MAPS RBL Is Now Censorware

HumpBackB wrote us about the lawsuit that ISP Media3 has filed against MAPS and its Realtime Blackhole List. The RBL, despite blocking only 2% of spam, is widely seen as an effective tool against mail abuse. I'm going to risk life and limb, and say that it has become, instead, just another censorware tool. Here's why.

Media3 has had six of its ClassCs added to the RBL: one in June, and five in November. These 1500 IP numbers are now cut off entirely from the rest of the Internet for any Internet provider who subscribes to the RBL (more on this later).

But making these 1500 IP numbers vanish from the net -- which is exactly what happens for any provider who subscribes to the RBL -- does not stop any spam from getting through. They are not blocked because those servers are sending unsolicited email, or any kind of e-mail for that matter.

Media3's service agreement is more-or-less the same as all responsible, anti-spam providers:

"M3 does not permit the transmission of unsolicited e-mail... Subsequent violations will result in suspension and/or termination of the account without refund of service fees..."

And MAPS does not even allege that a single piece of spam has been sent from any of these 1500 IP numbers. As their press release says:

"Media3 refused to require their Web-hosting customers to stop advertising their Web sites by using unsolicited commercial email..."

Even this fact is in dispute. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate Web sites which promote themselves through spam.

You can check the RBL evidence file yourself. When a MAPS representative spoke with Joe back in June, he told him that he needed to, not tighten up his sendmail rules, but "terminate the Samco [Web] sites and rewrite his AUP to prohibit the hosting of spamware."

Spamware? Yes. Media3 does host Web sites which sell software that sends bulk e-mail and harvests e-mail addresses. Take a look at MarketingMasters.com. Their IP number is 209.211.253.74, which is in the Media3 ClassC which was blocked in June. You can look them up on the RBL at http://mail-abuse.org/cgi-bin/ lookup?209.211.253.74.

Again, the blocking of that IP number, their Web site, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose Web site can't be seen by RBL subscribers.

The problem is that MAPS has put every 209.211.253.x IP number on their list. For example, if you look up 209.211.253.169, you'll see exactly the same message and same rationale.

And 209.211.253.169 is not a spam Web site. It's otherwise known as Peacefire.org, a group of young people who are advocates of free speech rights for teenagers, and -- irony alert -- longtime opponents of censorware.

In fact, if you visit their Web site you'll see many reports about how censorware blocks the good as well as the bad. Their latest, "Amnesty Intercepted," shows that sites like Amnesty International Israel and the American Kurdish Information Network are blacklisted as pornographic by overzealous censorware.

Kind of like Peacefire -- and over a thousand other sites -- are blacklisted by MAPS.

Let's be clear about what censorware does. It does not by itself block content. It "only" rates that content as unacceptable for viewing, and it is up to someone -- your parents? your teacher? your ISP? -- to apply its rules to prevent you from seeing that content.

I don't like spam any more than the next person. But I also don't like censorship, and I take a content-neutral view of these things. If someone delivers a product to be used by Alice to block Bob from seeing website because she doesn't like its content, that product is censorware.

And if that product capriciously, unfairly, and deliberately blocks innocent Web sites, then it's not very good censorware.

In this case, the "bad" Web site sells software which could be used to spam. Frankly, compared to Nazi propaganda or bomb-making instructions, it's pretty tame. But that's not important. Standing up for speech I agree with is easy, everybody does it. If you want freedom, you have to stand up for speech you disagree with.

At least with programs like CyberPatrol, SurfWatch, and Net Nanny, when overblocking mistakes are pointed out, they are corrected. But as MAPS admits in its press release and evidence files, the intent here is not to block the actual Web sites (after all, people who want to buy the software will find a way to buy it).

No, the intent is to get the ISP in question to play ball. The fact that a thousand innocent Web sites are censored is, as far as I can tell, irrelevant.

I don't see much difference between this and any other censorware. One difference is that few other censorware packages are actually free. Another is that fewer are so obviously wielding their power as a retaliatory weapon.

And, there's also the fact that the RBL is used by a backbone provider, AboveNet, whose CTO also happens to be a co-founder of MAPS. Peacefire had no idea that it was being censored until it heard from confused would-be readers. At least with traditional censorware, if your connection to a website is blocked, you have some idea of why. Peacefire's readers naturally had no idea whether their packets were traveling over AboveNet's network, and only knew that their connections were being rejected.

(I contacted Paul Vixie to ask about AboveNet and how it uses the RBL, but he refused comment, sending me to AboveNet PR, who didn't get back to me by deadline time.)

Vixie claimed in 1998 that "MAPS volunteers always contact the owner of a site before it's blacklisted." I'm guessing none of the 1,500 blocked Web sites were contacted.

But then, MAPS also advises Web providers:

"If you host Web sites, we suggest that you use one IP per domain so that if spam occurs for one Web site, we don't have to blackhole you or your other customers to block access to the spamming site."

That's exactly what Media3 does -- and exactly what MAPS did.

Oh, and one more difference. The RBL is more successful than any other censorware package. According to Upside, 20,000 companies that control 40% of all e-mail accounts (and, quite possibly, Web sites); that's up from what ZDNet said in 1998, 2000 ISPs that control 30% of Internet destinations.

I can't find much to argue with in Joe Hayes's summary:

"They [MAPS] are blocking very good educational sites, nonprofit organizations, in their attempts to get us to adopt their definitions in their entirety. They've made no bones about hurting people and while Media3 maintains a policy of not allowing unsolicited e-mails, we do not see completely eye-to-eye on MAPS's definitions because they become very encompassing and very broad. While they have a good tool, and I commend them for their efforts to contain e-mail abuse, they're a good thing gone bad and they have basically become the abuser."

And here's a heavily abridged list of the sites that cannot be accessed via AboveNet, or any of the other providers who use the RBL -- just a few of the sites on just one blacklisted ClassC:

• FulfilledLives.com, "the place for women and girls," about spirituality and relationships.
• DesktopHeaven.com, Windows themes, screensavers, wallpaper.
• TownOfCary.org, the official website for the town of Cary, North Carolina.
• StudioZito.com, yet another Web site-designer.
• Crossalizer.de, a music site which points out (in German) that it's a victim of an anti-spam initiative, and thus has moved to Crossalizer.com.
• StrikeMore.com, bowling tips and schedules.
• NewTechWellness.com: "The total balance of wholeness and wellness within the areas of Mind, Body, Family, Society, and Finances in our lives is our goal," OK, whatever.
• ElaineCoffman.com and DianaPalmer.com -- both are authors of romance novels.
  And finally,
• CraftersCommunity.com. "If you are looking for a fun and easy recipe to do with the kids, try these deliciously simple Winter Cookie Pops."

Update, something like an hour later: If you're planning to e-mail me or post a comment saying I don't know what I'm talking about because the RBL only blocks mail traffic, please take a moment to read this 1997 interview. Excerpt:

SunWorld: How do you defend your policy of Blackholing Web services that host spammers' Web sites -- even if the spam itself isn't going through their service?

Vixie: This is the most controversial thing we do because it's censorship of something that isn't spam. It's me saying to some Web provider, because you are renting space to this person [a spammer] who is doing something completely legal, I am going to Blackhole your butt.

For more on the Border Gateway Protocol implementation of the RBL, see this page (thanks to jeffg for the link); for a description of how it drops all packets to blackholed sites, see this message.

Also, Bennett Haselton of Peacefire reports, at 10:58 PM EST:

I just telnetted in to www.peacefire.org and was able to do "ping www.above.net" and "ping home.cnet.com" and "ping www.infoworld.com" despite the fact that that traceroute on all of these sites shows that they are hooked up via above.net.

Peacefire's IP address is still on the RBL, so it looks like AboveNet has, for the time being, temporarily stopped blocking their users from accessing sites on the RBL.

This means that either:
(1) AboveNet has realized the errors of their ways, and is trying to correct them.
(2) AboveNet is trying to cover up the fact that they ever censored their users' Internet access, and they are temporarily opening up the gateway so that people on AboveNet will be able to access Peacefire and will think it is all a hoax.

Re:A compelling argument...

If you don't like MAPS, don't use it.

The problem with this is that you can't keep someone who subscribes to MAPS from sending mail to you! It's a one-way blackhole. Someone on a MAPS-enabled ISP can send mail to someone who is blackholed by MAPS, but that person can never reply. The MAPS using ISP's customers don't know they will never get a response.

Arguing about this with MAPS people will just get you listed in MAPS.

Spam sucks, but there really needs a better way of dealing with it. Leaving it to an autonomous private group who isn't responsible to anyone is just asking for more trouble.

Re:MAPS != censorship.

Censorship is something that can only be conducted by the government

Censorship can be done by anyone (I censor my own speech on a regular basis so as not to offend).

You have censorship confused with the first amendment -- freedom of speech can only be violated by the government (because only the government is limited by the constitution) but private individuals and corporations can and do censor every day...

right to censor

Yes: ISPs have the right to say what can go on their network and what cannot. However, if an ISP sells me internet access, that is generally on the implicit assumption that it will be _complete_ internet access. So if my ISP uses RBL without my agreement, they are breaking their contract with me and I can sue them. If a backbone uses an RBL without informing its customers (ISPs, etc.) it can be sued for a lot of money.

Re:Just ignore the spam?

[Chris+Johnson]

How many years do you have to live? 50?

10 secs * 356 days * 50 years = 178000 seconds
178000 secs = 2966 minutes = 49 hours = 2 days

Are you willing to let spammers take 2 days from your life? And in doing so, you are doing nothing to help others. I make more of an effort- I file reports with Spamcop.net. I spend about six times the seconds you do, per day.

What right do you have to say that I should have almost two weeks taken out of my life by spammers? I won't get those two weeks again. You won't get those two days again- and do you think it's going to _stay_ at 10 seconds a day? Soon you'll be spending 45 seconds digging through the spam (nine days out of your life) and I might be spending fifteen minutes a day spamcopping (I have a domain...) and that's SIX MONTHS off my life, just dealing with spammers! Already it seems like I spend many minutes a day on the spam, over and over and over in unending repetition. I wish my ISP used the RBL. They are considering some such action. If they go with the RBL I will fully support it even at its most extreme application.

That's no good at all.

[Chris+Johnson]

What if you're a business- or, hell, just _want_ to be a business?

I'm trying to get a recording studio off the ground (obMusicLink), and putting a lot of effort into it. I _have_ to keep airwindows.com out there publically and I get all its email, every dictionary-attack spam on the domain- and I need a solid memorable unsurprising email address to give people if they want one- chrisj@airwindows.com.

It's like some of the mp3-fan reactions to the threat of the format being suppressed- I don't care if you can hide mp3s in zips, or hide email addresses in geeky obfuscation or ever-changing 'stale address discard' rules. I don't have that luxury and never will have it- I'm stuck operating on the outside with my domain and my fledgling business (for which I keep all records of income and expense- not gonna hide from IRS either). I have no option but to use email and web resources straightforwardly and unobfuscatedly- and I won't be able to keep up with the load of spam forever unless the spammers are cracked down on. The spamload could easily just keep accelerating exponentially if nothing is done to stop it- as it seems more mainstream, more will do it, and so on.

(random side note- remember how mp3.com changed its agreement and made it evil? Well, a new music site called ampcast.com recently changed their agreement- and, get this, changed it to be MORE favorable to the artists! Color me flabbergasted. I'm still happy with besonic, myself, but who knew? Kudos to ampcast, just found out about this today :) )

Re:SERVERS CAN STOP spam EASILY!!!

[Chris+Johnson]

No good- this is trivially hackable. Haven't you seen the spams with either alphanumeric gibberish starting them off- or _language_ gibberish in a subparagraph at the bottom? Spam is already avoiding this trap- the whole purpose of randomly generated areas in spam is to bypass any such spamtrapping code. I've seen this over and over.

Re:What in god's name are you talking about?

[Trepidity]

This is just pure punishment, not even on the same track as trying to cut down on spam.

And that is why many of us dislike MAPS, because that is exactly what they suggest. In fact that is the original method by which they operated - the DNS method you mentioned was added later, and they still advocate the complete BLACKHOLING of all traffic to the sites on their blacklist.

Re:Exactly

[Trepidity]

And then, you can turn the RBL off. Victims of Censorware can't turn it off because they aren't allowed to do so.

I don't see how you can make that distinction. The only way for a user to turn the RBL off is to switch ISPs to one that does not use it. If you consider this a legitimate solution then censorware is perfectly fine too, since you can always move to an internet connection which doesn't use censorware (using one at home instead of the library, for instance).

Re:MAPS != censorship.

[cduffy]

It's not censorship if it's voluntary. If I decide not to read the /. posts of anyone whose nick starts with 'd' and encourage others to do the same, am I censoring you? No! Only if I start threatening people that if I see them reading your posts I'll throw them in jail is censorship occurring. Until that point, they make their own decision not to read your posts.

To quote from Webster's:

Censor \Cen"sor\, n. [L. censor, fr. censere to value, tax.]
2. One who is empowered to examine manuscripts before they
are committed to the press, and to forbid their
publication if they contain anything obnoxious; -- an
official in some European countries.

None of the other definitions given apply -- the first is the actual Roman officials after whom the word is named, the third to a general fault-finder and the fourth to a critic. This one, too, clearly misses the mark. MAPS is not given any special empowerment to read content, and (more critically) cannot forbid publication. All they do is publish a list, with no enforcement to back it up; thus, they do not forbid anything.

If a user is being censored by anyone, it is not MAPS but rather the ISP who chooses to use the service without their users' consultation. However, even that doesn't hold water, as the user is not forced to use any given ISP. With no forceful coercion involved anywhere down the line, any claim of censorship is certainly far wrong.

Absolutely not.

[cduffy]

The reason: the users are voluntarily paying the admins for their service. If they don't like the service, they have easy recourse -- they can withhold pay if their ISP violates the terms of its agreement, and can easily switch providers. If there are no providers that don't censor, then there's a pretty strong incentive to start one.

I'm pretty damn unhappy with my government; indeed, it's violated its own Terms Of Service (Constitution) -- but if I stop paying taxes in protest, I'll find myself in jail. And if I try starting a competing government here in town, I'll find myself in pretty bad shape.

My ISP can censor me all they want -- there's an econmic mechanism to keep it from being abusive; I'll just switch. If my government tries to consor me, there's no such recourse -- then I get pissed.

Tricky.

[pb]

Well, I agree that any site that sends spam should be blocked. Or, rather, destroyed in a pilliar of fire whenever possible. But if it just sells spamming software, and doesn't actually spam, I don't see a problem with that.

But then I went to their website.

My GOD, have you ever seen anything so awful?

So then I turned Java off.

There were still broken images, blinking links, I couldn't read the text...

Could we have a web proxy that blocks UGLY web pages? Becuase I'd blackhole these guys in a heartbeat!

Are they actually trying to run a business? If I saw a "business" site that looked like that, I'd run the other way!

Ugh. Unclean. Please block that site, whatever your reasoning.
---
pb Reply or e-mail; don't vaguely moderate.

Innocent victims of *a bad ISP*

[Per+Abrahamsen]

The innocent victims are real victims, but not of MAPS but *their own ISP*. We had a similar case in Denmark, where a ISP refused to throw out a web hotel customer for spamming through other channels, and got a netblock blacklisted by MAPS. This was problematic, because one of the major Danish ISP's blocks all trafic to hosts listed by MAPS.

However the ISP in question they *did* move their other customers away from the netblock, while reconcidering the case. Thus, only the spammer was affected.

In general, users of ISP's who are both incompetent and refuse to cooperate in the fight against spam *will* get hurt. However, they will be in a position to do something about it, by using a competent ISP.

Irony Alert: DeCSS

[chrisd]

I am probably not the only person who found it interesting that maps, by banning an IP because of a company selling software to spam, is the moral equivalent to the MPAA suing and taking down sites that host DeCSS. Do we go after the tools to do "bad things" or do we go after those who do the "bad things".

Now, spamming software is sick messed up crap, but if we subscribe to maps, then are we as bad as Jack Valenti and his pals in the entertainment industry?

Chris DiBona
VA Linux Systems

--
Grant Chair, Linux Int.
Pres, SVLUG

Re:Irony Alert: DeCSS

[/dev/kev]

The difference between DeCSS and spam software is that it's easy to find geniunely good uses for DeCSS, whereas you'll struggle to find good uses for the spam software.

It's okay to go after tools which can ONLY do "bad things", particularly if that's all they're designed to do. But if there's significant "good things" which can also be done with the tool, such as with DeCSS, then it's wrong to stop those good uses, and so instead you go after those who choose to use the tool to do "bad things".

Then, as always, you just have to worry about your definition of "good things" and "bad things". :/

Re:Irony Alert: DeCSS

[Skapare]

MAPS is an elective service which provides me with information regarding their opinion about an address or domain. I choose to block or not block on the basis of that information.

If MPAA or RIAA or anyone else sues, they are effectively bringing in the (potentially violent) force of governments to cause a web site to be unavailable to everyone.

The irony is I can choose to block web sites hosting DeCSS if I wanted to. I've actually made that choice for a select few sites which host "web bug" (ad banners and undisplayed images designed to watch how long you are on a site or track you around).

Re:Irony Alert: DeCSS

[adolf]

Spam is bad, to some people. To some others, it is ok. And still others appreciate it.

Pornography is bad, to some people. To some others, it is ok. And still others appreciate it.

DeCSS is bad, to some people. To some others, it is ok. And still others appreciate it.

We here at slashdot tend to view a given subject only from the perspective which best serves our own interests. We are as selfish, prejudice, maliciously reactionary, and sublimely manipulative as any of the MPAA, the spamware folks, or the extremist portion of the Christian Right.

Rather than attempt to remain reasonable and retain even a hint of impartiality, we react viciously to anything deemed to be infringing upon on our rights, with absolute disregard to the rights of any others who might be in the way.

We do this as we sit high upon our assumed intellectual high horse/flimsy house of cards, shouting banters about freedom, goodness, and The Right Thing To Do; cries which typically fall upon deaf ears.

Witness our views on DeCSS, Censorware, Spamware, MP3 encoders, MP3s themselves, the iOpener, or TiVo's 'exploitation' of the Linux kernel, and try to visualize the other parties' justification (which, in these cases, is -always- legitimate) for whatever it is that they have done to offend the horrid, arrogant, nonsensical beast that is slashdot. In other words, put yourself in their shoes.

Those who are unwilling to do so are simply afraid of finding that said shoe fits their own foot perfectly, and that they'd hence not be able to remove it from their mouth. This is an obviously unacceptable outcome, given the clear superiority of the average slashdot user (let alone the top 5 percent).

With such bigotry abounding en masse, it's no wonder they can't hear us.

