Slashdot Mirror
MAPS RBL Is Now Censorware (Updated)
Media3 has had six of its ClassCs added to the RBL: one in June, and five in November. These 1500 IP numbers are now cut off entirely from the rest of the Internet for any Internet provider who subscribes to the RBL (more on this later).
But making these 1500 IP numbers vanish from the net -- which is exactly what happens for any provider who subscribes to the RBL -- does not stop any spam from getting through. They are not blocked because those servers are sending unsolicited email, or any kind of e-mail for that matter.
Media3's service agreement is more-or-less the same as all responsible, anti-spam providers:
"M3 does not permit the transmission of unsolicited e-mail... Subsequent violations will result in suspension and/or termination of the account without refund of service fees..."
And MAPS does not even allege that a single piece of spam has been sent from any of these 1500 IP numbers. As their press release says:
"Media3 refused to require their Web-hosting customers to stop advertising their Web sites by using unsolicited commercial email..."
Even this fact is in dispute. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate Web sites which promote themselves through spam.
You can check the RBL evidence file yourself. When a MAPS representative spoke with Joe back in June, he told him that he needed to, not tighten up his sendmail rules, but "terminate the Samco [Web] sites and rewrite his AUP to prohibit the hosting of spamware."
Spamware? Yes. Media3 does host Web sites which sell software that sends bulk e-mail and harvests e-mail addresses. Take a look at MarketingMasters.com. Their IP number is 209.211.253.74, which is in the Media3 ClassC which was blocked in June. You can look them up on the RBL at http://mail-abuse.org/cgi-bin/ lookup?209.211.253.74.
Again, the blocking of that IP number, their Web site, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose Web site can't be seen by RBL subscribers.
The problem is that MAPS has put every 209.211.253.x IP number on their list. For example, if you look up 209.211.253.169, you'll see exactly the same message and same rationale.
And 209.211.253.169 is not a spam Web site. It's otherwise known as Peacefire.org, a group of young people who are advocates of free speech rights for teenagers, and -- irony alert -- longtime opponents of censorware.
In fact, if you visit their Web site you'll see many reports about how censorware blocks the good as well as the bad. Their latest, "Amnesty Intercepted," shows that sites like Amnesty International Israel and the American Kurdish Information Network are blacklisted as pornographic by overzealous censorware.
Kind of like Peacefire -- and over a thousand other sites -- are blacklisted by MAPS.
Let's be clear about what censorware does. It does not by itself block content. It "only" rates that content as unacceptable for viewing, and it is up to someone -- your parents? your teacher? your ISP? -- to apply its rules to prevent you from seeing that content.
I don't like spam any more than the next person. But I also don't like censorship, and I take a content-neutral view of these things. If someone delivers a product to be used by Alice to block Bob from seeing website because she doesn't like its content, that product is censorware.
And if that product capriciously, unfairly, and deliberately blocks innocent Web sites, then it's not very good censorware.
In this case, the "bad" Web site sells software which could be used to spam. Frankly, compared to Nazi propaganda or bomb-making instructions, it's pretty tame. But that's not important. Standing up for speech I agree with is easy, everybody does it. If you want freedom, you have to stand up for speech you disagree with.
At least with programs like CyberPatrol, SurfWatch, and Net Nanny, when overblocking mistakes are pointed out, they are corrected. But as MAPS admits in its press release and evidence files, the intent here is not to block the actual Web sites (after all, people who want to buy the software will find a way to buy it).
No, the intent is to get the ISP in question to play ball. The fact that a thousand innocent Web sites are censored is, as far as I can tell, irrelevant.
I don't see much difference between this and any other censorware. One difference is that few other censorware packages are actually free. Another is that fewer are so obviously wielding their power as a retaliatory weapon.
And, there's also the fact that the RBL is used by a backbone provider, AboveNet, whose CTO also happens to be a co-founder of MAPS. Peacefire had no idea that it was being censored until it heard from confused would-be readers. At least with traditional censorware, if your connection to a website is blocked, you have some idea of why. Peacefire's readers naturally had no idea whether their packets were traveling over AboveNet's network, and only knew that their connections were being rejected.
