Slashdot Mirror
Above.net Blackholes, Unblackholes Macromedia
This is a sequel to last December's article, MAPS RBL is now Censorware. For the (very) long version of how the RBL works, and how it sometimes fills the same role as "filtering" software, go take a peek.
The short version is that a small group of anti-spam crusaders called MAPS publishes the RBL, which many ISPs subscribe to. Those ISPs block mail to and from addresses on the RBL list.
Some subscribers, notably the backbone provider Above.net, whose CTO is a MAPS co-founder, use the RBL to block not only mail but all internet traffic from IPs listed by RBL. Thus, to cleints of these providers, sites deemed to deliver spam -- or merely deemed spam-friendly -- just drop off the net.
That CTO/co-founder is Paul Vixie, author of Vixie cron and BIND and all kinds of good stuff. He makes some interesting observations about censorship in a 1997 SunWorld interview.
I checked the RBL's servers Thursday night and found that two of
Macromedia's IPs were actually blocked.
postal.macromedia.com was blocked, which makes sense for
stopping spam; presumably that's where the spam emenates from.
But the other IP blocked was www.macromedia.com, which
is of course their Web address. Blocking this address, I would assume,
stops no spam from reaching anyone's inbox.
What it does do is get Macromedia's attention. Because Above.net blocks all traffic and is a major backbone provider, being put on the RBL effectively takes a site off the net for many users. Taking down a big corporation's website is a good way to show you mean business.
(Above.net's abuse department said I would have to talk to public relations, but their PR contact did not return repeated phone calls.)
I spoke with a Macromedia spokesperson both last week and today. She confirmed that "there were two addresses blocked, one of which resulted in users worldwide not being able to access the website." She also repeated several times that they were on the RBL for their email newsletter "the Edge," saying it "does have an opt-in model, that does not spam."
She also pointed out that "worldwide access to macromedia.com has been restored." That access happened sometime Thursday night or Friday morning. Our Slashdot submissions about the downed site came in on Thursday, and I confirmed the IP numbers' presence on the RBL Thursday during the day.
I've contacted several people at MAPS, but they had no comment and (per their policy) refused to tell me how long those IPs had been on the RBL.
The
rationale
for the RBL is that it tries to "prevent ... our paying, in money and
resources and our own time, to receive and process, or relay, traffic
which is nonconsensual in nature." (Their emphasis.) What is
"nonconsensual" about reading Macromedia's website?
Why was www.macromedia.com on the list?
I'm only running this story because it's Macromedia. After all, one it's of the larger sites on the net, home of Flash animation among other things. If it can be quietly removed from a chunk of the net, who can't? (If you noticed Macromedia missing last week, post a comment!)
Take a moment to go read that stealth blocking statement, issued last week. I signed as a member of the Censorware Project; other signatories were the ACLU, CPSR, EFF, and EPIC. We're concerned that, as the statement says:
ISPs that practice "stealth blocking" are violating consumer protection principles and restricting user choice and freedom in cyberspace.
What do you think?
They have an agenda, all right, and it seems to have more to do with silencing opinions they don't agree with than anything to do with what normal people call spam.
Now tell me what you would do if the only high-speed access you could get was through an ISP on the Above.net backbone!
Is it that simple now? Do private companies have the right to limit what is arguably a *public service*? Your "hands-off" approach also breaks down when looking at other business models. Take for example:
"Hey, we're a private automobile company; it's our right to refuse to put seatbelts in our cars, even if our customers demand it!"
or
"Hey we're a private bottled water company; it's our right to ignore all those safety standards!"
or
"Hey we're a private trucking campany! It's our right to deny goods and services to the state of Montana!"
You see, none of the above campanies above actually have those "rights". So it's questionable to even think it's okay for a private company to do whatever the hell it wants with the services it sells.I'm not saying that an ISP does *not* have the right to limit traffic from certain places. I'm just saying you've framed your argument the wrong way.
Well, presumably, truckers from Cuba are stopped because they wanted to illegally dump their ballast into the Florida watershed.
Upon investigating for possible collusion with the Teamsters union, it appears the Teamsters have no objection to Cuban truckers driving to Florida on account of the fact that the US trucking industry has found that salt water is too corrosive to modern diesels.