Choose your enemies carefully, because that is who you will become. --Lao Tzu

Re:Irony Alert: DeCSS

[crazy_clyde]

The idea that a tool can ONLY do "bad things" is absurd. A tool is a means to an end. AN END. Not a specific intentioned "good" or "bad" end, just AN END. This means the tool has no say in what it actually does, nor the moral consequences of such an act. The tool can only influence how well it performs at that act.

It's NOT ok to "go after" tools, because it doesn't solve anything. If someone wants to do something, they're going to do it. You can make it difficult by trying to remove a tool that makes that end easy, but two things happen:
1) A new tool takes it's place.
2) The general populace stays ignorant of why the end is "bad". All they learn is that the tool that does it is bad, which we've already pointed out to be wrong.

Re:Irony Alert: DeCSS

[Error27]

It's about admins censoring content for their users or governments censoring content for their citizens...

It's the same dang thing.

Re:Irony Alert: DeCSS

[Error27]

It's not a choice to use MAPS because a back bone site uses it so it's forced onto users.

If they just block people with misconfigured routers or people who spam that's not censorship.

But when people want to get spamming programs or email addresses and they can't because MAPS is blocking it that's censorship. Email addresses are private information and I don't mind them trying to censor that. I think it's pointless but I don't mind. I mind that they are trying to block people from getting to software though. And I mind that they are hurting inocent web site at the same time.

Basically censorship is when you block two people who want to communicate from doing so based on the content of what they are talking about. Sometimes that's not a bad thing to try do. But mostly the internet routes around censorship.

Is the RBL really being used for HTTP?

[copito]

The author implies that Above.net is using the RBL to block HTTP access to websites. This is quite troubling if true.

It seems much more likely that Above.net and various other ISPs and users are using the RBL to block email from the IPs in question (which would be likely to be used by the website, but might not be). This is also troubling if innocent machines are implicated but much less so and hardly rises to the level of censorware since websites do not typically use email for only a tiny fraction of their content.
--

Re:Is the RBL really being used for HTTP?

[DavidTC]

Sadly, it is you who are mistaken. Above.net not only blocks SMTP traffic to and from RBL'd servers, but they drop all traffic to and from RBL'd server. Those addresses are routed to nowhere. For all intents and purposes, those addresses do not exist if you are on above.net. And, if your machine is used for spam, you you don't exist to any servers on there, also.

And the RBL has been putting the addresses of more then just mail servers on their list for a while now. They also put hosting companies who refuse to take down spammer's webpages, and any servers at all run by spammers.

And, BTW, I apporve of this all the way. Stopped the actual spam email is just half the battle, we need to close down the ways that people can contact them also. In fact, we need an 'Internet Death Penalty' for these people, and not only block the spanmmer's spamming acounts, but also block the legit accounts that the spammer doesn't use to spam, and their legit webpages. We need to basically keep them from using the net in any form or fashion. And block anyone willing to provide it to them.

-David T. C.

Re:Is the RBL really being used for HTTP?

[Tau+Zero]

There's a legitimate reason to do that, and that's to pressure the ISP to stop hosting providers of spam-ware. Black-holing sites which provide web-hosting for spammers is probably justified too; see response 162.

"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \

RBL Usage info - READ THIS

[Acheron]

There are three ways that RBL may be used, listed at this address:

http://mail-abuse.org/rbl/usage.html

ONLY ONE OF THE USAGE METHODS results in blackholing all ip traffic, that is the Subscription via BGP. This option is only available to larger networks with routers which have an ASN (see whatis.com if you don't know what an ASN is.)

I know of very very few networks which use RBL in this manner. There must be a few, but it seems like a pain in the ass, and there are negative effects of doing it, as indicated on the RBL description of the service.

Anyone choosing to implement such an esoteric blackholing system for all ip traffic from RBL-listed hosts is likely FULLY AWARE that they will be dropping some hosts, and must consider that an acceptable risk. If you are a client of such an organization, and don't buy into that, then leave. My guess would be that most that have successful implementations of BGP RBL subscription had buy-in from their clients before they set it up.

My guess is that 95% or more of RBL subscribers use the "Direct usage via DNS lookup by mailserver" method of applying RBL blocking. This method has ZERO IMPACT on http, ftp, dns, ICMP, or any other type of traffic other than SMTP.

This Slashdot article was written by someone who does not understand the nature of the Internet and the RBL on a detailed level, and who is obviously dipping into conspiracy theories a bit... his little diatribe on above.net sounds like the manifesto of a lunatic. To the author: Get over it, sir. You don't understand the technology, and you don't understand the decisions made by ISPs who implement the RBL. I wish you well in your career, but this isn't going to be the ground-breaking story you thought it was. Feel free to write me if you'd like to speak to me further.

Sincerely,
~Acheron

Re:RBL Usage info - READ THIS

[sjanes71]

Unfortunately, I am behind Above.net which I believe does subscribe to the BGP RBL-- not something my ISP (Capu.NET) can change... During 1999-2000 MAPS RBL blocked Steve Forbes' campaign website so I couldn't get to it from home, something I found highly dubious. I've known that MAPS RBL has been Censorware for a long time now.

Whatever good MAPS RBL could have acheived has been lost with its Ivory Tower administrators who slash and burn netblocks with no accountability. "It's to fight spam" sounds more and more like "What about the children!?" to me from the MAPS people. They have made it an excuse to fuck with people's livelihoods. Pardon mon Français. That's how I feel.
_______
computers://use.urls. People use Networds.

Re:RBL Usage info - READ THIS

[buysse]

Anyone choosing to implement such an esoteric blackholing system for all ip traffic from RBL-listed hosts is likely FULLY AWARE that they will be dropping some hosts, and must consider that an acceptable risk. If you are a client of such an organization, and don't buy into that, then leave. My guess would be that most that have successful implementations of BGP RBL subscription had buy-in from their clients before they set it up.

I do agree with what you're saying... for a end-user ISP. But, if you are a backbone provider (as above.net is) and you are dropping packets that are passing across your backbone -- not from your direct customers, not to your direct customers you are WRONG.

Re:MAPS != censorship.

[Amphigory]

If a government library refuses to cary 'Hucklberry fin' because of it's content then that's censorship. However private organizations should not be forced to carry or not carry a given item. You cannot compel me to carry a slashdot bumper sticker on the back of my car claiming that if I refuse I am 'censoring' your right to free speech.

No... If a government refuses you the right, with your own resources, to purchase and read Huckleberry Finn, that's censorship.

Where on earth has everyone got the idea that, for the government to fail to actively support something is equivalent to the government prohibiting it?

--

Why the Hell Not?

[Amphigory]

By your logic, the United Nations should start killing Iraqi men, women, and children until Sadam Hussein steps down. Hey, it would work. Once all the citizens are dead, Sadam will have no one to rule over, and will thus no longer have power.

Why Not? It worked to end World War II. Isn't peace worth a few cracked eggs?

(NOTE: this is called sarcasm. I am actually a philosophical pacifist, violently *ahem* opposed to violence.)

--

drawbacks of negative feedback

[David+Jao]

IPv4 addresses are not so plentifully available that one can simply block all questionable netblocks and expect there to be any unblocked addresses left for the good guys to reside in.

Also, with the current pace of mergers in the telecom sector, it is becoming increasingly the case that many people simply don't have the luxury of choosing their internet provider. Punishing innocent sites by mere association in this case is a cure worse than the disease.

The problem is the innocent victims

[David+Jao]

Did you read the article by any chance? The problem being pointed out is that organizations such as Peacefire, who do not spam or harbor spammers or support spammers, are being blocked by the RBL, not for anything they did, but merely for being on the same netblock as the spammer websites.

Such a gaffe might be understandable if the IP addresses in question were dynamic, but they're not. They're static. There is no need for MAPS to list peacefire.org in the RBL.

Re:The problem is the innocent victims

[Twylite]

Look! He's stabbing her in the middle of a crowded room! Quick, my gattling gun so I can stop him!

Re:Huh???

[jeffg]

There are many forms of the MAPS RBL subscription.

One form that appeals to some network providers is the MAPS RBL Subscription via Multihop eBGP4 . This subscription option involves configuration within border routers of a subscribing network provider. Any traffic that passes through a router configured to peer with the MAPS RBL feed will null-route packets destined for any host or network listed in the MAPS RBL. This includes ALL internet protocol traffic -- not just mail.

If a network or host is listed in the MAPS RBL, and a router between you and that host or network is configured to use the MAPS RBL BGP feed, you will be unable to browse a website located there, you will be unable to ftp to them, and yes, you will be unable to send them mail. And they will be unable to send you mail, or browse your web site. Again, any traffic passing through a router configured in this way that is destined for an IP in the MAPS RBL will be null-routed -- for all intents and purposes, dropped on the floor.

Asymmetric routing and inadequate coverage on the border can be a noted hole, but in cases such as these, the MAPS RBL BGP feed isn't really working anyways.

Re:services like this

[Bruce+Perens]

How else do you get the people with bad relays to fix them?

Thanks

Bruce

Re:A compelling argument...

[Bruce+Perens]

If you pay that much, you can put an SMTP MX agent somewhere that doesn't blackhole routes.

Again, I am not getting routes blackholed through Above.net today. I can click on those links and see them. Traceroute tells me I'm going through above.net .

Bruce

Re:Exactly

[Bruce+Perens]

Well, if nothing else you can get an email address somewhere else that circumvents the RBL. If you run your own MDA, you can get an MX somewhere else that circumvents the RBL. Go into business today providing spam-unfiltered email!

Bruce

Re:services like this

[Bruce+Perens]

That would be a good analogy if the problem was only within your house. A closer analogy here would be that your burglar alarm is going off at night and waking me up. Can I compel you to fix it? Yes.

Thanks

Bruce

Re:RBL - What a hosed concept

[Bruce+Perens]

You don't have your name and email all over the web. Take pity on those who do and allow them some filters.

Thanks

Bruce

Oops. Big oops.

[Bruce+Perens]

It's marketingmasters.com, not mediamasters. I've led you astray. Sorry.

Re:Oops. Big oops.

[BlueLines]

No problem, that one works too:

traceroute to 209.211.253.74 (209.211.253.74), 30 hops max, 38 byte packets
1 main4-216-200-18.sjc.above.net (216.200.18.3) 0.694 ms 0.960 ms 2.204 ms
2 core5-main4-oc3-2.sjc.above.net (208.184.102.193) 0.829 ms 0.403 ms 0.416 ms
3 core3-core5-oc48.sjc2.above.net (208.184.102.206) 0.626 ms 0.973 ms 0.462 ms
4 core5-core3-oc48.sjc2.above.net (208.185.156.66) 0.516 ms 0.772 ms 0.454 ms
5 nyc-sjc-oc12.nyc.above.net (208.185.156.162) 89.743 ms 89.731 ms 89.742 ms
6 qwest-nyc-oc12.above.net (208.185.156.26) 90.390 ms 90.437 ms 90.125 ms
7 jfk-core-02.inet.qwest.net (205.171.30.17) 90.164 ms 89.947 ms 90.264 ms
8 jfk-edge-01.inet.qwest.net (205.171.30.94) 90.205 ms 90.032 ms 90.410 ms
9 205.171.38.14 (205.171.38.14) 97.493 ms 97.652 ms 97.937 ms
10 209.211.253.74 (209.211.253.74) 97.647 ms 97.949 ms 98.726 ms

Re:No, you don't have the right

[Bruce+Perens]

Not in the town where I live, and not in the one where you live either. The principle is simple: your right to swing your fist ends at my nose. Where I live, I would call the police who would cite you under the noise ordinance, they would fine you and require you to fix the violation, and if you did not do so they would eventually get a court order. Then, if you violate the court order you are in contempt and can be jailed. That's the way the law works most places in the U.S.

Thanks

Bruce

Re:Exactly

[Bruce+Perens]

It's more likely that Grandma will stop using her email because of all those junk messages. Try this experiment. Register a 4-character name at some of the free mail services. Don't ever use it. See if it gets mail. It will! They are scanning aaaa to zzzz and farther.

Thanks

Bruce

Re:That violates John Stuart Mill's liberalism max

[Bruce+Perens]

Mill's not an absolute. Not every annoyance is harm because there is a level of annoyance that people tolerate in order to live in community. It's when you exceed that level that harm occurrs. If you bloody my nose, that's harm. If you wake me up at night once, you might be cursed out but not hauled to jail. Do it 10 times, and it's a different matter.

Thanks

Bruce

Re:Exactly

[Bruce+Perens]

And then, you can turn the RBL off. Victims of Censorware can't turn it off because they aren't allowed to do so.

Bruce

Re:This isn't right

[Bruce+Perens]

traceroute to MediaMasters.com (204.101.215.149), 30 hops max, 38 byte packets
1 dnai-com.perens.com (216.15.108.185) 21.416 ms 0.832 ms 0.703 ms
2 dnai-216-15-96-1.cust.dnai.com (216.15.96.1) 22.975 ms 12.134 ms 16.915 ms
3 fe3-0-br-1.sjc.dnai.com (207.181.193.1) 22.722 ms 7.364 ms 7.759 ms
4 main2-249-152.sjc.above.net (209.249.152.3) 20.723 ms 9.060 ms 7.091 ms
5 core5-main2-oc3.sjc.above.net (216.200.0.205) 23.190 ms 7.470 ms 7.776 ms 6 core1-core5-oc48.sjc2.above.net (216.200.0.178) 23.403 ms 7.579 ms 7.755 ms
7 ord-sjc-oc12.ord.above.net (207.126.96.117) 67.590 ms 67.780 ms 68.573 ms 8 POS12-0-0.GW2.CHI6.ALTER.NET (157.130.111.89) 70.829 ms 69.470 ms 69.189 ms
9 112.ATM3-0.XR1.CHI6.ALTER.NET (146.188.208.186) 69.099 ms 67.905 ms 69.813 ms
10 291.ATM2-0.TR1.CHI4.ALTER.NET (146.188.208.250) 94.485 ms 95.112 ms 93.882 ms
11 106.ATM7-0.TR1.TOR2.ALTER.NET (146.188.142.74) 95.481 ms 102.600 ms 99.372 ms
12 299.ATM7-0.XR1.TOR3.ALTER.NET (152.63.129.149) 103.557 ms 98.535 ms 98.082 ms
13 190.ATM7-0.GW1.TOR3.ALTER.NET (152.63.129.233) 98.190 ms 100.049 ms 98.933 ms
14 205.150.221.230 (205.150.221.230) 114.641 ms 100.628 ms 103.484 ms
15 mediamasters (204.101.215.149) 102.729 ms 101.457 ms 101.752 ms

So, it's not happening here.

OK, I'm a dunce.

[Bruce+Perens]

Bruce perens is human. I typed mediamasters instead of marketingmasters. I am getting to the marketingmasters class C through alter.net rather than above.net .

Bruce

Re:OK, I'm a dunce.

[Bruce+Perens]

Slashdot is so funny. I get moderated to +4 for admitting I'm a dunce :-)

Thanks

Bruce

Re:OK, I'm a dunce.

[f5426]

> I get moderated to +4 for admitting I'm a dunce :-)

Not at all. It is because moderators don't follow you sig and forgot to question authority.

"Ooooh. A bruce Pernes post !. He must be smart. Let's moderate him up"

Then, the same assholes that moderated you up to 4/Funny for saying that you have been moderated to 4/Informative in a correction to a wrong traceroute moderated to 3/Informative are going to moderate me to -1/Overrated/Flamebait/Offtopic/Troll.

Cheers,

--fred

I have to agree.

[Bruce+Perens]

Signal-to-noise is a precious commodity. Of course, spam degrades it. If spammers ran rampant (more than they do today), I'd not be able to have this, an address that anybody in the world can use to reach me, even when I've never heard of you.

It happens that if you write me and I'm not at home, I get your mail via Palm VII wirelessly. Whoever you are. Even if I've never heard of you. And sometimes, that matters to people.

Spam really is a problem on the Palm, because it takes time to download it, there's only 2MB RAM so there's no space for it, and so on.

So, I want to filter spam, and I want to deter spammers because deterrence is more effective than a filter. The RBL has been a positive force for me, it's kept the S/N to the point that I can read your mail.

Thanks

Bruce

Re:I have to agree.

[f5426]

> it's kept the S/N to the point that I can read your mail.

This is wrong. For an unkown reason, some email I send are refused by some servers with a message:

MAIL From:<myemailadress>
550 5.0.0 We don't accept mail from spammers

I don't really qualify as a spammer. I mean that I hate spam, always reply to abuse@ adresses when I get spam, etc, etc.

What is uberfun is that I sent emails to postmaster@ and abuse@ at the site where I wanted to sent the original mail (to update technical points on a development FAQ). Those mails were returned with the very same message. I tried to mail them from two different accounts. Same problem.

I contacted the guy vhen replying to him in a public mailing list. He said that my ISP was probably supporting spam. As I used two different providers, and one of them is wanadoo.fr, this seems pretty unlikely. And, no, the various IP addresses of mail servers were not in the MAPS database.

This guy is the maintainer of the Darwin FAQ. This email is the official feedback email for the FAQ. He silently loose an unkown amount of mail, pisses off an unkown number of people.

What were you saying ?

> to the point that I can read your mail

Mmm. Maybe not. And you don't even know it.

Cheers,

--fred

Re:can MAPS/ORBS be advisory to users?

[Howie]

I've only got experience of this stuff with QMail, but for that MTA, there are patches to add X-RBL-Hit headers or similar, as well as the more common don't-accept-RBL-listed-connections type of thing.

I don't know if this is a specific qmail issue, but the way the server works is to accept the mail if it for a local domain, queue it and then figure out what to do with it in terms of the user to deliver to, since there may be aliases and so on involved, which it doesn't want to spend time resolving when accepting the mail. In the case where the spammer is just guessing usernames en masse with a domain name on the end, all the 'misses' become bounces. If spammers were at least halfway decent and mailed address known to exist, the load on mail servers from spam would probably be considerably reduced.

So the difference is that the ISPs mail server will then spend a large chunk of time generating bounce messages (which will typically also bounce back, as the return address of spam is often faked), rather than refusing to accept the single connection in the first place (a single connection can spawn hundreds or thousands of queued items - a large BCC list effectively).

Obviously, the time spent by the mail server clearing queues of bounce messages and double-bounces is time spent not delivering customers incoming and outgoing mail.

Personally, I agree with the RBL in it's DNS form, but not the BGP version - blocking routing to IPs and especially IP ranges completely is extreme and harms much more than the intended target.

Of course, if you like the idea but not the politics, you could reasonably easily set up a competing service - it's just DNS data. Maybe make it group-moderated in some way - slashdot for spam-prevention. *shudder*. I believe there are at least a couple of similar things for usenet spam (can't remember the names though).

