and spam supporters. It's manual, fairly static, and each case is researched on a case-by-case basis. Comparing the MAPS RBL to other types of spam blocklist is comparing apples with oranges.
--

Re:As I read the %2 article

[pjrc]

As I clicked the article I learned the "independent" study was sponsored by at&t's brightmail. Mindcraft anyone, please?

As I read it, I wondered exactly how they did the testing. Of course, they didn't give details (even worse than MindCraft). Notice the words "blocked just 2 percent of 922 spam messages sent". In the case of MAPS, the important question is who did the sending? I'm guessing that they transmitted spam that they had harvested.

MAPS has put a lot of pressure on ISPs, perhaps with underhanded or questionable tactics. It good to see that slashdot with its giant readship is putting a bit of pressure onto MAPS about its questionable actions.

I've got a tiny block of IP numbers, and I know I'd be really pissed off if MAPS decided to block the entire class C range that just happened to contain my site, because a spammer operated on an IP number within that range.

Re:I definately do not agree - (pro-MAPS)

[Zak3056]

Knowingly distributing software to do that is like owning a gun shop; a customer comes in and asks which gun and which bullet type go through flesh the best and cause the most damage. Selling the gun to them is illegal because you know they're going to use it to commit a crime.

Yeah, it's not like people lawfully use guns for self-defense, and want the most effective weapon they can get for the money. Perish THAT thought, anyone who cares about ballistics, velocity, energy transfer, or anything else "technical" about the round MUST be a criminal, right?

Re:I definately do not agree - (pro-MAPS)

[Zak3056]

For the record, I live in Canada. I don't have to prove my point; Janet Reno has already pointed out that Chicago and Toronto, two very similar (in population, area, and climate) cities, have very disproportionate homicide rates: Toronto in a bad year might have 75... Chicago has 1000.

It's interesting to note that Chicago, IL, has some of the STRONGEST gun control laws in the entire united states of america (being surpassed only by Washington D.C., another high crime area) and, in fact, handguns are COMPLETELY ILLEGAL inside the city limits. One could therefore reasonably conclude that the law has little, if nothing, to do with the rate of homicides in Chicago. This truly begs the question: if the laws do no good, why did you pass them? Why would you not repeal them? Why should law abiding citizens lose their right to self-defense, when the criminals can carry any weapon they choose to? The very phrase has become cliche, and is oft derided, but the simple logic is hard to escape: When guns are outlawed, only outlaws will have guns.

As for the part about the guns, you bloody well know what I meant

Yes, I did, and I am sorry for the heavily sarcastic response. It just pushes my buttons to demonize an inaminate object (despite what some folks would have you believe, guns do not possess the force of will) that over 80,000,000 people in the US use legally, without harming anyone. I'm sorry to have vented on you.

I am on abovenet and have NO PROBLEM with those..

[dynweb]

I'm an abovenet customer and currently have NO PROBLEM contacting those websites. Here's a traceroute from within abovenet if you care to see. I only remove the first hop so I don't give away too much about myself.

Type escape sequence to abort.
Tracing the route to 209.211.253.38

1 mainx-xxx-xxx.sjc.above.net (xxx.xxx.xxx.xxx) 0 msec 0 msec 0 msec
2 core5-main2-oc3.sjc.above.net (216.200.0.205) 0 msec 4 msec 0 msec
3 core3-core5-oc48.sjc2.above.net (208.184.102.206) 0 msec 0 msec 0 msec
4 core5-core3-oc48.sjc2.above.net (208.185.156.66) 0 msec 4 msec 0 msec
5 nyc-sjc-oc12.nyc.above.net (208.185.156.162) 88 msec 92 msec 92 msec
6 qwest-nyc-oc12.above.net (208.185.156.26) 92 msec 88 msec 88 msec
7 205.171.30.17 88 msec 92 msec 92 msec
8 205.171.30.94 92 msec 92 msec 92 msec
9 205.171.38.14 100 msec 96 msec 100 msec
10 209.211.253.38 104 msec 100 msec 100 msec

You're still wrong

[mike_markley]

"But making these 1500 IP numbers vanish from the net -- which is exactly what happens for any provider who subscribes to the RBL -- does not stop any spam from getting through. They are not blocked because those servers are sending unsolicited email, or any kind of e-mail for that matter." - this is complete CRAP.

There are a number of ways to subscribe to the RBL. One is to BGP peer with them and accept null routes to various places. Personally, I feel that only a moron would pollute their routing tables like this, but here's the sticking point: IT'S THEIR NETWORK. It's not your network. It's not the customer's network. It's the provider's. You pay for the privelege of being allowed to utilize your provider's network and servers. If you don't like how they run things, try www.thelist.com and quit bitching.

Now, I first played with subscribing to the RBL over 2 years ago when I got my first position doing postmaster duties. We came to the conclusion that there were enough possible false positives that we didn't want to completely block email from RBL'd (or ORBS'd, DUL'd, etc.) IPs, so we wrote a blockspam.m4 file for sendmail that adds an X-Spam: (RBL|ORBS|DUL) to each and every mail that matches. This lets us set up filtering as need be, for ourselves and for our customers. Currently, most popular mail servers (at least in the *nix world, I don't know or care about the functionality of NT mailers) support both using RBL-type services to block mail, and tagging mail with some sort of header.

In short, jamie, you are full of shit. The difference between censorware and MAPS is that censorware can only be used one way - you block stuff based on some subjective definition of "offensive". MAPS just gives you the information and lets you do whatever you want with it.

No MAPS subscriber has ever been forced to BGP peer with RBL, or even to reject mail from MAPS-listed IPs. It's all about choice.

Additional data

[wowbagger]

Here's some other interesting data on Media3:
Spamhaus.org's ranking of spam supporters

Media3's list of active spamhausen

OK, on three, let's have a great big "Awww" for poor widdle Media3.

1....2....3.... BPPPPPPT!

Re:Additional data

[alexburke]

Where's UUnet on this list?! They're one of the worst, if not THE worst, IMO. I've even had to manually blackhole some of their dial-access (da.uu.net) IP blocks from making lookups on our DNS servers to figure out what our MX host is!

--

Re:Additional data

[pjrc]

OK, on three, let's have a great big "Awww" for poor widdle Media3.

(maybe) 21 spammers hosted by Media3 !!!

Well, if that's not reason enough to blacklist thousands of their addresses, hurting dozens, perhaps even hundreds of their unsuspecting non-spam customers, then I don't know what is! Those idiots should have read that AUP (that looks just like all the others) and predicted that Media3 would harbor some spammers. It's their own fault that they happen to live near where a dirty spammer moved in.

Damnit, I've had to press delete almost 20 times so far this week, so NUKE 'EM. Who cares if there's innocent and unsuspecting civilians... this is war! Blast 'em to hell and make Media3 sorry!! Who cares if some innocent bystanders get hurt.

Re:Additional data

[pjrc]

They're not innocent. They're putting food on the table for a spamhaus. They should move, it's as simple as that. Web pages can be hosted anywhere on the globe.

My website is hosted at a particular ISP. Maybe I'm guilty of supporting spammers? When I start losing traffic and I can't communicate via email, it'll be easy to recognize the error of my ways... I should have used my crystal ball to predict that a spammer would move in next door. I should have known my ISP would allow it. My particular ISP changed ownership a few months back... but then I should have know they'd sell to someone who'd allow a spammer to set up shop.

So realizing what a terrible mistake I made, hosting my web site and email with an ISP that later let in a spammer, I should move, "simple as that". Sure, simple, try to find a price similar to the fairly good one I've got now (remember, I chose this ISP for a reason). Standard dial-up and simple virtual hosting are about the same price wherever you go, but Frame Relay service varies considerably. I signed a 2 year contract, so I'll have to pay for a portion of the remaining time. I'll call the phone company and the ISP, back and forth and get those circuit ID and DLCI numbers worked out, schedule the switch, hope they manage to get the line switched over correctly. Contact the registrar and get my DNS record changed, and of course change stuff on my server. I hope my SSL cert still works at the new location. The local telco raised their rates for frame relay, so I'll certainly have to pay the new higher rate, and there's a good chance it'll be a new contract, with a penalty for breaking the old one. If everything goes smoothly, maybe I'll only be off the net for a couple days. If things go badly (as a move like this often does) and it's over 5 days, then all those email bounce warnings will turn into the 5 day bounce errors. We do a bit of e-commerce from the site, so I'll lose orders while I'm down.... but I'm already losing plenty of money already, all because it's my own fault for picking an ISP that later, after changing ownership (within my 2 year contract), allow a spammer to be hosted.

Yep, it's all my fault and I need to "just move". I'll do my homework and pick a less spam-friendly ISP, and cross my fingers that they don't change ownership within the period of my lengthy service contract, or by some error allow a spammer to be hosted. Vixie blacklists some sites for having join-our-mail-list without a double confirm.... but spam is such a plauge on the world his strong-arm tactics that hurt lots of unsuspecting bystanders are the means to the end. So "KjetilK", you're right, anyone who gets screwed by Vixie ought to "just move".

Re:Additional data

[KjetilK]

Who cares if some innocent bystanders get hurt.

They're not innocent. They're putting food on the table for a spamhaus. They should move, it's as simple as that. Web pages can be hosted anywhere on the globe.

Re:Additional data

[hobit]

Wrong. One has to go after the companies that host the spammers. Going after the spammers themselves is just like playing "wack-a-mole", they pop up somewhere else. So what about those people who are "real" users on media3s system? They get poor service and end up moving out. Media3 loses customers. Ideally whoever hosting media3 gets sick of them and drops them too. Only by actively going after the spammers, and where needed, the hosting company, does anything get done. Mark

Sorry, Jamie, you are way off base

[wowbagger]

Let's review:

1. Media3 sells connectivity to a spammer
2. Spammer sets up web site on that connection
3. Spammer sends spam (by relay raping other peoples gear), advertising products that are sold on the Web site

Now, what can we do to end the spam?

• Play whack-a-mole on open relays? Nope
• Ignore it? Nope

No, you follow the money: the spammer makes his money when morons go to the web site and by the spamware. Kill the web site, kill the cash flow, kill the spammer's business.

Now, places like Media3 will say "But we aren't spamming!" No, but they are giving aid and comfort to the enemy. So, what do you do to get Media3 to close down the spammer?

Follow the money

You make it unprofitable for Media3 to host the spammer. You do this by driving business away from Media3. You do that by blackholing enough of their customers that Media3 says "We are losing money doing this. Let's not do this anymore!"

Rememer Spamford Wallace, the uberspammer? Ageis communications was providing cyberpromotions.com with bandwidth, and by God they weren't going to stop. Then they got blackholed, and many of their customers left. Faced with losing money, they dropped Spamford like a hot rock.

Remember: follow the money. It's always about the money. If somebody says it's not about the money, it's about the money.

I say, "GO MAPS GO!"

Re:Sorry, Jamie, you are way off base

[jesser]

What if the spam is sent in a way that hides the originating IP address, and then the owner of the website claims "I didn't send that spam; my competitors sent it to try to get my site shut down"? What do you do in that case?

--

Re:Sorry, Jamie, you are way off base

[pjrc]

Let's review:

• Media3 sells connectivity to a spammer
• Spammer sets up web site on that connection
• Spammer sends spam (by relay raping other peoples gear), advertising products that are sold on the Web site
• MAPS blacklists a large block of Media3's customers, not just the spam related one (at least that's what's claimed)
• A bunch of folks having nothing to do with the spammer wonder why they're having trouble

Now, what can we do to end the spam?

How about indiscriminately blacklist everyone within ISP-level proximity of any spammer? Hurt those spammer or spam resource (in this case) harboring ISPs, with utter disregard for whatever other non-spam-related customers get caught in the cross-fire.

Re:Sorry, Jamie, you are way off base

[rustman]

So as long as you support the Government, it's OK for the Government to censor then? I guess Religion is just outsourcing your morals to the church? Whatever happened to self determination? I can't imagine so many people happily giving control of what they see to corporations.

Re:Sorry, Jamie, you are way off base

[itarget]

This may come as a shock to you, but although unpleasant, draconian measures are extremely effective. Though I suppose it may be more accurate to call this mob justice.

Besides, ISPs are a dime a dozen. Just found out your ISP is a bumch of slimeballs and a huge number of people want nothing to do with them? Switch ISPs.

The blacklisting is hardly the puppy-drowning cruelty you make it out to be.
---
Where can the word be found, where can the word resound? Not here, there is not enough silence.

Re:Sorry, Jamie, you are way off base

[Saron]

The hell you say..

How much do you want to bet that the users of ISPs that allow the list to filter traffic don't know..

Its probably not in the AUP or anything, and I'll even go so far as to say that Tech support for that ISP doesn't know.

If a person is forced to use the rbl, because nowhere on his ISPs site does it say that they do, WTF are they supposed to do? Volontary my ass.

Re:Sorry, Jamie, you are way off base

[zoftie]

There's the guy with the sense in what real world is...

Re:Sorry, Jamie, you are way off base

[Twylite]

"self-censorship by proxy"

Interesting ... I always thought that self censorship meant that I decided what I did not want to see. Not that my company made that decision, or my ISP, or their backbone ISP, or anyone else ... but me.

MAPS does not give you the choice of self censorship - it gives service providers the choice of whether to subject you to censorship or not.

I will continue to use MAPS RBL

[Keefesis]

I run a mail server and employ the MAPS's RBL and ORBS's DULs to save me the headache of some spam. A while ago I was informed of ORBS's encounters with Above.net and Paulie Vix. I think Paul Vix is an incredible horrible person and his methods are evil (Above.net routers were advertising routes for ORBS, then dropping any packets they attracted according to the orbs site.)ORBS seems to have stopped proclaiming the evilness of MAPS openly, but you can still see many statements on the site leading to that assumption. So, this will not stop me from using RBL, it works for me, as my web traffic is not in any way related to my mail traffic or MAPS. I don't endorse Paul Vix or MAPS, but the level of spam I recieve is disgusting, anything I can do to cut down on it I will. As a matter of fact, I personally block any spamming servers (i.e. sprintmail.com) that the RBL's and DUL's refuse to block, yet it seems I get more and more SPAM every day. Perhaps we need more of those exocution-style killings of spammers like we had in MA a few years back.

Re:I will continue to use MAPS RBL

[Senior+Frac]

Above.net routers were advertising routes for ORBS, then dropping any packets they attracted according to the orbs site. If I recall correctly, there was a bad configuration somewhere. Possibly ORBS' provider? It was eventually worked out. Anyhow, it's irrelevant.
Above.net != MAPS
Above.net might have been null routing ORBS, but MAPS was not publishing them on the RBL list or any of their other lists. Spreading this "guilt by association" got out of hand. Evidently, you never heard that it was resolved.
--

Re:Horay!

[plague3106]

Oh, and BTW... ISPs have every right to decide what goes on their network. Its *their* property. Abovenet have decided not to allow hosts that are in the RBL to transit their network. Thats fine...

Oh no they do not have that right. They lose that right when you start paying for internet access. My apartment complex cannot tell me what kind of pictures (ie, of flowers, car, etc) i can hang in my apt. They can only specify that i don't hang them in such a was as to destory the apt. Sending and receiving data is not destorying the network; in fact that is what its purpose is.

Re:Horay!

[plague3106]

1) peacefire.org was not accused of sending spam.
2) MAPS blocks almost no spam.

I never said i liked spam. In fact, i was repsonding to someones comments that the ISP can anything they like for any reason they like.

Re:We're a victim too....

[MKalus]

I doubt that our ISP is a Spamhouse,

As far as I can tell the c class belongs to dedicated server, in which case they are only providing the pipe.

We had the server open for a brief period after recompiling sendmail and having a misconfiguration, the ISP catched it and informed us, so I think they do a lot to make sure that doesn't happen.

We're a victim too....

[MKalus]

A couple of days ago one of my Co Admins found out that we where also blacklisted, not we directly as our site / ip is not listed but the whole c-class.
When we contacted them and asked to be removed we got sent to interliant as they are the owner of the c class, and apparantly haven't reacted in the past to certain demands.

So fine, we have apparantly 4 IPs in our C class that are an open relay or have been and we are now as f**** as they are.

Thank you.

Michael
http://www.swma.net

RBL gets my support

[bruns]

At the rate spam is coming these days, I praise RBL's attemps to block some of it, even if it does get in the way of websites for innocents. Maybe if these innocents all complained to their providers to dump the spammers and their websites, the RBL would not have to block them.

The ISP where I work has a strict anti-spam policy - you do it once and your gone. Website, mail, dialup, DSL, etc. GONE. You offer spamming tools on your website hosted with us, get ready to find it gone the next day.

The only way to stop the spammers is to force the providers which host them to dump them. I have full faith in RBL and its goals. I do NOT though appreicate ORBS. Several times I have dealt with ORBS blocking out people, refusing to remove them, and all sorts of fun stuff which makes that list seem like something for revenge.

Oh well, its not like you are required to use RBL. If you dont like it, find another provider who doesn't care about spam and enjoy.

Re:So you check up on it..

[Tau+Zero]

If the domain is being black-holed by the router, do you have any logs to check? Would you have any content to examine to confirm that the mail was spam?

Apparently this incident involves the global (not just e-mail) black-holing of all IP addresses held by a spammer-friendly ISP. The ISP hosts a site which sells spamware. Their placement on the RBL is designed to get their customers to decamp; the ISP has the option of choosing to keep the spamware-providers, or the rest of them. If the ISP is not pressured by hitting them in the revenue stream, they have no reason to quit providing service to the spamware-provider.

I happen to agree with MAPS. This time.

"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \

Re:So you check up on it..

[Tau+Zero]

you forget that in some areas customers have no option to decamp.

Web sites always have the option to decamp. Content can be hosted anywhere. This is why there is no excuse for the ISP to host the spamware-vendor.

Block the single static ip thats being used for abusing...thats ok.

Is it only okay because it has no impact on the ISP?

your attitude to forced censorship of major routes/backbones on the internet is totally disgusting.