And yes, I checked carefully that the problem had been fixed. The only way you can relay mail through my mail server is if you're a customer of mine and you have a fixed IP. And I've cancelled more than one user for their failure to abide by my stringent anti-spam policy. I am definitely not a spam-friendly host.
In the end, I finally purchased an additional, similar domain name, and spent several months getting my listings changed on the major web indexes. I've since met several other sysadmins who've had similar problems with the MAPS RBL.
The RBL system is a lot like Paul Vixie's other slipshod product, BIND: buggy, unreliable, and maintained by people with a total disregard for the people they purportedly serve. Unfortunately, while I can replace BIND with djbdns and get a product designed by a competent and ethical (if rather obnoxious) programmer, there's not much I can do about the RBL without a lawyer.
Screw spam. And screw Paul Vixie and his arrogant, incompetent, negligent cohorts, too.
> they continued to operate their 'opt-in' mailing > list in an unsafe way, i.e. without requiring
> confirmation of subscription requests.
Not true. They simply run a mail list in a way Vixie and Dave Rand have decided to define as unacceptable. They have chosen to define what the one true way of mail list administration is, and anyone who doesn't agree with them is a spammer.
MAPs is a very unreliable system -- I've been whacked by MAPs multiple times for relay checks, because I run a mail list that someone attached to MAPS was subscribed to, and because the MAPS system chose to define it as spam, even though it was legitimately delivered and a normal piece of e-mail.
MAPS has no oversight -- who's watching to make sure MAPs doesn't abuse it's power? the MAPs people, of course. Do they report to anyone (like the people who've chosen to enforce RBL) what they're doing? Do people actually know what they're enforcing?
Probably not. Because MAPs is no longer about stopping spam, but about trying to force a way of doing things on anyone who disagrees. Having spent way too much time trying to detangle my sites from MAPs mistakes and uncaring attitude (if we screw up, you get hosed, adn we'll fix it when we feel like it), all I suggest is that people who enforce RBL actually go and find out what they're REALLY enforcing for MAPs. If you still support it once you get that -- great.
but you know what you'll get? "trust us. We know what we're doing". MAPs refuses full disclosure, even to those doing the work for them. Shouldn't that worry you? If they have nothing to hide, they should have full disclosure, and they should have a group of people who enforce RBL as an advisory group on policy and operation.
MAPs is as closed-source on what they do as Microsoft is. But for some reason, nobody's noticed. If they're really okay, what are they hiding? Why won't they work with the people enforcing the RBL to make sure that what MAPs is doing is what the rbl-users want done?
And apologies for going AC here. I have to for two reasons -- one is that I run systems that are at risk of MAPs taking punitive action against me or my company for speaking out, and I fully believe them capable of doing so based on my previous interactions with them. and second, my ISP buys bandwidth through Above.net, so if Above.net decides to attack my home network, I simply disappear without a trace (this ALSO implies that I have no choice about whether or not to do RBL enforcement; it's done for me, without my choice, by above.net) because of their TCP blocking.
I can't afford to get in a fight with MAPs, because I'd lose. And a group like MAPs shouldn't be in a position where they can do that AND NOBODY WOULD NOTICE OR KNOW. but they are.
Just hope they don't get mad at you....
Yeah, I cry myself to sleep every night thinking about what might have been. 10 is a nice number too though. I wonder what it would fetch on Ebay.
As it happens, I did notice that Macromedia's website was unavailable last week. I was going there to download Flash or something of the sort. After making sure that my general Internet access was still operating, I gave up and tried again a few days later.
<P>
The important part is that I had no idea why Macromedia's site wasn't responding. Presumably due to some kind of legitimate, undesired situation on their end somewhere. I never would have expected this to be the reason.
<P>
All this blocking by MAPS and Above.net resulted in was me, a user who has never received e-mail from Macromedia, being unable to do what I wanted to. Neither my employer or me are Above.net customers, nor are we users of MAPS. We had no idea of what was going on (that it had been blocked due to "spam"), and we were not in favor of the action being taken.
<P>
Nevertheless, we were affected by the actions of MAPS and Above.net, as were Macromedia. That isn't very acceptable to me. Is this supposed to be for my own good?