(I contacted Paul Vixie to ask about AboveNet and how it uses the RBL, but he refused comment, sending me to AboveNet PR, who didn't get back to me by deadline time.)
Vixie claimed in 1998 that "MAPS volunteers always contact the owner of a site before it's blacklisted." I'm guessing none of the 1,500 blocked Web sites were contacted.
But then, MAPS also advises Web providers:
"If you host Web sites, we suggest that you use one IP per domain so that if spam occurs for one Web site, we don't have to blackhole you or your other customers to block access to the spamming site."
That's exactly what Media3 does -- and exactly what MAPS did.
Oh, and one more difference. The RBL is more successful than any other censorware package. According to Upside, 20,000 companies that control 40% of all e-mail accounts (and, quite possibly, Web sites); that's up from what ZDNet said in 1998, 2000 ISPs that control 30% of Internet destinations.
I can't find much to argue with in Joe Hayes's summary:
"They [MAPS] are blocking very good educational sites, nonprofit organizations, in their attempts to get us to adopt their definitions in their entirety. They've made no bones about hurting people and while Media3 maintains a policy of not allowing unsolicited e-mails, we do not see completely eye-to-eye on MAPS's definitions because they become very encompassing and very broad. While they have a good tool, and I commend them for their efforts to contain e-mail abuse, they're a good thing gone bad and they have basically become the abuser."
And here's a heavily abridged list of the sites that cannot be accessed via AboveNet, or any of the other providers who use the RBL -- just a few of the sites on just one blacklisted ClassC:
- FulfilledLives.com, "the place for women and girls," about spirituality and relationships.
- DesktopHeaven.com, Windows themes, screensavers, wallpaper.
- TownOfCary.org, the official website for the town of Cary, North Carolina.
- StudioZito.com, yet another Web site-designer.
- Crossalizer.de, a music site which points out (in German) that it's a victim of an anti-spam initiative, and thus has moved to Crossalizer.com.
- StrikeMore.com, bowling tips and schedules.
- NewTechWellness.com: "The total balance of wholeness and wellness within the areas of Mind, Body, Family, Society, and Finances in our lives is our goal," OK, whatever.
- ElaineCoffman.com
and DianaPalmer.com
-- both are authors of romance novels.
And finally, - CraftersCommunity.com. "If you are looking for a fun and easy recipe to do with the kids, try these deliciously simple Winter Cookie Pops."
Update, something like an hour later: If you're planning to e-mail me or post a comment saying I don't know what I'm talking about because the RBL only blocks mail traffic, please take a moment to read this 1997 interview. Excerpt:
SunWorld: How do you defend your policy of Blackholing Web services that host spammers' Web sites -- even if the spam itself isn't going through their service?
Vixie: This is the most controversial thing we do because it's censorship of something that isn't spam. It's me saying to some Web provider, because you are renting space to this person [a spammer] who is doing something completely legal, I am going to Blackhole your butt.
For more on the Border Gateway Protocol implementation of the RBL, see this page (thanks to jeffg for the link); for a description of how it drops all packets to blackholed sites, see this message.
Also, Bennett Haselton of Peacefire reports, at 10:58 PM EST:
I just telnetted in to www.peacefire.org and was able to do "ping www.above.net" and "ping home.cnet.com" and "ping www.infoworld.com" despite the fact that that traceroute on all of these sites shows that they are hooked up via above.net.
Peacefire's IP address is still on the RBL, so it looks like AboveNet has, for the time being, temporarily stopped blocking their users from accessing sites on the RBL.
This means that either:
(1) AboveNet has realized the errors of their ways, and is trying to correct them.
(2) AboveNet is trying to cover up the fact that they ever censored their users' Internet access, and they are temporarily opening up the gateway so that people on AboveNet will be able to access Peacefire and will think it is all a hoax.