That got a chuckle. First, it isn't forced (MAPS is totally voluntary ) and second, it isn't censorship, it's a counter-attack upon an ISP committing treason to the Internet (giving aid and comfort to the enemy in time of war, and make no mistake, this is war).

I don't see how you can live with yourself when you are claiming up and down that SPAMSUCKS on the one hand but defending an ISP's declaration of war on your mailbox on the other hand. Isn't your head threatening to explode under the pressure of the contradictions?
"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \

About Damn Time

[TheShadow]

I'm glad someone has finally gathered up the balls to sue these bastards. The RBL is a bunch of crap. If one (and I've seen this happen) website in a class C is either spamming, allowing spam to pass through it's mailserver, advertising any type of software that would be used to spam, or just generally being in favor of spam, these fuckers blacklist the whole damn subnet. It's like a teacher punishing the whole class because of the students wrote a bad word on the chalkboard. It's simply not right. I don't give a damn what you anti-spam zealots say. Punishing everyone because of one bad apple is a load of crap. Everyone gets all pissed off about spam and this and that. Just delete the fucking mail. It's not that hard... yeah it's a pain in the ass but it's easier to hit 'D' in pine then it is to route through your postal mail and throw away that junk. If we continue to let the RBL and similar methods run their course, we will eventually just close up port 25 and be done with it. In fact, they way things are going, we may as well just shutdown the whole internet... Hey, at least there won't be anymore porn for the little kiddies to get their hands on. Blacklisting "spammer" IP subnets is just like any of the other censorware out there. It's just like "targeted taxcuts", it's just like UCITA and the DMCA. It's a bunch of crap that no one who was a brain in their head can do anything about because the idiots have already ruined it.

Re:Fuck off, Commie Pinko

[MemeRot]

ARGGH!!! How is blocking peacefire.org, who has never spammed anyone, or even been accused of it, stopping spam? And how is it not censoring?

Why don't you read the article?

[MemeRot]

MAPS blocks nothing. It IS commonly used to drop email from ip addresses in it. BUT THE POINT OF THE ARTICLE is that Above.net was using it in their router tables to drop ALL packets, including http. Get it?

I hate people that don't read the article and then call the writer a lunatic. Does that seem like a sane thing to do to you?

Wrong.

[MemeRot]

Do you know what peacefire is? You think they should switch isps because they're being censored. Yeah, right. That's exactly what peacefire will do, just roll over and do exactly what their censor wants them to. I don't think so.

I saw nothing in this article about Media3 allowing spammers, nothing about open relay mail servers, nothing like that. When did the RBL come to include companies that sell spam software? I thought it was a list of spammers. What else does this company sell? Do you know? Beats me. They probably sell a lot of other evil shit, ways to track users, etc. The spam software is probably a minor part of the company. I don't think this falls into the original mission of the rbl. What about companies that sell real world mailing lists? Should their ip be blocked? What about companies that do anything else we dont like? It's a slippery slope. This company is never accused of spamming. Just of provideing software. What about the companies that sell the hardware the program runs on? Guess we'd better blacklist Sun and Dell, someone could be using their machines to send spam. Once the mission creeps, they lose credibility. Period.

Crime?

[MemeRot]

Give me a break. Can you show me the law that's being violated? Guess what buddy, intangible thing like network resources, intellectual property, etc. ARE NOT covered by property laws.

I am amazed that you think that denying people whose http requests just happened to pass through above.net's network access to peacefire.org's web page is anything other than censorship. It clearly states on the MAPS page 'give each site an ip so that we don't have to block hundreds to block one'. The assumption being that your entire client base wouldn't be added to the list for the actions of one site - since just that site's ip can be added to the list. You remind me of the hacker groups that are out shutting down warez sites - who brag and brag about their severely criminal behavior in shutting down international sites in countries that may or may not be signatories to the treaties that make copyright infringement a crime at all.

The solution is worse than the problem. I think it has now been clearly shown that the rbl list can be abused for purposes that have nothing to blocking spam, the only reason anyone decided to implement it in the first place.

It's slandering the innocent

[kevin805]

If someone took out an ad in the newspaper and said, "Bennet Haselton" is a spammer, that would be libel. How is it different to say, "Here's a list of sites run by spammers ... 209.211.253.169 ..."? Well, 209.211.253.169 is peacefire.org, Bennet Haselton runs peacefire.org, so they're saying he's a spammer, which he isn't.

It's not about whether it's reasonable to twist the arms of the hosting companies, it's about misrepresenting what it is you're providing. If a censorware package included a category that said "anti-filtering sites or redirect services", and said you better leave it turned on, that wouldn't be a problem. But when they list all the anti-filtering sites, babelfish, anonymizer and so-on in every category, that's misrepresenting what you're doing.

I read some of MAPS site and it implies that it's pretty hard to get on the list without doing something you shouldn't be. But this isn't the case. "A site being advertised as a target on multiple spam messages may be placed on the MAPS RBL. We assume that the site knows that it is being advertised in this manner". That's a pretty big assumption when you go blocking class C's. I can't find any mention of using the RBL for punishing ISPs as they seem to be doing in this case. Do all their subscribers know they are using it to punish ISPs? Would those subscribers continue to use the RBL if they knew it was blocking large numbers of sites that have no connection to spam other than having the same ISP?

I'm really curious what MAPS contract looks like. They don't have it up on their webpage, and it's the only thing that would exactly address what they claim their service is. Personally, I'd love it if sites would cancel an account if it's at all connected to spamming, even if it isn't where it's sent from. I know geocities does because I've forwarded a few pieces of spam to abuse there. I don't think I'd want the "feature" of being prevented from viewing the sites of anyone hosted on a server that is also used by a spammer.

God bless the RBL!!!

[supabeast!]

The RBL screws over all the customers of an ISP that hosts companies that sell bulk emailing software.

GOOD.

Eventually RBL use will continue to grow and grow, and the customers of the blocked ISPs will find new ISPs that have the decency to tell anyone who has anything to do with spamming just where to stick it.

I hope the RBL wins this case, and I hope Media3 finally breaks down and kicks off the spammers, and spam software makers, who will in turn keep getting kicked from one ISP to the next until they go under from lack of a decent online presence.

sure, follow the money...

[god_of_the_machine]

You make it unprofitable for Media3 to host the spammer. You do this by driving business away from Media3. You do that by blackholing enough of their customers that Media3 says "We are losing money doing this. Let's not do this anymore

Sure... now take the Above.net perspective. Their customers are complaining that they cannot reach non-spamming sites. Follow the money. What does above.net (or another business) do? They have to ingore the RBL or else their customers will get pissed off and leave(or route packets through somewhere else). Follow the money. The RBL will lose all power if it blocks non-spam related sites or over-reacts too much.

-rt-

MAPS is *seige* *warfare*

[Seth+Finkelstein]

MAPS is the equivalent of blockades and total sanctions. Every man, women, and child (i.e. site) in the targeted country (i.e. ISP) is going to be made to suffer, under the theory that they will then be motivated to fight the enemy (the spammer or all supporters).

War Is Hell :-(

Strategic Hint: MRBL

[rakslice]

Time for a Meta RBL. Block known RBL-using sites. (Or hey, why not whole netblocks? =)

Duh.

[rakslice]

Ok, let's ban all sites about operating systems with sendmail ports because, woah, sendmail can be used to send spam!

Re:Duh.

[emcdermid]

"Spamware" refers to tools designed to harvest email addresses from webpages/newsgroups, forge headers to avoid detection, rape open relays, etc. It isn't just any tool that can send email.

Re:Horay!

[rakslice]

Escalation of listings past single hosts is also known about, this happens when the provider continues to allow the spamming to continue, or moves the host around the netblock to avoid the RBL listing.

I agree on your assessments of the rights involved. Personally, I didn't know about the "escalation" provisions (essentially massive provider boycotting). I can see their point of view on the issue...

They could at least have the courtesy to contact the owners of the individual sites, though. I don't particularly mind if they continue causing more and more collateral damage... My guess is that the related publicity can only shrink their userbase to virtually nothing.

Why can't you just switch ISPs?

[fhwang]

If I understand it correctly, you should be able to simply find another provider who is not on the RBL, switch over, and change the DNS settings for the domain name. A hassle, sure, but not the permanent clusterfuck you portray it as. (And I'm quite confused as to why crossalizer.de moved to crossalizer.com, too.)

I work at a web shop, and when we make hosting decisions, we've had to make the decision to switch away from an ISP that's on the RBL. Sure, it's a little extra work, but I guess I'm happier that I know that the ISP is harboring spammers, and that they're losing our company's business as a result.

Change WEB hosts.

[wharfrat]

It is simple. peacefire.org and all other legit sites should just dump there ISP if they get themselves in the RBL.

MAPS RBL may not be the best solution at blocking SPAM. But it scares the hell out of spammers and ISPs that don't hold up there AUPs.

It is an easy answer. Just change your ISP. Simple.

MAPS is in the right

[bowood]

Once you have seen spam from an ISP's angle you realize how beligerant something like MAPS must be in order to be at all effective.

Re:Fuck off, Commie Pinko

[bowood]

Not only did I read the article but I've been using MAPS for years on every sendmail server that I admin. In fact the most recent versions of sendmail have MAPS turned on by default. Currently we have customers who get 10-20times more spam then they get valid email. Without MAPS that figure would be even higher. MAPS kills off the most egregious offenders. This is not censorship of ideas or speech, it is a collective effort of ISPs to defend against: 1. trespass 2. theft of telecomunication services 3. harassment 4. denial of service attacks "The war won't be over until the last spammer's head is stuck onto a spear at the city limits." [Paul Vixie, NANOG mailing list, Sept.1997]

Mission Creep

[frankie]

They aren't harboring spammers, but they are harboring spam-tool makers.

The main problem is that this level of blocking goes far beyond the original intent of the RBL. The Blackhole was only supposed to block known current sources of spam. Over the years it has experienced mission creep and now goes after spam accomplices (e.g. affiliated web pages & email boxes) as well as accessories (e.g. email harvesting software). That is too many tasks for a single list!

RBL's original mission is a good idea, and could even be palatable to major backbone providers. For example, imagine if Verizon and UUnet were subscribers to the more-focused version. Millions of people would be better off instantly. Within months, RBL would put itself out of business -- anyone on the list would scramble like mad to get off or else go out of business from lack of traffic.

MAPS has already implemented multiple parallel lists -- RBL, RSS, DUL, etc. It's time to break up the RBL into 3 separate components with appropriately narrow targets.

So what?

[bradipo]

So what? Even if someone thinks it is "censorware" there are still people using it that see it as a viable alternative to combatting spam. It is their choice, no one is forcing them to use it. In addition, if you subscribe to an ISP that actively uses RBL and decide you don't like it, what's to stop you from signing up with another ISP? If I tell my employees that they can't view porno on company machines is this censoring? No, because I pay their bills and I own the equipment, connection, facility, etc and they are required to use it based on my rules and policies. Same holds for an ISP. If I they don't like the rules they can find another job---if I don't like my ISP using RBL, I can find another ISP. End of story.

Additional source material

[Argy]

If you look at spamhaus.org's page on marketingmasters.com, in addition to tidbits like the last four ISPs from which they've been terminated, you'll find the reasons cited for blackholing marketingmasters.com's IP address, as well as blackholing Media3.net's other addresses. This is part of MAPS RBL SOP (standard operating procedure). You may not like what they do, but they're operating within their guidelines here.

Under MAPS RBL clause III of Blackholing Due to Spam Support Services, the IP address 209.211.253.74 is now elegible for addition to the RBL.

Under MAPS RBL clause IX of Blackholing Due to Spam Support Services, if the host media3.net is knowingly providing Spam Support Services by knowingly hosting the marketingmasters.com Spam Service Site, parts of (up to all of) media3.net's netblock may be nominated to the MAPS RBL.

If you want to read the clauses directly, check out http://www.mail-abuse.org/rbl/candidacy.html#ByAss ociation, which outlines the criteria and reasons for including spam support companies in the RBL. The essence of their criteria is "providing any service which uses internet resources to support spamming activity," although they go into more detail as well.

Re:Bullshit

[Temporal]

Actually, yes I did know that. And it's wrong, is it not?

------

Bullshit

[Temporal]

By your logic, the United Nations should start killing Iraqi men, women, and children until Sadam Hussein steps down. Hey, it would work. Once all the citizens are dead, Sadam will have no one to rule over, and will thus no longer have power.

By your logic, it is perfectly reasonable for the RIAA to shut down Napster. After all, Napster is harboring far more copyright infringers than Media3 is hosting spammers.

By your logic, if I go on a shooting rampage and kill 14 people in my dorm, not only am *I* to blame, but so is everyone else in the dorm, as well as the dorm supervisor, the University of Minnesota, my parents, my friends, and, hell, Slashdot even.

I mean, I've seen double-standards, but this is rediculous. And you got score 5, even. Huh.

------

Re:Bullshit

[Scrymarch]

By your logic, the United Nations should start killing Iraqi men, women, and children until Sadam Hussein steps down. Hey, it would work. Once all the citizens are dead, Sadam will have no one to rule over, and will thus no longer have power.

No it isn't. Who is going to die from not getting they're email delivered? It's the difference between the picture of a thing, and a thing. I thought that would be abundantly clear to opponents of censorship.

Re:Bullshit

[alarosa]

Under Siege 2: Dark Territory

Re:Bullshit

[KjetilK]

Yep, Bullshit.

It's hard to move millions of people, it's easy to change ISP. Very easy, there are tons of them out there. Could be done within a minute. Media3 is a spamhaus, it's one of the worst spamhäuse out there, and if I was peacefire, I'd think twice before giving my money to a spamhaus. Sorry, no sympathy here, peacefire should move, or get media3 to drop the spammers.

Re:Bullshit

[GlassUser]

By your logic, the United Nations should start killing Iraqi men, women, and children until Sadam Hussein steps down

You forgot that you could bring the innocent men, women, and children back to life when the spammers are dead.

Re:Bullshit

[davidmb]

When people start using "logic" as an argument, they usually have no idea what logic is themselves.

Well that's mathematicians fucked then.

Power, unchecked, corrupting as usual

[MattW]

(1) If you're a bulk provider, with hundreds of web sites, it isn't even worth batting an eye to keep hosting a spam software provider. If they wanted to follow the money, they may refuse to remove them, but they certainly wouldn't defend them when MAPS came knocking. MAPS scares providers.

(2) How much is enough? Should MAPS block every single IP address that the provider has, just to force them to stop hosting the software seller? How many innocent sites have to be taken down in the name of shutting down the spammers? And do you really think people looking for spamming software won't be able to find it because you shut this down? When these software sellers move, should we shut down a thousand more? Will you feel the same when its YOU?

(3) No one ever stops to think how insidiously powerful MAPS has grown. As their filters have become useful, it has gone far beyond good sysadmins using them to protect their users -- it has gone corporate, with millions of addresses obeying the filters MAPS dishes out. What happens when it is abused?

Think that won't happen? Wrong, it already has. MAPS blocked 209.211.253/24, because it hurt a lot more than just blocking 209.211.253.68-89, or even 209.211.253.64/27. I shouldn't need to repeat it, Jamie made a great point: Paul Vixie said MAPS contacts all blocked websites before blocking them. Ah, but that must date back to before MAPS was so powerful, such an icon of internet protection, with supporters lining up to buy them lawyers.

(4) MAPS is tied far too closely with AboveNet. The fact that Vixie was an Abovenet VP (who knows what he is with Metromedia, who bought Abovenet), should absolutely chill people. There's something absolutely creepy about the power to block email to 40% of addresses being thus controlled. I'm sure the small-time sysadmins would remove MAPS configs from sendmail if it were abused -- but would corporations be so quick to follow? With change control procedures, possibly even total apathy?

At this point, a lot of these points have been intentionally sensationalized to provoke a bit of thought. I think that MAPS has just selected an overbroad block to filter this time -- and I agree with filtering spam software sales. You support spam, down you go. But I also think that the cheerleading, here and elsewhere, and the lack of concern over the fact that MAPS has run roughshod over so many innocent sites, shows that people have a tendency to follow net luminaries far too blindly. If you're going to run MAPS filters, then you're handing that project power. Best keep an eye on that, if you don't want to contribute to the abuse of that power.

Re:RBL is unjustified in their response

[bobv-pillars-net]

This is like arresting a drunken driver, then charging everyone else who drives the same model of Ford.

Actually, it's like closing down the restaurant whose valet who handed him the keys, knowing full well that the sop wasn't fit to drive. Sure, a lot of innocent customers will be mad, and the other valets who may have been more responsible are also out of a job, but them's the breaks.

Re:Reverse-blacklisting is the solution

[crucini]

Neat idea. May I recommend that you not start your reverse blacklist with m3? They are quite the little spam village, with a few 'legit' sites like peacefire for cover. You'd better do some really careful investigation before placing a site on the reverse list, if you want to have any credibility. Spammers lie; spammers are con artists. And they'll see you as a perfect sucker.

1-liner?

[crucini]

How's this?
mail -s "Make Money Fast!" `perl -e'print "$_\@hotmail.com " for ("aaaa" .. "zzzz")'` Time to RBL /.

RBL is unjustified in their response

[dingbat_hp]

You do that by blackholing enough of their customers

Fine, go and take it out on Media3 if you want to, but why should you whack the innocent customers too ? This is like arresting a drunken driver, then charging everyone else who drives the same model of Ford.

The RBL has become a powerful weapon for causing havoc on the Net. It's useful, admittedly, but it also carries with it a responsibility to use it wisely. This scatter-gun approach is not wise. (If I were in an admin role to make such decisions) I'd pull my usage of RBL, because if that's their approach, I could no longer trust Vixie to use it properly.

Did Vixie ever serve in Vietnam ? It's that same "It was necessary to destroy the village, in order to save it" mentality.

So you check up on it..

[Sc00ter]

This is why you should check your logs.. Don't just let the RBL do it's thing blindly, check you logs to make sure it's just blocking spam and not legit traffic.