Re:I definately do not agree - (pro-MAPS)

[jamiemccarthy]

"Just a correction, according to spamhaus media3 is hosting not 1 but 21 spam sites, the largest on the list, and considering media3 is a grand total of a few class C networks, thats a pretty high percentage of their customers being spammers."

Just some corrections of your correction. :)

1. The Spamhaus list is here.

2. Not a single one of the IP numbers listed there sends spam. Let me repeat that: you could drop every one of those IP numbers off your network and it would not stop a single piece of spam from reaching you. Those are websites. Spamhaus and MAPS don't like ths products those websites are selling and that is why they (and over a thousand other websites) are blocked.

3. Media3 has 42 Class C blocks, which means that 0.2% of their IP numbers house websites which sell spam-friendly software (but, again, those IP numbers are not sending spam). I would not say 0.2% is a "high percentage."

The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial, but standing up for free speech means standing up for speech I don't believe in.

This situation is no different (except that, on my scale of evil, spammers aren't even close to those who want to rehabilitate Hitler).

Jamie McCarthy

Re:Neural Net Spam Filtering!

[Kiwi]

I looked at the C source of the filter, and it looked like a potential security hole. I saw a strcat(), strcpy(), system(), and insecure use of files in /tmp.

Also, while the neural network source is available, the java source code isn't, so this is not an open-source application.

I think this kind of technology has a lot of potential, and I hope to see this implemented in a manner that can be used in a secure manner in the real world.

- Sam

Re:MAPS != censorship.

[dwdyer]

Sorry, but this hackneyed line about "only the government can censor" is utter bullshit.

Censorship is the deliberate attempt to block a flow of information. If you don't let your 8-year old watch hardcore porn at home, you're censoring his or her viewing. (Note that this is appropriate censorship, IMO)

Look up "censor" in a dictionary. Look up its origin -- show me where it means "an act committed by a government". I, as a consumer, by buying a connection from someone who uses the blacklist, am authorizing them to act as censor. Yes, it's voluntary, but it's still censorship.

If a public library doesn't carry a book, that's censorship because the library is supposed to carry everything, not because the library is a government entity. A private library operates under a different charter than a public library does. They're different entities with different purposes.

Likewise with an ISP. The blacklist is perfectly legal, and I do have the choice of going to an ISP that doesn't use it, but the question is about what the ISP is chartered to do, and what we believe an ISP should do. Does the ISP provide information or access? If it provides information, censorship is appropriate. If it provides access to information, then censorship is inappropriate.

The real issue is consumer education. When I buy a connection, and I'm told that it's spam-proof, I might like that. Unfortunately, there will be information I will be denied access to and I might never know that I'm being denied. I thought I was paying for a data pipe, and protection against unsolicited email, but how will I know that I'm paying for protection against entire sections of the net that hold no threat?

Re:Fuck off, Commie Pinko

[Darchmare]

(I fear you're just trolling, but I have enough free time, so here goes...)

Actually, you got it backwards. It's your thesis that it closer to the socialist ideal.

Private companies choose to use the RBL to filter their incoming mail. This is analogous to paying someone to throw out junk mail before you get to it. It is a business choice they choose to do in order to lessen the load on their business.

You as a private individual have the right to choose to do business with that company or not. But nobody has the right to tell that company that they can't block certain traffic from coming into their networks.

Whether or not you agree with spam is irrelevent. The RBL is totally in line with a free market. If you don't believe the RBL should be allowed to do what they do, you are essentually saying that someone shouldn't be able to kick unruly people out of their place of business.

- Jeff A. Campbell
- VxReality (BETA)

Re:RBL is for Mail-Abuse you Fools!!

[Darchmare]

---
People seem to keep saying that RBL is optional, well what about the situation, where someone is using it on a backbone, as was the case in the article? I dont see much choice in the matter then.
---

Maybe not, but who are we to tell anyone how they should treat the data flowing through their networks?

It's a free market - if enough customers of enough ISPs complain, those ISPs will move the issue up the chain and market pressure may change their mind. It's your right as a consumer to choose who you do business with, and your ISP's right to choose who they do business with. It's really quite simple.

---
One thing, it does seem that a lot of people are mistakenly thinking that it would block the website as well, but it will only prevent mail, however some companies may rely on this for their ordering system.
---

Maybe, but if I control a significant amount of bandwidth, isn't it my right to allow that traffic to flow over it on my terms? Especially if the product of that bandwidth is using CPU and drive space on my servers?

I'm not necessarily saying that I agree with the somewhat over-zealous ways in which MAPS operates (I'm in a position to utilize the RBL, but choose not to), but I agree that they have a perfectly legal and ethical right to offer their service if they wish. There is nobody forcing anyone to use them.


- Jeff A. Campbell
- VxReality (BETA)

Re:Fuck off, Commie Pinko

[Darchmare]

---
not if the ISP has a monopoly on a certain section of your neighbourhood. thats a bullshit argument that M$ was using in their anti trust trial.
---

A monopoly in your neighborhood? What are you talking about?

You can't extend the definition of 'monopoly' to any company you don't like - even if they don't happen to have competition in your area. Microsoft didn't get the smackdown because they're merely a monopoly. They got in trouble because they allegedly used their monopoly in order to illegally squeeze out any potential competition.

It is not illegal if there is only one provider in your geographic area. It's quite possible that no real competition has even attempted to penetrate your local market, or it's just not worth bothering with for various business reasons.

And to be honest, in these days of Earthlink, Sprint, GTE.net, AOL, etc. I kind of doubt very many people are stuck with only one provider. This is a market segment that very clearly does not have a single monopoly controlling it. The argument is a bit of a joke.

Face it: If you don't like the policies of your provider, you can feel free to open up a competing provider or search for another. Under our current (decidedly non-Communistic) system, you don't have a right to force the existing players to do something with their own resources.

Of course, you can always vote with your wallet. If enough people agree with you, it's quite likely you'll find success. Unfortunately more people seem to think avoiding spam is more marketable.

...

Either way, my original point was that the guy saying that supporting the RBL was 'Commie' had it all wrong and was talking out of his ass. Communism would be more likely to support right control over the ability of people to make things like blacklists.

Regardless of whether you are for or against strong 'market regulation', you have to know that stopping MAPS from publishing their list is just like banning Consumer Reports. This is definitely not in the spirit of our free market system.

- Jeff A. Campbell
- VxReality (BETA)

You don't have the choice.

[enterfornone]

Most ISPs will not tell you they are using MAPS. Even if they did, there are still enough ISPs using MAPS to cause problems if MAPS decide to block someone unfairly.

Re:You don't have the choice.

[BinxBolling]

It seems to me despite your obviously biased viewpoint, that the RBL did what it was designed to do. It forced a company to secure its servers, so they could not be used for spam anymore.

You miss his point. The measure of the RBL's usefulness isn't merely how good it is at punishing spammers, but rather, how good it is at doing so, while avoiding punishing non-spammers. If the RBL frequently lists addresses unjustly, eventually people will lose respect for it and stop using it.

I mean, I could stop all spam by unplugging my machine from the network. Somehow this strikes me as a less-than-ideal solution, though.

Re:You don't have the choice.

[CyberKnet]

Okay, I agree its not easy to get someone on the RBL. But what choice do you have when a major backbone provider like AboveNet is using RBL? I know they've either lifted it or the C Classes in general have been cleared, or some other such resolve, but I can hardly say "My ISP runs through AboveNet, Who use RBL, so I must get myself and all my friends off my (innocent) ISP because they use RBL." That makes me JUST as bad as the people who run RBL. I am censoring internet use. Maybe not to the same degree, but its the same thing. And I hardly think that if I email AboveNet and say "Hey, my friends and I use XYZCheap ISP, and we dont want RBL, so stop using it!". It just isnt going to happen. So what choice *do* I have when RBL blackholes 5 C Classes containing at LEAST one website I visit (peacefire.org) when they have done nothing wrong; because their hosting provider doesnt live up to the moral expectations of a group of third party vendors I quite honestly couldnt care less about? (Hey, I already get in excess of 50 spam emails a day... what difference delete all to 50 as to 100?)

---

Re:You don't have the choice.

[ocbwilg]

That's not true at all. I used to work for an ASP who had a couple run-ins with the RBL. The initial problem was with a single mail server for one of our clients that was set up incorrectly (open relay - yeah, I know, someone DID get fired over it too).

Unfortunately, neither the ASP or the customer received a single notification from the RBL folks that we were a condidate. Apparently they were sending their notifications to a non-existant email address. Can't remember what address it was off-hand, but it was a variation of postmaster@servername.com instead of postmaster@domain.com. So when they got no response, they blackholed the server.

Obviously the customer was upset when their customers couldn't receive so we found out what was the cause and closed the relay. Mind you, this wasn't some little fly-by-night web company that had the open relay. This was a VERY large company that is well-known in Europe and the US. Sure, spam is spam, but you would think that the RBL people would have enough sense to realize that this was a simpole configuration issue and not willfull spamming on the part of the company.

It then took us several weeks of fighting with the RBL people to convince them that the relay was closed and they should take us off the list. We would get one of them on the phone and ask them to try to use the relay, and it wouldn't work. And they still wouldn't take us off of the list.

Eventually we were taken off of the list. Hooray. I don't know if they periodically check back with people who managed to get off the list or what, but a few months later we were back on the list. Apparently someone tried to use the relay, and the firewall would accept the packet and scan it and then drop it. The relay wouldn't work, but they didn't get any kind of denial message either, so the RBL people ASS-umed that the relay was open again. The best way to explain it is this: instead of blackholing us because of concrete proof that the relay was open, the blackholed us because of a lack of concrete proof that the relay was closed.

Needless to say, I'm not interested in anything that the RBL has to offer. Especially because they are volunteers who do this "out of the kindness of their heart," there is no accountability. Maybe you can get off the list, maybe you can't. Maybe your company loses boatloads of money because your site is blocked and the person who has the power to take you off the list is a power-tripping moron. Who's responsible?

Re:You don't have the choice.

[ocbwilg]

You've taken it completely out of context. My point was not that the RBL forced a company to secure it's servers. My point was that once the servers were secured, we still had a great deal of trouble getting off the list. And once we were off the list for awhile, we wound up back on the list again for no apparent reason.

I don't have a problem with asking people to secure their servers. But once it's done let it be done. The attitude that we got from the RBL people was more of a sarcastic, "sure you secured them...I bet. We may get around to taking you off the list sometime soon..." rather than a "thanks for fixing that problem, you're off the list." And since the company was a recognizable brand name that is essentially a household word, it should have neen obvious that our intentions were not to "deceive the folks at the RBL so we could spam some more."

The internet portion of our customers business hinged entirely on the goodwill of the people at the RBL, and this is wrong. They need to be accountable to someone other than themselves.

Re:"Press time"?

[waldoj]

So, you decided to post the article anyway rather than wait for a response from the individuals who you are attacking? That doesn't seem like very good journalism to me.

This is standard practice. For all that you know, Jamie contacted AboveNet 3 months ago, and still hasn't heard back. It's reasonable for him to contact them, say that there's X days until he's running a story, and do so if he hasn't heard from them. Surely you don't think that media outlets should fail to run stories if the subjects won't talk to them?

-Waldo

Re:Huh???

[waldoj]

PD wrote:
2) Listing the website IP and blocking mail from that IP doesn't prevent anyone from seeing the Peacefire webpage, does it? No.

Jamie wrote:
Again, the blocking of that IP number, their website, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose website can't be seen by RBL subscribers.

Any questions?

Re:Sounds like the role of the RBL has expanded..

[scrytch]

> I wonder if anyone's considered sort of a democratic RBL?

UseNet has something called NoCeM (pronounced No See 'Em), which is essentially "advisory cancel messages". Instead of cancel messages being sent to control by usenet admins, it has advisories sent to the newsgroup itself in periodic postings, with the message id's of messages that get killed by a compliant newsreader (such as gnus). These messages are PGP-signed to authenticate the issuer.

It still requires a provider that doesn't itself honor NoCeM messages on the spool, as some do, but the nature of usenet makes this somewhat more feasable than it is with mail. The mail server I use (CommuniGate Pro), has support for RBL, but sends all such mail to blacklist-admin, which I can connect to a script that simply tacks on a "X-RBL-Listed" header and sends it on to its recipient. It's a new site right now, so it hasn't received any mail yet, much less spam.

And if I find my ISP, the phone company, is using the BGP RBL, I'll have the PUC on their asses ASAP :)

--

? stay of the inet if you don't like censorware?

[Barbarian]

b[If you don't want Cyberpatrol filtering your connection at the public library, stay off the internet!]b

In reply to:
i[If you use an ISP that has MAPS, it is your choice. Only ISP in the area? Then stay off the net if it offends you. They are running a private business and feel that the reduction in spam outweighs the complaints of some users who don't like MAPS]i

Re:Huh???

[Barbarian]

Right, and I don't know of any tier 1 ISP that would be actually implement this. There is just too many ways that this could hurt the ISP.

Maybe, but a backbone provider does. ABOVE.NET Read the article.

get YOUR facts straight

[Barbarian]

OMFG. MAPS can be fed into router tables, which is what Above.net was doing. Read the other 20 comments that have pointed this out.

burn the witch!

[Barbarian]

Why don't you open the commitee of unMAPS activities now?

Re:Sorry, Jamie, you are way off base

[/dev/kev]

Ehrrm, it isn't a spammer, it is a seller of spamware.

Fine.

You don't need to. Just block the spamware seller's website. This still cuts off the money - the spamware seller will get less, since they've been RBL'd, and if the spamware seller goes elsewhere, then the ISP loses their money...

If MAPS blocked the website, spammers could still reach the website, buy the spamware

If that is the case, then why does MAPS even bother with spamware sellers? If they were only going to block the seller's site, then as you say, that doesn't stop the spammers from getting their spamware, so would acheive very little. MAPS goes after these sites because they want to see the sites taken down, so that noone can access them (not just MAPS subscribers). They can't do that by just blocking the site, so instead they're unjustly blocking whole sections of the ISP, in an effort to submit and remove the sites. Make no mistake, these are bullying tactics.

MAPS is not censoring, subscribers to MAPS have chosen not to spend their money for the transport of packets send to or from Media3.

MAPS is doing more than this. They are trying to abuse their influence to get the site itself shut down. You appear to have completely missed that point. My point is that MAPS isn't "merely blocking for MAPS subscribers", as you claim, but they are trying to get the site removed altogether, which is entirely different.

A newspaper that doesn't put your opinion on its frontpage isn't censoring either.

No, but if the newspaper were to reject stories based on content, then that would be censoring. Similarly, if some agency were applying pressure to get the newspaper to not print particular stories, then that agency would be attempting to censor those stories. In this case, the 'newspaper' is Media3 and the 'agency' is MAPS. The analogy's not perfect, but it's a hell of a lot better than yours.

Re:Sorry, Jamie, you are way off base

[/dev/kev]

So, what do you do to get Media3 to close down the spammer?

You don't need to. Just block the spammer's website. This still cuts off the money - the spammer will get less, since they've been RBL'd, and if the spammer goes elsewhere, then the ISP loses their money - but not at the (unnecessary) expense of other customers. Repeat the process with wherever the spammer goes next.

That's how MAPS should work, by blocking the bad stuff so that RBL users just don't see it. There isn't any need to punish innocent sites who happen to be on the same class C. MAPS should concentrate on blocking spammers and their sites, not trying to twist ISPs arms.

If MAPS successfully got Media3 to shut down the spammer's site, then MAPS WOULD be dealing in censorship, wouldn't they? They'd no longer be this optional advisory guide you could use, rather, they'd be going around getting websites they don't like shut down. If that's not censorship, I don't know what is.

MAPS seems to want to have it both ways - to the public: "Oh, we're not censoring anyone", but to M3: "Shut this site down now, or we'll punish you by blocking lots of your sites". I'm sorry, but to me, that's just terrible.

censor v's filter

[Kris_J]

I think the emotive use of the words censor and censorship are counterproductive. Censorship conjures up images of bookburning and government oppression -- and no-one wants to be associated with that.

The word "filter" is far more suitable. I have a personal proxy that tries to nuke ads and protect my privacy. Does it censor web sites? Maybe. Does it filter websites? You bet!

I personally believe that the mechanisms of filtering and the choice of what to filter should be separated so as to remove the label "censorware" from what are otherwise just filters with rules. Imagine that MAPS simply provides a mechanism to allow automated filtering of content based on a list (or lists), but then creates a process whereby anyone in the world can create such a list. In addition to subscribing to MAPS, ISPs would also subscribe to one or more filter lists as per their own values.

Perhaps then these valuable filters could not be so easily condemned as an attack on free speech...

jamie has a point.

[Omnifarious]

Arguments about whether or not RBL is a censor because it doesn't wield the power of a government are sort of missing the point. The point is if it provides a useful list. Censorware is censorware because it provides a very unuseful list. The fact that schools and libraries use it is almost irelevant to its name.

From what jamie has said, it sounds like RBL isn't so much trying to block spam as trying to apply political pressure to get an ISP to do what it wants.

Essentially, they're using the fact that hundreds of ISPs suscribe to them and trust them to help them block spam as a club to beat other ISPs into doing what they want. That doesn't seem like a terribly wholesome thing to do to me. I don't want my subscription to be used that way. I simply want them to tell me what sites send spam.

Re:Exactly

[um...+Lucas]

Say my ISP uses RBL, specifically how am i supposed to "turn it off"?

Switch ISPs? Not likely, because there's only a few DSL providers around here and they all string lines from Verizon. And there's only two possibilities (AFAIK) for cable access.

If they use MAPS and people in my address books' addresses get added to list, then effectively i have no recourse. I can switch ISPs, but how will i even know what's occuring until a couple days go by and i get a phonecall saying "hey, why haven't you responded to my email?"

ISPs, sendmail developers, RBLer's, someone's got to make a system where users opt in and opt out individually. For instance, when signing up for an account of any sort with an ISP, their web page or CSR could plainly ask "would you like your mailbox to be protected from spam using the RBL?", provide an explanation if they don't know what it is and let each customer choose for themself.

Re:services like this

[um...+Lucas]

Using a non-computer analogy: you don't. You can come over to my house and say "Hey, you know your doors unlocked?" but you can't come in and change the locks on me just to insure that you know that my house is now "safe".

Re:Exactly

[um...+Lucas]

Great advice to give my mother or grandmother one day...

"Yeah, I know you like using Netscape as your intenet application. And yeah, i know, i took you a few months to learn that you could click an address and it would be added into your address book, let alone how long it took you to learn to create rules to filter your messages between your "personal", "business", and "possible spam" folders, non of that matters now. You need to use Hotmail from now on. Or yahoo mail. You can't bring your address book or sent mail or received mail folders with you either. Oh no, don't worry you didn't do anything wrong. It's just that someone else that happens to use the same internet provider as you did, which is why none of your friends can get your emails...."