I've received perhaps 50 spams from Macromedia just in the past month, all of the 'unconfirmed email address' variety. It's even more annoying when they show up in German (which I don't read well enough to understand, just recognize), since trying to figure out which url is the 'click here to unsubscribe' link is harder. Not that the unsubscribe link was actually working most of the time, mind you.
I wrote many polite letters explaining about real opt-in (using address confirmation) during the first week, then just gave up and started to really really hate them.
I bet Above.Net's flacks don't ignore phone calls from the local daily paper - even though THAT media outlet has fewer readers, many fewer readers with a clue, and many many fewer readers in decision-making positions.
Now call Macromedia again and ask them if their "opt-in" lists verify the address by sending one e-mail to the person, which asks to confirm the subscription. Yahoo! Groups does this. Lyris does this. It prevents annonymous subscriptions, abuse of Macromedia's resources, and, what do you know, a MAPS RBL. If they say they don't do this "double" or "confirmed" opt-in, then they *deserve* to be in the MAPS RBL right next to Real Networks -- and I still have the spam from Real.
Next, call MAPS and get their position on it. They are very open. Aparently, you have not called them. Do so. Now.
Now, if you have any problems with all of this, and you've made the phone calls, write to us at news.admin.net-abuse.email on Usenet. We will give it to you in eazy-to-understand terms.
Remain Calm. Kill Spam. TINLC.
--
WolfSkunks for a better Linux Kernel
$Stalag99{"URL"}="http://stalag99.keenspace.com";
--
# Canmephians for a better Linux Kernel
$Stalag99{"URL"}="http://stalag99.net";
Another comment above indicated that the problem wasn't so much that they were sending out unsolicited email, but that their mailing lists did not have confirmation. So I could wander over to Macromedia's site, put your email address in the "That's me!" box, and you'd suddenly be receiving every mailing that Macromedia sends out (which is a non trivial number).
This is what MAPS wanted them to fix, but they refused.
Of course, the other post could be wrong, and as I haven't ever signed up for their lists I can't confirm, but still, it sounds plausible.
DNS protocol standardization takes place on the censored namedroppers mailing list. Vixie has had a large involvement in DNS, and I believe he even hosts the mailing list.
Have a read at Dan Bernstein's attempts to raise important issues on this list that are routinely censored:
http://cr.yp.to/djbdns/namedroppers.html
Through a strange coincidence, it seems that plenty of problems I've read about center around or close to Paul Vixie. It's impossible not to have contempt for him at this point. Does he try??
He is involved or responsible for projects which have/had shown significant problems: Vixie Cron (security holes), BIND (security holes), DNS standardization (security holes, censorship, bloated/redundant features), Blacklisting (mis-filtering or abusing filters), etc. This is too weird.
Spam is killing the net, it has already turned Usenet into crap, and email from a "almost immidiate" communication form, to something that is read a couple of times a day when you have time to sort the gunuine messages from the spam. Currently spammers are trying to sabotage SMS messages in those part of the world where SMS (cell phones) has become widespread.
/., they might even be believed. Lots of /.'ers seem to think spam is a question of a few unwanted emails a week, they haven't seen with their own eyes all the useful fora that died under the weight of spammers since September 1993. They haven't seen what happens with spam when it isn't fought.
The real solution to spam is (I know the libertarians will disagree) efficient laws. However, without such laws it is up to the citizens (the libertarians will love this) to protect the usefullness of the net by refusing to do business with spammers and anyone who allows spammers access through their site. This responsibility is shared by both individuals, ISP's and backbone sites.
Ande yes, like any boycot or political action, sometimes people get hurt by this. Sometimes, like in this case, it is someone who provide useful survices, and "only spam a little". And sometimes, it is someone who have done nothing wrong except choose the wrong ISP. In these cases, the victims might try to blame the responsible citicens instead of the spammers, and when the audience is sufficiently ignorant of how the net works, like here on
As I said, we need efficient laws. Without those, the choice is to let the citizens protect their own interest in the net (with all the problems that come with that), or to let the net die in the hands of spammers. I can't blame the citizens, especially those with a vested interest in a functioning net, choose the lesser evil.
If an ISP implements this kind of policy, then those who choose to trust them with their IP packets should know, that is why stealth blocking is dangerous.