I just checked my logs and the only things rejected from the rbl was stuff that was real spam. (all from a computer company I wouldn't do business with).

As long as people check their logs and make sure they point out possible mistakes then it should be fine. It has to go both ways.
--

Re:MAPS is not censorship; SPAM is censorship

[Captain+Wartooth]

Rubbish. We all know who the enemy is, so what, how does that help? You make no attempt to suggest a better solution. If the cure for a disease has undesirable side effects then maybe we need to find a better cure. By blacklisting their IP addresses, the 'enemy' simply move to a new address. Why not give the spammers dedicated IP addresses to use - then the users themselves can filter the mail received from those addresses.

moderate parent up

[Error27]

I don't agree with the fact that the people are trying to sell email addresses. But even here I'm not sure that what maps is trying to do is worthwhile. Or the right thing. The internet interprets cencorships as damage and routes around it.

However I can not fault them for selling spamming software. The right to create and distribute software is a sacred right. I get so frustrated at the people who don't treasure this right.

I believe that no one has the right to tell someone not to create a piece of software. Patents that stop people writing software are evil. Laws that stop people writing software are wrong. People that stop people from writing software are wrong.

I get frustrated by reading the comments about software sometimes. A month ago someone created a visual basic clone for Linux and people complained about it. Not that it was poorly written but just that they didn't want a visual basic clone. People complain that Mozilla have been goofing off adding features instead of just working on gecko. Someone today said that Open Source was making software suck more because now 20 year olds were writing software and his post got moderated to a +4 interesting?!?

The truth is that behind all the laws stopping people from writing software there is a person writing the law. In the end it's always a matter of PEOPLE stopping people from writting software.

On the other hand, I have to laugh everytime I read somewhere that open source software will never be able to do this thing or that thing. People didn't think Linux would scale. People didn't Mozilla would ever get finished. People don't think that Linux will succeed on the Desktop. I have to laugh because I know that someone is going to go out and do the things that were thought imposible. The fact is it is so much easier for some one to program something than to stop every other person from programming something. This means that when I say Linux can never run on a Ti93 I'm almost certain to be wrong because it's easier for someone to make linux run on a ti93 than it is for me to stop them.

For a technical problem there is a technical solution. There are more effective ways to block email than MAPS. If you think visual basic is not good then write your own better replacement. If you don't like the features in mozilla then use kmeleon (http://kmeleon.org). If you don't like open source programs because they were written by 20 year olds then write your own. Gnome wouldn't be better off if people stopped writing KDE apps and KDE wouldn't be better if people stopped writing gnome apps.

The solution is not to try stop software from being written. That's just playing hit the mole. The solution is to write MORE software that fixes the problem. More KDE apps. More Gnome apps. And if you agree with the +4 guy then you want more software written by old people.

Writing software is sacred right and an excersize in free speech.

Re:A Better Analogy

[haystor]

The whole point is that people should be doing the coercion, and not the government. There is a group of peopled (users of RBL) that don't want anything to do with spammers, or their hosts. I'm among them.

Even to say that its coersion isn't quite right. All parties involved are present voluntarily. We're not talking about outlawing Media3, we're talking about withdrawing a knowledgeable portion of the public until they behave reasonably.

Re:A Better Analogy

[haystor]

A lynch mob uses force. RBL uses no force at all, they merely provide information. This list is hardly compiled in an arbitrary fashion, but is made to weed out the people that spam, and assist in that process.

A lynch mob is just ridiculous as an analogy. This is more like consumer advocacy group saying that product X made by company XYZ is so harmful we recommend you don't buy from the company at all.

Or, to extend the analogy to the "innocent" provider, its like boycotting Dillard's because they carry brand XYZ that was made by sweatshop workers. Hey, they were only providing shelf space. You don't hear the department stores whine about this, they realize that's how business goes, and they make their choices about which customers to go with. You can't have everything.

Re:This is great news!

[4/3PI*R^3]

Wow, Cary, North Carolina has 16777216 shit-holes!!!! BTW, how did you go about counting them?

A compelling argument...

[Tom7]

A compelling argument, but the same reply still applies:

If you don't like MAPS, don't use it.

This is a good reason not to like MAPS, though. If what you say is true, I wouldn't use it if I ran an ISP (though previously I thought it did a good job). This kind of political pressure, however, is a much better way of policing the internet than through legislation.

Re:A compelling argument...

[nlvp]

Surely all this means is that the people who are blocked by the RBL are not trying to make connections to your server?

If they're unfairly blocked, you wouldn't necessarily expect that much traffic from them, and the fact that they do not come through your server doesn't mean they're not trying to go through a server somewhere and getting blocked - you could just be in a part of the internet architecture that doesn't have much traffic from RBL-blocked sites.

Re:A compelling argument...

[DrSkwid]

Read this once. Next, reread it. I believe this quote to be very pertinent to internet censorship at both a legal level and at a commercial level (as the above article may suggest).

do you call this grammatically correct?

.oO0Oo.

Re:A compelling argument...

[fmouse]

I for one will probably remove the RBL from my mail servers now that I've read this.

I use the RBL in its DNS lookup form on my mail server. I also use the Open relay list (RSS) and the Dial-up User list (DUL). I go over my mail logs from time to time to see what's being caught. Here's how a recent log looked.

SMTP connections blocked by the RSS - 286
SMTP connections blocked by the DUL - 16
SMTP connections blocked by the RBL - 4

I went over the logs pretty carefully, and all appeared to be legitimate blocks. Most of the RSS blocks were on servers in Asia or Eastern Europe, or were IP's listed by APNIC. The DUL blocks were mostly by clueless uu.net spammers trying to talk to my server from their uu.net dialups using names like "califmillionaire@yahoo.com". The RBL blocks were all to from harrispollonline.com, which is a major pest and deserves to in the RBL.

Re:A compelling argument...

[TheLink]

What if your ISP uses it? Switch?

Well in that case if you don't like Carnivore don't use it either :).

If you don't like your Government, switch to some other country.

The trouble with switching is sometimes there is nothing much better to switch to.

Cheerio,
Link.

Re:A compelling argument...

[danpbrowning]

You don't always get the choice to select what software your upstream provider does and doesn't use. And it's not as easy as "just get another ISP" -- because what if you pay 5 digits each month for your direct cross connected OC3 to that ISP? That makes it a tough change.

Re:A compelling argument...

[grammar+nazi]

" I believe there are more instances of the abridgement of the freedom of the people by gradual and silent encroachments of those in power than by violent and sudden usurpations."- James Madison

Read this once. Next, reread it. I believe this quote to be very pertinent to internet censorship at both a legal level and at a commercial level (as the above article may suggest).

Re:A compelling argument...

[Cirvam]

If your backbone provider, which is probably 3 or 4 levels removed from you decides to use it you don't have much choice. Even if you ran an isp and you chose not to use it but your backbone provider did without telling anyone you would be screwed as an isp if you wanted to offer uncensored internet access

Re:A compelling argument...

[Throw+Away+Account]

Uh-huh.

So you use one of the dozens of free POP3 servers on the Net for your mail, if you're an individual.

Or, if you're spending 5 digits each month, you won't notice another $20, so you buy a dial-in or shell account with any fricking ISP of your choice on Earth and access its servers via TCP/IP over your five-figure account.

It's not a problem to get a non-RBLed account if you know what you're doing.

Re:A compelling argument...

[Hexmaster]

1. Political pressure is NEVER a good way to control anything! 2. This isn't political pressure anyway, it's extortion. 3. It doesn't work anyway.

Re:not the real Bruce Perens

[sfgoth]

Maybe you should change your sig to:
Warning: I'm human #3872. Sometimes stuff I post here is wrong. Use your head. Question authority.

It only changes the meaning a little bit. ;-)

MAPS not only censorware

[terminal.dk]

I work in a small company, that started with ISP activities, and now mostly do web development and hosting.

It is my guess I have had mail 1000-1500 accounts on my boxes over the last 5+ years. I am now using MAPS RBL and the MAPS Relay list for blocking mail, and I am surprised to see how many connections gets refused.

Since sunday morning we have rejected 12500 connections from 125 hosts. I see 50-75% less spam, and that is what I use it for.

Employees and customers can browse any way they want to, and visit anything, including the alternate TLDs. I am not going to block anything originating from here.

If I were going to use MAPS as censorware, it would be a commercial service we could sell to our customers. But I doubt there is any interest.

I like the idea of cutting off parts of the Internet if they cause too many problems. I have considered dropping access to/from 63.x.y.z myself. 95+% of the traffic from that UUnet owned net is spam mail. One problem is, that UUnet = Sprint is too big to live without. Yet according to spam cop, they are resonsible for 50%+ of the worlds spam.

My opinion is to fair but hard on these ISPs / hosting services which allows spamvertising.

Re:MAPS not only censorware

[M.+Silver]

UUnet = Sprint

Is my scorecard behind? I thought UUnet == MCI.

An easy question...

[atgrim]

I have read alot of the replies to this story. I have seen reasonable arguments and those bordering on the inane. I have one question though... After all is said and done, where does it end?

That's life in the big internet

[Erik+Fish]

If the RBL inconveniences Peacefire and the hosting company feels that their business is not as valuable as the business of a spammer then that's too bad. But please place the blame where it belongs -- on the hosting company.

By and large the RBL is not nearly stringent enough. Read some SPAM-L archives and you'll see lots of fit-pitching about how MAPS allows spammers too many chances and gives them too much time -- something I agree with. Unfortunately the RBL is not about killing spammers dead, it's about educating them -- a task made more difficult by the "Rule #1": Spammers lie.

Slashdot == censorware?

[TheJohn]

Let's be clear about what censorware does. It does not by itself block content. It "only" rates that content as unacceptable for viewing, [...]

Why that's exactly why I have a slashdot ID...so that I can use moderation, which is of course a rating of content, to make an educated guess for myself of what is undesirable (or unacceptable).

To my mind, content rating is only censorware if it is imposed. If it is willingly undertaken, with knowledge and consent, it is filtering and that's a good thing.

Your ISP uses RBL and you don't like it? Change ISPs; there are plenty of others in a free market.

Re:Neural Net Spam Filtering!

[Senior+Frac]

RBL blocking 2 out of 900 spams is pretty bad. What's your goal? Blocking spam? I agree, that's pretty bad. Mine is to block some spam and influence providers to police their netspace effectively. MAPS RBL achieves this objective suitably for me.
--

Re:MAPS = DOS

[Senior+Frac]

But the ISP isn't doing anything illegal. Current law doesn't make hosting a spammer illegal. Furthermore, MAPS are not the police. They are rent-a-cops with the authority to patrol where they are let in. Furthermore the holding of HUNDREDS of websites HOSTAGE meerly because they had once been serviced LEGITIMATELY smacks of totalitarian behavior. "I was trying to sell my used car all last month at SpiffEmCars. It turns out SpiffEmCars was also helping car thieves sell stolen vehicles! A local consumer group boycotted SpiffEmCars and drove them out of business. I think this is totalitarian behavior." I think not.
--

Re:MAPS = DOS

[Senior+Frac]

Bull.

They're just preventing you from selling it at SpiffEmCars. You're free to take your car elsewhere to sell it.
--

Re:MAPS = DOS

[Senior+Frac]

The amount of work involved in switching is a non-argument. While the rest of us might be willing to help providers fix their spam problem, and sympathize with the amount of work that would be required in switching providers, ultimately, it's not our responsibility.

It is your responsibility to do your research and know what kind of scumbags you're dealing with before signing a contract with them. Any costs associated with breaking that contract are yours to bear.

We have contracts with our providers. You have contracts with your provider. The two providers have no contract and are working through mutual agreement. This can be cut off, and is, if one side doesn't behave.
--

Re:Fuck off, Commie Pinko

[j_w_d]

First, writing anti-spam filters for your email program is educational and fun. Spam belongs in the trash can. Second, it looks to me that makers of RBL are wide open to a whopping class action suit, initiated by every innocent blocked site such as Peace-fire, through the ISPs whose service is being interfered with, to the very purveyors of spam-ware, since the RBL listing is a deliberate attempt to interfere with their "legal" livelihood. Any half-competent lawyer could make a case out of that. That lawsuit is one that would probably end up in front of the Supreme Court.

Above.net was NOT advertising routes to ORBS

[grymor1]

They were dropping any packets, but THEY weren't advertising the ORBS routes. They were advertising some routes that a router upstream of them grouped together, and due to the grouping being overly broad, ORBS was included in the route advertisment unintentionally. In other words, it was only due to a misconfiguration of a router upstream of above.net that routes to ORBS where routed through above.net and then droped on the floor.

I just want to hear Paul Vixie say

[Kagato]

I just want to hear Paul Vixie say: I've taken down bigger men than you Picard!

Re:I definately do not agree - (pro-MAPS)

[alexburke]

2. Not a single one of the IP numbers listed there sends spam. Let me repeat that: you could drop every one of those IP numbers off your network and it would not stop a single piece of spam from reaching you. Those are websites. Spamhaus and MAPS don't like ths products those websites are selling and that is why they (and over a thousand other websites) are blocked.

How do you know? Perhaps their machines (since they have their own IP addresses) do relay raping! If not, perhaps they're just IP-based virtual hosts (which is a fscking waste of IP addresses, but that's a topic unto itself).

The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial, but standing up for free speech means standing up for speech I don't believe in.

I believe Voltaire said it best; I paraphrase: I disagree with what you say, but I will fight to the death for your right to say it.

However, spammers steal service and clog people's mailboxes with junk. Knowingly distributing software to do that is like owning a gun shop; a customer comes in and asks which gun and which bullet type go through flesh the best and cause the most damage. Selling the gun to them is illegal because you know they're going to use it to commit a crime. It's precisely the same reason these are sold "FOR TOBACCO USE ONLY".

At best, what Media3 is doing is wrong and unethical, and worst it's illegal (aiding and abetting).

--

Re:I definately do not agree - (pro-MAPS)

[alexburke]

For the record, I live in Canada. I don't have to prove my point; Janet Reno has already pointed out that Chicago and Toronto, two very similar (in population, area, and climate) cities, have very disproportionate homicide rates: Toronto in a bad year might have 75... Chicago has 1000.

As for the part about the guns, you bloody well know what I meant.

If you didn't, then I think my point is still well made with the pot^H^H^Htobacco pipes.

--

Media3.net is Guilty as Sin

[alexburke]

Check this out. Wow, I was thinking MAPS was being a bit strongarmed, but now I know how deep Media3 is in their own shit. I sincerely hope Qwest finds out about this, and puts some pressure on them. Unfortunately, I don't think that's likely.

--

More to MAPS than just the RBL...

[bad-badtz-maru]

I do not find the RBL that useful in stopping spam. It is the MAPS RSS and DUL that do the majority of the spam stoppage on our network and there is no controversy over those two services.

maru

Re:Neural Net Spam Filtering!

[Scrymarch]

Have you considered pushing it harder, eg, by putting it on SourceForge? What would be cool would be training it on a very large dataset indeed regularly; then all you would have to do is download the latest weighting tweak, which I presume is a tiny config file. Of course, as you say, the best thing would be to train it on your own inbox in times of low processor usage.

RBL - What a hosed concept

[gengee]

First let me say that this article made me feel h appy all over. It was great.

I've never used the RBL...Simply because it's an inherently stupid concept. I'll block spammers on my own, thank you very much. This is what procmail is for.

I needn't have huge lists of black-holed domains. I'll simply block it as it comes.

This article points out a whole new facet to my distaste for the RBL.

signature smigmature

Want to get away from RBL? Move.

[yerricde]

and I do have the choice of going to an ISP that doesn't use it

Consider this: DSL generally requires customers to live within 12,000 wire feet of the central switch, making it nearly impossible to service a whole city or large town. AOL Time Warner Inc., the cable provider, obfuscates its login/password to force customers to use its client software, which is not compatible with your FreeBSD, BeOS, or GNU/Linux system. T1 is priced out of reach of most residential consumers. What other broadband solution is there other than to pack up your belongings and move?

Tetris on drugs, NES music, and GNOME vs. KDE Bingo.

vanish?

[dkh]

"But making these 1500 IP numbers vanish from the net -- which is exactly what happens for any provider who subscribes to the RBL -- does not stop any spam from getting through"

Isn't that a bit extreme? This may be true if you rely on them for backbone service but, I can only assume, most people use RBL to block mail, not all traffic.

Re:vanish?

[Cirvam]

However the backbone provider uses them to filter all access. So they do vanish. Not only does mail get rejected but all connections do because the routers send the packets to a null host

You can't fool all the people...

[aiken_d]

I've had numerous scrapes with MAPS. The funny thing is, they're always right. Not *once* have they admitted that they might have *ever* made a mistake. It's a first in the history of the world: a perfect, flawless autocratic body.

MAPS are a bunch of zealots. Zealots want two things: attention and power. MAPS gets lots of both, primarily because it's founded and supported by two of the most powerful technical people in the internet community: Paul Vixie and Dave Rand. Both very bright, incredibly capable people. But both are so driven to "fix" spam that they're willing to do (imo) unethical things to do so.

I am all for blocking spam. But MAPS isn't about blocking spam, as this /. article points out. It's about leverage, and forcing *other* people to do "their part" to stop spam. Nevermind that it never actually comes around to stopping spam; it's the pushing people around that makes the MAPS folks feel like they've accomplished something ("I didn't stop any spam... but I did shut down this website that was hosted by the same place as another site that sells software that spammers can use.").

Sure, it's just a list. But it's a list that is totally dishonest about its intent. Technical people like us know that MAPS is a political organization out to stiffle speech they don't like. If you don't like the speech, sure, configure your home mail server to use the RBL.

If you're providing internet service for someone else, though, you'd better put "I reserve the right to prevent you from connecting to any address or range of addresses on the internet without warning, based on their content or who they choose to do business with." How many of us would sign up for internet service with that caveat?