Can you see my point from a less elitist mind set, now? And maybe help come up with an idea that doesn't punish innocent people at the same time as punishing "guily" people? Not everyone in the world knows works at an ISP, or owns their own domain, or even edits their own DNS records. A solution to SPAM take that into account.

Re:This is exactly what we want them to do.

[Sloppy]

This is the difference between locking up the kiddy pornographer and locking up the people that made the high quality photographic paper and the ink used to create the images!

No. There's one little flaw in your analogy, but it's important.

It's not like locking up the people who made the photographic paper. It's like choosing to not do business with the people who made the photographic paper, and telling them that you will remove your boycott if they stop selling photographic paper to the kiddy pornographer.

Nobody's rights are being infringed. Nobody is having force used against them. There's a huge difference between locking someone up and boycotting them.

---

Re:You've totally missed the point...

[seebs]

>I'm amazed that so many readers here think it's
>ok to apply pressure to Media3 (who did support
>a spammers web site) by blacklisting a large
>block of Media3's legit customers, not just the
>spammer.

Well, look at it this way: What else can you do that Media3 cares about? Media3 has made it clear that, as long as the spam *itself* doesn't go over their network, you can host whatever you want on their pages, advertise it in spam, advertise it in faxes, advertise it by printing your URL on the flayed skins of your enemies, it doesn't matter, it's not *our* fault.

As long as they believe that, the spammers whose pages they host will have a very compelling *reason* to send out spam - they will be able to collect responses, collect money, and rake in cash, and they can do it because they're getting cheap, reliable, spam-friendly hosting.

Media3 has nothing to lose if we block a few spammer sites; the spammers don't care about a mere few percent of the net not seeing them, and since they don't send mail over their Media3 connection, the rest of the RBL users (those who just use it to block mail) aren't doing anything.

So, how do we communicate to Media3 that they are doing damage to the network? How do we tell them we want them to be good neighbors, or no neighbors at all?

We block *everything* of theirs. It's that simple. They won't *listen* to anything else.

If Media3 wins a suit against the RBL, I'm going to go add their blocks to our *local* blackhole list. And they'll stay there. Forever.

Or, they can admit that this is a *cooperative* network (you don't cooperate, we don't network with you), kick their spammers off, stop accepting spammer cash, and *POOF* no more RBL listing.

Imagine if Peacefire had bought its connectivity from Cyberpromo. They *did* host web pages, after all. Would you be surprised that they lost a bit of connectivity?

When you pick a hosting provider, one of the things you need to look for is "anti-spam policy". If they don't have one, you are likely to end up on the wrong side of a number of blacklists.

You've totally missed the point...

[seebs]

The problems with censorware are: 1. Inaccurate or undocumented listings. 2. Listings for things other than those said. The RBL has neither of these problems. Media3 is actively and knowingly supporting the people who flood your mailbox with all the crap we call "spam". Does blocking Media3's sites, in many cases at the IP level, result in you getting less spam? Today? No. Today, it just means those sites don't get as much traffic. Tomorrow? Sooner or later, Media3 will have to decide whether it wants to be on the network where spammers do business, or on the network where RBL subscribers do business. If they pick the spammer network, they will eventually be totally removed from the network, as they find their way into more and more blacklists. If they decide they want the other network, they will stop supporting spammers and people who sell spamware. With no way to sell their products, the spamware vendors will stop sending you ads for them. People will stop *buying* the products, because there will be no way to buy them. You will get less spam. It's an educational tool. Media3 has the option of being on the network where you host spammer pages, or on the network that RBL subscribers see. They have made their choice. Your list of sites "also affected" misses the point entirely. Those people are paying Media3, and as long as Media3 makes money, Media3 has no real reason to care whether or not hosting spammer sites is damaging to the rest of the network. If your hosting company is supporting spammers, you will be fucked. Don't buy hosting from companies that are unwilling to terminate spammer websites. The RBL isn't about stopping spam *today*. It's about encouraging the policies that we *absolutely need* if we are to have less spam *tomorrow*. Thanks to the RBL, a number of very large networks have put in strong, effective, anti-spam policies. Every day, you don't get dozens of spams that would once have been sent via netcom. Every day, hundreds of spams that would have advertised sites hosted by companies with a policy just like the Media3 policy *aren't* sent, because those sites got taken down, because the policies got fixed. Media3 is wrong. MAPS is right. Media3 is trying to support the theory that, as long as the actual spam is relay-raped or sent via throwaway dialup accounts, it's not their problem where the page is hosted. MAPS is educating them. As soon as Media3 fixes its policy to unequivocally prohibit the hosting of spamware sites, address list sites, and sites advertised in spam, and starts enforcing that policy, everyone is happy.

Re:You've totally missed the point...

[pjrc]

I'm amazed that so many readers here think it's ok to apply pressure to Media3 (who did support a spammers web site) by blacklisting a large block of Media3's legit customers, not just the spammer.

2. Listings for things other than those said. The RBL has neither of these problems.

Assuming that the facts presented are accurate (difficult to verify if above.net has stopped blocking packets based on MAPS)... then how could you conclude that blocking peacefire, FulfilledLives.com, DesktopHeaven.com, and the others is not "Listings for things other than those said".

If the facts are true, innocent customers are getting blacklisted simply because they happened to pick the same ISP as a spammer, and the ISP didn't want to drop the spammers website (because the spammer abused other ISPs, not them).

Perhaps Media3 is wrong for not dropping the spammer's website. But if MAPS is targeting a large group of Media3 customers because only one is a bad apple... even if you hate Media3.... it's amazing that you could overlook the injustice MAPS is doing to all the other innocent bystanders (Media3's other customers). Perhaps those customers should move to a different ISP, but how would they pick one? How could any of those other customers pick a new ISP? Media3's AUP looks ok and looks like all the others. How could a custoemr know, in advance, if they'll eventually be on the same class C as another customer that Vixie doesn't like but is acting within the ISP's AUP?? Even if the other customer is a nasty spammer, and even if Media3 is slow or won't terminate the spammer's web site, the fact (if it's true) remains that MAPS is targeting a large group of unrelated customers when only one is a spammer. The others are just poor innocent bystanders who could not have know in advance that they'd be in the same block of IP numbers as a spammer.

Re:This is exactly what we want them to do.

[Skapare]

BS!

Kiddie porn is a miniscule use of photographic film or paper.

Spamming software has NO use but for spamming.

My RBL config stays ON!

Re:MAPS != censorship.

[Skapare]

Maybe I just don't want this universal connectivity.

I have been around long enough on the Internet to know what it was like when "universal" didn't include scum. Things change. So I make my view of the network the way I want, and MAPS RBL/DUL/RSS help me do that. It's not perfect, but when weighing the tradeoffs, it is preferred to use it than to not. If you think you can do better, and make something that would make me interested in switching from MAPS RBL, by all means go for it.

And, BTW, I do know how to make individual case exceptions to RBL/DUL/RSS in my DNS server. Convince me that I should in this or any other case.

Re:Power, unchecked, corrupting as usual

[Skapare]

MattW (ma++@ender.com) on Thursday December 14, @12:29AM CST
(User #97290 Info) wrote:

(1) If you're a bulk provider, with hundreds of web sites, it isn't even worth batting an eye to keep hosting a spam software provider. If they wanted to follow the money, they may refuse to remove them, but they certainly wouldn't defend them when MAPS came knocking. MAPS scares providers.

I'm glad that it does scare them.

(2) How much is enough? Should MAPS block every single IP address that the provider has, just to force them to stop hosting the software seller? How many innocent sites have to be taken down in the name of shutting down the spammers? And do you really think people looking for spamming software won't be able to find it because you shut this down? When these software sellers move, should we shut down a thousand more? Will you feel the same when its YOU?

MAPS RBL may be doing exactly what I would do if I were running such a service. What I would do is look up the ARIN/RIPE/APNIC records to determine the smallest level of IP assignment administration. The theory here is that it is easy for a web site to get a new IP in the same block. In fact, they may already have one. It can be difficult to determine exactly which IPs are to be blocked if done invidually. And it happens already that web customers to ask for IP address changes to try to get around various forms of being blocked.

If the spam supporter is running their own network, AND if the ISP they use properly registers their suballocation to the appropriate database at ARIN/RIPE/APNIC, then I'm quite happy to block ONLY that customer and not the whole ISP. But if the ISP can't be bothered to submit that information, then I can't be bothered to pin down an exact network for them.

(3) No one ever stops to think how insidiously powerful MAPS has grown. As their filters have become useful, it has gone far beyond good sysadmins using them to protect their users -- it has gone corporate, with millions of addresses obeying the filters MAPS dishes out. What happens when it is abused?

You're assuming that it will be abused. While I cannot say it won't be, I don't see that trend at this time. The view MAPS uses is in line with my own. If they do end up abusing it (by my definition) then I may quit using it. That decision will be made on the basis of whichever choice has the better results for me. If the choices are MAPS or nothing, then it will take quite some abuse to make me choose nothing. If the choices are MAPS or someone else's service that isn't doing the abuse, but is better than nothing, I could be more likely to make the switch. Currently I see no other viable choice (I don't like ORBS' approach).

Think that won't happen? Wrong, it already has. MAPS blocked 209.211.253/24, because it hurt a lot more than just blocking 209.211.253.68-89, or even 209.211.253.64/27. I shouldn't need to repeat it, Jamie made a great point: Paul Vixie said MAPS contacts all blocked websites before blocking them. Ah, but that must date back to before MAPS was so powerful, such an icon of internet protection, with supporters lining up to buy them lawyers.

I would need to see evidence that blocking 209.211.253/24 is an abuse. I haven't seen any, yet.

(4) MAPS is tied far too closely with AboveNet. The fact that Vixie was an Abovenet VP (who knows what he is with Metromedia, who bought Abovenet), should absolutely chill people. There's something absolutely creepy about the power to block email to 40% of addresses being thus controlled. I'm sure the small-time sysadmins would remove MAPS configs from sendmail if it were abused -- but would corporations be so quick to follow? With change control procedures, possibly even total apathy?

I'm small time, and from reading all the information posted on /. I don't see any reason to not block Media3. The current situation is commensurate with why I use MAPS RBL/DUL/RSS in the first place. If you do decide to provide some evidence as to why I should make an exception and allow Media3 into my network (which I know how to do), please also tell me why:

• There are not IN-ADDR.ARPA reverse PTR records for these IP address that correctly resolve forward to that IP address.
• Media3 has not submitted SWIP records to ARIN to indicate a different administrative control over these addresses.

At this point, a lot of these points have been intentionally sensationalized to provoke a bit of thought. I think that MAPS has just selected an overbroad block to filter this time -- and I agree with filtering spam software sales. You support spam, down you go. But I also think that the cheerleading, here and elsewhere, and the lack of concern over the fact that MAPS has run roughshod over so many innocent sites, shows that people have a tendency to follow net luminaries far too blindly. If you're going to run MAPS filters, then you're handing that project power. Best keep an eye on that, if you don't want to contribute to the abuse of that power.

I will keep a watch.

Re:Screw Vixie and his goon friends at Above.net

[Skapare]

My servers use his services so I guess I elected him policeman.

ASN is NOT required

[Skapare]

You can use RBL w/o an ASN. You just have to run BGP4 and peer with the RBL eBGP4 server and let it route to your black hole address. You then default route everything else out your single backbone connection. No other BGP peering is needed. Since you're not announcing routes (and RBL certainly isn't taking them) you can use a reserved ASN to configure your router.

My objection to the MAPS RBL is over

[Felinoid]

I've long had an objection to AboveNet filtering peer traffic.
I was once all for the RBL and MAPS before I discovered how they operate.
Basicly they have lost prospective. I still refuse to have anything to do with RBLs filters. For more on RBLs past go here
Now that AboveNet has discontinued it's peer filtering it dosn't matter to me how slipshot the RBL is.
If ISPs willingly filter e-mail this way and users don't object then great.. Horray.. I myself will never trust my spam filtering to MAPS.
My ONLY objection is the packet filtering that AboveNet did..
They have stopped.. and my only objection to the RBL is gone...

can MAPS/ORBS be advisory to users?

[Lumpish+Scholar]

Can an ISP, instead of filtering mail from "bad" sites, add identifying header lines to messages from such hosts? That way, users could add fiters to block such messages, but have filters with a higher precedence to allow mail from friends and family. (I know this requires a fair level of expertise. Also not clear how you could set it up so users wouldn't even have to download spam.)

Above.net IS STILL not routing to ORBS

[Adam+J.+Richter]

As of 1:46am PDT, 14 December 2000, I still cannot traceroute from yggdrasil.com (connected via AboveNet) to www.orbs.org, but I can from my personal Pacific Bell DSL line:

traceroute to www.orbs.org (202.36.147.16), 30 hops max, 40 byte packets
1 yggdrasil-port.yggdrasil.com (209.249.10.1) 0.348 ms 0.304 ms 2.811 ms
2 cisco-ethernet.yggdrasil.com (209.249.10.250) 2.676 ms 2.944 ms 2.260 ms
3 proteon-t1.yggdrasil.com (209.249.10.254) 291.109 ms 264.186 ms 264.251 ms
4 216.200.192.main.above.net (216.200.192.4) 315.453 ms 425.357 ms 361.949 ms
5 * * *
:

censorware.

[matth]

I personally feel that MAPS, ORBs are more trouble then they are worth. I used to work for an isp which used orbs and it was really truely nothing more then a headache for the Tech people. People woudl call in wondering why they were not able to get e-mail from someone, or why someone could not get e-mail from them. And most of the time it was ORBS. Another example is that open mail relays are blocked. My own mail server was blocked by ORBS one day. it was fine.. the next day blocked. Never (except for perhaps a few minutes here and there) had it been an open relay, yet orbs had blocked it. When I requested they take it off, they promptly did, but again, there was no reason for it to be put up there!

Re:A compelling argument...

[Tripster]

I agree, I use RBL on all my mail servers, one server I also throw in the DUL and RSS, that one is mostly for my own domain names.

It is effective, when I started getting over a dozen spams a day in each mailbox on my domain I figured enough was enough.

Sorry, but I don't really care if the odd person has trouble emailing my domain, mostly they're trying from crappo free email providers anyways and I tell them to find another one, their most compelling argument is "oh, but this domain name is cooler than those other ones", franky I don't give a damn how cool your email domain name is, if they've been branded as spam sources I don't want mail from them.

I work with a hosting company, during the 2 years I've been here we've had 2 spammers sign up, in the first case we shut them down within 6 hours, zero tolerance, we didn't even receive a complaint but one look at their log file showed they were hiding IP's and it was obvious coming from a spammed email.

In the second case it was a newbie spammer who got right upset when we cut them off, what we've learned so far is that most spammer types seem to hang out in Florida, they're mostly dumb as rocks and are usually the type of morons who fall for the "get rich doing nothing" schemes you see around.

Media3 are obviously spam friendly, hell we wouldn't even accept a client who had "bulk" in their url and seemed to indicate that was bulk email, not worth the hassle of getting blacklisted and that should be enough to police the rest of the ISPs out there.

Chances are Media3 are owned and operated by spammer types to begin with, these marketing geniuses always seem to group themselves together so they can pray on the weak and stupid side of society, which is really their only clientelle.

Re:That doesn't prove anything

[BlueLines]

Not true. My company has several racks worth of machines at above.net, and i can see these ip's fine:

traceroute to mediamasters.com (204.101.215.149), 30 hops max, 38 byte packets
1 main4-216-200-18.sjc.above.net (216.200.18.3) 0.460 ms 0.548 ms 22.097 ms 2 core5-main4-oc3.sjc.above.net (216.200.0.213) 0.438 ms 0.707 ms 0.329 ms
3 core1-core5-oc48.sjc2.above.net (216.200.0.178) 0.748 ms 0.435 ms 0.476 ms
4 ord-sjc-oc12.ord.above.net (207.126.96.117) 60.749 ms 60.551 ms 60.689 ms 5 POS12-0-0.GW2.CHI6.ALTER.NET (157.130.111.89) 62.042 ms 62.046 ms 62.066 ms
6 112.ATM3-0.XR2.CHI6.ALTER.NET (146.188.208.182) 61.435 ms 62.329 ms 61.414 ms
7 190.at-2-0-0.TR2.CHI2.ALTER.NET (152.63.65.102) 63.525 ms 63.280 ms 62.999 ms
8 126.ATM6-0.TR2.TOR2.ALTER.NET (152.63.7.102) 75.048 ms 74.651 ms 74.853 ms
9 198.ATM6-0.XR2.TOR3.ALTER.NET (152.63.129.201) 75.971 ms 75.700 ms 75.437 ms
10 191.ATM6-0.GW1.TOR3.ALTER.NET (152.63.129.237) 75.506 ms 75.527 ms 76.023 ms
11 205.150.221.230 (205.150.221.230) 89.191 ms 89.263 ms 88.758 ms
12 mediamasters.com (204.101.215.149) 88.596 ms 88.603 ms 89.945 ms

Re:Horay!

[jpayne]

Nope, this is another example of a poorly researched /. article. /. is rapidly becoming somewhere to go for a laugh to see how badly wrong they've got it this time.

RBL listing of spamware sites is a long established tradition, its public knowledge and is one of the listing criteria: Spam Support

Escalation of listings past single hosts is also known about, this happens when the provider continues to allow the spamming to continue, or moves the host around the netblock to avoid the RBL listing.

You have to go after what hurts the spammers. They don't care if they lose their hotmail account, or their MSN dial up account... as long as people can still view their website.

Oh, and BTW... ISPs have every right to decide what goes on their network. Its *their* property. Abovenet have decided not to allow hosts that are in the RBL to transit their network. Thats fine... as a customer of an Abovenet customer, I'm ecstatic that they've done this, as it saves me a DNS lookup for every e-mail that comes in :) However, its still their decision... and its my decision to stay a customer of Abovenet's (albeit one hop removed)

Re:This is journalism?

[gmhowell]

In traditional journalism, this is more akin to analysis or editorialising.

In modern journalism, this is serious, hard-hitting investigative reporting.

Re:This is exactly what we want them to do.

[gmhowell]

>Nazis vs. Jews

And, in fine Usenet fashion, the discussion is now over!

Re:This is exactly what we want them to do.

[ibbey]

What an absurd analogy. This software is specifically designed to send spam. It is actively marketed to send spam. It even includes 25 million email addresses to get you started. Maybe if the film was marketed as "Perfect for all of your child pornography needs" you'd have a case. Otherwise, you're not even close.