--
In my stupid opinion, the right thing for Michael to do now is to point the censorware.com nameservers at censorware.net, thereby declawing Seth's complaint, and getting users to the information they're looking for.
OT-- I appreciate your outrage, but calling anyone an idiot is a really good way to get modded down for trolling. Likewise, I think demands that Michael apologize, or that Taco or Andover fire the man, are not going to help anyone or improve the situation.
I've been a user of Brightmail for a long time. Brightmail produces a spam filtering mechanism that works at the ISP level. I love their product! Unfortunately they are discontinuing their Free Brightmail program and are asking their users to move to one of many ISPs (Excite, Earthlink, etc.) who are already implementing their software. Free Brightmail will be No More after 1.June, and they have no plans at this time to sell the service to individuals and/or small companies (our case). Check out http://www.brightmail.com for details.
The way I understand it, Brightmail's filtering works with context heuristics rather than lame IP address blocking. It's been very efficient for us, and it had the option to turn filtering on/off in case a legitimate message got caught by mistake. You could define the heuristics for such messages to get through. Their operational model was similar to the anti-virus services out there: It relied to a degree on spam being reported by the Brightmail users. They have other mechanisms that I can't discuss now (NDA) but you get the idea.
Does anyone in this forum know of a similar service (free or paid) that will provide filtering?
Thanks in advance,
Ehttp://eugeneciurana.com | http://ciurana.eu
Readers said the same thing last December; go check the story MAPS RBL is now Censorware, its updated section, the information about the BGP and so on.
Trust me on this. I read it very carefully in December: some ISPs use the RBL to block all traffic, not just mail. Not all ISPs. But one ISP is enough, if that ISP is a major backbone provider.
Jamie McCarthy
Jamie McCarthy
jamie.mccarthy.vg
I did. I saw documentation of one statement of one incident from one person alleging spam from Macromedia. Perhaps there were more somewhere, but I did not see them. I would really like to go back and read exactly what it said, but when I asked MAPS if I could link to it or just read it for myself, they said no.
MAPS removed their documentation from public view when they took the site off the RBL -- and in several communications with them, they made it clear that (although they presumably had this information archived somewhere) they would refuse to let me look at it again.
Correct. This is because Above.net and MAPS were unavailable for, and refused to, respectively, comment.
I am not sure why you say that. Thursday, I checked the RBL and these were the only two IPs that were blocked (I spot-checked up and down from those two to see if others nearby were blocked; nope).
As Bennett Haselton wrote me when I asked him about this:
Jamie McCarthy
Jamie McCarthy
jamie.mccarthy.vg
You completely missed the point. Macromedia's mail server and web server were separate. Their mail server was blocked for alleged spam, OK, fine. But their web server, on a totally different IP number, was deliberately targeted for blocking anyway.
postal.macromedia.com 216.35.148.39
www.macromedia.com 216.35.148.103
Since (presumably) no spam comes from the webserver, the only point of putting it on the RBL is to annoy Macromedia by having the BGP-subscribed backbone providers like Above.net cut off their web traffic.
-1, Redundant :)
The submittor sent that in, I didn't edit it, we generally do very light editing of submissions (grammar and spelling, if anything).
Jamie McCarthy
Jamie McCarthy
jamie.mccarthy.vg
> referencing 'nazis' in your first paragraph
Um, that's not jamie's first sentence, that's the reader submission. And regardless of how you may feel about the word, that's pretty much what they are. Would it make it better for you if I said instead of that Above.net was like a couple of Mafia thugs who run around the Internet kneecapping anyone who doesn't 'pay up' to their standards of Netizenship? No 'nazi' in there
> without requiring confirmation of subscription requests
OK, but what you're describing is a double-opt-in scheme, where I opt in, then I have to opt-in to the opt-in choices that I just made. I don't defend spam, but single-opt-in is what most things are right now. I rarely have to confirm that I've signed up to get my inbox blasted with crap.