There are lots of dangerous people in the world. Spammers count, but really they're just vermin in need of some better legislation. The people you really have to watch out for are the ones who tell you "the ends justify the means," or "we just have to take a tiny bit of your freedom to make you safer."

The RBL is a sham and I'm really glad that people are starting to realize it.

-b

Re:You can't fool all the people...

[aiken_d]

Hello? Yes, I don't run MAPS on my home network. However a fair number of ISP's run the RBL, even in BGP mode, *without notifying customers*. Even if they *did* notify customers, not many people would understand what it is.

MAPS proponents constantly do this "It does a great job of stopping spam because it's so powerful" / "It's just a harmless little list, why does everyone get so worked up?" dance.

Many people, including one business I consult for, are behind MAPS enabled ISP's against their will (it's hard for a business to change ISP's, and in this case they've decided to live with it rather than renumbering their entire network over the RBL).

The whole *idea* of a list is a bad idea, because it can't work. That's why I'm not starting a better one. ORBS is somewhat "better", in that it lists servers that are actually likely to send out spam. But look at them; as an organization, they're worse than MAPS.

Lists and routing black holes are not the answer to spam. Yes, they can punish people, and coerce them. Great, if that's the goal. But if the goal is actually doing something about spam, other approaches are called for.

-b

Re:You can't fool all the people...

[TheCabal]

Other approaches? Where I come from, we have a saying: Shit or get off the pot. Whining about the evils of MAPS/ORBS/DUL won't get you anywhere. Come up with your own solution, or Just Do Something. Otherwise, it's business as usual, neh?

Ends do not justify the means

[Dahan]

above.net should not blackhole sites on the RBL--sure, spam sucks, but spamblocking is not a job for a transit provider. And MAPS putting entire class Cs on its list to browbeat a company into dropping a software publisher is completely unacceptable.

I've disliked MAPS ever since hearing about their treatment of ORBS, and this just makes me dislike them even more.

The ends do not justify the means.

Re:Fuck off, Commie Pinko

[fmouse]

"That being said, if someone wrote a sendmail ruleset to allow activating/deactivating the DNS-based spamhaus-lookup services (RBL, DUL) on a per-destination-address basis, I'd install it in a heartbeat to give my customers the choice to unfilter their mail."

It's called qmail, with Sam Varshavchic's qmail-uce patches using per-user maildrop filters. The RBL can be implemented at a system level or at a user account level.

I believe Sam's courier MTA does this too, but it's still not ready for prime time.

Re:Horay!

[fmouse]

AboveNet says:

"The MAPS RBL is used by AboveNet to help reduce the amount of spam received by customers. &quot

The implication obviously is that they're using the RBL specifically to block spam email, so you have less of it in your mailbox. Missing from this is the information that they're using the RBL to block access to parts of the Internet, and that some of the sites blocked may have nothing at all to do with spam.

Re:Horay!

[fmouse]

If it were only spammers whose websites were in the RBL it would be one thing. Jamie's point is that the escalation of MAPS' actions with the RBL to block entire class C's, coupled with the use of the router BGP to stop all traffic to and from RBL-listed addresses, effectively prevents access to a lot of legitimate sites from within the network space of providers like AboveNet, and this constitutes censorship, albeit more of the nature of killing innocent bystanders than actively going after these sites because of some mis-begotten assumption about their contents. Censorship is still censorship, whether it's accidental or intentionally targeted.

Apparently AboveNet also failed to inform its customers, or prospective customers via its website, that portions of the Internet would be dark to them because of an action by an intermediate provider (AboveNet) against another intermediate provider (Media3). This ain't the way it's done, folks! As much as I hate spam (and I use the RBL, DUL and RSS to block on port 25) this breaks the Internet.

IMHO, even though it seems that AboveNet has stopped BGP blocking of RBL-listed sites, at least for the moment, they owe an apology and explanantion to their customers, Media3's non-spamware customers, and to the Internet community at large.

Use decoy email accounts.

[TheLink]

Create a few decoy email accounts. Put them in the spam database (should be easy :) ).

Any email that goes into the decoy accounts gets deleted from all other genuine accounts that are subscribed to the service.

Voila!
Link.

Yeah right...

[TheLink]

> I am really looking forward to the day UUnet
> gets RBLed.

Yeah right. It's about power. Because by the same logic which RBL claims to use to block others, RBL should block UUNet, but they don't. UUNet is too big to be RBL'ed. RBL only dares to whack entire netblocks of small ISPs. UUNet is too big to be bullied.

To really measure how good the RBL is, or other antispam devices one should measure the false positives and the false negatives.

There are more intelligent and better ways to deal with spam and the RBL is not one of them (neither is ORBS - which is just a list of mail servers _for_ spammers to use).

So far the RBL could be a nice power trip for a bunch of people. When people start saying: "I don't care, I'm going to put you on the list", it means that they're not there because they care, it's because of the power.

Cheerio,
Link.

Not totally correct.

[TheLink]

It's NOT just email.

The entire IP range is blocked off if the ISP subscribes to the eBGP RBL thing.

RBL does block innocent websites.

When it comes to handling the thousands of Internet routes, not many routers have enough resources to block(or route) on a per IP basis, so they can only block per IP range.

The RBL isn't even good at stopping spam- the false positive vs false negative rate is not good. See http://news.cnet.com/news/0-1005-200-2086887.html

And when the RBL people say that they don't care or it's not their problem, it gives an impression of the real reason why they are doing what they are doing.

They just enjoy bullying people. All they need is a good reason to pay lip service to. Give them a good enough reason and they'll bully the whole world.

Cheerio,
Link.

Re:Not totally correct.

[TheLink]

google search maps rbl bgp

Example:
http://mail-abuse.org/rbl/usage.html#BGP

Re:A Better Analogy

[mrdlinux]

That's a great idea: block sendmail's web host. Maybe then more people would use better MTA's such as qmail, postfix, etc.

The thing that scares me is what if this sort of effort was applied to something other than spam, some other unpopular thing. You really want people coercing ISPs into blocking sites based on content? Already got enough flack from the gov't and various software companies trying...

Boo hoo

[icqqm]

Jamie woke up this morning and said "Bah! They blocked Peacefire! Damn! Well I'm an author on Slashdot, so I'll use that to make millions of people hate them! And maybe other news organizations will pick up the story and more people will hate them! How dare they pick on Peacefire! I'll even use that in my argument! ..."

I'm not saying the point is wrong, but it's not like Jamie and Peacefire have never seen each other before. I guess Slashdot doesn't have much in regards to editorial guidelines.

Sad.

"If you don't like don't use" How short sighted.

[rikrebel]

Comments similar to "If you don't like MAPS, don't use it" are VERY short sighted.

Many ISP's subscribe to MAPS/RBL/ORBs etc. and thus then block mail to all of their subscribers.

This means that if MY ISP's decides to subscribe, I don't get the option to 'opt out'. This is FORCED censorship.

I was a large supporter of these organizations while administering an e-mail system which had over 2 million maildrops. Roughly 1.5 years ago I began to see the 'change' and decided that It was unethical to continue to use them. Simply put, it was too hard to double-check and ensure that politics and the over-zealous did not keep my customers from communicating.

I think that unless there is some democratic process (one not driven by high-paying subscribers that is) these sorts of black list organizations are nothing more than base and elitist censors.

rr

Re:Many use RBL to create black-hole routes!

[rikrebel]

Many networks/isp's etc. use these black-hole lists to create null/black-hole routes!

This keeps you from being able to reach web sites as well!

SPAM sucks, but censorship is worse.

I haven't talked to Paul Vixie in a few years, but I always thought he had more moxy than to bounce the author to an unresponsive PR dept.

I'd like to see Paul make some comments on this stuff himself.

Anyone think this is a good /. Interview topic?

Re:"If you don't like don't use" How short sighted

[rikrebel]

Wait, so you suggest that it's just so simple to change e-mail addy's? MAPS/RBL ORBs have become over-zealous, so now I have to tell hundreds of people and move my addy?

Come on, sometimes that's just unfeasable. Most users also are not aware of the blockages.

What do you do about the BGP4 subscriptions, altho it does not work well and useage is not terribly wide spread, it causes an even worse problem.

All and all, it is my experience that there are other ways to fight spam, especially for ISP's.

Packet filter your users when they connect/dialin so as to only permit relay via your own servers (log for legal action)

Put chokes on floods of incoming mail, track most recent mails and do simple comparisons in order to identify potential spam. (Sound's hard but not really).

Only permit users to relay X amount of mail in a given time b4 disallowing further relay's for a 'timeout'.

Work closely with other ISP's and lots of other things.

Again, considering MAPS/RBL/ORBs over-zealous behavior I just dont see a need for them and think it is a terrible abuse of power when they do such broad scale black-listing.

BTW, black-listing is illegal in MOST industries.

rr.

Re:Not Exactly

[luckykaa]

. Taking an anti-spam stance and then turning a blind eye to the peddlers of these tools would be absurd

It depends on what the purpose of MAPS is. Is it to prevent spam from getting to us? Or is it to punish spammer? If it is there as a punishment then fine. But MAPS should make this more clear.

If you use an ISP that has MAPS Only ISP in the area? Then stay off the net if it offends you

I don't think this is a very productive attitude to preventing censorship. Of course in a real free market situation, there should be more than one ISP. There's nothing to prevent you from competing after all.

Want to get off of MAPS' list? Drop the site and tell the customer that he needs to start selling products for which there is a legitimate use

But dropping sites based on arbitrary criteria would be censorship.

And the problem seems to be that people see MAPS as a mail blocking tool. Not as a punishment tool.

Re:A Better Analogy

[pjrc]

Free speach implies the right for me to have to right not to listen. It does not give anyone else the right to censor/filter the speach and prevent me from listening.

Consider the world controlled by Vixie, or at least the portion of the world that's connected to the internet via AboveNet, the backbone provider he controls.

It doesn't matter if you want to visit those sites or not, because your packets will never reach them. Vixie already decided that for you. If you happen to use your free speach right to not view whatever is blocked by Vixie, then you're in good shape. If you happened to want to communicate with someone Vixie has blocked, well, it'll take massive pressure, such as thousands and thousands of outraged readers of a widely circulated publication to get him to stop blocking at the backbone level.

Of course, that's assuming that the facts as presented are actually true.

Restricting free speach by filtering at the backbone is only part of the problem. ISPs using MAPS without giving their individual customers a choice if they want it or not is only part of the story.

The larger injustice is that MAPS blacklisted large blocks of IP numbers, hampering communication to a substantial group of Media3's customers, most of whom are totally unrelated to spammers. MAPS does this to pressure Media3 to be tougher on spammers. The injustice is:

• The non-spam Media3 customers get screwed, when they did nothing wrong.
• Most MAPS users are unaware that they're rejecting non-spam that just happened to be at the same ISP as a spammer.

Re:I definately do not agree - (pro-MAPS)

[pjrc]

The methods might seem a little draconian to the rest of the people who aren't as adamant about spam, but that's EXACTLY what the subscribers of the information want.

It seems unlikely that users and ISPs subscribing to MAPS RBL really want to filter out messages from hundreds of non-spammer sites, who's only mistake was hosting at an ISP that later allowed some spammers to put up web pages.

Re:A Better Analogy

[pjrc]

So, it isn't like just providing the photo paper and ink to the kiddy porno makers... it is like providing the building, cameras, film, video-feed and streaming servers for kiddy pornographers - knowing full well what they are doing - and then being surprised when people are upset with you.

Fine, lynch 'em. Tar and feather! The bastards deserve it!

In fact, bust down the doors of all their neighbors, yank those folks off their couchs and their kids away from their game consoles, and lynch them too.

They're living in same appartment complex (Class C IP address range), so let's crucify everyone in the surrounding area, so that the apt complex managers who tolerated the porographers will lose money and noone will move back in.

Re:Sounds like the role of the RBL has expanded..

[emcdermid]

> My understanding of the RBL is that if I
> subscribe to it, I will not receive e-mail
> from any sites listed on the RBL. Sites
> (supposedly) get listed on the RBL because
> they have been the direct source of
> spam mail.

Your understanding is wrong. MAPS isn't doing anything other than what they advertise.

"Spam support" services (including hosting websites selling spamware) is clearly listed as one of the things that will get a company listed on the RBL.

If you subscribe to the RBL, that's the policy you're subscribing to. If you don't like it, you don't have to use it.

I guess I'm failing to see the big deal here...

[M.+Silver]

How many sites actually use the RBL (and kin) for blocking Web sites? Last I checked, tossing it into my sendmail config only affected my ability to receive mail from listed sites - no packet blocking at all. Is anything else a common usage of the RBL?

MAPS is not censorship; SPAM is censorship

[Arrogant-Bastard]

One way to censor a viewpoint you don't like is to suppress it.

An equally effective way is to drown it out with your own message.

And that is precisely the effect of spam. It overran Usenet years ago, rendering newsgroups which had functioned nicely for years useless. It's now overrunning the mail systems of ISPs, individuals and organizations in the same fashion.

Moreover, some companies/individuals have chosen to profit from this unethical activity, and in have in fact lent their active support to it. These companies/individuals should not be surprised when the community attempts to defend itself from their actions by barring their traffic.

So let's be clear on who the enemy are:

1. Spammers
2. Those who hire spammers.
3. Those who write spamware.
4. Those who provide hosting, connectivity, mail, or other services to 1-3.

These are the entities responsible for the floods of spam that clog mailboxes and mail servers; it is with them that the problem lies, not with the valiant attempt by MAPS to address it.

MAPS = DOS

[Teliver]

For those of you who are so intent on defending MAPS, consider this. Trying to deny access to the spammers tools website by putting it on their list did exactly 2 things: 1) Jack 2) Shit That's right. Nothing. And why? Because Spammers, who need these tools, DON'T USE MAPS! Blocking this site did nothing to prevent spam at all. So why did MAPS do this? Well they didn't just do that. They blocked everyone on that Class C subnet. Everyone. They realised that they can't attack the tools company so they attack everyone in an effort to BLACKMAIL the ISP into dropping the tools company. So what we have here is one company trying to put another company out of business by issuing DENIAL OF SERVICE ATTACKS against the hosting ISP. Were this a spotty teenager doing this, the media, the police, and the FBI would be all over it in a hunt for this kid. But since its a corporation committing what should ammount to a criminal act, it is forgiven by most, and treated as a civil matter by the rest. Oh, and for those of you who think that MAPS is paid to do just that. That is incorrect. They are paid to prevent spam. As stated before, this action doesn't prevent spam. It is an attempt to prevent spammers from getting these tools. In which case, the spammers... would just use other tools.

Re:MAPS = DOS

[Teliver]

I can understand going after the chop shops, closing them down, seizing the stolen cars and all of their records, putting them out of business. Fine. But the ISP isn't doing anything illegal. Current law doesn't make hosting a spammer illegal. Furthermore, MAPS are not the police. They are rent-a-cops with the authority to patrol where they are let in. Furthermore the holding of HUNDREDS of websites HOSTAGE meerly because they had once been serviced LEGITIMATELY smacks of totalitarian behavior. I could only support MAPS if they didn't hurt innocent customers. It is the INTENTIONAL injury of non-spammers just to get to the spammers that irks me. What does confuse me is why MAPS would do this in the first place. Blocking hundreds of websites does nothing to stop spam. In fact MAPS depends on spam being out there for people to buy its service. Going after a toolmaker via an ISP in order to shutdown spam is just buying them a lot of hassle with no reduction in actual spam on the net.

Re:MAPS = DOS

[Teliver]

It would be if they took your car while they were at it.

Re:MAPS = DOS

[Teliver]

Except that the car has to be sold repeatedly, delays in selling that means less sales in the future... and the isn't like changing an ISP. These are web hosting companies. In other words, considerable work need to go into retreiving ALL data from the old service, changing the DNS mapping to the new service, putting the data on the new computer, setting up the services on the new computers because without a doubt, they don't use the same equipment, rewrite a number of scripts to look at the new servers, testing to make sure they get it right, then taking down the delay of service message and putting up the proper site... all of which takes time and money. Its not uncommon for sites do go down for months while get things straight. So the assertion that you can just pick up and go somewhere else is just bull.

Re:RBL is for Mail-Abuse you Fools!!

[binford2k]

>I don't see how you can complain about a service >which is *FREE* and optional.

Optional for who?? How much control do you have over the ISP that your sister in Phoenix or your mom in Washington state use? How can you say that is optional?

Speaking as someone who has just recently had his class C blackholed for no apparent reason I know how the game is played. Don't even say that this is fair and *optional*. What option did I have when all my customers came to me and said that they were getting mail bounced?

Should it really be my problem if somebody upstream of me has a problem with spam control? How would you feel if you and your entire family were thrown in jail because some guy you don't even know who lives down the street from you was a small-time pot dealer? Now say it's optional.

-b

How to shut down your enemy's web site for $99

[rustman]

Follow these steps:

1. Determine URL of enemy's website
2. Make a fake email ad for that web site, and pay one of the millions of spammers $99 to send it to 5 million addresses.
3. Keep copy to yourself, forward it to MAPS.
4. Enemy's web site is blacklisted and off the air. Yay!
5. Laugh as enemy tries to explain to MAPS that "they didn't do it".

If you support free speech as well as supporting MAPS, you are a hypocrite. Pick one or the other.

Re:What in god's name are you talking about?

[dizee]

This is bullshit then. They should burn in hell. :)

"I would kill everyone in this room for a drop of sweet beer."

What in god's name are you talking about?

[dizee]

So that I can get on the best of both worlds, I've seperated my response by posting attitudes. Those of you interested in only the appropriate attitudes can check the label at the top of each paragraph to determine whether or not to read that particular paragraph. Okay:

INFORMATIVE:
The MAPS RBL is used for blocking spam. There are rulesets you can add to sendmail to make it check a reverse DNS lookup if you'd like to verify reverse entries exist. You can change it just slightly to make it query something like 40.182.65.207.mail-abuse.org, and, depending on the result, allow or reject the mail. And that's how the MAPS RBL database works. It works via DNS.