According to S.P.(U.T.U.)M.

[Vryl]

How, then, do we apply this strategic analysis concept to our enemy du jour: the Spammer?

First, we must translate the Five Spheres (or Rings) of the enemy system into modern Net.War counterparts:

• Sphere 5: Fielded forces-- throwaway AOL accounts, hired consultants, dedicated spam domains
• Sphere 4: Population-- Spam-related customers, support employees (secretaries, etc.)
• Sphere 3: Infrastructure-- Primary non-rogue ISPs, Websites, ftp sites, cgi scripts, mail relays, reputation
• Sphere 2: System Essentials-- Money, bandwidth, telco access, computers
• Sphere 1: Leadership-- the SpamBoy himself, his partners and business associates

By alliances, we mean those reciprocal relationships the spammer has formed with: news media (Cyber-Clueless First Amendment activist newbie journalists, for example)

• other spammers
• ISPs, whether rogue or non-rogue
• hacker consultants
• fringe associates (Meowers, Kook Cabal)
• banks, business organizations, and other sources of economic power
• politicians

We must then examine our assumptions. If our Spammer runs his own ISP, then attacking an AOL account he controls (by complaining to abuse@aol.com) will be of negative value-- a waste of our time and resources. If his ancillary server is somehow "taken down", but his primary SpamServers keep pumping out ECP spam via open NNTP ports worldwide, what will we have gained? If he is (like Gr*bor or our own deeply psychologically troubled Doktor Funway) only marginally rational, abuse and punishment that would persuade a reasonable Yeti to leave the field of battle may only enrage the Bull(shitter) like the pricking of a picador. Finally, if we do not have the necessary intelligence to pinpoint our enemy and her crucial Strategic systems exactly, our efforts will either be wasted entirely, or increased by orders of magnitude over what they could have been with accurate and timely information. In our final strategic translation matrix, we shall endeavor to identify what we mean by a Spammer's Political, Economic and Military powers; as well as the proper role of the semi-tautological Net.War attribute of Information.

• Political power: news media (online and traditional), lawmakers, friends and acquaintances, usenet Kooks
• Economic power: cold hard cash earned both legitimately and by Spam; frivolous lawsuits (to tie up opponents' assets/time)
• Military power: Net.war capabilities of spammer's own systems (mail bombs, Usenet binary bombs); hired gun hackers; open NNTP and mail servers ripe for exploitation
• Information: Positive and Negative--> Positive: Spammer's ability to gather intel on foes; ability to adapt to changing laws, standards, and software affecting/enabling internet communication; ability to slander and defame enemies and thus provoke them to rash deeds;
• Negative: the ability to cloak himself in anonymity, pseudonymity, and false faux-open identities, thus denying his enemies that first prerequisite of strategic analysis: identification.

Freely stolen from: http://www.radix.net/~revjack/snotwad/snotwad3.htm

Re:MAPS != censorship.

[itachi]

Censorship is something that can only be conducted by the government. Private organizations such as ISP's or MAPS can choose to carry or not carry whatever they like.

It's not quite that simple, though. Common carriers, although private organizations, don't have the choice to carry or not carry based on content. Now a local dialup provider is hardly a common carrier, but I would say that a tier one provider really should be a common carrier. After all, a local dialup in Peoria can't reach Bangladesh without crossing some backbone provider's network.

itachi

Re:A Better Analogy

[segmond]

I hate spam as much as everyone, but please don't attack who ever makes the software, especially not after we have defended encryption, decss, napster and such, it doesn't matter if those software are designed specifically for spamming, we can't step on other people's freedom and try to preserve ours. If you think and firmly believe that those softwares are illegal, then all people who believe that napster, decss, gnutella, pgp, etc are illegal are correct...

unwelcomed opensource tools?

[segmond]

As I read most of the posts, I was not surprised to see how many people hated spamware. It got me thinking tho, if someone was to write an opensource spamming tool, what will the community do? I mean, can it be hosted at sourceforge? If so, will sourceforge make it to the blackhole? Will sourceforge refuse? If so why? Why would they then host something like napster/gnutella clones? I hate politics, but I do like to know how much the community fights for the rights of others even if we don't agree. Or is this all about "us"?

Re:Bullshit

[tiny69]

How did this get modded up? While the original posters "logic" leaves something to be desired, your reasoning has fallen into a logical fallacy itself.

Post hoc ergo propter hoc - "after this, therefore because of this"

You are assuming cause-and-effect relationships were there are none. You are assuming one event presedes the other, the first being the cause of the second. i.e. - you are making shit up that has no possible way of being related to one another or being true.

"Assumption is the mother of all fuckups." - quote from some movie.

When people start using "logic" as an argument, they usually have no idea what logic is themselves.

Re:Exactly

[tbo]

And then, you can turn the RBL off. Victims of Censorware can't turn it off because they aren't allowed to do so.

Only if you happen to be the head sys-admin for your ISP... If my ISP subscribes to MAPS, I might never even know that my content was being filtered, let alone have any control over it.

What I don't understand is why anybody is using MAPS for anything other than their mail server. I used to do IS at a software company, and we set up our mail server to reject mail from IPs on the RBL. Other than that, we didn't use RBL. The purpose of RBL is blocking spam, so why should we use it to block anything other than SMTP?

Re:services like this

[Greg@RageNet]

but you can't come in and change the locks on me

If people come into your house constantly and make obscene phone calls to me in the middle of the night do I have the right to have your phone number blocked? I think so.

-- Greg

Re:MAPS != censorship.

[Greg@RageNet]

You are very good at reciting mindless socialist propaganda. Marx would be proud.

Technically you are 'licenced by the state', through the form of a birth certificate. So you have 'similar responsibilities'?

The only path to totalitarian or any other form of government is through government itself or the application of (deadly) force to overthrow said government.

Doesn't anyone realize, the more 'laws' you urge the government to make to protect childeren, workers, minorities, turtles, ad nauseum the more power you give to the politicians who you also accuse of abusing their powers to 'hold down the people' for the deep pockets of 'big [evil icon of the day]'?

-- Greg

Re: MAPS == censorship.

[Greg@RageNet]

Would you be reffering to a public bridge built by the government? You prove my point.

-- Greg

Re:I definately do not agree - (pro-MAPS)

[Greg@RageNet]

The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial, but standing up for free speech means standing up for speech I don't believe in.

MAPS only publishes a list of people who it views as spammers or those providing assistance to spammers. Akin to someone, for instance, publishing a list of people who run 'Holocaust denial' websites with their personal view that they disagree with the authors of these sites. People can do with that list what they wish.

Media3, on the other hand, is seeking to use the courts, and ultimately the (physical deadly) force of government, to end publication of the MAPS list.

Yes there is censorship going on here, but opposite way than which you claim. You should be standing up for the free speech of MAPS to publish whatever they want, in this case a list of who they belive are spammers; instead of advocating the government censorship of these lists via the proxy of court action.

Another analogy I'd like to put forward, in defense of ISP's using the RBL, is to say that this is a 'consumer boycot' situation. If the ever popular *snicker* starbucks coffee chose to no longer buy coffee beans from indonesia because of it's human rights violations then is it justified for you to take them to court to compel them to buy coffee beans from indonesia because you happen to like indonesian coffee? After all, if you have to now go a mile out of your way to visit a different coffee shop that carries indonesian coffee then you are 'suffering at the hands of the tirranical starbucks corporation'.

If ISP's don't want to accept packets (coffee beans) from bulk-mailers (indonesia) thats their right as property owners, and it's your right as a customer to take your business elsewhere.

-- Greg

MAPS != censorship.

[Greg@RageNet]

Censorship is something that can only be conducted by the government. Private organizations such as ISP's or MAPS can choose to carry or not carry whatever they like. The difference is of course that everyone 'owns' and funds the government which therefore has no right to moral or policical content it makes available. However private individuals have full discression over their own property and how they choose to utilize it.

If a government library refuses to cary 'Hucklberry fin' because of it's content then that's censorship. However private organizations should not be forced to carry or not carry a given item. You cannot compel me to carry a slashdot bumper sticker on the back of my car claiming that if I refuse I am 'censoring' your right to free speech.

By the same token you should not be able to force a private entity such as an ISP to carry traffic they choose not to carry, i.e. traffic identified by the MAPS RBL. If you don't like MAPS then don't use their service or use the services of ISP's who do.

This also carries over to 'censorware'. Government institutions should not censor internet content through manditory filtering. However it's morally acceptable to me for a parent to by some software (that arguably does a poor job) to filter the content on their privately owned computers.

-- Greg

Re:MAPS != censorship.

[dbarclay10]

That's like saying only a government can have an army and go out and raid people.

Sure, that's what it's supposed to be like, but something like that has to be enforced.

If someone is censoring someone else, it's still censoring, even if they're not the government.

Dave

Barclay family motto:
Aut agere aut mori.
(Either action or death.)

Re:I definately do not agree - (pro-MAPS)

[Greg@RageNet]

Just a correction, according to spamhaus media3 is hosting not 1 but 21 spam sites, the largest on the list, and considering media3 is a grand total of a few class C networks, thats a pretty high percentage of their customers being spammers. My understanding is that it's a similar situation to the AGIS thing awhile ago. media3 won't cancel sites who spam using other accounts to advertise a site on media3. Because media3 won't wipe out these sites it's become quite a spammer's haven.

-- Greg

This is exactly what we want them to do.

[alecto]

They're put on the RBL to punish them for willingly harboring spammers who advertise their sites with stolen services from other providers and clog millions of mailboxes with crap.

Those who host websites for spammers even after its brought to their attention that they're spamming deserve to be blackholed--I praise the RBL for their continued action in this regard.

Should they wish to rejoin the RBL using net, they may terminate their spammers and tighten their policies. For those who cry about "free association," remember that subscribing to the RBL is voluntary, and using an ISP that subscribes to them is voluntary. If individuals want their subscription fees to support spam and their packets to be dumped, they're free to subscribed to an RBL'd provider.

Re:This is exactly what we want them to do.

[ckedge]

They're not harboring spammers!! This is about someone who makes a piece of software that can be used to spam. This is the difference between locking up the kiddy pornographer and locking up the people that made the high quality photographic paper and the ink used to create the images!

This is not right.

Re:This is exactly what we want them to do.

[ckedge]

> and locking up the people that made the high quality photographic paper and the ink used to create the images!

WRT the replies: The analogy between paper makers and these guys may not be 100%, and I completely understand you not liking the fact that this software is available, and I agree technically that you have a right to block anyone you choose, and that the RBL is just a list of people who have done a set of things. An 'advisory'.

Hell if you want to blackhole Yahoo for some screwball reason, there's nothing stopping you. Except your own customers and clients abandoning *you* yourself!

But I will strongly argue with people who want to make 'certain software' illegal or unobtainable, where 'certain' can be a nice big fuzzy thing on the slippery slope to who the hell knows where. (Do you also RBL people who host databases of actual viruses? Why not? Oh, just the once that you decide have 'evil' intentions at heart, eh? That's nice and clear cut!) After arguing philosophy with you and trying to persuade everyone else listening in, the next thing is to apply the similar pressure to you that you are applying to them.

At this point I'm dropping RBL, and I won't deal with anyone who is using it. This is no longer "prevention", nor "applying pressure", this is extortion, not simply against the person who owns the building where handguns are made, but also the other 1000 people that live in other buildings owned by the same landlord. After handguns, then what? Hunting rifles? Cars? Baseball bats? Big ugly dogs?

"That was the line back there, and you stepped over it..."

Re:MAPS is necessary

[Afterimage]

I had to chuckle at points throughout the article. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate websites which promote themselves through spam. Of course not! But software to spam the customers of other ISPs, well that's just fine!

So, and I'm drawing some conclusions here, Napster should have been shut down because they provide a service that enables distribution in methods that the rightful copyright holder has not agreed to?

Censorware blocking of nmap's site is legit because it (conceivably) could be put to evil uses. At least, that's what I think you're suggesting here.

The point is, while I don't know where you stand on the issue, it's hypocritical to proclaim freedom for one favored product that can be used within the realm of the law and say another product under different circumstances (but with a potential legal use) isn't worth the same protection. Even if we disagree with their philosophy.

Since when does MAPS censor websites?

[oneiros27]

I admit that I haven't been keeping up on the spam filtering stuff as much since I changed jobs, but from my reading of this article, the author suggests that people using MAPS can't get to the sites being hosted by sites blacklisted by MAPS.

Unless something's changed dramaticaly, this just isn't how MAPS works, or any of the half dozen or so mail blacklists. They just keep people from being able to send mail to the system using MAPS.
[It's actually more complicated than that, as it may just flag it as questionable, it may reject, etc.]

But I've never seen someone set it up to filter all traffic, not just incoming SMTP. [That's not to say it happens, but I'm guessing that if people do it, it's a small percentage of MAPS users, and so a fraction of a percent of systems out there, and not the 2% claimed by the author]

Again, it's quite possible that I'm wrong, but this article just reeks of fishiness to me.

Voluntary

[Hard_Code]

Um, isn't the RBL *voluntary*? So why the hell are we getting so worked up? If the ISP is mindlessly blocking valid sites on the RBL, then yell at them...or tell them to tell the RBL that those sites are OK.

Re:Bullshit

[Hard_Code]

I thought the RBL was a list that ISPs could *voluntarily* use to blacklist sites. So, if Iraq is brutal and violent, then the message is "stay away from this country, do not make any deals with them, etc.". If Napster is infringing on copyright wholesale, the message is "stay away from this service, do not let any of your copyrighted materials pass through it". If you are shooting people in your dorm, the message is "stay away from this dorm, it has a bloody psycho in it running around and killing people".

Are those *unreasonable* precautions that can be voluntarily followed by subscribers? Man, it almost sounds logical.

It's about who plays nice

[dubl-u]

As an RBL subscriber myself, I support this action, even to the extent of blocking other web sites.

When I started using the internet more than a decade ago, it was a neighborly place. When the green card lawyers did their massive spamming and followed it up with a big "fuck you", it was a shock to all of us.

To me, the RBL is about sorting out who has that old-school community spirit from those who don't. The jerks and idiots are welcome to talk to one another (and anybody else who cares to listen to them), but I want to keep them out of my inbox. If an ISP isn't playing by the same anti-spam rules, I cast my ostrakon for them. And if people want to support that ISP by doing business with them, that's swell too, but I don't much care to hear from them either.

As a practical matter, spam-friendly ISPs are often willing to move spammers around in a netblock to avoid a ban, so it could well be that MAPS has given up on anything less than netblock bans. Of course, we don't know the MAPS side of the story, because you didn't take the time to talk to them.

MAPS vs ORBS

[dubl-u]

You shouldn't tar MAPS with the ORBS brush. For the last year or so, all of my mail gets extra headers added based on which of the lists (ORBS, MAPS RBL, MAPS RSS, MAPS DUL) it matches.

I frequently find that ORBS would block mail I'd like to receive, whereas the MAPS RBL and RSS never do, and the DUL would only rarely. For a normal ISP, I'd guess that ORBS would be a nightmare, but the RBL would be pretty much OK.

Of course, for me, I keep all my spam so I can feed it to SpamCop.

Peacefire is fine

[dubl-u]

I think Peacefire is fine, and I'm sure the people from MAPS like them, too.

But the point here is that the ISP has been spam friendly for ages, and they've been warned for at least six months. Despite that, they are still taking on new spam clients. And spamhaus.org considers them the the biggest host of spam-friendly domains.

The ISP, as far as I'm concerned, is spam-friendly. And I don't want my boxes to talk to spam-friendly ISPs. If Peacefire chooses to to use a spam-friendly ISP, that's their business, I'm not one to stop 'em.

Oh, you say the didn't choose? That they just didn't know? It's funny, isn't it, that Media3 didn't even warn their clients about a possible loss of connectivity to large parts of the Internet?

That's not the behavior of a reputable businessman; it's an ISP trying to shield its spammer clients by mixing in legit sites. The ISP has known this was coming for months; they should have warned their customers.

New details on MAPS procedures

[dubl-u]

One of the gripes in the article was that the MAPS evidence file for these guys was scanty. That's because the nomination for the extension was kept here:

http://evfiles.mail-abuse.org/rbl/ev/63.74.120-24. txt

This paints things in a pretty different light; it's a shame that this wasn't read by the author of this article.

Re:So?

[dubl-u]

AboveNet has constructed their criteria so that they do have "fig leaf" excuse for their censorship, as is done in virtually all real
world examples of censorship. If you want to be fooled in all of these cases, that is your choice.

Let's just say I'm willing to give them the benefit of the doubt. I've been reading SPAMTOOLS for years, and this issue got quite a bit of play there, and I'd say that rational people can disagree over this issue. Although like the goal of ORBS, I wasn't so sure about their methods. And I was very sure I didn't like their stubbornly boneheaded refusual to see that there might be other points of view.

If ORBS really wants to claim censorship, then they should move their ideas (e.g. their website) away from their actions (their arguably aggressive network probing). If AboveNet suddenly starts blocking their web server, then I'd agree that they are after censorship.

You could also test things yourself. Use an external proxy server to make a mirror of orbs.org on your network and announce it to the world. That way, all AboveNet customers will have access to the ideas of ORBS without risking exposure to what AboveNet sees as network abuse. If you get the smackdown from AboveNet, then you'd have a reasonable claim

In this case, AboveNet's excuse is ridiculous, in light of the fact that AboveNet claims to be doing this for customer welfare, and we, the effected [sic] customer, do not want them to do it.

A quick check of ARIN shows that you guys are about 0.06% of their address space. No offense meant, but I can see how they wouldn't be willing to futz around with their routing tables for such a small customer.

If this is such an important issue to you, you should consider voting with your dollars.

Re:So?

[dubl-u]

I am not saying that AboveNet is trying to prevent people from learning about what relay blocking is. I am saying that they are
censoring the specific exchange of information needed to do the relay checking (albeit with some lame excuse).

Note that there are other relay checkers which they do allow, MAPS RSS being the most popular one. What exactly is it that you feel they are trying to censor?

Also note that what you consider to be a "lame excuse" is seen by a lot of other people, including many strong anti-spam advocates, as a reasonable argument. See, for example, the archive of SPAMTOOLS from around the end of May. Your adamant refusual to see any merit whatsoever in their position doesn't make you convincing; it makes you look clueless.

This would be akin to allowing a few books on what democracy is but not allowing people to actually communicate to implement it.

Well, you seem to be doing a pretty fair imitation of communicating about it.

Or if you wish to prove your point that it's the information rather than the actions, then set up an ORBS secondary within AboveNet's network. I'm sure ORBS would cooperate; you'd just need to find somebody to secondary the data so you could reach it.

So, it would not be reasonable for AboveNet to claim that allowing ORBS probes is just too much work for just one customer request.