> but not 'stealth' in any way
Due to the nature of the Internet, I expect that I should be able to get to every site, or be told that I can't get to the site. Masking machines behind DNS failure is stealth blocking, because I never know that the site is blocked. If you've managed to hack your DNS to take RBL sites, then redirect them to a "520: AboveNet Block" error page or something, but quit playing like a three year old who took his bat and ball home because he didnt' get his way. And if you debate this point, let me point out that the RBL, when configured in the recommended way, does indeed send errors back to the mail sender if you match an RBL host. So RBL mail blocking is not stealth, just RBL DNS.
> their mailing practices still suck
Why, because you don't have to reply to 15 Emails before getting a newsletter you didn't read through enough fine print to avoid getting? Is it bad PR to guerilla spam us by using thing like un-opt-in checkboxes (Check here if you wish to receive no email from...)? Hell yes. Should we require double-opt-in? Maybe, if you're too dumb to read, you deserve to get spammed. But are they doing anything technically wrong? No, they aren't.
> This is not a censorship issue
I don't defend spammers, but what exactly do you call it when a company blocks your access to Macromedia? The end justifies the means, so it's not censorship? That's what the French government says about Nazi paraphanalia (there's that 'nazi' word again) - that there is no good reason for anyone to ever see it. History be damned and who cares if we can't learn from those mistakes because we don't even know they're there.
This space for rent. Call 1-800-STEAK4U
Is that legal in most states in the US?
</SARCASM>
That may be precisely what email confirmation is meant to ensure, but then you need to tell your respective representatives that you want double opt-in confirmation, because checking a box, then responding to an email is more than basic opt-in. And lest you think this is just me, every advertising company out there will use this definition too.
Don't complain about the definition of what you're asking for, ask for the right thing to begin with.
This space for rent. Call 1-800-STEAK4U
Christ almighty.
The people who were blocked by above.net were customers of above.net. Maybe if they don't like sites being blocked, they could, oh, I don't know, switch to an ISP that doesn't go through Above.net?
If a candy bar tastes nasty despite the fact that it was advertised to be delicious, do you sue the manufacturer? There is no difference.
I thought the RBL was so that you could configure your network to not accept MAIL from the offending hosts.
But the other IP blocked was www.macromedia.com, which is of course their Web address. Blocking this address, I would assume, stops no spam from reaching anyone's inbox.
That's only true if mail never comes from www.macromedia.com, which is an assumption on your part.
It seems possible that "spam" was sent out from the host "www.macromedia.com" and as such, that machine was also in the RBL.
But if you're using the RBL to block ALL traffic from those hosts, then that's your problem, right? That's not what the RBL was designed for. If "www.macromedia.com" made the list, then sysadmins who choose to use the RBL will not accept mail from www.macromedia.com.
But that shouldn't mean that HTTP traffic is shut off.
What am I missing?
I have to agree, RBL has the right to block whatever they want, but to just make a site disappear is not right. They should let users KNOW it is blocked and for what violations/reasons.
errr....umm...*whooosh* *whoosh* Is this thing on ?
moron....gotta love an IDIOT AC, too much the coward to login ando troll, or just too stupid to back opinions with facts...
errr....umm...*whooosh* *whoosh* Is this thing on ?
For what it's worth. I have a login at a very big
Dutch ISP, and have been accidently subscribed to
Macromedia's mailinglist by users inputting the
wrong username on various occasions. I'd receive dozens of emails before I could get off, for which I had to download their plugin to watch a webpage to unsubscribe to begin with!
They might have an opt-in, but they have no
"confirm before adding" policy which I think is
essential in todays running of a mailinglist.
In that aspect, they should be on MAPS, though
I believe Above.net's policy for blocking all
traffic is wrong.
Leto
I propose an update to Godwin's Law. Yes, once a thread degenerates to the point that Hitler or Nazis get mentioned, the thread is over and the person who invoked Nazis automatically loses. What I would like to add is that any subsequent mention of Godwin's Law itself automatically reverses the outcome.
I mean, think about it. If you buy into Godwin's Law, then upon mention of Nazis, the thread is over. But if the thread was really over, why would you post just to say "This thread is over! Godwin's Law! Ha-ha!" I've seen this so many times now that it's almost as tiresome as the Hitler/Nazi references in the first place.
-Graham
I'm having the same problem getting to planetquake currently.
I am using charter.net, ie cable, to access the net from home. At work I route to the planetquake servers just fine, but from home routing a traceroute reveals that that messages go through att.net and somewhere in there the networking is lost.