Now, spamming software is sick messed up crap, but if we subscribe to maps, then are we as bad as Jack Valenti and his pals in the entertainment industry?
Chris DiBona
VA Linux Systems
--
Grant Chair, Linux Int.
Pres, SVLUG
Co-Editor, Open Sources
Open Source Program Manager, Google, Inc.
There are three ways that RBL may be used, listed at this address:
http://mail-abuse.org/rbl/usage.html
ONLY ONE OF THE USAGE METHODS results in blackholing all ip traffic, that is the Subscription via BGP. This option is only available to larger networks with routers which have an ASN (see whatis.com if you don't know what an ASN is.)
I know of very very few networks which use RBL in this manner. There must be a few, but it seems like a pain in the ass, and there are negative effects of doing it, as indicated on the RBL description of the service.
Anyone choosing to implement such an esoteric blackholing system for all ip traffic from RBL-listed hosts is likely FULLY AWARE that they will be dropping some hosts, and must consider that an acceptable risk. If you are a client of such an organization, and don't buy into that, then leave. My guess would be that most that have successful implementations of BGP RBL subscription had buy-in from their clients before they set it up.
My guess is that 95% or more of RBL subscribers use the "Direct usage via DNS lookup by mailserver" method of applying RBL blocking. This method has ZERO IMPACT on http, ftp, dns, ICMP, or any other type of traffic other than SMTP.
This Slashdot article was written by someone who does not understand the nature of the Internet and the RBL on a detailed level, and who is obviously dipping into conspiracy theories a bit... his little diatribe on above.net sounds like the manifesto of a lunatic. To the author: Get over it, sir. You don't understand the technology, and you don't understand the decisions made by ISPs who implement the RBL. I wish you well in your career, but this isn't going to be the ground-breaking story you thought it was. Feel free to write me if you'd like to speak to me further.
Sincerely,
~Acheron
There are many forms of the MAPS RBL subscription.
One form that appeals to some network providers is the MAPS RBL Subscription via Multihop eBGP4 . This subscription option involves configuration within border routers of a subscribing network provider. Any traffic that passes through a router configured to peer with the MAPS RBL feed will null-route packets destined for any host or network listed in the MAPS RBL. This includes ALL internet protocol traffic -- not just mail.
If a network or host is listed in the MAPS RBL, and a router between you and that host or network is configured to use the MAPS RBL BGP feed, you will be unable to browse a website located there, you will be unable to ftp to them, and yes, you will be unable to send them mail. And they will be unable to send you mail, or browse your web site. Again, any traffic passing through a router configured in this way that is destined for an IP in the MAPS RBL will be null-routed -- for all intents and purposes, dropped on the floor.
Asymmetric routing and inadequate coverage on the border can be a noted hole, but in cases such as these, the MAPS RBL BGP feed isn't really working anyways.
It happens that if you write me and I'm not at home, I get your mail via Palm VII wirelessly. Whoever you are. Even if I've never heard of you. And sometimes, that matters to people.
Spam really is a problem on the Palm, because it takes time to download it, there's only 2MB RAM so there's no space for it, and so on.
So, I want to filter spam, and I want to deter spammers because deterrence is more effective than a filter. The RBL has been a positive force for me, it's kept the S/N to the point that I can read your mail.
Thanks
Bruce
Bruce Perens.
So, what do you do to get Media3 to close down the spammer?
You don't need to. Just block the spammer's website. This still cuts off the money - the spammer will get less, since they've been RBL'd, and if the spammer goes elsewhere, then the ISP loses their money - but not at the (unnecessary) expense of other customers. Repeat the process with wherever the spammer goes next.
That's how MAPS should work, by blocking the bad stuff so that RBL users just don't see it. There isn't any need to punish innocent sites who happen to be on the same class C. MAPS should concentrate on blocking spammers and their sites, not trying to twist ISPs arms.