Well, they still could claim that it's too much work (or, more likely, too risky for their routers) to allow ORBS probes for just a few customer requests. Indeed, if routing table size is what worries them, then a larger number of requests would be worse, not better.

And, yes, we do intend to vote with our dollars, losing our setup costs after our annual contract with our AboveNet-based ISP expires.

I'm glad to hear it.

Re:A Better Analogy

[Chalst]

Let me see if I understand you: you are saying that the rule of law
depends upon people regularly engaging in bullying, lynching and
illegal intimidation? And that this follows from the second law of
thermodynamics?

Re:Thats not what its for...

[radja]

so now there is an effort to pressure on known spammers to stop. Not by rules, regulations and law but by consumer pressure. Everyone here always shouts about how bad regulation and law is.. This is what you get from it.. lawsuits, lawsuits and more lawsuits. make some bloody laws that mandate opt-in for spam, and the whole thing becomes a moot point. But we want self-regulation (well.. not me..). This is the internet self-regulating, and once again people whine about it.

//rdj

Re:Sorry, Jamie, you are way off base

[Pseudonym]

Whether or not you think it's right, it's still censorship. Someone is taking it into their own hands to block us from seeing something they don't think we should.

That couldn't be further from the truth. What's happening is that I decide that someone else has sufficiently similar opinions to mine about what I don't want to see, and ask them to do it for me. That's not censorship, it's outsourcing. Well, I guess you could always call it "self-censorship by proxy" or something equally convoluted.

Now if the RBL isn't what it advertises to be, that's a different question. But that wouldn't be censorship either, it'd be false advertising.

Sometimes, the best thing to do is nothing.

[Convergence]

There are many evils in the world, but we let them continue because to not let them continue would violate privacy, or freedom.

Incest happens, one way around it is to require that everyplace that allows children is tape recorded to catch the bastards. A simpler and cheaper alternative is to kill all children.

This is my solution.

Sometimes, when the only way to stop an evil is to do an even greater evil, the only sane thing to do is nothing.

You totally miss the point.

[dunster]

You are quick off the starting line to point out that the RBL is a voluntary thing. We've heard that before, and it is even true.

But, this article is about the fact that MAPS uses a very broad brush to paint its spammers. In its zeal to stop spam, it is hurting people and organizations that have never done anything wrong. MAPS has been accused before of being arbitrary with its power, and this is some pretty compelling backup to those accusations.

Frankly, I wish that a more moderate group than MAPS had taken the lead in writing a blackhole list. I find their definition of spam to be to far-ranging. I find their tactics to be abominable. I find their superior-that-thou attitude to be offensive.

I hope that press like this will lead an alternative list-group to form, and more press will steer people to it.

MAPS can hide behind "free association" for a while. But if they continue with practices and policies like this, I suspect that they will find few willing to associate with them.

As I read the %2 article

[z4ce]

I was rather shocked as I read RBL only blocks %2 of spam. I had heard it blocked more around %90 of spam. As I clicked the article I learned the "independent" study was sponsored by at&t's brightmail. Mindcraft anyone, please?

Re:As I read the %2 article

[pjrc]

As I clicked the article I learned the "independent" study was sponsored by at&t's brightmail. Mindcraft anyone, please?

As I read it, I wondered exactly how they did the testing. Of course, they didn't give details (even worse than MindCraft). Notice the words "blocked just 2 percent of 922 spam messages sent". In the case of MAPS, the important question is who did the sending? I'm guessing that they transmitted spam that they had harvested.

MAPS has put a lot of pressure on ISPs, perhaps with underhanded or questionable tactics. It good to see that slashdot with its giant readship is putting a bit of pressure onto MAPS about its questionable actions.

I've got a tiny block of IP numbers, and I know I'd be really pissed off if MAPS decided to block the entire class C range that just happened to contain my site, because a spammer operated on an IP number within that range.

Re:I definately do not agree - (pro-MAPS)

[Zak3056]

Knowingly distributing software to do that is like owning a gun shop; a customer comes in and asks which gun and which bullet type go through flesh the best and cause the most damage. Selling the gun to them is illegal because you know they're going to use it to commit a crime.

Yeah, it's not like people lawfully use guns for self-defense, and want the most effective weapon they can get for the money. Perish THAT thought, anyone who cares about ballistics, velocity, energy transfer, or anything else "technical" about the round MUST be a criminal, right?

Re:I definately do not agree - (pro-MAPS)

[Zak3056]

For the record, I live in Canada. I don't have to prove my point; Janet Reno has already pointed out that Chicago and Toronto, two very similar (in population, area, and climate) cities, have very disproportionate homicide rates: Toronto in a bad year might have 75... Chicago has 1000.

It's interesting to note that Chicago, IL, has some of the STRONGEST gun control laws in the entire united states of america (being surpassed only by Washington D.C., another high crime area) and, in fact, handguns are COMPLETELY ILLEGAL inside the city limits. One could therefore reasonably conclude that the law has little, if nothing, to do with the rate of homicides in Chicago. This truly begs the question: if the laws do no good, why did you pass them? Why would you not repeal them? Why should law abiding citizens lose their right to self-defense, when the criminals can carry any weapon they choose to? The very phrase has become cliche, and is oft derided, but the simple logic is hard to escape: When guns are outlawed, only outlaws will have guns.

As for the part about the guns, you bloody well know what I meant

Yes, I did, and I am sorry for the heavily sarcastic response. It just pushes my buttons to demonize an inaminate object (despite what some folks would have you believe, guns do not possess the force of will) that over 80,000,000 people in the US use legally, without harming anyone. I'm sorry to have vented on you.

Additional data

[wowbagger]

Here's some other interesting data on Media3:
Spamhaus.org's ranking of spam supporters

Media3's list of active spamhausen

OK, on three, let's have a great big "Awww" for poor widdle Media3.

1....2....3.... BPPPPPPT!

Re:Additional data

[alexburke]

Where's UUnet on this list?! They're one of the worst, if not THE worst, IMO. I've even had to manually blackhole some of their dial-access (da.uu.net) IP blocks from making lookups on our DNS servers to figure out what our MX host is!

--

Re:Additional data

[pjrc]

OK, on three, let's have a great big "Awww" for poor widdle Media3.

(maybe) 21 spammers hosted by Media3 !!!

Well, if that's not reason enough to blacklist thousands of their addresses, hurting dozens, perhaps even hundreds of their unsuspecting non-spam customers, then I don't know what is! Those idiots should have read that AUP (that looks just like all the others) and predicted that Media3 would harbor some spammers. It's their own fault that they happen to live near where a dirty spammer moved in.

Damnit, I've had to press delete almost 20 times so far this week, so NUKE 'EM. Who cares if there's innocent and unsuspecting civilians... this is war! Blast 'em to hell and make Media3 sorry!! Who cares if some innocent bystanders get hurt.

Re:Additional data

[pjrc]

They're not innocent. They're putting food on the table for a spamhaus. They should move, it's as simple as that. Web pages can be hosted anywhere on the globe.

My website is hosted at a particular ISP. Maybe I'm guilty of supporting spammers? When I start losing traffic and I can't communicate via email, it'll be easy to recognize the error of my ways... I should have used my crystal ball to predict that a spammer would move in next door. I should have known my ISP would allow it. My particular ISP changed ownership a few months back... but then I should have know they'd sell to someone who'd allow a spammer to set up shop.

So realizing what a terrible mistake I made, hosting my web site and email with an ISP that later let in a spammer, I should move, "simple as that". Sure, simple, try to find a price similar to the fairly good one I've got now (remember, I chose this ISP for a reason). Standard dial-up and simple virtual hosting are about the same price wherever you go, but Frame Relay service varies considerably. I signed a 2 year contract, so I'll have to pay for a portion of the remaining time. I'll call the phone company and the ISP, back and forth and get those circuit ID and DLCI numbers worked out, schedule the switch, hope they manage to get the line switched over correctly. Contact the registrar and get my DNS record changed, and of course change stuff on my server. I hope my SSL cert still works at the new location. The local telco raised their rates for frame relay, so I'll certainly have to pay the new higher rate, and there's a good chance it'll be a new contract, with a penalty for breaking the old one. If everything goes smoothly, maybe I'll only be off the net for a couple days. If things go badly (as a move like this often does) and it's over 5 days, then all those email bounce warnings will turn into the 5 day bounce errors. We do a bit of e-commerce from the site, so I'll lose orders while I'm down.... but I'm already losing plenty of money already, all because it's my own fault for picking an ISP that later, after changing ownership (within my 2 year contract), allow a spammer to be hosted.

Yep, it's all my fault and I need to "just move". I'll do my homework and pick a less spam-friendly ISP, and cross my fingers that they don't change ownership within the period of my lengthy service contract, or by some error allow a spammer to be hosted. Vixie blacklists some sites for having join-our-mail-list without a double confirm.... but spam is such a plauge on the world his strong-arm tactics that hurt lots of unsuspecting bystanders are the means to the end. So "KjetilK", you're right, anyone who gets screwed by Vixie ought to "just move".

Sorry, Jamie, you are way off base

[wowbagger]

Let's review:

1. Media3 sells connectivity to a spammer
2. Spammer sets up web site on that connection
3. Spammer sends spam (by relay raping other peoples gear), advertising products that are sold on the Web site

Now, what can we do to end the spam?

• Play whack-a-mole on open relays? Nope
• Ignore it? Nope

No, you follow the money: the spammer makes his money when morons go to the web site and by the spamware. Kill the web site, kill the cash flow, kill the spammer's business.

Now, places like Media3 will say "But we aren't spamming!" No, but they are giving aid and comfort to the enemy. So, what do you do to get Media3 to close down the spammer?

Follow the money

You make it unprofitable for Media3 to host the spammer. You do this by driving business away from Media3. You do that by blackholing enough of their customers that Media3 says "We are losing money doing this. Let's not do this anymore!"

Rememer Spamford Wallace, the uberspammer? Ageis communications was providing cyberpromotions.com with bandwidth, and by God they weren't going to stop. Then they got blackholed, and many of their customers left. Faced with losing money, they dropped Spamford like a hot rock.

Remember: follow the money. It's always about the money. If somebody says it's not about the money, it's about the money.

I say, "GO MAPS GO!"

Re:Sorry, Jamie, you are way off base

[jesser]

What if the spam is sent in a way that hides the originating IP address, and then the owner of the website claims "I didn't send that spam; my competitors sent it to try to get my site shut down"? What do you do in that case?

--

Re:Sorry, Jamie, you are way off base

[pjrc]

Let's review:

• Media3 sells connectivity to a spammer
• Spammer sets up web site on that connection
• Spammer sends spam (by relay raping other peoples gear), advertising products that are sold on the Web site
• MAPS blacklists a large block of Media3's customers, not just the spam related one (at least that's what's claimed)
• A bunch of folks having nothing to do with the spammer wonder why they're having trouble

Now, what can we do to end the spam?

How about indiscriminately blacklist everyone within ISP-level proximity of any spammer? Hurt those spammer or spam resource (in this case) harboring ISPs, with utter disregard for whatever other non-spam-related customers get caught in the cross-fire.

Re:Sorry, Jamie, you are way off base

[Twylite]

"self-censorship by proxy"

Interesting ... I always thought that self censorship meant that I decided what I did not want to see. Not that my company made that decision, or my ISP, or their backbone ISP, or anyone else ... but me.

MAPS does not give you the choice of self censorship - it gives service providers the choice of whether to subject you to censorship or not.

I will continue to use MAPS RBL

[Keefesis]

I run a mail server and employ the MAPS's RBL and ORBS's DULs to save me the headache of some spam. A while ago I was informed of ORBS's encounters with Above.net and Paulie Vix. I think Paul Vix is an incredible horrible person and his methods are evil (Above.net routers were advertising routes for ORBS, then dropping any packets they attracted according to the orbs site.)ORBS seems to have stopped proclaiming the evilness of MAPS openly, but you can still see many statements on the site leading to that assumption. So, this will not stop me from using RBL, it works for me, as my web traffic is not in any way related to my mail traffic or MAPS. I don't endorse Paul Vix or MAPS, but the level of spam I recieve is disgusting, anything I can do to cut down on it I will. As a matter of fact, I personally block any spamming servers (i.e. sprintmail.com) that the RBL's and DUL's refuse to block, yet it seems I get more and more SPAM every day. Perhaps we need more of those exocution-style killings of spammers like we had in MA a few years back.

We're a victim too....

[MKalus]

A couple of days ago one of my Co Admins found out that we where also blacklisted, not we directly as our site / ip is not listed but the whole c-class.
When we contacted them and asked to be removed we got sent to interliant as they are the owner of the c class, and apparantly haven't reacted in the past to certain demands.

So fine, we have apparantly 4 IPs in our C class that are an open relay or have been and we are now as f**** as they are.

Thank you.

Michael
http://www.swma.net

Re:Exactly

[Tau+Zero]

What I don't understand is why anybody is using MAPS for anything other than their mail server.

If the spam came through an open relay but the spammer's web site was on the RBL, the spammer would not get any click-throughs nor would any of their web bugs, Javascript/ActiveX exploits, or other tricks work. It's not the best reason in the world for blackholing a site for all access, but it's at least plausible.
"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \

It's slandering the innocent

[kevin805]

If someone took out an ad in the newspaper and said, "Bennet Haselton" is a spammer, that would be libel. How is it different to say, "Here's a list of sites run by spammers ... 209.211.253.169 ..."? Well, 209.211.253.169 is peacefire.org, Bennet Haselton runs peacefire.org, so they're saying he's a spammer, which he isn't.

It's not about whether it's reasonable to twist the arms of the hosting companies, it's about misrepresenting what it is you're providing. If a censorware package included a category that said "anti-filtering sites or redirect services", and said you better leave it turned on, that wouldn't be a problem. But when they list all the anti-filtering sites, babelfish, anonymizer and so-on in every category, that's misrepresenting what you're doing.

I read some of MAPS site and it implies that it's pretty hard to get on the list without doing something you shouldn't be. But this isn't the case. "A site being advertised as a target on multiple spam messages may be placed on the MAPS RBL. We assume that the site knows that it is being advertised in this manner". That's a pretty big assumption when you go blocking class C's. I can't find any mention of using the RBL for punishing ISPs as they seem to be doing in this case. Do all their subscribers know they are using it to punish ISPs? Would those subscribers continue to use the RBL if they knew it was blocking large numbers of sites that have no connection to spam other than having the same ISP?

I'm really curious what MAPS contract looks like. They don't have it up on their webpage, and it's the only thing that would exactly address what they claim their service is. Personally, I'd love it if sites would cancel an account if it's at all connected to spamming, even if it isn't where it's sent from. I know geocities does because I've forwarded a few pieces of spam to abuse there. I don't think I'd want the "feature" of being prevented from viewing the sites of anyone hosted on a server that is also used by a spammer.

Re:services like this

[mr]

And where does ORBS obtain the authority to probe *MY* machine?

What right does ORBS have in 'walking around my house and checking to see if I have open doors/open windows'?

sure, follow the money...

[god_of_the_machine]

You make it unprofitable for Media3 to host the spammer. You do this by driving business away from Media3. You do that by blackholing enough of their customers that Media3 says "We are losing money doing this. Let's not do this anymore

Sure... now take the Above.net perspective. Their customers are complaining that they cannot reach non-spamming sites. Follow the money. What does above.net (or another business) do? They have to ingore the RBL or else their customers will get pissed off and leave(or route packets through somewhere else). Follow the money. The RBL will lose all power if it blocks non-spam related sites or over-reacts too much.

-rt-

MAPS is *seige* *warfare*

[Seth+Finkelstein]

MAPS is the equivalent of blockades and total sanctions. Every man, women, and child (i.e. site) in the targeted country (i.e. ISP) is going to be made to suffer, under the theory that they will then be motivated to fight the enemy (the spammer or all supporters).

War Is Hell :-(

Why can't you just switch ISPs?

[fhwang]

If I understand it correctly, you should be able to simply find another provider who is not on the RBL, switch over, and change the DNS settings for the domain name. A hassle, sure, but not the permanent clusterfuck you portray it as. (And I'm quite confused as to why crossalizer.de moved to crossalizer.com, too.)

I work at a web shop, and when we make hosting decisions, we've had to make the decision to switch away from an ISP that's on the RBL. Sure, it's a little extra work, but I guess I'm happier that I know that the ISP is harboring spammers, and that they're losing our company's business as a result.

Mission Creep

[frankie]

They aren't harboring spammers, but they are harboring spam-tool makers.

The main problem is that this level of blocking goes far beyond the original intent of the RBL. The Blackhole was only supposed to block known current sources of spam. Over the years it has experienced mission creep and now goes after spam accomplices (e.g. affiliated web pages & email boxes) as well as accessories (e.g. email harvesting software). That is too many tasks for a single list!

RBL's original mission is a good idea, and could even be palatable to major backbone providers. For example, imagine if Verizon and UUnet were subscribers to the more-focused version. Millions of people would be better off instantly. Within months, RBL would put itself out of business -- anyone on the list would scramble like mad to get off or else go out of business from lack of traffic.

MAPS has already implemented multiple parallel lists -- RBL, RSS, DUL, etc. It's time to break up the RBL into 3 separate components with appropriately narrow targets.

Additional source material

[Argy]

If you look at spamhaus.org's page on marketingmasters.com, in addition to tidbits like the last four ISPs from which they've been terminated, you'll find the reasons cited for blackholing marketingmasters.com's IP address, as well as blackholing Media3.net's other addresses. This is part of MAPS RBL SOP (standard operating procedure). You may not like what they do, but they're operating within their guidelines here.

Under MAPS RBL clause III of Blackholing Due to Spam Support Services, the IP address 209.211.253.74 is now elegible for addition to the RBL.

Under MAPS RBL clause IX of Blackholing Due to Spam Support Services, if the host media3.net is knowingly providing Spam Support Services by knowingly hosting the marketingmasters.com Spam Service Site, parts of (up to all of) media3.net's netblock may be nominated to the MAPS RBL.

If you want to read the clauses directly, check out http://www.mail-abuse.org/rbl/candidacy.html#ByAss ociation, which outlines the criteria and reasons for including spam support companies in the RBL. The essence of their criteria is "providing any service which uses internet resources to support spamming activity," although they go into more detail as well.

Bullshit

[Temporal]

By your logic, the United Nations should start killing Iraqi men, women, and children until Sadam Hussein steps down. Hey, it would work. Once all the citizens are dead, Sadam will have no one to rule over, and will thus no longer have power.

By your logic, it is perfectly reasonable for the RIAA to shut down Napster. After all, Napster is harboring far more copyright infringers than Media3 is hosting spammers.