TROLL:
This only blocks SMTP ****MAIL****, not websites. What kind of bullshit is that? "They can't go to their websites" blah blah blah, some more stuff i made up, blah blah blah.

INFORMATIVE:
I suppose it would be possible to alter bind to double-query and check the MAPS RBL for the ip and then return HOST_NOT_FOUND if it's blacklisted by MAPS, but what's the point? This is just pure punishment, not even on the same track as trying to cut down on spam. I seriously doubt many (if any) ISPs are actually resorting to something like this. And if MAPS is actually promoting doing this, then they really need a slap in the face, or a rude awakening or something.

TROLL:
So I believe this is when you update your article, say enough people convinced you you had absolutely no clue what you're talking about, and you remove the text of the article, and then you put it back up later because people bitched at you for taking it down because they wanted to see what everyone was making fun of you for and maybe get it on the action.

Mike

"I would kill everyone in this room for a drop of sweet beer."

Re:What in god's name are you talking about?

[dizee]

Ignorant, eh?

Look, I use MAPS, and before I even thought of using it, I went to their webpage, and yeah, I researched it. I read a lot of stuff there before deciding to use the MAPS RBL on our mail server.

I never once saw the multihop eBGP4 while reading the info there. In fact, the whole time I spent there, the ONLY information that was all over the page was about blocking SMTP mail, and nothing else. Never once did they even IMPLY that there was another method of using the RBL. There was absolutely no information that I read that suggested otherwise. It looks like they've changed the site around since I was last there several years ago.

If that makes me ignorant, fine, whatever.

In any case, using MAPS in this way is just plain wrong. I support only blackholing via mail, not anything else.

Mike

"I would kill everyone in this room for a drop of sweet beer."

Re:fyi

[f5426]

Thanks for the info.

The mail have not been held, it was plain refused. But I suspect that some can confiugure its inbox so smapcop reject any suspicious mail.

Btw, isn't spamcop a joke ?

My second account is on easynet.fr. Looks they have spam problems too. Starts to be ridiculous, as every provider have spam problem.

I tried the major french ISP on spamcop: club-internet, noos, all are 'detained'.

Even apple.com or microsoft.com are 'detained'. Or 'mozilla.org '. This seem pretty effective to reduce the amount of mail that one receives. Rotfl.

I get about 200 mails per day, and one or two are spam. From what I see, I could probably get the number of emails in my mailbox near zero with spamcop...

Cheers,

--fred

open access vs required enhancement

[kel-tor]

i can't download driver's from www.iomega.com because lynx doesn't support javascript, and morally i won't support sites that won't work with lynx.

i can't use a lot more websites even if i turn on javascript in netscape, because the site 'requires' flash and i don't feel like installing it.

i can't download from www.windowsupdate.com because i don't use IE

i can't read the NY times because i won't log in & and i can't download from www.sun.com for the same reason

i can't download from other sites because i refuse to accept cookies

(i can work around these problems, if an upstream admin used MAPS i woundn't have a way around it if my morality were lacking on a given day-- it is often out to a 3 martini lunch following a new bizaro windoze problem=P)

not as many people refuse this much, thus more and more sites require more of this. MAPS seems to have the same view. Yes, I loose access, but you've already lost access to more than MAPS blocks if you can't get to any of the .god domains (among others).

1. the internet needs to be fully accessible to basic HTML, 2. enhancements are fine but shouldnt break the basic functionality and freedom that the net should have.

I am temped to blocks www.iomega.com and the NY times at the firewall, send them emails, and when they fix their sites I'll remove the blocks. That's pretty much the same as MAPS does-- block sections of the net that don't provide consumer protections. Is it wrong or right? If you as a member of the net community don't block it, it gets worse. If you do block it, you allow collateral damage censorship. Both actually have the same goal, a vision of the future internet that is usable by all, but only by closing off certain avenues-- MAPS through censorship, non-censorship through bloat. Sort of the whole point of the moderation system, eh? (except the trolls still get their say with moderation, but the 'subscribers to maps' types who browse at 1 or 2 are subscribing to the slashdot black list?).

moderation doesn't have easy answers. neither does censorship (which we all engage it, it's where we draw the line to censor)... should our tax dollars by libraries be spent on: 1)Harry Potter 2)Daniel Steele 3)Huck Finn 4)Mein Kamph 5)Anarchist Cookbook 6)Playboy 7)Hustler 8)GangBang Girls educational tapes 9)kiddie porn (those pervs are gonna get it somewhere anyway, right) 10)or german shiesa videos with Cartman's mom. libraries have a new problem with the Internet, now they don't have hidden censorship via the 'best use of funds' defence, for one easy price they can get it all from catagory 1-10.

its the same arguement here... for you, when are you getting spammed so bad that you decide to subscribe to MAPS, when is it so bad that you support blocking peacefire? When I got 3 spams a day I didn't care about it, now that it's 20 per day, I'm tempted. How many spam's do you get a day and how tempted are you?

MAPS is for mail, its not a packet filter

[Gothmolly]

MAPS blocking these sites blocks mail from them, it's not some über-conspiracy to make those IP addresses a black hole on the Internet. You can still surf those sites. You just may not be able to get mail from the domains living there.

Re:MAPS is for mail, its not a packet filter

[raju1kabir]

That depends. MAPS also provides a BGP feed that can be used by routers to blackhole networks. In that case, the network does not exist from your perspective. No mail, no web, no ping, nothing.

I hope MAPS gets slashdotted.

[danpbrowning]

Maybe the heavy press will fix them. Is there an 800 number to call and report our disgust?

What MAPS is...

[cmat]

...is a tool. A "FREE" tool, but a tool none the less. And just as with ANY other tool in existance, it can be used properly, and help you, or it can be used badly or immplemented badly and cause harm.

Normally I wouldn't comment about MAPS, but I feel compelled to point out the fact that PEOPLE NEED TO WAKE THE FUCK UP AND THINK BEFORE YOU COMMENT!!! :) If you don't know "what" MAPS is, it happens to be a DNS server which only holds A records (those are the domain thingy-do-dads there that get returned on a DNS lookup) of IP addresses that are either originating spam from their domain, or have improperly configured email relay servers (which by the way, if you think that "open" relay servers are OK, you need to wake up, move ahead 20 years to today, and face the fact that people using the internet today aren't as responsible are they were 20 years ago).

So, where does this bring us? This leaves us with a DNS server full of "bad" sites (spam-wise). It's a database of spam-originating domains. How do you PROPERLY use this tool? Well, first, you should ONLY be using their DNS to check the originating addresses (and IP) on incoming email to see where the email was sent from. If it's in this "black list", then YOU have the choice of dropping the email or not (well, ok, it's actually your incoming mail server, but that's a whole other issue, we'll assume you have control for the moment).

So, there's nothing even REMOTELY the same about censorware and MAPS, in fact, I'd go so far as to say that they both do different things entirely! Censorware censors websites BY CONTENT (supposedly), while MAPS provides a method of looking up domains that are reported as originating spam.

There, that's my rant, and Jamie? Next time you post something like this, PLEASE research your topic even a bit. Cheers, and I hope this clears up the confusion for at least a few people.

Chris

Re:What MAPS is...

[cmat]

Pleas goto maps.org and see exactly how they "block" sites. BGP board routing and null routing *to my knowledge, which is limited in the area of routers and such* requires a fair amount of bandwidth and "attracting" power, or else all your routers are doing is just sitting there. There is another organization I believe that null-routes sites, and that I don't agree with, because the end user has no way of choosing not to use the advertised route, whereas with MAPS, it's completely voluntary (unless as I mentioned, your ISP uses MAPS, then you will most likely have to deal with it... but then again, in the land of teh free, you can always goto another ISP that doesn't use MAPS... ;)

Chris

Re:What MAPS is...

[Cirvam]

So its not censorship if they block people from surfing to peacefire.org because another site hosted by the company is sell spam software? they block it using the BGP router updates. It drops routes to all of the ips on the list

Re:MAPS is necessary

[clare-ents]

"
So, and I'm drawing some conclusions here, Napster should have been shut down because they provide a service that enables distribution in methods that the rightful copyright holder has not agreed to?

Censorware blocking of nmap's site is legit because it (conceivably) could be put to evil uses. At least, that's what I think you're suggesting here.
"

I think it's more like.

Spam Sellers provide a service which costs me [an ISP] money to deal with and annoys my customers. Therefore I choose not to deal with them on behalf of myself and my customers.

Napster provides a service which costs me [a record company] money. Therefore I will try to make it illegal.

I have no problems with record companies not allowing Napster traffic over their internal networks. If they wish to start a Napster free ISP I have no problem with that either. If they make Napster illegal I can't change to a Napster friendly ISP. I can change to a spam friendly ISP.

Reverse-blacklisting is the solution

[shepd]

>and we can all choose to follow it or not.

What we who disagree should do is EXACTLY what the crew at MAPS does when they disagree with the opinions of other ISPs.

a) Phone, bitch, email, whine, etc... to try to get MAPS to take sites off the list that don't belong there. Be as vigilant as MAPS is about putting people on there.

b) If MAPS refuses to take the site off the list, add the blocked site to a reverse-blacklist. ISPs can sign up for your reverse-blacklist that will list IPs that are wrongly accused of spamming and don't deserve blocking.

c) Tell MAPS that unless they decide to contact you prior to them adding anyone to their blacklist so you can check if their site belongs on it, that you will blacklist _them_ (not in the reverse-blacklist, but in a real one).

It's only fair. Like you say, we've got an opinion, and we should share it on a list.

I once thought MAPS was good, but this situation seems way over the top. Blacklisting never worked properly against bad users in the BBS days, and it doesn't look like it is working properly now.

Just my 2 cents.

Re:Warning. Please Shove it Up Your Ass.

[_Nemmeran_]

Umm go away, idiot.

Sounds like the role of the RBL has expanded..

[sid_vicious]

If I understand the story correctly...

My understanding of the RBL is that if I subscribe to it, I will not receive e-mail from any sites listed on the RBL. Sites (supposedly) get listed on the RBL because they have been the direct source of spam mail.

It sounds to me like the folks who most recently got blacklisted were put on the RBL *NOT* because they were the source of spam mail, but because they have business relationships with (or have business relationships with people who have business relationships with) sites who create spam-generating tools. Please tell me if I misunderstood.

I'm uncomfortable with the idea that the RBL is being used NOT to directly block spam, but as a big stick for bashing people for making business deals with spam-ware selling sites (sleazy as they may be). If your site isn't directly generating spam, it oughta be removed from the RBL!

And I think it's a bit short-sighted to say "big deal, *I* can't receive e-mail from x.com, so what?" If you were the site owner of 'x.com' and it was a totally legitimate business, you'd probably care a lot!

Of course, it's true, use of the RBL is voluntary. But if they keep this kind of stuff up, they may find less volunteers in the future..

I wonder if anyone's considered sort of a democratic RBL? Anyone could submit a problem site with a complaint, and a group of randomly-chosen (but trusted) people could investigate and vote on it.

Re:I don't get it..

[ShakaUVM]

That's because 90-95% accuracy isn't very good. :)

I've been running it on my main mail account for the last couple days, and with a 95% accuracy rate, 5 of my 100 good messages are misclassified, including one from a friend that I hadn't heard from in a year.

I could definately do better using attributes from my own mailboxes instead of a generic one collected from 4800 sample emails.

Re:Neural Net Spam Filtering!

[ShakaUVM]

Well, this isn't something I want to devote much time to, but if the interest exists, I can put it up there.

Re:Neural Net Spam Filtering!

[ShakaUVM]

My mistake, the java source should be in the .jar, but I did a *.class instead of *.[class,java], ah well.

You're right, we use strcat and strcpy, but with a fixed buffer size, fgets() and a terminating condition on reading too many lines, I can't see a buffer exploit in there, but you may disagree.

System() uses nothing read in from the email, it simply chdirs into the directory, and runs ./jmail.script, ./test.script and ./nn.

If you'd like to modify it, contact me.

-Bill Kerney

Neural Net Spam Filtering!

[ShakaUVM]

RBL blocking 2 out of 900 spams is pretty bad.

A friend and I wrote a neural net spam filter using the UCI Machine Learning Database (on spam), that gets 90-95% accuracy on classifying a message as a spam or not-spam. It's integrated with the mail delivery system via procmail, so you can set it up to deliver all Good mails to one mailbox and Spam mails to another.

It is available (free + open source) at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.tar. gz
The README is at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.READ ME

For Solarius/Linux only, Windows users need not apply. The system works pretty darn well for a simple neural net, and can be greatly improved, so if anyone is interested in modifying our code, drop us a line! :)

William Kerney
UCSD

Horay!

[kevin42]

I'm very happy to see ./ finally post an article that surprised me by it's content. This is a very good example of a well thought out and researched article. Please do more like it!

Re:Horay!

[rsimmons]

I think a cleaner approach is to use ORBS to filter port 25. They don't block anything except verified open relays. This does however sometimes throw the baby out with the bathwater, but at least they don't make subjective decisions about who to block.

Re:Horay!

[Iphtashu+Fitz]

Sorry plague but it's you who is wrong. When you signed your lease for your apartment it provided for certian rights. When you sign up with an ISP you agree to abide by their terms and policies, typically outlined in a TOS (terms of service) or AUP (acceptable use policy). Just becase you're paying them $20 a month or whatever does NOT give you the right to do whatever you want with that connection. Similarly, since the ISP is selling you a privtely owned service they have every right to state what is included in that service, whether it's RBL blocking at the router level or random blocking of IP's that have the number 6 in them. If you don't like that service then it's perfectly within your right to cancel your service and use a different ISP. Just like it's your right to move out of your apartment and into another one if the landlord won't let you hang up pictures.

Re:I don't get it..

[Pinball+Wizard]

3 million emails a day, at an average of 5K each wouldn't be too hard to deal with. Yahoo processes all its email through a spam filter already - although it only gets about 60%, its program has never put a valid email in my spam folder. That's actually pretty impressive. If this program could catch 90+ of the spam without deleting valid email, it would be nothing short of amazing.

IMO - this is the way to stop spam - IP addresses and domain names of spammers are always elusive, but you can spot a spam email from a mile away.

I watch the sea.
I saw it on TV.

IMAP!

[fm6]

Spam really is a problem on the Palm, because it takes time to download it, there's only 2MB RAM so there's no space for it, and so on.

I have to point that some email servers and clients let you download your headers and review them for possibile downloading. (I believe both IMAP and POP support this, though IMAP does it a little more efficiently, and POP-only clients tend not to support this feature.) I'm suprised how often I hear from people who complain about spam, attachments, etc., overloading their bandwidth and memory, and yet still use software that follows a "download everything before you read anything" model.

Of course, if spam continues to grow, it will overload your 2 meg device just with the headers!!! ;)

__________________

suggestion for the MAPS people

[ddent]

I think that the MAPS people are in a very good position to help stop spam on the internet. However, what they have done is detrimental to their ability to continue - for me, while in the past I would have used them (I was about to start using them), I would have to think that again now...

I would propose that perhaps they should switch to having two or more lists, one which is just actual spammers, and the other(s) to allow people to fight against a specific cause - essentially, censorware, when you think about it - but upfront about it. A potential list would be spammers and people who support or are passive in reacting to (when brought to their attention) spam.

So please MAPS folks, you have a great service, but do your lobbying elsewhere! Its just not the right place to promote one's views, and it will tarnish your reputation a lot.

Screw Vixie and his goon friends at Above.net

[Ars-Fartsica]

Paul - no one elected you policeman of the internet, and now it is clear that some users are being punished for your own idea of what is right and wrong.

You're using your own influence to strong-arm people into adherring to your filters - its that simple. Get off your high horse and try building a constructive way of dealing with spam that does not punish innocent users.

Re:I definately do not agree - (pro-MAPS)

[ziegast]

Anyone notice how it's the spammers and spam supporters who like to whine openly about how evil a SPAM-advisory-service is? One is not known only by the company they keep, but the enemies they make. Paul's in good company. The methods might seem a little draconian to the rest of the people who aren't as adamant about spam, but that's EXACTLY what the subscribers of the information want.

So what do you propose?

[Chops]

While I agree that MAPS's actions here seem to be out of line, I support their right to recommend that any IPs they see fit be blackholed -- it's not like any ISPs are being legally required to use the RBL, as some places are censorware. MAPS built their trust with the community by being evenhanded and trustworthy; if they start making bad recommendations, people using the RBL will stop listening to them (just as they did, for the most part, to ORBS.)

Personally, I'm hoping Vixie sees the light. What's Media3 gonna do, terminate the account illegally and risk getting sued? Argue "but spam is wrong" in court when it happens? But hell, that's my opinion, and more people seem to want to listen to Vixie than me ;-). That is, of course, their right, as it is his to recommend that they blackhole any damn IP that comes into his head to mention.

Re:So what do you propose?

[Chops]

It's not an easy question; certainly it should be, but the average user probably doesn't have the time or inclination to keep an up-to-date blocklist... also, most ISPs (I hazard to guess) are making less of a political statement with their blocklists than a pragmatic one -- they don't want their servers brought to their knees by spam, and so they take measures to prevent this happening.

In the end, of course, you can always vote with your wallet, or use a webmail service for your email if you don't like your ISP's terms.

Pavlov's dogs love the meaty taste of SPAM!

[plastickiwi]

Wow. All one has to do is mention the name of a canned meat product and Slashdot turns into a slavering pack of censors. All the high-minded rhetoric about "free speech" and "the marketplace of ideas" goes right out the window the moment someone invokes the dreaded "spammer," cousin to pedophiles, disciple of Hitler.

Someone should inform Pat Robertson or James Dobson about this phenomenon. They're not having as much luck as they'd like in pushing the use of censorware that covertly blocks sites with political content they don't approve. Imagine how happy they'll be when all they have to do to shut down the ACLU's web site, or the Democratic Party's, is set up a bogus spammer haven on the same subnet and then turn themselves in anonymously.