If MAPS successfully got Media3 to shut down the spammer's site, then MAPS WOULD be dealing in censorship, wouldn't they? They'd no longer be this optional advisory guide you could use, rather, they'd be going around getting websites they don't like shut down. If that's not censorship, I don't know what is.
MAPS seems to want to have it both ways - to the public: "Oh, we're not censoring anyone", but to M3: "Shut this site down now, or we'll punish you by blocking lots of your sites". I'm sorry, but to me, that's just terrible.
Quidquid latine dictum sit, altum viditur.
Arguments about whether or not RBL is a censor because it doesn't wield the power of a government are sort of missing the point. The point is if it provides a useful list. Censorware is censorware because it provides a very unuseful list. The fact that schools and libraries use it is almost irelevant to its name.
From what jamie has said, it sounds like RBL isn't so much trying to block spam as trying to apply political pressure to get an ISP to do what it wants.
Essentially, they're using the fact that hundreds of ISPs suscribe to them and trust them to help them block spam as a club to beat other ISPs into doing what they want. That doesn't seem like a terribly wholesome thing to do to me. I don't want my subscription to be used that way. I simply want them to tell me what sites send spam.
Need a Python, C++, Unix, Linux develop
The problems with censorware are: 1. Inaccurate or undocumented listings. 2. Listings for things other than those said. The RBL has neither of these problems. Media3 is actively and knowingly supporting the people who flood your mailbox with all the crap we call "spam". Does blocking Media3's sites, in many cases at the IP level, result in you getting less spam? Today? No. Today, it just means those sites don't get as much traffic. Tomorrow? Sooner or later, Media3 will have to decide whether it wants to be on the network where spammers do business, or on the network where RBL subscribers do business. If they pick the spammer network, they will eventually be totally removed from the network, as they find their way into more and more blacklists. If they decide they want the other network, they will stop supporting spammers and people who sell spamware. With no way to sell their products, the spamware vendors will stop sending you ads for them. People will stop *buying* the products, because there will be no way to buy them. You will get less spam. It's an educational tool. Media3 has the option of being on the network where you host spammer pages, or on the network that RBL subscribers see. They have made their choice. Your list of sites "also affected" misses the point entirely. Those people are paying Media3, and as long as Media3 makes money, Media3 has no real reason to care whether or not hosting spammer sites is damaging to the rest of the network. If your hosting company is supporting spammers, you will be fucked. Don't buy hosting from companies that are unwilling to terminate spammer websites. The RBL isn't about stopping spam *today*. It's about encouraging the policies that we *absolutely need* if we are to have less spam *tomorrow*. Thanks to the RBL, a number of very large networks have put in strong, effective, anti-spam policies. Every day, you don't get dozens of spams that would once have been sent via netcom. Every day, hundreds of spams that would have advertised sites hosted by companies with a policy just like the Media3 policy *aren't* sent, because those sites got taken down, because the policies got fixed. Media3 is wrong. MAPS is right. Media3 is trying to support the theory that, as long as the actual spam is relay-raped or sent via throwaway dialup accounts, it's not their problem where the page is hosted. MAPS is educating them. As soon as Media3 fixes its policy to unequivocally prohibit the hosting of spamware sites, address list sites, and sites advertised in spam, and starts enforcing that policy, everyone is happy.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
You can use RBL w/o an ASN. You just have to run BGP4 and peer with the RBL eBGP4 server and let it route to your black hole address. You then default route everything else out your single backbone connection. No other BGP peering is needed. Since you're not announcing routes (and RBL certainly isn't taking them) you can use a reserved ASN to configure your router.
now we need to go OSS in diesel cars
I personally feel that MAPS, ORBs are more trouble then they are worth. I used to work for an isp which used orbs and it was really truely nothing more then a headache for the Tech people. People woudl call in wondering why they were not able to get e-mail from someone, or why someone could not get e-mail from them. And most of the time it was ORBS. Another example is that open mail relays are blocked. My own mail server was blocked by ORBS one day. it was fine.. the next day blocked. Never (except for perhaps a few minutes here and there) had it been an open relay, yet orbs had blocked it. When I requested they take it off, they promptly did, but again, there was no reason for it to be put up there!