Is there a list of suggestions on determining what the problem is, currently I have talking with my cable provider and have sent messages to technical support at att.net, but have had little success. Been down about 3 weeks now.
Lando
/* TODO: Spawn child process, interest child in technology, have child write a new sig */
Mod that guy up. Then mod me down.
mod that down to -1, Troll, please.
You obviously didn't read it at all. The RBL is supposed to be only for mail, but Above.net likes to use it to block EVERYTHING.
I'm also puzzled by this differeniating between blocking e-mail traffic only (acceptable) and blocking all traffic (unacceptable). There is no qualitative difference. Only quantitative. Such blocking helps the quality of the Internet by making it difficult (or impossible, or unaffordable) to spam.
The difference is, you couldn't go to macromedia.com for a while if you routed via above.net. And before that, peacefire.org.
the sad thing is you'll get modd'ed up to +5 Informative by the blind moderators.
Consumers have the choice of moving to a provider that doesn't opt-in if they desire to.
Someone always raises this. This would be fine if this was just mail blocking, but this is total IP traffic blocking if you happen to route via above.net. Usually you have little choice as a consumer on who your ISP routes through, and your ISP often has little choice too -- what if above.net is a backup route, and ___Net is down today, so you get filtered IP access? In addition, most ISP's are loathe to disclose routing information, so you have to get what you can from traceroute, and have no idea if above.net is a backup route.
You are missing the whole point in your post -- probably due to not reading the whole article -- in this case, it wasn't just a matter of RBL blocking email. It was a matter of censored access to www sites.
This has been mentioned about 10^6 times in respect to censorship here before, but by selectively filtering IP traffic to places they don't like (for political and ideological reasons, not for network integrity reasons) does above.net lose any possible status as a common carrier, and are they now responsible for filtering traffic to meet US law? That is, are they going to have to filter out stuff like DeCSS, porn that violates decency standards, and whatever anyone can get a court order on?
The provider that provides the connection where I work seems to blacklist stuff. I have noticed many websites I cannot access... as if port 80 is blocked, but I can traceroute to it, ping it in some cases, and if I ssh home, I can get to the site. *shrug*
The problem with the above is that average users wouldn't likely know why the site they were trying to reach (in this case, Macromedia) is unavailable. The user does not receive an error message stating that the site has been RBL'ed; instead, the user merely cannot connect to the host. Without a clue as to the nature of the fault, the consumer can only chalk it up to a problem somewhere on the Internet and leave it at that.
The ideal consumer in a capitalist system is a well-informed one. Unfortunately, the tight-lipped nature of MAPS works against the process.
-W-
"Is it all journey, or is there landfall?"
-W-
Is it all journey, or is there landfall?
--Ellison & van Vogt, 'The Human Operators'
yeah, and so can just about anything these days. One key omission in the newsletter arena is the fact that The Edgeis entirely san opt-in list.
IF you ask the company to send you the newsletter it is not SPAM.
the RBL maintainers are a nasty group, IMO. They presume guilt before innocence. It was probably some idiot who signed up, and forgetting he did, or forgetting how to unsubscribe, reported them as spam. It is also possible s/he took an email adress someone else had previously, and signed up; then going overboard. On top of that, blocking a website is stupid, when the alleged issue is
These days, screaming SPAM is a knee-jerk reaction.
__My Suburban burns less gasoline than your Prius.
no it isn't. Go learn about networking and routing before making such an untenable claim.
My Suburban burns less gasoline than your Prius.
(Insightful? Please, simple-minded is more like it. Somebody needs to mod this back down.)
No, you did not think.
So, you believe that your ISP can freely, and clandestinely block anything from you without your permission?
So, you'd be fine if they started secretly blocking slashdot, and didn't let you know right?
If you had _read_ the issue, you would know that the issue is NOT the blocking, but the clandestine blocking, that is the issue. if an ISP wants to say 'we blovk all traffic from the foo domain', that is just fine (and was NOTED IN THE ARTICLE).
Why? Because they told their customers about it. if thay had not done so, that woudl be bad. in this case, Above.net was doing it _SECRETLY_.
Try strapping your legs down so your knees don't jerk them around like that so much.