By your logic, if I go on a shooting rampage and kill 14 people in my dorm, not only am *I* to blame, but so is everyone else in the dorm, as well as the dorm supervisor, the University of Minnesota, my parents, my friends, and, hell, Slashdot even.

I mean, I've seen double-standards, but this is rediculous. And you got score 5, even. Huh.

------

Power, unchecked, corrupting as usual

[MattW]

(1) If you're a bulk provider, with hundreds of web sites, it isn't even worth batting an eye to keep hosting a spam software provider. If they wanted to follow the money, they may refuse to remove them, but they certainly wouldn't defend them when MAPS came knocking. MAPS scares providers.

(2) How much is enough? Should MAPS block every single IP address that the provider has, just to force them to stop hosting the software seller? How many innocent sites have to be taken down in the name of shutting down the spammers? And do you really think people looking for spamming software won't be able to find it because you shut this down? When these software sellers move, should we shut down a thousand more? Will you feel the same when its YOU?

(3) No one ever stops to think how insidiously powerful MAPS has grown. As their filters have become useful, it has gone far beyond good sysadmins using them to protect their users -- it has gone corporate, with millions of addresses obeying the filters MAPS dishes out. What happens when it is abused?

Think that won't happen? Wrong, it already has. MAPS blocked 209.211.253/24, because it hurt a lot more than just blocking 209.211.253.68-89, or even 209.211.253.64/27. I shouldn't need to repeat it, Jamie made a great point: Paul Vixie said MAPS contacts all blocked websites before blocking them. Ah, but that must date back to before MAPS was so powerful, such an icon of internet protection, with supporters lining up to buy them lawyers.

(4) MAPS is tied far too closely with AboveNet. The fact that Vixie was an Abovenet VP (who knows what he is with Metromedia, who bought Abovenet), should absolutely chill people. There's something absolutely creepy about the power to block email to 40% of addresses being thus controlled. I'm sure the small-time sysadmins would remove MAPS configs from sendmail if it were abused -- but would corporations be so quick to follow? With change control procedures, possibly even total apathy?

At this point, a lot of these points have been intentionally sensationalized to provoke a bit of thought. I think that MAPS has just selected an overbroad block to filter this time -- and I agree with filtering spam software sales. You support spam, down you go. But I also think that the cheerleading, here and elsewhere, and the lack of concern over the fact that MAPS has run roughshod over so many innocent sites, shows that people have a tendency to follow net luminaries far too blindly. If you're going to run MAPS filters, then you're handing that project power. Best keep an eye on that, if you don't want to contribute to the abuse of that power.

moderate parent up

[Error27]

I don't agree with the fact that the people are trying to sell email addresses. But even here I'm not sure that what maps is trying to do is worthwhile. Or the right thing. The internet interprets cencorships as damage and routes around it.

However I can not fault them for selling spamming software. The right to create and distribute software is a sacred right. I get so frustrated at the people who don't treasure this right.

I believe that no one has the right to tell someone not to create a piece of software. Patents that stop people writing software are evil. Laws that stop people writing software are wrong. People that stop people from writing software are wrong.

I get frustrated by reading the comments about software sometimes. A month ago someone created a visual basic clone for Linux and people complained about it. Not that it was poorly written but just that they didn't want a visual basic clone. People complain that Mozilla have been goofing off adding features instead of just working on gecko. Someone today said that Open Source was making software suck more because now 20 year olds were writing software and his post got moderated to a +4 interesting?!?

The truth is that behind all the laws stopping people from writing software there is a person writing the law. In the end it's always a matter of PEOPLE stopping people from writting software.

On the other hand, I have to laugh everytime I read somewhere that open source software will never be able to do this thing or that thing. People didn't think Linux would scale. People didn't Mozilla would ever get finished. People don't think that Linux will succeed on the Desktop. I have to laugh because I know that someone is going to go out and do the things that were thought imposible. The fact is it is so much easier for some one to program something than to stop every other person from programming something. This means that when I say Linux can never run on a Ti93 I'm almost certain to be wrong because it's easier for someone to make linux run on a ti93 than it is for me to stop them.

For a technical problem there is a technical solution. There are more effective ways to block email than MAPS. If you think visual basic is not good then write your own better replacement. If you don't like the features in mozilla then use kmeleon (http://kmeleon.org). If you don't like open source programs because they were written by 20 year olds then write your own. Gnome wouldn't be better off if people stopped writing KDE apps and KDE wouldn't be better if people stopped writing gnome apps.

The solution is not to try stop software from being written. That's just playing hit the mole. The solution is to write MORE software that fixes the problem. More KDE apps. More Gnome apps. And if you agree with the +4 guy then you want more software written by old people.

Writing software is sacred right and an excersize in free speech.

A compelling argument...

[Tom7]

A compelling argument, but the same reply still applies:

If you don't like MAPS, don't use it.

This is a good reason not to like MAPS, though. If what you say is true, I wouldn't use it if I ran an ISP (though previously I thought it did a good job). This kind of political pressure, however, is a much better way of policing the internet than through legislation.

Re:A compelling argument...

[grammar+nazi]

" I believe there are more instances of the abridgement of the freedom of the people by gradual and silent encroachments of those in power than by violent and sudden usurpations."- James Madison

Read this once. Next, reread it. I believe this quote to be very pertinent to internet censorship at both a legal level and at a commercial level (as the above article may suggest).

Re:A compelling argument...

[Throw+Away+Account]

Uh-huh.

So you use one of the dozens of free POP3 servers on the Net for your mail, if you're an individual.

Or, if you're spending 5 digits each month, you won't notice another $20, so you buy a dial-in or shell account with any fricking ISP of your choice on Earth and access its servers via TCP/IP over your five-figure account.

It's not a problem to get a non-RBLed account if you know what you're doing.

Re:Exactly

[scotch]

Great advice to give my mother or grandmother one day...

... snip ... I'm sick and tired of hearing about everyone's grandmothers, how their grandmothers can't use computers, how we should be thinking of grandmothers for every computer problem anyone deals with here. Grandmas can get their own goddamn website - this is slashdot, news for nerds, not news for grandmas. Why don't you go to grandma.com to complain about how your grandma can't do a goddamn thing for herself. I don't give a shit about your grandma, and when I use a computer or develop software as a hobby, your grandma doesn't even enter into the equation

No offense to your grandmother, of course

I just want to hear Paul Vixie say

[Kagato]

I just want to hear Paul Vixie say: I've taken down bigger men than you Picard!

Re:services like this

[petard]

ORBS doesn't have the authority to probe *MY* machine. Moreover, if they try, *MY* machine is configured such that their probe will likely slow down enormously

Re:I definately do not agree - (pro-MAPS)

[alexburke]

2. Not a single one of the IP numbers listed there sends spam. Let me repeat that: you could drop every one of those IP numbers off your network and it would not stop a single piece of spam from reaching you. Those are websites. Spamhaus and MAPS don't like ths products those websites are selling and that is why they (and over a thousand other websites) are blocked.

How do you know? Perhaps their machines (since they have their own IP addresses) do relay raping! If not, perhaps they're just IP-based virtual hosts (which is a fscking waste of IP addresses, but that's a topic unto itself).

The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial, but standing up for free speech means standing up for speech I don't believe in.

I believe Voltaire said it best; I paraphrase: I disagree with what you say, but I will fight to the death for your right to say it.

However, spammers steal service and clog people's mailboxes with junk. Knowingly distributing software to do that is like owning a gun shop; a customer comes in and asks which gun and which bullet type go through flesh the best and cause the most damage. Selling the gun to them is illegal because you know they're going to use it to commit a crime. It's precisely the same reason these are sold "FOR TOBACCO USE ONLY".

At best, what Media3 is doing is wrong and unethical, and worst it's illegal (aiding and abetting).

--

Re:I definately do not agree - (pro-MAPS)

[alexburke]

For the record, I live in Canada. I don't have to prove my point; Janet Reno has already pointed out that Chicago and Toronto, two very similar (in population, area, and climate) cities, have very disproportionate homicide rates: Toronto in a bad year might have 75... Chicago has 1000.

As for the part about the guns, you bloody well know what I meant.

If you didn't, then I think my point is still well made with the pot^H^H^Htobacco pipes.

--

Media3.net is Guilty as Sin

[alexburke]

Check this out. Wow, I was thinking MAPS was being a bit strongarmed, but now I know how deep Media3 is in their own shit. I sincerely hope Qwest finds out about this, and puts some pressure on them. Unfortunately, I don't think that's likely.

--

Want to get away from RBL? Move.

[yerricde]

and I do have the choice of going to an ISP that doesn't use it

Consider this: DSL generally requires customers to live within 12,000 wire feet of the central switch, making it nearly impossible to service a whole city or large town. AOL Time Warner Inc., the cable provider, obfuscates its login/password to force customers to use its client software, which is not compatible with your FreeBSD, BeOS, or GNU/Linux system. T1 is priced out of reach of most residential consumers. What other broadband solution is there other than to pack up your belongings and move?

Tetris on drugs, NES music, and GNOME vs. KDE Bingo.

You can't fool all the people...

[aiken_d]

I've had numerous scrapes with MAPS. The funny thing is, they're always right. Not *once* have they admitted that they might have *ever* made a mistake. It's a first in the history of the world: a perfect, flawless autocratic body.

MAPS are a bunch of zealots. Zealots want two things: attention and power. MAPS gets lots of both, primarily because it's founded and supported by two of the most powerful technical people in the internet community: Paul Vixie and Dave Rand. Both very bright, incredibly capable people. But both are so driven to "fix" spam that they're willing to do (imo) unethical things to do so.

I am all for blocking spam. But MAPS isn't about blocking spam, as this /. article points out. It's about leverage, and forcing *other* people to do "their part" to stop spam. Nevermind that it never actually comes around to stopping spam; it's the pushing people around that makes the MAPS folks feel like they've accomplished something ("I didn't stop any spam... but I did shut down this website that was hosted by the same place as another site that sells software that spammers can use.").

Sure, it's just a list. But it's a list that is totally dishonest about its intent. Technical people like us know that MAPS is a political organization out to stiffle speech they don't like. If you don't like the speech, sure, configure your home mail server to use the RBL.

If you're providing internet service for someone else, though, you'd better put "I reserve the right to prevent you from connecting to any address or range of addresses on the internet without warning, based on their content or who they choose to do business with." How many of us would sign up for internet service with that caveat?

There are lots of dangerous people in the world. Spammers count, but really they're just vermin in need of some better legislation. The people you really have to watch out for are the ones who tell you "the ends justify the means," or "we just have to take a tiny bit of your freedom to make you safer."

The RBL is a sham and I'm really glad that people are starting to realize it.

-b

Re:You can't fool all the people...

[aiken_d]

Hello? Yes, I don't run MAPS on my home network. However a fair number of ISP's run the RBL, even in BGP mode, *without notifying customers*. Even if they *did* notify customers, not many people would understand what it is.

MAPS proponents constantly do this "It does a great job of stopping spam because it's so powerful" / "It's just a harmless little list, why does everyone get so worked up?" dance.

Many people, including one business I consult for, are behind MAPS enabled ISP's against their will (it's hard for a business to change ISP's, and in this case they've decided to live with it rather than renumbering their entire network over the RBL).

The whole *idea* of a list is a bad idea, because it can't work. That's why I'm not starting a better one. ORBS is somewhat "better", in that it lists servers that are actually likely to send out spam. But look at them; as an organization, they're worse than MAPS.

Lists and routing black holes are not the answer to spam. Yes, they can punish people, and coerce them. Great, if that's the goal. But if the goal is actually doing something about spam, other approaches are called for.

-b

Re:Exactly

[aiken_d]

Um, unless you're a mere mortal and not knowledgeable enough to question your ISP about their censorship policies when you sign up.

If my ISP ran cyberpatrol or netnanny on all my traffic, I would expect them to tell me up front. ISPs who use the RBL rarely tell their clients, because it's usually some misguided techie who configures the ISP to do so. Half the time management doesn't even know. When they do know, they've usually been told that it "blocks access to mail servers which are sending out spam" or some equally bogus explanation.

-b

Ends do not justify the means

[Dahan]

above.net should not blackhole sites on the RBL--sure, spam sucks, but spamblocking is not a job for a transit provider. And MAPS putting entire class Cs on its list to browbeat a company into dropping a software publisher is completely unacceptable.

I've disliked MAPS ever since hearing about their treatment of ORBS, and this just makes me dislike them even more.

The ends do not justify the means.

Re:Horay!

[fmouse]

AboveNet says:

"The MAPS RBL is used by AboveNet to help reduce the amount of spam received by customers. &quot

The implication obviously is that they're using the RBL specifically to block spam email, so you have less of it in your mailbox. Missing from this is the information that they're using the RBL to block access to parts of the Internet, and that some of the sites blocked may have nothing at all to do with spam.

Re:Horay!

[fmouse]

If it were only spammers whose websites were in the RBL it would be one thing. Jamie's point is that the escalation of MAPS' actions with the RBL to block entire class C's, coupled with the use of the router BGP to stop all traffic to and from RBL-listed addresses, effectively prevents access to a lot of legitimate sites from within the network space of providers like AboveNet, and this constitutes censorship, albeit more of the nature of killing innocent bystanders than actively going after these sites because of some mis-begotten assumption about their contents. Censorship is still censorship, whether it's accidental or intentionally targeted.

Apparently AboveNet also failed to inform its customers, or prospective customers via its website, that portions of the Internet would be dark to them because of an action by an intermediate provider (AboveNet) against another intermediate provider (Media3). This ain't the way it's done, folks! As much as I hate spam (and I use the RBL, DUL and RSS to block on port 25) this breaks the Internet.

IMHO, even though it seems that AboveNet has stopped BGP blocking of RBL-listed sites, at least for the moment, they owe an apology and explanantion to their customers, Media3's non-spamware customers, and to the Internet community at large.

Boo hoo

[icqqm]

Jamie woke up this morning and said "Bah! They blocked Peacefire! Damn! Well I'm an author on Slashdot, so I'll use that to make millions of people hate them! And maybe other news organizations will pick up the story and more people will hate them! How dare they pick on Peacefire! I'll even use that in my argument! ..."

I'm not saying the point is wrong, but it's not like Jamie and Peacefire have never seen each other before. I guess Slashdot doesn't have much in regards to editorial guidelines.

Sad.

Re:Exactly

[pjrc]

"tbo" asks:
What I don't understand is why anybody is using MAPS for anything other than their mail server.

According to jamie, AboveNet (a backbone provider), until this story broke, was using MAPS RBL to do exactly this. Vixie, the MAPS co-founder is the CTO of AboveNet, so it's not too hard to see "why".

According to the update, they've stopped this. Hopefully it stays that way. Filtering at the backbone level is pretty scary.

Re:A Better Analogy

[pjrc]

Free speach implies the right for me to have to right not to listen. It does not give anyone else the right to censor/filter the speach and prevent me from listening.

Consider the world controlled by Vixie, or at least the portion of the world that's connected to the internet via AboveNet, the backbone provider he controls.

It doesn't matter if you want to visit those sites or not, because your packets will never reach them. Vixie already decided that for you. If you happen to use your free speach right to not view whatever is blocked by Vixie, then you're in good shape. If you happened to want to communicate with someone Vixie has blocked, well, it'll take massive pressure, such as thousands and thousands of outraged readers of a widely circulated publication to get him to stop blocking at the backbone level.

Of course, that's assuming that the facts as presented are actually true.

Restricting free speach by filtering at the backbone is only part of the problem. ISPs using MAPS without giving their individual customers a choice if they want it or not is only part of the story.

The larger injustice is that MAPS blacklisted large blocks of IP numbers, hampering communication to a substantial group of Media3's customers, most of whom are totally unrelated to spammers. MAPS does this to pressure Media3 to be tougher on spammers. The injustice is:

• The non-spam Media3 customers get screwed, when they did nothing wrong.
• Most MAPS users are unaware that they're rejecting non-spam that just happened to be at the same ISP as a spammer.

Re:I definately do not agree - (pro-MAPS)

[pjrc]

The methods might seem a little draconian to the rest of the people who aren't as adamant about spam, but that's EXACTLY what the subscribers of the information want.

It seems unlikely that users and ISPs subscribing to MAPS RBL really want to filter out messages from hundreds of non-spammer sites, who's only mistake was hosting at an ISP that later allowed some spammers to put up web pages.

Re:A Better Analogy

[pjrc]

So, it isn't like just providing the photo paper and ink to the kiddy porno makers... it is like providing the building, cameras, film, video-feed and streaming servers for kiddy pornographers - knowing full well what they are doing - and then being surprised when people are upset with you.

Fine, lynch 'em. Tar and feather! The bastards deserve it!

In fact, bust down the doors of all their neighbors, yank those folks off their couchs and their kids away from their game consoles, and lynch them too.

They're living in same appartment complex (Class C IP address range), so let's crucify everyone in the surrounding area, so that the apt complex managers who tolerated the porographers will lose money and noone will move back in.

MAPS is not censorship; SPAM is censorship

[Arrogant-Bastard]

One way to censor a viewpoint you don't like is to suppress it.

An equally effective way is to drown it out with your own message.

And that is precisely the effect of spam. It overran Usenet years ago, rendering newsgroups which had functioned nicely for years useless. It's now overrunning the mail systems of ISPs, individuals and organizations in the same fashion.

Moreover, some companies/individuals have chosen to profit from this unethical activity, and in have in fact lent their active support to it. These companies/individuals should not be surprised when the community attempts to defend itself from their actions by barring their traffic.

So let's be clear on who the enemy are:

1. Spammers
2. Those who hire spammers.
3. Those who write spamware.
4. Those who provide hosting, connectivity, mail, or other services to 1-3.

These are the entities responsible for the floods of spam that clog mailboxes and mail servers; it is with them that the problem lies, not with the valiant attempt by MAPS to address it.

Re:What in god's name are you talking about?

[dizee]

This is bullshit then. They should burn in hell. :)

"I would kill everyone in this room for a drop of sweet beer."

What in god's name are you talking about?

[dizee]

So that I can get on the best of both worlds, I've seperated my response by posting attitudes. Those of you interested in only the appropriate attitudes can check the label at the top of each paragraph to determine whether or not to read that particular paragraph. Okay:

INFORMATIVE:
The MAPS RBL is used for blocking spam. There are rulesets you can add to sendmail to make it check a reverse DNS lookup if you'd like to verify reverse entries exist. You can change it just slightly to make it query something like 40.182.65.207.mail-abuse.org, and, depending on the result, allow or reject the mail. And that's how the MAPS RBL database works. It works via DNS.

TROLL:
This only blocks SMTP ****MAIL****, not websites. What kind of bullshit is that? "They can't go to their websites" blah blah blah, some more stuff i made up, blah blah blah.