Hey,for that matter, why not skip the subterfuge and set up a MAPS-like service openly advocating censorship? All you'd have to do is control one decent-sized ISP by purchasing it or packing its board of directors, block its users' access to everything you don't like, and then threaten all the other ISPs with blackholing if they don't block your list of censored sites too.

Let's start with everyone's favorite hot button, kiddie porn. I'm sure with enough public relations noise we could convince AOL or some other large ISP to block every IP number in the same subnet as some site with questionable pictures of minors. From there, we could just let the blackmail flow.....

Re:"Press time"?

[jvj24601]

So, you decided to post the article anyway rather than wait for a response from the individuals who you are attacking? That doesn't seem like very good journalism to me.

So the HumpBackB (the author) is just supposed to sit around and wait until a response comes in? Exactly how long do you expect HumpBackB to wait? What if no response is ever given?

RBL is for Mail-Abuse you Fools!!

[fist]

What is the RBL's web address? www.mail-abuse.net!! It is for mail abuse!! Not blocking web-sites!! It is also optional. And yes, it censors emails that come from an ip where spam originates. If you want to continue getting spam from these ip's either don't use the RBL or go with an ISP that doesn't use it. I don't see how you can complain about a service which is *FREE* and optional.

Re:RBL is for Mail-Abuse you Fools!!

[downset]

People seem to keep saying that RBL is optional, well what about the situation, where someone is using it on a backbone, as was the case in the article? I dont see much choice in the matter then.
Also just because something is *FREE* doesn't make it good, or (as an example) are you a fan of Microsoft's Indoctrination^H^H^H^H^H^H^H^H^H Education programs too?
One thing, it does seem that a lot of people are mistakenly thinking that it would block the website as well, but it will only prevent mail, however some companies may rely on this for their ordering system.

Re:RBL is for Mail-Abuse you Fools!!

[Cirvam]

They have a BGP subscription service where it drops all routes to hosts on thier list. Now this doesn't censor mail but anything coming from that ip. If your local OC-3 backbone provider uses it then you are screwed even if you go with another isp because they probably buy the bandwidth from the same provider. So its not very optional if you are forced to use it.

Re:RBL is for Mail-Abuse you Fools!!

[Higher+Authority]

Don't even say that this is fair and *optional*.

This is fair and *optional* -- for the subscriber. I see your points as far as the consumer goes, but if you're really worried about it, shouldn't you stop wasting your breath (so to speak), here, and start wasting it on your/their ISP's admin(s)?

Re:Mill's tries to be an absolute

[Karl_Hungus]

It's not just a matter of "levels". Property, like speech, is not a qualified right, and nor should it be. If you are allowed to tell me what I can't do with my own property, then tomorrow you'll be allowed to tell me what I can't do with my own mouth which, after all, is just a property interest of mine. You, as a "technocrat" should understand this.

OK. Let's suppose through some jag-off libertarian's wet dream that everything's been privatized. I snap up the system of roads right outside your driveway. I own property surrounding you on all other sides. I erect lethal electric fences on all those other sides and forbid you to cross from your driveway onto my roads because it's my property and I can do whatever I goddamn well please. I can also refuse to allow others (your family, that ambulance you really need) onto my roads if I feel like it. Remember, this is a libertarian wet dream--I also have airspace rights. Medevac to your house will be shot down if they attempt to reach your property; they have to cross my airspace, and I disapprove.

You can not buy from anyone but me. You can not sell to anyone but me. I decide what the prices will be. After all, you can't leave, or ship anything.

For God's sake, don't compromise. May your spine be ever as stiff as the semen-encrusted pages of your favorite novel.

Re:That violates John Stuart Mill's liberalism max

[Karl_Hungus]

I have a right to property. You have a right to property. We both have these rights. But your right can only impede my right if I owe some special obligation to you because of a prior relationship or agreement (like contracts or marriage or whatnot). In fact, we don't have a prior relationship, so there is no "harm" done. Your version of the "harm principle" is quite disturbing, because it allows for no stopping point. Under your conception, every annoyance is a harm.

Great! I'll be the one parking the unmarked van with the Phasor Pain Field Generator mounted on the fender outside your house tomorrow morning at 3A.M., then walking away. Don't touch--it's my property, and we don't have a contract that says I won't do this. Sounds like a protection scheme, doesn't it?

The "special obligation" is that you live in a society, with other people, not on an island or in a shack in Nowhere, Montana. If this is too much of an infringement on your property rights, there is a place (formerly inhabited, but now devoid of human presence) where you can enjoy those rights to the fullest. Why not go there now?

Re:Fuck off, Commie Pinko

[shokk]

I agree with you and include MAPS capability on all my Sendmail servers. It doesn't get all the junk, but it's "hands off" and gets enough.

Those that think that this is censorware are just too freaking childish to realise that some people in this world just don't have time to listen to whatever it is you have to say. Yes, it is that hard to hit delete when you have to do it a few dozen times a day (and I'm getting off easy compared to some people) and have a good workload to take care of. These people who spam must be just like the little kids in kindergarten who insist on getting the story of their brother who ate the blue paint in the middle of someone's important discussion and will repeat it until you listen to it stammered through three times. Some of us have more important things to do that pass on your crap chainletters, or read your newfound "great money making system", or buy your shitty product.

Until I ask you for information, please keep the F away from me. I'm busy.

Re:It's simpler than all this

[shokk]

Even simpler...

If I don't know you, whatever crap you have to tell me is probably incredible unimportant to me if you are from some spam place that is trying to get me to buy some crap.

Just like how I don't answer my phone if the Caller ID says the number is unlisted. If I don't know you, you can speak to my answering machine, which screens my calls. You won't believe the number of people that call from unlisted numbers, but refuse to leave a message. Simplifies my life greatly. Invariably, when I'm in the mood for some entertainment and decide to pick up on one of those calls, it's some assmunch trying to give me a credit card or buy insurance or refinance my home. Because apparently all those companies were accidentally left out of my phonebook where I could look them up in the event I did need those services.

MAPS screens my mail for me. You won't believe how many emails people on the internet get that are not addressed directly to them and are trying to sell some bogus junk. Because apparently all those companies are not in any web engines in the event I completely lose my mind and decide I need to look up some Internet money making scheme. Give me a break!

If your ISP gets MAPS listed, maybe that's a clue that their service is not that great. That maybe their Acceptable Use Policy just isn't that important to them that they should enforce it and that there are probably a lot of other things that aren't as important to them that they should be doing for you. Think about that the next time your modem doesn't connect.

Re:Non-censoring anti-spam solutions are available

[shokk]

My favorite solution was back when I used Eudora 3.0. I had it filter any mail that was not addressed to me into a folder, and invariably it was all spam. Then, I forwarded all those addresses to each other so they would get picked up by the mailing lists and cause a nice storm of autoresponders mailing each other.

Hooooowwweeeeee! Boy, did they take me off their list, and a few of those sites seemed to be unavailable for a day or so.

Hopefully that prevented those last few people from hearing about those great money making schemes that are making everyone rich these days. Don't want those fantastic secrets spreading too far!!

Re:Software DESIGNED to spam

[CritterNYC]

If an ISP has an entire Class B and one IP/domain is sending spam then that should be the only one blocked.

Actually, I *do* agree with this part of what you're saying. I think MAPS decision to hit the whole class is a 'Bad Thing'. The decision by MAPS to blackhole everything used by the spammer does, however, have merit. Afterall, most spammers are just sending spam through open relays in Asia or popping up on dial-up accounts that get cancelled 5 hours later now. But, they host their sites here. I don't know if I totally agree with blackholing sites and all, but I can definitely see the logic here.

Either way, this is why the Realtime Blackhole List (RBL) and the Relay Spam Stopper (RSS) are two seperate lists on MAPS. The RBL blackholes all spammer nasties and some non-nasties in an attempt to get spammers thrown off legit providers altogether. The RSS lists ONLY open mail relays. So, if you just use this service, you'll just be blocking open relays (like all the ones in Asia).

Personally, I think it would be nice if they offered another option: all spamming mail servers. Just the IPs of open relays and known spam mail servers, without any of the other collateral sites. That way ISPs could vote (with their feet) which service they choose to use: RBL, RSS, or RBL+RSS-ExtraSites. What does everyone else think of that?

A Better Analogy

[CritterNYC]

They aren't harboring spammers, but they are harboring spam-tool makers. And this isn't software that CAN be used to spam. It is software that is DESIGNED to extract email addresses and then 'stealth' send them... ie, send it illegally using hijacked equipment without getting caught. Your anaolgy would be correct if they were blocking, say, sendmail's web host... since their software CAN be used for spamming.

So, it isn't like just providing the photo paper and ink to the kiddy porno makers... it is like providing the building, cameras, film, video-feed and streaming servers for kiddy pornographers - knowing full well what they are doing - and then being surprised when people are upset with you.

Re:A Better Analogy

[GlassUser]

Perhaps a better analogy . . . assume for a moment that kittie pr0n0graphy is legal, but still morally reprehensible.

An apartment complex makes it publicly known that they will hamper all efforts by law enforcement agencies (police, feds, etc) therefore making it easy for you to house your kiddie-porn empire on the premises. Lots of people decide that they will not associate with anyone who lives in the apartments, neither going to visit them, nor allowing them to come visit. Some grocery stores and gas stations even refuse to do business with these people, because they live at that address. The whole idea is to make people not want to live there, and move. When there are only a few kitty-pr0nographers there, the apartments won't be making enough money, and will go out of business. Or, when they're all doing kitty-pr0n, perhaps you could justify a good down-home lynching, or firebombing, or maybe the feds will just storm the place en-masse. The end result is the same, no more kitty-pr0n.

Now, perhaps it's not "fair" to the innocent families living next door to the people taking nekkid kitty pics to have to deal with not having any friends or transportation, or food. I agree, it would feel bad. But you have to realize that, as a society, you can't just let a system alone and hope it improves itself. Look at the second law of thermodynamics for yourself. It works on a macroscopic scale too. What I'm saying is that "we" are required to expend a certain extra amount of effort to keep our system from reverting to a disorganized, chaotic state.

Nobody's breaking into anyone's apartment, tearing down doors, or going inside I'd tend to have a lot less sympathy in that case.

Re:A Better Analogy

[GlassUser]

Yeah, pretty much.

Re:A Better Analogy

[eudas]

"They aren't harboring spammers, but they are harboring spam-tool makers."

"It is software that is DESIGNED to extract email addresses and then 'stealth' send them... ie, send it illegally using hijacked equipment without getting caught."

okay, so they're not osama bin laden, but can we shoot missiles at them anyway?

eudas

Re:A Better Analogy

[Twylite]

Aaah ... so here's an idea: we get a couple of ISPs to jump on ship with the idea of DNS filtering, and then we can prevent access to sites that distribute hacking software! Certainly a more troublesome problem than spam.

Oooh! And don't forget that we could easily add porno sites to the shitlist - that would be great! And those pesky warez sites ... now that would make the BSA real friendly-like to us. Wow - you could even take /. offline for being politically incorrect.

Yes ... let's fuck the ISP because they uphold freedom of information, what a wonderful place the world will be.

Software DESIGNED to spam

[CritterNYC]

In this case, the "bad" website sells software which could be used to spam.

Sendmail could be used to spam. This website sells software that is DESIGNED to extract email addresses and then stealth email them, most likely through hijacked mail servers with forged headers and from addresses.

What I don't get is why Media3 isn't happy to change their AUP and dump the site. Afterall, the bulk email software is probably being used against Media3's own mail servers by spammers using the software. Kinda like a gun shop selling a gun to a guy who tells them he's going to rob the gun store with it.

increasing power of MAPS

[mi]

While I aprove of the MAPS's actions so far, and have a lot of respect for Mr. Vixie, one question begins to trouble me:

Will refusal to block RBL-ed IPs from accessing your services ever become by itself sufficient to be RBL-ed?

In other words, will MAPS ever claim, that to be considered a responsible ISP, you must use their services? Even if their services remain free (as in beer), I'm not sure I'll be comfortable...

Spam filtering vs. RBL, DUL, and ORBS

[Elkman]

I'd have to agree with that, based on my own experiences with spam filtering. I've had a procmail filter in place for a couple years now, and classifying spam based on words and phrases in the header and body is MUCH more effective than using the MAPS/RBL databases.

For a time, I was using the rblcheck program to check mail based on the MAPS RBL, MAPS DUL, and ORBS lists. I found that the ORBS list was somewhat effective, but at the same time I was losing E-mail based on the politics of ORBS and RBL. I found that I suddenly couldn't get mail from friends who had cable modems. They weren't open relays or anything; it's just that Roadrunner wouldn't let ORBS into its network to do mail testing. Worse yet, ORBS and RBL and DUL still didn't prevent all of my spam from coming in. I've since stopped using rblcheck because my ISP moved to a mail cluster where I can't use it.

Anyone who's using the RBL to filter more than just E-mail traffic is trying to impose a political solution on the problem. That's fine if the end users agree with the politics, but not fine for people who just want to get about their work. Besides, most spammers these days use fly-by-night dialup accounts and hijack an open relay. (I'm starting to think that any mail server within the APNIC address space is an open relay.)

As your post suggests, it's a lot more reliable to use classifications based on the text than it is to use someone's idea of who's spamming and who isn't. ORBS seems to be the most accurate at detecting who's an open relay and who isn't, but even they have let politics sneak in.

Just ignore the spam?

[achurch]

I know I'm going to get flamed for a heretical opinion like this, but how about just ignoring the spam, just like tossing out junk snail-mail? I typically get on the order of 8-10 spams a day, and I just "D" them out of my way and go on; it takes me about one second to recognize a mail as being spam and delete it, so we're looking at an investment of maybe ten seconds a day to get rid of it. In my eyes, that's much simpler than trying to install a spam filter and get it working properly, remembering to update its lists, and still not being able to catch 100% of spam.

Now, I realize there are people who get dozens or hundreds of messages a day--I used to, while I ran a web provider--where sorting out spam really can take a good deal of time, and in those cases some sort of filter might be useful. But I don't think it's a problem of the level where ISPs need to (or should) unilaterally impose filters on their users--particularly when such filters have such bad performance as the RBL. I was particularly disturbed by the comment in the article which mentioned that the RBL was the only filter which blocked a legitimate message.

Also, before anyone asks, I'm not by any means in favor of spam; I'd be delighted if all the spammers in the world suddenly became enlightened and desisted from their wrongful ways, or something. But I'm not exactly enamored of the RBL's heavy-handed tactics, either.

--
BACKNEXTFINISHCANCEL

Oh, please.

[achurch]

Are you willing to let spammers take 2 days from your life?

Out of 18,262? Sure.

And in doing so, you are doing nothing to help others.

Oh, what a horrible person I am.

I make more of an effort- I file reports with Spamcop.net. I spend about six times the seconds you do, per day.

Good for you.

What right do you have to say that I should have almost two weeks taken out of my life by spammers?

What, it's now my fault that you chose to report spammers to some pseudo-authority? Give me a break. If you think that using those two weeks to report spammers is a waste of your time, then for crying out loud, don't do it! It's your life, live it how you want--but don't go blaming others for your decisions.

Besides, seeing how terrible the RBL's false-negative rate is, using it wouldn't save you much time anyway. And there are filters (someone even posted one) you can apply on the client end if spam is causing you that much trouble.

Soon you'll be spending 45 seconds digging through the spam (nine days out of your life)

Again, no big deal, even assuming the amount of spam does increase that drastically. If you want to play numbers, how about this one: if you're a good little boy and brush your teeth for one minute every day, that's 12.7 days out of your hypothetical 50-year life right there.

If you really have some imperative need to make spam into a huge problem, then yes, it is a problem, but some of us just don't think it's worth getting all worked up over.

--
BACKNEXTFINISHCANCEL

solution for MAPS

[astar]

MAPS harassing people selling software leaves a bad taste in my mouth too. This conflicts with some our common dogma about how the net is supposed to work. On the other hand, our dogma is inconsistent on SPAM. SPAM is attacked because we do not like it, among other things. As I set up the issues here, censorware and anti-SPAM actions such a narrow MAPS policy sound similar. In fact, I have had personal experiences with being flamed for SPAMMING for posting political messages in my ISP's usenet lobby. Politics was often discussed there. I responded to comments. While the eventual consensus was that my postings were not SPAM, the incident shows some fuzzy definitions and personal agendas floating around out there concerning acceptable use. I conjecture that MAPS people have fallen victim to a similar zealotry. This is unfortunate, but not unusual. But since using MAPS is voluntary, it still fits my personal dogma. Your mileage my vary. But MAPS is a little useful in how it has been traditional used. Rather than inflict this controversal policy of censoring legal software sites on the people who voluntarily use their MAPS services, MAPS should subset their blackhole lists based on the different rule sets used to create the lists. Then the ISPs can chose the sets of lists they want to implement. This fits my dogma and has a virtue in not tending to abuse their status as "white-hats" with the subscribing ISP's.

people, read the article

[happystink]

I can't believe how many people are just re-iterating what the RBL does, in case we didn't read the article (like them) and don't know. Slashdot discussion is the worst, everyone's an expert, without even having read the story.

sig:

"Press time"?

[Nostradumbass]

(I contacted Paul Vixie to ask about AboveNet and how it uses the RBL, but he refused comment, sending me to AboveNet PR, who didn't get back to me by press time.)

So, you decided to post the article anyway rather than wait for a response from the individuals who you are attacking? That doesn't seem like very good journalism to me. Isn't this exactly the sort of thing that caused massive confusion in our recent election? Slashdot has an advantage over traditional media in that it is not time-limited with regard to its stories. I would hope that they are not becoming bound by the less idealistic versions of so-called "journalism" we find all too often in the world today.

Re:"Press time"?

[tbannist]

As long as it takes, or some reasonable length of time, which is to be included in the article. No response by press time is cop-out for losers who don't want their subjects to respond.

If you can't publish how long you waited, then it wasn't long enough.