And backbone providers should _never_ do the blocking. Let the final ISP do it.
In this case, Above.net's policy is to block their own customers before confirming. but there is nothing on their site about blocking websites of cmpanies not hosted by them, or their customers.
now, it seems that hey are NOW trying to cover their arse, and have a 'new' policy in the wings.
Which tells you they will block other providers whenever they see fit to.
http://www.above.net/new_anti-spam.html
current/old one at:
http://www.above.net/anti-spam.html
note that they don't just block the mail traffic, they block ALL traffic. And since they ar enot _Just_an_ISP_, this effects more people than their customers. This is wrong. period. What about the poor sap that unknowingly gets routed through above.net's network?
This type of censorship is viral, for it goes beyond the provider's own network. Thus, the requirements and standards should be higher.
MAPS is so draconian that they could, by their rules, block anybody and everybody. Read their rules.
The net, just as government, should follow the Principle of the Least Rrestrictive. this means you block only the service causing the problem. Their tyrannical policy of refusing to say just how or why a given company, service or address is antithetical to their alleged goal.
I, as an administrator and potential subscriber to the RBL deserve to know how macromedia managed to get into the list. You, as a individual who may do business with Macromedia deserve to know as well. Say you don't like doing business with spammers. Say Macromedia got on the list without their having done anything wrong. You will never know, because MAPS has no real interest in decency. They are a single minded group of people who block more than is necessary, and refuse any responsibility or accountability for their decisions or actions.
They may try the claim of "We just list, we do not block". That is horseshit; they know full well how many places do block based upon their lists 9after all, they have subscriptions which cost quite a chunk of change, and require that you indemnify them), and the impact of even 24 hours of being listed unfairly. They have the arrogance to claim that UCE/UBE is more detrimental than lost connectivity.
Their hosts, they say, will _change_ the DNS entries of certain, routing them to their 'black hole'. THis practice is wrong because it violates what sanctity DNS has. They have noauthority to alter information regarding domains they do not own. how would you feel if the postals ervice, or FedEx, or whomever is in your area, decides to just stop delivering the mail you sent out?
What if you had no choice in the matter?
withte consolidation of ISPs that is currently underway, there will be less and less opportunity for indivudal users to select alternative ISPs. And those that did select a more decent ISP, may get screwed when that company sells to an ISP they left, or chose to not patronize.
They way to stand up to places like abive.net, and MAPs is to stop using them. For this to happen, people need to be told the reality of the situation. MAPS' claims are like the 'for the children' pleas from those who have no real justification for their proposals.
MAPS preference woiuld be a non-usable internet, rather than one that had spam. yeah, that's generlly called 'cutting off your nose to spite uour face'.
My Suburban burns less gasoline than your Prius.
Telephone companies are common carriers. Internet Service Providers are not common carriers, according to rulings from the FCC. Common carriers have to offer service on a non-discriminatory basis. ISPs have no such obligation.
Mea navis aericumbens anguillis abundat
No shit, Sherlock?
http://www.above.net/anti-spam.html
Gee whiz, that is even linked from their home page.
---
The flatter the curve, the lower the total infrastructure budget will be. The lower the budget, the more likely that bandwidth will become cheaper.
As a case in point, 56k dialup access is now sooo cheap that it's lower than your phone bill.
All the cost and infrastructure for 56k dialups are already there. The providers need only provide maintenance and admins. Their aggregate bandwidth usage is very low, and will always stay flat unless infrastructure changes.
Pan
I said no... but I missed and it came out yes.
Well, if we're connected through Abovenet, then yes, someone controls my inbox and your inbox, and in this case they even control our web browsers. The only question is whether we prefer them to have this control, or not. But if there's no indication that Abovenet does this sort of blackholing, then there can't really be a choice on the user's part as to whether they prefer Abovenet or not, can there? Membership for those users is not voluntary, because they don't know they're members.
I believe in the RBL, but I don't believe in giving them total power. The RBL is a great tool if you choose to use it, but users should have that choice to make and should know that they have such a choice.
Of course better oversight on the part of Vixie & co. wouldn't hurt either, but as long as users have a choice then any overzealousness will just come home to roost as users desert the RBL, so that's really just a secondary problem.