INFORMATIVE:
I suppose it would be possible to alter bind to double-query and check the MAPS RBL for the ip and then return HOST_NOT_FOUND if it's blacklisted by MAPS, but what's the point? This is just pure punishment, not even on the same track as trying to cut down on spam. I seriously doubt many (if any) ISPs are actually resorting to something like this. And if MAPS is actually promoting doing this, then they really need a slap in the face, or a rude awakening or something.

TROLL:
So I believe this is when you update your article, say enough people convinced you you had absolutely no clue what you're talking about, and you remove the text of the article, and then you put it back up later because people bitched at you for taking it down because they wanted to see what everyone was making fun of you for and maybe get it on the action.

Mike

"I would kill everyone in this room for a drop of sweet beer."

Re:What in god's name are you talking about?

[dizee]

Ignorant, eh?

Look, I use MAPS, and before I even thought of using it, I went to their webpage, and yeah, I researched it. I read a lot of stuff there before deciding to use the MAPS RBL on our mail server.

I never once saw the multihop eBGP4 while reading the info there. In fact, the whole time I spent there, the ONLY information that was all over the page was about blocking SMTP mail, and nothing else. Never once did they even IMPLY that there was another method of using the RBL. There was absolutely no information that I read that suggested otherwise. It looks like they've changed the site around since I was last there several years ago.

If that makes me ignorant, fine, whatever.

In any case, using MAPS in this way is just plain wrong. I support only blackholing via mail, not anything else.

Mike

"I would kill everyone in this room for a drop of sweet beer."

Re:fyi

[f5426]

Thanks for the info.

The mail have not been held, it was plain refused. But I suspect that some can confiugure its inbox so smapcop reject any suspicious mail.

Btw, isn't spamcop a joke ?

My second account is on easynet.fr. Looks they have spam problems too. Starts to be ridiculous, as every provider have spam problem.

I tried the major french ISP on spamcop: club-internet, noos, all are 'detained'.

Even apple.com or microsoft.com are 'detained'. Or 'mozilla.org '. This seem pretty effective to reduce the amount of mail that one receives. Rotfl.

I get about 200 mails per day, and one or two are spam. From what I see, I could probably get the number of emails in my mailbox near zero with spamcop...

Cheers,

--fred

Sounds like the role of the RBL has expanded..

[sid_vicious]

If I understand the story correctly...

My understanding of the RBL is that if I subscribe to it, I will not receive e-mail from any sites listed on the RBL. Sites (supposedly) get listed on the RBL because they have been the direct source of spam mail.

It sounds to me like the folks who most recently got blacklisted were put on the RBL *NOT* because they were the source of spam mail, but because they have business relationships with (or have business relationships with people who have business relationships with) sites who create spam-generating tools. Please tell me if I misunderstood.

I'm uncomfortable with the idea that the RBL is being used NOT to directly block spam, but as a big stick for bashing people for making business deals with spam-ware selling sites (sleazy as they may be). If your site isn't directly generating spam, it oughta be removed from the RBL!

And I think it's a bit short-sighted to say "big deal, *I* can't receive e-mail from x.com, so what?" If you were the site owner of 'x.com' and it was a totally legitimate business, you'd probably care a lot!

Of course, it's true, use of the RBL is voluntary. But if they keep this kind of stuff up, they may find less volunteers in the future..

I wonder if anyone's considered sort of a democratic RBL? Anyone could submit a problem site with a complaint, and a group of randomly-chosen (but trusted) people could investigate and vote on it.

Neural Net Spam Filtering!

[ShakaUVM]

RBL blocking 2 out of 900 spams is pretty bad.

A friend and I wrote a neural net spam filter using the UCI Machine Learning Database (on spam), that gets 90-95% accuracy on classifying a message as a spam or not-spam. It's integrated with the mail delivery system via procmail, so you can set it up to deliver all Good mails to one mailbox and Spam mails to another.

It is available (free + open source) at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.tar. gz
The README is at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.READ ME

For Solarius/Linux only, Windows users need not apply. The system works pretty darn well for a simple neural net, and can be greatly improved, so if anyone is interested in modifying our code, drop us a line! :)

William Kerney
UCSD

Horay!

[kevin42]

I'm very happy to see ./ finally post an article that surprised me by it's content. This is a very good example of a well thought out and researched article. Please do more like it!

Re:I don't get it..

[Pinball+Wizard]

3 million emails a day, at an average of 5K each wouldn't be too hard to deal with. Yahoo processes all its email through a spam filter already - although it only gets about 60%, its program has never put a valid email in my spam folder. That's actually pretty impressive. If this program could catch 90+ of the spam without deleting valid email, it would be nothing short of amazing.

IMO - this is the way to stop spam - IP addresses and domain names of spammers are always elusive, but you can spot a spam email from a mile away.

I watch the sea.
I saw it on TV.

IMAP!

[fm6]

Spam really is a problem on the Palm, because it takes time to download it, there's only 2MB RAM so there's no space for it, and so on.

I have to point that some email servers and clients let you download your headers and review them for possibile downloading. (I believe both IMAP and POP support this, though IMAP does it a little more efficiently, and POP-only clients tend not to support this feature.) I'm suprised how often I hear from people who complain about spam, attachments, etc., overloading their bandwidth and memory, and yet still use software that follows a "download everything before you read anything" model.

Of course, if spam continues to grow, it will overload your 2 meg device just with the headers!!! ;)

__________________

Screw Vixie and his goon friends at Above.net

[Ars-Fartsica]

Paul - no one elected you policeman of the internet, and now it is clear that some users are being punished for your own idea of what is right and wrong.

You're using your own influence to strong-arm people into adherring to your filters - its that simple. Get off your high horse and try building a constructive way of dealing with spam that does not punish innocent users.

Re:There are no innocent victims

[itarget]

Not to mention the fact that MAPS must add WHOLE companies to the RBL if the listing is to have any meaning.
Case-by-case RBL'ing isn't really an option because new spammer sites would pop up on unblocked IPs (media3 is spam-friendly, so they're likely to add more such sites), non-spam sites may be moved/added to blocked IPs (then we'd see media3 crying foul for some sympathy), and the point simply won't get across unless it's made clear that those of us using the RBL want NOTHING to do with them as long as they're harboring or assisting parasites.

Yes, I know the word "parasite" sounds harsh, but what would you call someone who makes money while you foot the bandwidth bill?

I volountarily use the RBL knowing that I may not be able to access some sites or receive mail from some people. I accepted that possibility when I chose to boycott spam.
---
Where can the word be found, where can the word resound? Not here, there is not enough silence.

So what do you propose?

[Chops]

While I agree that MAPS's actions here seem to be out of line, I support their right to recommend that any IPs they see fit be blackholed -- it's not like any ISPs are being legally required to use the RBL, as some places are censorware. MAPS built their trust with the community by being evenhanded and trustworthy; if they start making bad recommendations, people using the RBL will stop listening to them (just as they did, for the most part, to ORBS.)

Personally, I'm hoping Vixie sees the light. What's Media3 gonna do, terminate the account illegally and risk getting sued? Argue "but spam is wrong" in court when it happens? But hell, that's my opinion, and more people seem to want to listen to Vixie than me ;-). That is, of course, their right, as it is his to recommend that they blackhole any damn IP that comes into his head to mention.

Re:So what do you propose?

[Chops]

It's not an easy question; certainly it should be, but the average user probably doesn't have the time or inclination to keep an up-to-date blocklist... also, most ISPs (I hazard to guess) are making less of a political statement with their blocklists than a pragmatic one -- they don't want their servers brought to their knees by spam, and so they take measures to prevent this happening.

In the end, of course, you can always vote with your wallet, or use a webmail service for your email if you don't like your ISP's terms.

Pavlov's dogs love the meaty taste of SPAM!

[plastickiwi]

Wow. All one has to do is mention the name of a canned meat product and Slashdot turns into a slavering pack of censors. All the high-minded rhetoric about "free speech" and "the marketplace of ideas" goes right out the window the moment someone invokes the dreaded "spammer," cousin to pedophiles, disciple of Hitler.

Someone should inform Pat Robertson or James Dobson about this phenomenon. They're not having as much luck as they'd like in pushing the use of censorware that covertly blocks sites with political content they don't approve. Imagine how happy they'll be when all they have to do to shut down the ACLU's web site, or the Democratic Party's, is set up a bogus spammer haven on the same subnet and then turn themselves in anonymously.

Hey,for that matter, why not skip the subterfuge and set up a MAPS-like service openly advocating censorship? All you'd have to do is control one decent-sized ISP by purchasing it or packing its board of directors, block its users' access to everything you don't like, and then threaten all the other ISPs with blackholing if they don't block your list of censored sites too.

Let's start with everyone's favorite hot button, kiddie porn. I'm sure with enough public relations noise we could convince AOL or some other large ISP to block every IP number in the same subnet as some site with questionable pictures of minors. From there, we could just let the blackmail flow.....

Re:That violates John Stuart Mill's liberalism max

[Karl_Hungus]

I have a right to property. You have a right to property. We both have these rights. But your right can only impede my right if I owe some special obligation to you because of a prior relationship or agreement (like contracts or marriage or whatnot). In fact, we don't have a prior relationship, so there is no "harm" done. Your version of the "harm principle" is quite disturbing, because it allows for no stopping point. Under your conception, every annoyance is a harm.

Great! I'll be the one parking the unmarked van with the Phasor Pain Field Generator mounted on the fender outside your house tomorrow morning at 3A.M., then walking away. Don't touch--it's my property, and we don't have a contract that says I won't do this. Sounds like a protection scheme, doesn't it?

The "special obligation" is that you live in a society, with other people, not on an island or in a shack in Nowhere, Montana. If this is too much of an infringement on your property rights, there is a place (formerly inhabited, but now devoid of human presence) where you can enjoy those rights to the fullest. Why not go there now?

Re:Non-censoring anti-spam solutions are available

[shokk]

My favorite solution was back when I used Eudora 3.0. I had it filter any mail that was not addressed to me into a folder, and invariably it was all spam. Then, I forwarded all those addresses to each other so they would get picked up by the mailing lists and cause a nice storm of autoresponders mailing each other.

Hooooowwweeeeee! Boy, did they take me off their list, and a few of those sites seemed to be unavailable for a day or so.

Hopefully that prevented those last few people from hearing about those great money making schemes that are making everyone rich these days. Don't want those fantastic secrets spreading too far!!

Re:Software DESIGNED to spam

[CritterNYC]

If an ISP has an entire Class B and one IP/domain is sending spam then that should be the only one blocked.

Actually, I *do* agree with this part of what you're saying. I think MAPS decision to hit the whole class is a 'Bad Thing'. The decision by MAPS to blackhole everything used by the spammer does, however, have merit. Afterall, most spammers are just sending spam through open relays in Asia or popping up on dial-up accounts that get cancelled 5 hours later now. But, they host their sites here. I don't know if I totally agree with blackholing sites and all, but I can definitely see the logic here.

Either way, this is why the Realtime Blackhole List (RBL) and the Relay Spam Stopper (RSS) are two seperate lists on MAPS. The RBL blackholes all spammer nasties and some non-nasties in an attempt to get spammers thrown off legit providers altogether. The RSS lists ONLY open mail relays. So, if you just use this service, you'll just be blocking open relays (like all the ones in Asia).

Personally, I think it would be nice if they offered another option: all spamming mail servers. Just the IPs of open relays and known spam mail servers, without any of the other collateral sites. That way ISPs could vote (with their feet) which service they choose to use: RBL, RSS, or RBL+RSS-ExtraSites. What does everyone else think of that?

A Better Analogy

[CritterNYC]

They aren't harboring spammers, but they are harboring spam-tool makers. And this isn't software that CAN be used to spam. It is software that is DESIGNED to extract email addresses and then 'stealth' send them... ie, send it illegally using hijacked equipment without getting caught. Your anaolgy would be correct if they were blocking, say, sendmail's web host... since their software CAN be used for spamming.

So, it isn't like just providing the photo paper and ink to the kiddy porno makers... it is like providing the building, cameras, film, video-feed and streaming servers for kiddy pornographers - knowing full well what they are doing - and then being surprised when people are upset with you.

Software DESIGNED to spam

[CritterNYC]

In this case, the "bad" website sells software which could be used to spam.

Sendmail could be used to spam. This website sells software that is DESIGNED to extract email addresses and then stealth email them, most likely through hijacked mail servers with forged headers and from addresses.

What I don't get is why Media3 isn't happy to change their AUP and dump the site. Afterall, the bulk email software is probably being used against Media3's own mail servers by spammers using the software. Kinda like a gun shop selling a gun to a guy who tells them he's going to rob the gun store with it.

Re:Huh???

[sulli]

I thought the RBL was supposed to block the MAIL, not the WEBSITE.

That's exactly what the RBL does. It doesn't block the website - MAIL servers subscribe to it! Now I might not like the fact that Peacefire.org's web site can't send me mail, but it's really not that big a deal.

people, read the article

[happystink]

I can't believe how many people are just re-iterating what the RBL does, in case we didn't read the article (like them) and don't know. Slashdot discussion is the worst, everyone's an expert, without even having read the story.

sig:

Why not apply the "no spam software" evenly?

[jwa0]

Since the RBL is used against those who write or distribute programs designed to send mass e-mail, I should fully expect places like PacketStorm (a fine archive of security-related tools and scripts) to be placed on the RBL. They knowingly host code that sends mass mail: http://packetstorm.securify.com/Exploit_Code_Archi ve/mailbomb.c Why then is PacketStorm not on the RBL? Or any of the other hosts that have similar tools?

I use the RBL hooks in Postfix, and I find them very useful. This is a bit much, though. While I have enormous respect for Vix & co., I think this is way over the line.

How is software that is designed to send bulk email any "worse" than software that is designed explictly for the purpose of, say sniffing user passwords or performing denial-of-service attacks? Indeed, why aren't we, as the Internet community, tracking down those people arrogant enough to write these tools -- tools that are clearly used to commit all manner of subversion havoc -- and blackholing them?

It's because (most) technical people understand that tools are just tools. Somebody who writes a password grinder is "just" a programmer. The Unix admin who downloads it and runs it against her password file is just doing her job. The peeved help-desk guy who uses the password grinder to get the VP of Finance's Unix password and then uses it to access the nifty Oracle financial system is acting-- in the words of AUPs everywhere-- in excess of his authority, and if caught, will be squashed by the Law.

It's not valid to want it both ways, to want software that you think is "bad for the net" blackholed out of existence, yet allow other software -- arguably more damaging -- to exist unchallenged. If this was, say, WIPO vs. nmap, would those of you in favour of MAPS' stance take offense? Software is speech. Censor it and contribute to the decline of your freedom to write it. I'm sure the brains behind WIPO are very interested in seeing how this plays out; if an .org which essentially controls access to and from the large nationwide ISPs can succesfully censor software without question, then certainly WIPO can.

And finally: simply because MAPS says "These are our guidelines, and we are following them" doesn't mean the guidelines have merit.

tools like these need finer-grain control

[ummit]

It was clear to me a couple of years ago when I first read about the RBL, and this case & its ensuing discussion confirms it for me absolutely, that a tool like the RBL needs to offer at least two separate lists: (1) IP's that are blacklisted because of sending spam, and (2) IP's that are blacklisted because of hosting spam-promoted websites. Yes, there are good arguments in favor of blocking spam-hosted websites, but there are also good arguments in favor of not doing it, and it's an endlessly debatable point which will never be settled (as this /. discussion thread amply proves!). Subscribers to the RBL ought to have a choice whether they buy in to the heavier-handed kind of censorship.

I don't get it..

[Clownburner]

You say that the system achieves 90-95% accuracy, but then your README file says "The accuracy isn't very good because the training set wasn't very amenable to personal emails"

So what gives? Does it work, or not?

As for MAPS, the low hit rate is because it's based on DNS, and the number of unsecured mail servers approaches infinity. You just can't catch 'em as fast as they pop up, you really can't. Searching the text of the email (as your program does) is a better solution but one that can only be adequately implemented in a highly distributed way (i.e., at the client or possibly mailserver level). If you're an ISP and deal with 3 million SPAMs a day, processing the text isn't computationally desirable.

_________________________________

Something _VERY_ similar happened to me

[Poppa_Chubby]

This story closely mirrored something that happened to me some time ago. (Set the way back machine for 1997ish). About that time I was working for a small ISP that had a leased line through a company that has now gone out of business (AGIS, its not bad form to mention them now :P~). In any event, around this time, Sanford Wallace obtained connectivity through AGIS and that's where the trouble began. What did Mr. Wallace have to do with the little ISP I was working at? I asked myself that question a whole bunch of times that summer.

In any event, Mr. Wallace got his contract through AGIS _BEFORE_ they had a formal anti-spam policy. It was an oversight on their part and for all their real faults, this one was unintentional (spam was only a massive problem at the time, not the endemic it is now.) After the news became common knowledge, every single mailbox that we had listed on our site was getting massive amounts of bulk mail. The irony is, it was bulk mail from the people that were telling us how bad bulk mail was. Each of these bulk mails had something in common, they would :

1) Include about 350 lines of contact email addresses from known AGIS customers

2) Inform us we sucked ass because we supported AGIS who supported Sanford Wallace.

3) Tell us to tell AGIS to stop supporting Sanford Wallace.

4) Tell us we sucked ass because we were, in effect, spammers

5) Tell us to leave AGIS

The irony from this never left me, which is probably why I don't use the RBL where I'm at now. These net cops were just as bad as the problem they were constantly whining to us about. It didn't matter that we weren't spamming anyone. It didn't matter that we had an AUP that forbid spam. We had to leave AGIS or we were going to be blacklisted. Never mind the fact that as a small company we couldn't afford to get out of our contract. Our mailboxes were flooded close to three months with this junk until AGIS finally created a chump 'bulk email commission'. In any event, just complaining to the company responsible would have yielded the same results, somewhat faster, than complaining to us.

Why do I bother mentioning this? Well, AGIS would have yanked Mr. Wallace's connection in a second if they _could_. But, because their AUP didn't expressly forbid what he was doing at the time they couldn't do it without losing a shitload of money. But, that wasn't a good reason according to the zealots. These people seem to want everything done yesterday and in reality that can't happen in a world of contracts. AGIS couldn't get rid of Mr. Wallace until they reworked their contract with him, so that was what that chump 'bulk email commission' was about. They formed that to wait out his contract and then didn't renew it with him. I know AboveNet has an AUP forbidding spam, but I wonder if they had a customer that was doing something that no one liked but who's actions weren't contrary to their AUP if AboveNet would break their contract with their customer? That would be a really interesting question to pose to their manglement.

Oh well...I rambled enough for tonite.