>Nazis vs. Jews
And, in fine Usenet fashion, the discussion is now over!
Jesus was all right but his disciples were thick and ordinary. -John Lennon
First, we must translate the Five Spheres (or Rings) of the enemy system into modern Net.War counterparts:
- Sphere 5: Fielded forces-- throwaway AOL accounts, hired consultants, dedicated spam domains
- Sphere 4: Population-- Spam-related customers, support employees (secretaries, etc.)
- Sphere 3: Infrastructure-- Primary non-rogue ISPs, Websites, ftp sites, cgi scripts, mail relays, reputation
- Sphere 2: System Essentials-- Money, bandwidth, telco access, computers
- Sphere 1: Leadership-- the SpamBoy himself, his partners and business associates
By alliances, we mean those reciprocal relationships the spammer has formed with: news media (Cyber-Clueless First Amendment activist newbie journalists, for example)- other spammers
- ISPs, whether rogue or non-rogue
- hacker consultants
- fringe associates (Meowers, Kook Cabal)
- banks, business organizations, and other sources of economic power
- politicians
We must then examine our assumptions. If our Spammer runs his own ISP, then attacking an AOL account he controls (by complaining to abuse@aol.com) will be of negative value-- a waste of our time and resources. If his ancillary server is somehow "taken down", but his primary SpamServers keep pumping out ECP spam via open NNTP ports worldwide, what will we have gained? If he is (like Gr*bor or our own deeply psychologically troubled Doktor Funway) only marginally rational, abuse and punishment that would persuade a reasonable Yeti to leave the field of battle may only enrage the Bull(shitter) like the pricking of a picador. Finally, if we do not have the necessary intelligence to pinpoint our enemy and her crucial Strategic systems exactly, our efforts will either be wasted entirely, or increased by orders of magnitude over what they could have been with accurate and timely information. In our final strategic translation matrix, we shall endeavor to identify what we mean by a Spammer's Political, Economic and Military powers; as well as the proper role of the semi-tautological Net.War attribute of Information.- Political power: news media (online and traditional), lawmakers, friends and acquaintances, usenet Kooks
- Economic power: cold hard cash earned both legitimately and by Spam; frivolous lawsuits (to tie up opponents' assets/time)
- Military power: Net.war capabilities of spammer's own systems (mail bombs, Usenet binary bombs); hired gun hackers; open NNTP and mail servers ripe for exploitation
- Information: Positive and Negative--> Positive: Spammer's ability to gather intel on foes; ability to adapt to changing laws, standards, and software affecting/enabling internet communication; ability to slander and defame enemies and thus provoke them to rash deeds;
- Negative: the ability to cloak himself in anonymity, pseudonymity, and false faux-open identities, thus denying his enemies that first prerequisite of strategic analysis: identification.
Freely stolen from: http://www.radix.net/~revjack/snotwad/snotwad3.htCensorship is something that can only be conducted by the government. Private organizations such as ISP's or MAPS can choose to carry or not carry whatever they like.
It's not quite that simple, though. Common carriers, although private organizations, don't have the choice to carry or not carry based on content. Now a local dialup provider is hardly a common carrier, but I would say that a tier one provider really should be a common carrier. After all, a local dialup in Peoria can't reach Bangladesh without crossing some backbone provider's network.
itachi
Just a correction, according to spamhaus media3 is hosting not 1 but 21 spam sites, the largest on the list, and considering media3 is a grand total of a few class C networks, thats a pretty high percentage of their customers being spammers. My understanding is that it's a similar situation to the AGIS thing awhile ago. media3 won't cancel sites who spam using other accounts to advertise a site on media3. Because media3 won't wipe out these sites it's become quite a spammer's haven.
-- Greg
Slashdot, would a spell-checker for posting be too much to ask? It's not rocket science!