Re:Good work.

[atrowe]

"One of the better editorials in recent memory, if not the best"

Except for the fact that a retraction was issued within 1/2 hour of posting. Other than that, it was great.

Non-censoring anti-spam solutions are available

[KevinMS]

One is Sneakemail, another is mailexpire, but I think thats defunct now. They work on a level that lets the user be proactive about spam protection and not rely on remote software or local filters that "censor" your inbox. I can tell you that sneakemail is rapidly becoming popular, and in no small part because of this reason.

Laws

[TheFlu]

While the above article deals more with censorship than with SPAM, per se, I find it interesting that even though there are already many federal and state laws dealing with unsolicited email you rarely hear of spammers being prosecuted. You would think that either the government or individuals would pursue this. What's the reasoning for this? I've never tried it, but are spammers really that hard to trace down?

We hate spam. The Linux Pimp

I started some wildfire

[HumpBackB]

I originaly sent the message because i was implementing rbl on a sendmail server and i saw the news on maps web site.
I did not expect this to be such a complex question when i sent the post. I myself thought that i was instaling a censor system that blocked known spammers and not random C classes. I have the system installed for about 12 hours and i can feal the diference, but after reading the article i am really considerating removing it. In the main pages of maps it states that they are blocking spammers (as you can see here ) But after this question i went back and saw that what it says is: ".. involved in the sending of Unsolicited Commercial Email, or spam. " , this is a more vage question, and should be statted that if a company seels software our lists of e-mails it will be considered blacklisted. But the question here is that MAPS is blocking things it should not. Maybe MAPS should be more careful and instead of bloking the C class they should block the individual adress. Also i have read that some sendmail distributions now come with rbl by default. Linux systems are beying installed by the houndresdes this days, so MAPS administrators should take extreme caution on what they block. (excuse my typos, but english is not my native language)

Why not apply the "no spam software" evenly?

[jwa0]

Since the RBL is used against those who write or distribute programs designed to send mass e-mail, I should fully expect places like PacketStorm (a fine archive of security-related tools and scripts) to be placed on the RBL. They knowingly host code that sends mass mail: http://packetstorm.securify.com/Exploit_Code_Archi ve/mailbomb.c Why then is PacketStorm not on the RBL? Or any of the other hosts that have similar tools?

I use the RBL hooks in Postfix, and I find them very useful. This is a bit much, though. While I have enormous respect for Vix & co., I think this is way over the line.

How is software that is designed to send bulk email any "worse" than software that is designed explictly for the purpose of, say sniffing user passwords or performing denial-of-service attacks? Indeed, why aren't we, as the Internet community, tracking down those people arrogant enough to write these tools -- tools that are clearly used to commit all manner of subversion havoc -- and blackholing them?

It's because (most) technical people understand that tools are just tools. Somebody who writes a password grinder is "just" a programmer. The Unix admin who downloads it and runs it against her password file is just doing her job. The peeved help-desk guy who uses the password grinder to get the VP of Finance's Unix password and then uses it to access the nifty Oracle financial system is acting-- in the words of AUPs everywhere-- in excess of his authority, and if caught, will be squashed by the Law.

It's not valid to want it both ways, to want software that you think is "bad for the net" blackholed out of existence, yet allow other software -- arguably more damaging -- to exist unchallenged. If this was, say, WIPO vs. nmap, would those of you in favour of MAPS' stance take offense? Software is speech. Censor it and contribute to the decline of your freedom to write it. I'm sure the brains behind WIPO are very interested in seeing how this plays out; if an .org which essentially controls access to and from the large nationwide ISPs can succesfully censor software without question, then certainly WIPO can.

And finally: simply because MAPS says "These are our guidelines, and we are following them" doesn't mean the guidelines have merit.

Re:MAPS is necessary

[Cirvam]

So can you give me one example of how Peacefire.org has sent spam out or contributed to the sending of spam?

MAPS is necessary

[FrostedChaos]

Ok. The central argument here is that MAPS is promoting a kind of censorware, and because censorware is bad, MAPS RBL is bad.

I don't buy it.

First of all, MAPS does not block content based on political grounds, as the article seems to suggest. It blocks groups of IP addresses that contribute to SPAM. According to Gartner analsyt Joyce Graff, "Living in an email account with lots of spam is like living in a community with trash in the streets." MAPS is more comparable to a trash collector than a censor. (Unless you think Get Rich Quick!!!!! is a political manifesto.)

Second of all, all any legitimate site blocked by MAPS has to do is to change ISPs to be seen again by RBL subscribers. MAPS is a tool for exerting pressure on ISPs. I remember a few posts here a while back, all of which basically said something like "too bad there's no way to make ISPs care about ___ (insert issue here.) Well there is! And the RBL is it.

I had to chuckle at points throughout the article. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate websites which promote themselves through spam. Of course not! But software to spam the customers of other ISPs, well that's just fine!

The whole goal of MAPS is to make ISPs accountable for spreading SPAM. And none of their actions have deviated from this throughoughly non-political goal.

If you really think you're being oppressed by MAPS, switch to an ISP that doesn't use the RBL. However, most people probably would rather not live in the garbage.

The truth is, spamming will probably be around forever in one form or another as long as the internet is around. But people can take some steps to block the worst offenders.

Re:MAPS is necessary

[raju1kabir]

Easy. (forgive me if I'm loose with the facts here; it's the logic that matters)

1. An ISP hosts a spamware-for-sale site.
2. Peacefire pays connectivity fees to that ISP.
3. That ISP is profitable.

If Peacefire (and, obviously other clients like them) would move, or threaten to move, to a different, not-so-spam-friendly ISP, then the current ISP would start to ask themselves: "Wait, is it really worth it to host the spamware site?"

If Peacefire does not move, or complain about the spamware, then they are allowing the ISP to continue to make a profit in support of spam.

Is it Peacefire's battle to fight? Probably not. But here we are, and they've been tarred, as it were, by association with a disreputable party. Like anyone in such a situation, they have to decide to either ignore it or sever that association. MAPS only brings that decision to their attention.

Re:Not Exactly

[shotfeel]

Only ISP in the area? Then stay off the net if it offends you.

So your choice is between censored material or no material at all.

Now that's real freedom from censorship.

Heavy handed, yes; Censorware, no

[Bellhead]

This is a tough debate, made all the more tough because the spammers have gotten so good at cloaking themselves in the rhetoric of free speech while they make everybody else pay for their PA system.

I wish this issue wasn't so convoluted: not because I shy away from conplicated issues, but because it brings up the age-old problem of putting into words what everybody knows is right. Any society has to have some shared values, and Cyberspace is no different: if we can't agree on this issue, what can we agree on?

Consider an analogy: assume that a wino is giving out ads for a pornographic bookstore in front of the local highschool.

The chances are that this is legal: even if it were not, the supply of winos is inexhaustable.

If this offends you, your choices are to:

• Sue the wino.
• Sue the bookstore.
• Boycott the bookstore.
• Boycott the bookstore, the other stores in the same building, the owner's other firms, the other store owner's other firms, etc.

I'll take the last option. It does no good to say that the other stores aren't invovled, because they are: the fact is that the other owners in the building benefit from the porno store, either because they receive a reduced rent to tolerate its presence, or are able to sell related merchandise - Playboy comes to mind - as an adjacency to their regular trade for those whom shy away from the green door. Now, you may not feel this is "fair", but I'm a common working man, and I can't afford to sue anybody. I'm going to get the biggest bang for my boycott buck that I can, and use every lawful method I can to put preasure on the bookstore owner.

Here's the sticky part: let's assume my hypothetical addict is promoting only one book out of the thousands in the store. Is the bookstore owner entitled to sue me for my boycott? Do you think it proper for another author to obtain an injunction on the basis that what he's doing is legal, and that he isn't involved with the ads?

If you do, I pity you. Spam cheapens the vital discourse of the net in the same way that pornography cheapens the innocence of youth and the mature love of married couples. I know this, but I can't explain it with words: to say that a person selling spamware is uninvolved with spam is like saying that a pimp in univolved with prostitution.

What, then, is an ISP owner to do? I know that spam is wrong, and I'm entitled to act on my belief. I won't stand by and let a wino hand out leaflets in front of the high school, and I won't allow Media3 to cloak themselves in first-amendment rhetoric in order to take advantage of the internet connection I pay for, the computer I pay for, the infrastructure I pay for, and (most importantly) the time they steal from me. If my ISP subscribes to the RBL, I accept the fact that hunting rats requires use of a shotgun.

Bellhead

Errors that should be corrected.

[DaSyonic]

Ok, the poster states that Anyone who subscribes to the MAPS RBL is unable to goto a persons website because there IP is blocked. This is not the case. I am a subscriber to the MAPS RBL, RSS, and the dialup list as well. It stops spam very effectively. MAPS is integrated into sendmail. This has nothing to do with IP, including http. I can goto any working IP address, if there on the RBL or not. I feel that this article is very biased against MAPS and tries to make it seem bad. The MAPS RBL admins dont like people who are friendly towards spam. They are not 'censoring' them, but just preventing them from sending email to any mail server that uses the RBL. This is a big differance that should definatly be noted. Id like to state, that since I have utilyzed 3 differant MAPS services on my mail servers, I have not had any unsollicated email come through. And that is what MAPS is all about trying to accomplish.

but is there another choice?

[burnt-corpse]

Hi, I too would agree that censorware is a bad thing. It limits choices. But what other options do we have for ISP's that either cannot or refuse to block relay ports? It's the ISP's fault that we are having to resort to these types of services because Congress, state laws, even international dictates won't stop the flood of Spam. If an ISP makes it too easy for a spammer to get an account, leaves their relay ports open, or worse agrees to a pink contract with these "marketers," it needs to be held accountable. How do we as an internet community do this? We have to have some sort of leverage to punish these people...the PSI's of the world. These folks only understand money and brute force. Since we as individuals don't have the money, we need options like the list, Spamcop (although that is not a proactive solution). I'm open for suggesions... Corpse...

Distinctions need to be made. Poor article.

[slonob]

I think it's funny how the posts here in response to this message overwhelmingly parrot the original post. If the story was about the Harris jerks going after the spam vigilantes everyone would be bashing Harris. We need to distinguish between the act of shutting off port 25 to spammers and shutting off IPs at the router (BGP). I realize that the author of this original post has done this (sorta), but many who have posted have not made this distinction. First, let me tell you where I stand. I am in favor of shutting off port 25 to spammers. I am more apt to question the termination of all traffic to and from a spammer network. I uderstand that it still uses some resources to be hit by the spammer regardless of whether or not it's filtered. But I think RBL should stay in focus. Ultimately, I think ISPs should reconsider their use of router level RBL filtering. I don't know for sure, but I doubt many do this anyway. (ISPs like control and why give this control to RBL? I don't think many would.) If, as some have claimed, the author of this original post has exaggerated the impact of MAPS filtering in the described situations, I think he has invalidated his entire story. I think it is suspect that in the original draft he did not attempt to make it clear (to the unitiated and often knee-jerky audience) that getting on the RBL, probably 99% of the time, means that MAIL is being blocked and NOTHING ELSE. Not web traffic, not anything but MAIL. He attempted to answer this in his followup but ended his follow-up with the bias of a peacefire report. His followup stunk, to be honest. Also he made what I can only guess is an unsupportable claim that Above.net changed its implementation of RBL since he brought it to light (=delusions of grandeur). I'm sorry but "What it does do is punish the folks at MarketingMasters, whose Web site can't be seen by RBL subscribers..." just sounds intentionally misleading. "Can't be seen by" is simply not true for the vast majority of those under RBL's impact. Furthermore, he made the claim that MAPS was doing this because there is ONE site that sells spamware on Media3. That is quite the accusation. And if it's true, I will become a MAPS critic myself. But it sure does require proof other than the fact that a spamware vendor IS hosted from Media3 and Media3 IS having an RBL problem. Here's a fact that I would like to see: how many staffers at Media3 spend how much time on enforcing their AUP? I have a hunch they are relaxed about it and that's what drew attention to them. I run several servers and help a small ISP now and then. And I have to fight spam ALL THE TIME to keep their services worthwhile. And certain companies, like PSI.net, I AM ALMOST CERTAIN have autoresponders do randomly delayed responses to complaints. Again, I am guessing that Media3 is relaxed about spam enforcement. I would not say for certain they are since I don't know. And I won't take their word on it as suggested in the original post. I think this article is very poor on facts. And it's inflamatory. And I think it's shameful that people respond to this stuff as if it is true when there are so many flagrant problems with it. /Jarrod

And I moderate your moderation (-1 Redundant).

[Fortyseven]

File this one under "No Shit, Sherlock".

Ah, but . .

[G00F]

But if you use aliases you wont be in the "to" field. So sending everything w/o your e-mail address in the to field isn't the answer, and besides, your still getting the spam, your just not reading it now.

Actualy

[G00F]

This write up shows how hard it is to fight spam w/o censoring. And how every way we try to fight spam, we are doing a form of "censoring".

Re:"If you don't like don't use" How short sighted

[Higher+Authority]

Comments similar to "If you don't like MAPS, don't use it" are VERY short sighted.

You are basically prooving the point "If you don't like MAPS [or similar services], don't use it [them]". You didn't like them, so you didn't use them.

...I don't get the option to 'opt out'. This is FORCED censorship.

You argument here sucks, yet again. There is no such thing as forced censorship. If you submit to it, it is not forced. Unsubscribing to your ISP effectively bypasses any imposed censorship.

If enough subscribers to a given ISP which uses the RBL, or anything like it, to which those subscribers oppose, unsubscribe to the ISP, or otherwise protest, the ISP will start getting the message.

If anything, this is simply an inconvenience, albeit quite a large one. It can be stopped, thus it is not forced.

I think that unless there is some democratic process...

I completely agree, that is if one chooses to use such a service. Personally, I'd rather not see that as much as I would see the volutary halt of spam and the realization by spammers that spam sucks and does not work. Of course, spam does work, not only because people choose to simply delete more often then fight it, and on top of that, people still quite often read spam, visit the sites, order things, etc. This is what is truely unacceptable.

tools like these need finer-grain control

[ummit]

It was clear to me a couple of years ago when I first read about the RBL, and this case & its ensuing discussion confirms it for me absolutely, that a tool like the RBL needs to offer at least two separate lists: (1) IP's that are blacklisted because of sending spam, and (2) IP's that are blacklisted because of hosting spam-promoted websites. Yes, there are good arguments in favor of blocking spam-hosted websites, but there are also good arguments in favor of not doing it, and it's an endlessly debatable point which will never be settled (as this /. discussion thread amply proves!). Subscribers to the RBL ought to have a choice whether they buy in to the heavier-handed kind of censorship.

Re:Not Exactly

[fmaxwell]

Censorship is when some person or organization is limiting what you see against your will.

If you use an ISP that has MAPS, it is your choice. Only ISP in the area? Then stay off the net if it offends you. They are running a private business and feel that the reduction in spam outweighs the complaints of some users who don't like MAPS.

I have no sympathy for the author. His firm is hosting a site that is selling spamming tools. Taking an anti-spam stance and then turning a blind eye to the peddlers of these tools would be absurd and MAPS has done the right thing. Want to get off of MAPS' list? Drop the site and tell the customer that he needs to start selling products for which there is a legitimate use.

Yellow Journalism and Incompetent Reporters

[Morely_Dotes]

The article reads like a press release from Exactis.

Where are the *facts*? Not in this article, that's for sure.

jamie, you ignorant slut!

[Morely_Dotes]

peacefire.org happens to be in the middle of a net block that houses a major nest of spammers or spamware vendors:

209.211.253.68 http://www.extractor-pro98.com/
209.211.253.69 http://www.list-sorcerer.com
209.211.253.70 http://www.massmailer.com
209.211.253.71 http://www.bulkemailpeople.com
209.211.253.72 http://www.desktopserver98.com/
209.211.253.73 http://www.e-mailblaster.com
209.211.253.74 http://www.marketingmasters.com/bulkserv.htm
209.211.253.79 http://www.4microsoft2000.com/index1.html
209.211.253.84 http://www.bulkers.net
209.211.253.88 http://www.bulkbarn.com/
209.211.253.89 http://www.web-promotions.com/
209.211.253.126 http://www.bulkisp.com/
209.211.253.139 http://www.firstlinesoft.com/
==} 209.211.253.169 http://www.peacefire.org {==
209.211.253.248 http://www.bulkhost.net
209.211.253.248 http://www.bulk-isp.net
209.211.253.248 http://www.bulkispcorp.net
209.211.253.248 http://www.bulk-isp.com
209.211.253.248 http://www.bulkisp.nu
209.211.253.248 http://www.bulkisp.net
209.211.253.248 http://www.bulkispcorp.com

Ironically, one anti-spammer who tried to contact peacefire.org to express the anti-spam side of the story found that his email to peacefire.org was being blocked by Media3. Ironic and hypocritical or what?

Now, if PEACEFIRE.ORG wants to be associated with Web sites that exist for the sole purpose of committing theft and trespass, why, that's their business; but any sane, intelligent sysadmin would have been looking for a new hosting service once it became apparent that their current service is spamware-friendly.

MAPS is the tip of the iceberg; only about 40% of the Internet uses MAPS to block spam and spamware sites. As much as another 50% is using local deny routing tables, which means that PEACEFIRE has, by placing themselves on a spamware-friendly service, made themselves inaccessible to up to 90% of Internet users today.

And it's easy to get out of the MAPS RBL. It's close to impossible to even find out who's maintaining all those other lists; getting out of them could easily be a career in itself. We're talking about thousands of lists, all of them maintained on a "block the spammers forever" basis.

Think about it: MAPS lists a clear set of requirements to get into the RBL, and to get out.

How do you get on the RIVER.COM blocking list, though? Do you know? And if you do get on it, how do you get off?

RIVER.COM is just one example. whois will turn up thousands upon thousands more - but you can't tell you're on the list until you try to e-mail them.