That couldn't be further from the truth. What's happening is that I decide that someone else has sufficiently similar opinions to mine about what I don't want to see, and ask them to do it for me. That's not censorship, it's outsourcing. Well, I guess you could always call it "self-censorship by proxy" or something equally convoluted.
Now if the RBL isn't what it advertises to be, that's a different question. But that wouldn't be censorship either, it'd be false advertising.
sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
I was rather shocked as I read RBL only blocks %2 of spam. I had heard it blocked more around %90 of spam. As I clicked the article I learned the "independent" study was sponsored by at&t's brightmail. Mindcraft anyone, please?
Here's some other interesting data on Media3:
Spamhaus.org's ranking of spam supporters
Media3's list of active spamhausen
OK, on three, let's have a great big "Awww" for poor widdle Media3.
1....2....3.... BPPPPPPT!
www.eFax.com are spammers
Now, what can we do to end the spam?
No, you follow the money: the spammer makes his money when morons go to the web site and by the spamware. Kill the web site, kill the cash flow, kill the spammer's business.
Now, places like Media3 will say "But we aren't spamming!" No, but they are giving aid and comfort to the enemy. So, what do you do to get Media3 to close down the spammer?
Follow the money
You make it unprofitable for Media3 to host the spammer. You do this by driving business away from Media3. You do that by blackholing enough of their customers that Media3 says "We are losing money doing this. Let's not do this anymore!"
Rememer Spamford Wallace, the uberspammer? Ageis communications was providing cyberpromotions.com with bandwidth, and by God they weren't going to stop. Then they got blackholed, and many of their customers left. Faced with losing money, they dropped Spamford like a hot rock.
Remember: follow the money. It's always about the money. If somebody says it's not about the money, it's about the money.
I say, "GO MAPS GO!"
www.eFax.com are spammers
If someone took out an ad in the newspaper and said, "Bennet Haselton" is a spammer, that would be libel. How is it different to say, "Here's a list of sites run by spammers ... 209.211.253.169 ..."? Well, 209.211.253.169 is peacefire.org, Bennet Haselton runs peacefire.org, so they're saying he's a spammer, which he isn't.
It's not about whether it's reasonable to twist the arms of the hosting companies, it's about misrepresenting what it is you're providing. If a censorware package included a category that said "anti-filtering sites or redirect services", and said you better leave it turned on, that wouldn't be a problem. But when they list all the anti-filtering sites, babelfish, anonymizer and so-on in every category, that's misrepresenting what you're doing.
I read some of MAPS site and it implies that it's pretty hard to get on the list without doing something you shouldn't be. But this isn't the case. "A site being advertised as a target on multiple spam messages may be placed on the MAPS RBL. We assume that the site knows that it is being advertised in this manner". That's a pretty big assumption when you go blocking class C's. I can't find any mention of using the RBL for punishing ISPs as they seem to be doing in this case. Do all their subscribers know they are using it to punish ISPs? Would those subscribers continue to use the RBL if they knew it was blocking large numbers of sites that have no connection to spam other than having the same ISP?
I'm really curious what MAPS contract looks like. They don't have it up on their webpage, and it's the only thing that would exactly address what they claim their service is. Personally, I'd love it if sites would cancel an account if it's at all connected to spamming, even if it isn't where it's sent from. I know geocities does because I've forwarded a few pieces of spam to abuse there. I don't think I'd want the "feature" of being prevented from viewing the sites of anyone hosted on a server that is also used by a spammer.
(1) If you're a bulk provider, with hundreds of web sites, it isn't even worth batting an eye to keep hosting a spam software provider. If they wanted to follow the money, they may refuse to remove them, but they certainly wouldn't defend them when MAPS came knocking. MAPS scares providers.
(2) How much is enough? Should MAPS block every single IP address that the provider has, just to force them to stop hosting the software seller? How many innocent sites have to be taken down in the name of shutting down the spammers? And do you really think people looking for spamming software won't be able to find it because you shut this down? When these software sellers move, should we shut down a thousand more? Will you feel the same when its YOU?
(3) No one ever stops to think how insidiously powerful MAPS has grown. As their filters have become useful, it has gone far beyond good sysadmins using them to protect their users -- it has gone corporate, with millions of addresses obeying the filters MAPS dishes out. What happens when it is abused?
Think that won't happen? Wrong, it already has. MAPS blocked 209.211.253/24, because it hurt a lot more than just blocking 209.211.253.68-89, or even 209.211.253.64/27. I shouldn't need to repeat it, Jamie made a great point: Paul Vixie said MAPS contacts all blocked websites before blocking them. Ah, but that must date back to before MAPS was so powerful, such an icon of internet protection, with supporters lining up to buy them lawyers.
(4) MAPS is tied far too closely with AboveNet. The fact that Vixie was an Abovenet VP (who knows what he is with Metromedia, who bought Abovenet), should absolutely chill people. There's something absolutely creepy about the power to block email to 40% of addresses being thus controlled. I'm sure the small-time sysadmins would remove MAPS configs from sendmail if it were abused -- but would corporations be so quick to follow? With change control procedures, possibly even total apathy?
At this point, a lot of these points have been intentionally sensationalized to provoke a bit of thought. I think that MAPS has just selected an overbroad block to filter this time -- and I agree with filtering spam software sales. You support spam, down you go. But I also think that the cheerleading, here and elsewhere, and the lack of concern over the fact that MAPS has run roughshod over so many innocent sites, shows that people have a tendency to follow net luminaries far too blindly. If you're going to run MAPS filters, then you're handing that project power. Best keep an eye on that, if you don't want to contribute to the abuse of that power.
Apparently AboveNet also failed to inform its customers, or prospective customers via its website, that portions of the Internet would be dark to them because of an action by an intermediate provider (AboveNet) against another intermediate provider (Media3). This ain't the way it's done, folks! As much as I hate spam (and I use the RBL, DUL and RSS to block on port 25) this breaks the Internet.
IMHO, even though it seems that AboveNet has stopped BGP blocking of RBL-listed sites, at least for the moment, they owe an apology and explanantion to their customers, Media3's non-spamware customers, and to the Internet community at large.
"Everything works if you let it" - The Flying Mouse
Fine, lynch 'em. Tar and feather! The bastards deserve it!
In fact, bust down the doors of all their neighbors, yank those folks off their couchs and their kids away from their game consoles, and lynch them too.
They're living in same appartment complex (Class C IP address range), so let's crucify everyone in the surrounding area, so that the apt complex managers who tolerated the porographers will lose money and noone will move back in.
PJRC: Electronic Projects, 8051 Microcontroller Tools
RBL blocking 2 out of 900 spams is pretty bad.
. gz
D ME
:)
A friend and I wrote a neural net spam filter using the UCI Machine Learning Database (on spam), that gets 90-95% accuracy on classifying a message as a spam or not-spam. It's integrated with the mail delivery system via procmail, so you can set it up to deliver all Good mails to one mailbox and Spam mails to another.
It is available (free + open source) at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.tar
The README is at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.REA
For Solarius/Linux only, Windows users need not apply. The system works pretty darn well for a simple neural net, and can be greatly improved, so if anyone is interested in modifying our code, drop us a line!
William Kerney
UCSD
I'm very happy to see ./ finally post an article that surprised me by it's content. This is a very good example of a well thought out and researched article. Please do more like it!
In this case, the "bad" website sells software which could be used to spam.
Sendmail could be used to spam. This website sells software that is DESIGNED to extract email addresses and then stealth email them, most likely through hijacked mail servers with forged headers and from addresses.
What I don't get is why Media3 isn't happy to change their AUP and dump the site. Afterall, the bulk email software is probably being used against Media3's own mail servers by spammers using the software. Kinda like a gun shop selling a gun to a guy who tells them he's going to rob the gun store with it.
Portable versions of Firefox, GIMP, LibreOffice, etc
Keeping