Re:Spam busting is Free Speech busting

[Morely_Dotes]

Stopping spammers is stopping proliferation of ideas?

Sure it is. Just like locking your house is stopping free enterprise, and locking your car is stopping free personal movement.

Spammers are thieves, plain and simple. They lie, cheat, and steal. That's all spam is - theft via e-mail. Some of it is a little more elaborate than the chain-letter MMfools, but it's all theft, by definition.

The Three Laws of Spambotics (with apologies to the Good Doctor Asimov) are:

Rule #1: Spammers lie.
Rule #2: If a spammer appears to be telling the truth, refer to Rule #1.
Rule #3: Spammers are stupid.

There is also a Zeroth Law, but I will leave the discovery of that as an exercise for the reader. If you can't discover what it is, perhaps you fall under Rule #3.

I don't get it..

[Clownburner]

You say that the system achieves 90-95% accuracy, but then your README file says "The accuracy isn't very good because the training set wasn't very amenable to personal emails"

So what gives? Does it work, or not?

As for MAPS, the low hit rate is because it's based on DNS, and the number of unsecured mail servers approaches infinity. You just can't catch 'em as fast as they pop up, you really can't. Searching the text of the email (as your program does) is a better solution but one that can only be adequately implemented in a highly distributed way (i.e., at the client or possibly mailserver level). If you're an ISP and deal with 3 million SPAMs a day, processing the text isn't computationally desirable.

_________________________________

Re:Fuck off, Commie Pinko

[ocbwilg]

"As someone else mentioned, the idea behind an ISP is that you get cheap Internet access at the expense of a little freedom. If you get your own leased line to the backbone, snag your own IP block from ARIN (or borrow one from your backbone), you can run your connection how-ever you want. When you buy service from an ISP, you are investing in their practices, nodding your assent with a credit card or check. You pay less, of course, but you are also giving up the freedom of running the connection yourself. If you disagree with their practices, there's nothing to stop you from using (or starting) another ISP" This paragraph sounds oddly like you are stating that you can only have freedom if you have enough money to pay for it.

OK, so in summary:

[ocbwilg]

Lots of people think that the RBL is censorship. Others claim that it isn't because use of the RBL is voluntary on the part of the ISP, and use of the ISP is voluntary by the end user. However, this DOES cause a problem if the backbone provider uses the RBL, because even though none of the ISP's in the area implement it, if they all have the same backbone provider then there is no choice other than to set up your own connection to a different backbone provider, which we all know isn't going to happen because there is a financial barrier. Freedom to see whatever you want should not be made available only to those who can afford it.

Next point, people have blindly (and incorrectly) tried to make the case that the RBL only blocks mail, not traffic in general. Obviously this is not the case if you use the eBGP service. But the more crucial point is that out of all of the "nerds" and "techies" who posted to /., very few knew that the RBL can and is often used to block traffic at border routers. If *we* aren't aware of this fact (even after reading about it in the article), then what makes you think that average joe citizen is going to be smart enough to make those kinds of inquiries to a potential ISP, backbone provider, or web host? And how many people at the potential provider are going to know enough to say, "Yes, we subscribe to the RBL to block spam AND internet traffic in general"?

Third, the RBL DOES act as a vigilante. Sure, I hate spam and spammers. Sure, you can opt out of using the RBL, but how easy is it to opt out of addresses that you WANT to receive email or other traffic from? The problem is, the RBL isn't me making a conscious choice. It's my ISP management making a conscious choice when the ISP is formed and everything else is automated from there. How do you know what sites are being blocked? Hell, most /. users (who are by far more technical than average joe citizen) didn't even know that RBL has a border router service, let alone what specific addresses are blocked. In essence, someone else (ISP, backbone provider, etc) has opted you into this group that must blindly accept the judgement of a private, un-accountable organization as to who is a good netizen and who isn't.

Now from the side of someone who gets blackholed: how did I opt into it? If I'm not a spammer and didn't support spammers, I didn't voluntarily agree to be blocked. The comparison that every one of the posts that I've read so far has missed (and the most appropriate analogy) is this:

I use Ameritech for phone service. My friend in another state uses GTE. Telemarketers who use Ameritech for local phone service solicit business from my friend on GTE. My friend complains to the PhoneRBL. The PhoneRBL blackholes ALL traffic from Ameritech. My friend and I are no longer able to communicate. Yes, I *DO* have the option of using another company like CoreCOMM to get phone service, but should I have to? If Ameritech fails to deal with a phonespammer in a way that is "acceptable" to the PhoneRBL people, should I lose my ability to communicate?

The overwhelming majority of the people who I see coming out in support of the RBL in this instance aren't even aware of what kinds of services the RBL offers, let alone how it determines who ends up on their lists or how to get off of them. What *IS* an acceptable way for an ISP to deal with a spamming customer from RBL's perspective? What about someone who sells software to help spamming?

What about someone who LINKS to a site that sells spamming software? I saw a lot of support for DeCSS and sites who chose to link to it rather than offer it for download. I remember quite an outcry when they were forced to remove the *links* to sites that offered the file for download. Today the RBL is blocking an entire class C because one address offers the software for download. Tomorrow they'll be blocking it because they link to sites where you can get it.

This is vigilante censorhsip, and the worst thing is that so few people realize it. It's just another gradual step down the primrose path once we start letting other people think for us.

Now, solutions (didn't think anyone would mention that, did ya?):

I love the idea of the RBL. I do not like the unaccountability factor. While they have tried to set guidelines and tried to behave in a "good netizen" way, it's just not working out that way if you're blocking an entire subnet of innocent sites along with the one bad site.

There should be an industry organization that any ISP, backbone provider, MX operator, etc can be a member of. Each member would agree to the principle of blocking spam, not hosting spammers, securing open relays, etc. They would generally agree (but not be required) to implement the filters that the organization creates. They would set down guidelines as to what kind of behavior is considered spam and what isn't. They would determine what would be a black-hole-able offense. Members would have to ratify the constitution of this organization. Members would vote on ammedments any time new guidelines for acting against spam were implemented. In this way, the organization would be accountable to it's members (who are all service providers of some sort) rather than just being a group of guys who hated spam and decided to do something about it.

I honestly think that people use ORBS and MAPS for the same reason people use Windows. They're out there, ubiquitous, and for joe schmoe, a lot easier to implement than the alternatives. We just need an alternative organization that can do it better.

MAPS did not block all those WEBSITES!

[gururise]

First of all, after reading the news story, it leads one to believe that all those poor websites are blocked from the internet (essentially an Internet Blackhole). This is totally untrue, everyone can still access those websites, just mail originating from those sites will be unavailiable to sites who subscribe to MAPS and choose not to allow such mail.

Quoting the MAPS press release...
"The dispute with Media3 arose when Media3 refused to require their web-hosting customers to stop advertising their websites by using unsolicited commercial email as an advertising medium. The unsolicited email, sent through various unrelated ISPs, advertised websites which were hosted by Media3 on their web servers. "This clearly violates the standards which we advocate, and to which we ourselves adhere," explained Mitchell. "The proprietors of these websites send massive amounts of unsolicted mail from an account with an ISP, then when that account is shut down for violating that ISP's terms of service, they just move on to another ISP. In these cases the only way to get them to stop sending the unwanted email is for the company hosting the advertised site to get involved. If they don't, there is no incentive for the unsolicited email to stop, and then we are forced to protect our own mail servers from the onslaught of that unwanted email."

Being a system administrator myself, I have to deal with SPAM on a daily basis. Spam uses up our resources, our bandwidth, and consumes our employee's time when they have to deal with it. We receive thousands of spam messages each week, and all of them are unsolicited. What other option do system administrators have? I for one totally support what MAPS is doing.
Gururise

BMTP

[Yorkshire]

Didn't I hear something mentioned once about a bulk mail transfer protocol? I have no specifics, nor a link to any further info. Anyone else have anything?

It's simpler than all this

[erasmusbruge]

Good article, but there's a simpler way of stating the problem: 1. No thinking person should allow anyone else to decide what he is, or is not going to accept as e-mail: not my ISP, not my lawyer, and not even the good folks running the RBL. The problem is with not taking the trouble to make sure that your ISP isn't taking any liberties: this is actually quite easy to do, given the competitive nature of this particular business. So, the decision to use the RBL or not should be jealously guarded, and not ceded to others. Simple. 2. The thing about the RBL that is most annoying is that they cloak themselves in the veil of rightousness, when they're just offering advice. They're basically saying "Hey, here's a list of people who we think contribute to spam in one way or annother, so you may want to reject mail from them on your server". Oh, and by the way, there are some criteria we use to decide ... they're pretty broad, but take a look, and decide for yourself. If you don't agree, don't use the list. It's that simple. Oh, and yes, you DO have a choice. It's not an excuse to say that you rely on your employer's system, or your school's or whoever's server to get your mail. You don't have the right to the free use of someone else's property (this includes their servers, wires, IR ports, or whatever)-- just get yourself a dial-up connection to an ISP that does not use the RBL. Oh, and it would be big news to hear that the backbone routers are rejecting all traffice from RBL'd IPs -- as far as I can tell, this just ain't so.

Something _VERY_ similar happened to me

[Poppa_Chubby]

This story closely mirrored something that happened to me some time ago. (Set the way back machine for 1997ish). About that time I was working for a small ISP that had a leased line through a company that has now gone out of business (AGIS, its not bad form to mention them now :P~). In any event, around this time, Sanford Wallace obtained connectivity through AGIS and that's where the trouble began. What did Mr. Wallace have to do with the little ISP I was working at? I asked myself that question a whole bunch of times that summer.

In any event, Mr. Wallace got his contract through AGIS _BEFORE_ they had a formal anti-spam policy. It was an oversight on their part and for all their real faults, this one was unintentional (spam was only a massive problem at the time, not the endemic it is now.) After the news became common knowledge, every single mailbox that we had listed on our site was getting massive amounts of bulk mail. The irony is, it was bulk mail from the people that were telling us how bad bulk mail was. Each of these bulk mails had something in common, they would :

1) Include about 350 lines of contact email addresses from known AGIS customers

2) Inform us we sucked ass because we supported AGIS who supported Sanford Wallace.

3) Tell us to tell AGIS to stop supporting Sanford Wallace.

4) Tell us we sucked ass because we were, in effect, spammers

5) Tell us to leave AGIS

The irony from this never left me, which is probably why I don't use the RBL where I'm at now. These net cops were just as bad as the problem they were constantly whining to us about. It didn't matter that we weren't spamming anyone. It didn't matter that we had an AUP that forbid spam. We had to leave AGIS or we were going to be blacklisted. Never mind the fact that as a small company we couldn't afford to get out of our contract. Our mailboxes were flooded close to three months with this junk until AGIS finally created a chump 'bulk email commission'. In any event, just complaining to the company responsible would have yielded the same results, somewhat faster, than complaining to us.

Why do I bother mentioning this? Well, AGIS would have yanked Mr. Wallace's connection in a second if they _could_. But, because their AUP didn't expressly forbid what he was doing at the time they couldn't do it without losing a shitload of money. But, that wasn't a good reason according to the zealots. These people seem to want everything done yesterday and in reality that can't happen in a world of contracts. AGIS couldn't get rid of Mr. Wallace until they reworked their contract with him, so that was what that chump 'bulk email commission' was about. They formed that to wait out his contract and then didn't renew it with him. I know AboveNet has an AUP forbidding spam, but I wonder if they had a customer that was doing something that no one liked but who's actions weren't contrary to their AUP if AboveNet would break their contract with their customer? That would be a really interesting question to pose to their manglement.

Oh well...I rambled enough for tonite.

I don't agree with a lot of this article

[Iphtashu+Fitz]

First off, it starts by quoting the news.com article that claims the RBL only blocks about 2% of spam. This article is completely inaccurate, and if Jamie had bothered to research it at all he would have realized this. The article describes a series of tests of e-mail filtering services and lumps the RBL in with these filters. The RBL is NOT a filter. It is simply a list of IP's associated (for whatever reason) with spammers that server admins can use to block service from. Comparing the RBL to filters is like comparing Caller ID blocking (not even answering a call if the number belongs with a telemarketer) with call screening (answering the call, determining it's a telemarketer, then hanging up). If the people that ran the news.com test actually performed their test from a server listed in the RBL then 100% of the spam would have been blocked.

Claiming that the RBL is a "censorware tool" also shows that Jamie doesn't understand the purpose and use of the RBL. The RBL is nothing more than an electronic equivalent of a Consumer Reports article. The RBL is a list of IP's that MAPS determines is affiliated with spammers and shares that list publicly with anybody that wants to use it. I, as a user of the RBL, have made my own personal decision to trust MAPS and have included them in my mail servers configuration. If I have a problem with a site being added to the RBL (such as peacefire.org) I can simply tell my mail server to ignore the RBL listing for them. MAPS is simply providing a service and I am making use of that service. This does NOT Make it censorware. The RBL is as much censorware as the CallerID on my telephone - they both provide similar services.

Jamies view of the RBL as censoring Media3 is very nearsighted. The purpose of the RBL is not to censor sites like Media3 and their customers. It is a tool that attempts to encourage the owners of all the private systems that make up the internet to cooperate with each other. The vast majority of the owners of the systems that make up the internet abhor spam. By making use of the RBL, I and many of these other admins are speaking with a collective voice to the admins of providers like Media3 who either explicitly condone or implicitly allow spamming.

Jamie would do well to look up the defintion of censor. According to the Merriam Webster Dictionary, censor is defined as "to examine in order to suppress or delete anything considered objectionable". The RBL does not examine anything - it's just a list that any system administrator on the internet can utilize.

Iphtashu

---

Re: MAPS == censorship.

[Targeted]

This is not so simple. Consider your sticker-free car again. Consider a city separated by a river. What if you are not allowed to drive through the bridge, just because there is a red light district located at the other half ? You might say - wait a sec, I work there ! Nobody cares. You certainly want to go for more perversion when you are driving across the bridge.

Re: MAPS == censorship.

[Targeted]

No, I refer to the small bridge owned by some company (presumably supporting RBL) you have to drive across every day just because you live in some particular location. I mean - RBL is not a thing you would like to have in your neighbourhood. One more metaphore - imagine that your cable TV erotic channels are locked out just because there live kids in the same block. Stupid enough for me. I mean - filter is just a tool, but they don't admit that it is just a small step on the unbeaten path. Instead they try to make it sound so-o-o-o-o profound... Money talk. Call it censorship, or not.

MAPS, spam, etc.

[sysarchangel]

Aww, what a bloody shame.

If anything, the RBL needs sharper teeth. UUNet should be atomized for the 20 billion or so spams a year that come out of its dialups. If a little collateral damage occurs from time to time, such are the breaks. Civilians got killed at Hiroshima and Nagasaki, too, but that didn't reduce the effectiveness of the atomic bomb.

Spam and AntiSpam equate.

[bgrant01101]

"And here's a heavily abridged list of the sites that cannot be accessed via AboveNet, or any of the other providers who use the RBL -- just a few of the sites on just one blacklisted Class C: " This is untrue. Given the general level of articulation within the article, it is difficult to believe this is an honest and innocent omission, which leaves one to observe that it is most likely a simple, blatant lie. Any particular reason, guys? Yes, I read the update. You're still confusing the issue and making a misrepresentation regarding the functional impact of implementing MAPS and ORBS. They are not one and the same. Vixie's comments aren't particularly relevant to your claims re: MAPS and M3, at all. We use MAPS here. We can get to these sites just fine. We won't get any email from them, but the case is we most likely don't want it; this is among the reasons why we use the service. Anyone who implements MAPS does so voluntarily, and is clear on the fact that this doesn't block HTTP traffic. Can the lookup database be used to accomplish that? Sure. Did AboveNet do that? I don't know. If they did, that's not relevant to a censorship question involving MAPS and/or ORBS, regardless. The issue lives with M3 and AboveNet. I'm sure MAPS looks like a much more viable legal target than AboveNet to M3, however. This isn't a new strategy. It's not entirely unlike WashTech going after ETown in order to build up a case against Amazon. Honest justification tends to get pushed aside in the pursuit of victory. Anyway. We bounce over a thousand messages a day using MAPS. And I'm thankful for every damn one of them. In the unlikely event that MAPS and/or ORBS are ever successfuly sued, you can be sure the capability will re-manifest itself in an evolved manner, probably with some form of distributed / de-centralized architecture and communications mechanism. I don't believe one can stop people or organizations (or, eventually, agents) from black-holing mail exchanges any more than one can stop the practice of spamming itself. We can argue about this article all we like, but the real subject is deeper still. Benjamin Grant VP, Technology Salon talas9 at well.com

You mischaracterize MediaMasters

[tinlc+SF,+CA]

Jamie said:

Spamware? Yes. Media3 does host Web sites which sell software that sends bulk e-mail and harvests e-mail addresses. Take a look at MarketingMasters.com. In this case, the "bad" Web site sells software which could be used to spam.

No, the software at MarketingMasters.com is useful for no other purpose except spamming. When you visit their web site, the first thing you are greeted with is an announcement:

Order ANY of our Bulk Email programs now and you'll receive 25 MILLION Fresh Email Addresses on the web for FREE.

To characterize MarketingMasters as anything other than 100% pure spamware is disingenuous in the extreme. The fact that Media3 continues to host this site is absolutely unacceptable.

The crucial difference between MAPS and various censorware vendors is that MAPS openly discloses all sites that it proposes to block. The censorware vendors claim that information as confidential and proprietary.

No research skills?

[Frank+Murkowski]

Implying that Peacefire was somehow "censored" *IN ANY WAY* by MAPS is lunacy. A network abuser, Media3, was blackholed for network abuse following the procedures outline in http://www.mail-abuse.org/rbl/ - pure and simple. Attempts to portray this as an act of censorship lodged even remotely in the direction of Peacefire is defective logic and argumentation. It's also evidence of shallow comprehension and poor research skills. "Jamie" presents him/herself in this article (presumably unintentionally) as a gullible technical illiterate.