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
The only problem is that the users didn't really get a choice as to whether those sites should be blocked or not. They can't pressure Abovenet to use or not use the RBL if they don't know of its use in the first place.
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
The user has a choice if they know their SMTP server is filtered and their web browser isn't going to be able to see certain sites. If they know this, they can choose not to connect through Abovenet. It is the lack of knowledge that is the problem, not a fundamental lack of choice. Whether most people prefer this or not has nothing to do with whether all people should be made aware of such policies on the part of their ISP.
Regardless of how easy it is to get off of the RBL, the fact is that some users had their 'net access curtailed for reasons that they may or may not agree with without their knowledge. I don't like spam either, but the ends don't justify the means. Use the RBL by all means, but provide users with a way to not use it if they don't want to, or at least with the knowledge to know not to get their connectivity from Abovenet.
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
If the RBL is activity- and method-driven, why are they disrupting HTTP and other types of protocols too, even from those who haven't engaged in any of the activities and methods of spamming? No matter what the motivation, this smacks of "we had to destroy the village to save it", which might even be OK if people actually got the choice of whether to use a service provider with such a policy.
I fail to see how it's martyrdom for Peacefire to want to retain their existing setup, especially in the face of actions which would first strong-arm them entirely off of the 'net, and then offer PF a chance to relocate as some sort of backhanded favor. Regardless of the issue at hand that sort of presumption would make me dig in my heels. Would you like it if I destroyed your street tonight, but offered you free housing in an apartment complex I own?
If spam is oppressive, then by all means fight spam if you want. If other people want you to help them fight spam, then go right ahead and help them out. But don't do me the favor of fighting off the whole Internet, the good parts and the spam parts, with no warning to and no consent from me. I reserve my own right to decide whether the lack of spam is worth losing access to some of the good things on the 'net. For Abovenet to make that choice for me is unethical, but for them to make that choice and not even let me know that they're censoring whom I can communicate with is frankly criminal.
I'm sorry that things have come to this, because for a long time I was an RBL defender - it's a good tool, it mostly works, and it does force change for the better quickly. But throwing out the baby with the bath water is rapidly going to efface any goodwill towards the RBL in the 'net community, even more so when people find out that the choice has been made for them without any hint that their connectivity has been diminished.
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
Overrated? It was posted with the normal score of 1, and had never been moderated up. That was a very cheap shot indeed - maybe you should grow up and learn to live with those with whom you disagree. C'mon, meta-moderation!
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
But Peacefire wasn't spamming, to my knowledge at least. There is no effect in spamming to remove Peacefire from the 'net, so this still doesn't make sense.
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
Amazing - my post made it back to the normal +1 via an "underrated" moderation, just to get smacked down again with "overrated"! I again point out the political nature of those marking this post as "overrated" - if I'm posting at my normal score of 1, and making a reasonable arguement free of flame and troll, there's no justifiable reason to moderate it down as "overrated" since it was never up-rated in the first place.
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
Macromedia uses opt-in? Is this double-confirmation opt-in, or is it the "We'll tell you that your name was added and start bombarding you with spam unless and until you navigate our 37-step process for removing your name." style of pseudo-opt-in? If it's the latter, which I suspect it is, then I've no sympathy for Macromedia at all, seeing as a friend of mine is being harrassed by someone using the second "opt-in" method.
So what do you think the chances are that the next version of the Flash plug-in will slightly "modify" your browser's operation when you try to access above.net or the RBL pages?
Hmmmmm...
Pound! Bang! Bin! Bash! is this a shell script or a Batman comic?
Bingo!
Give that man a cee-gar...
Don't like your ISP's policies?
Find another ISP.
"...they may harpoon us, but they ain't gonna pick us up on no radar screen!"
> The issue is in blocking sites that have nothing
> to do with spam, just because they happen to use
> the same ISP and some bastard decides "If
> i go overboard and block everything then
> they'll surely listen to me!"
The RBL is, in addition to a reverse map, also
distributed as a BGP table. Above.net, being run
in association with the ISC/MAPS/etc, takes a
strong position against spam. Therefore, it's
only logical for them to blackhole traffic to
a RBL'd network- In essence, they're saying,
'We will not accept traffic from spammers or
friends'
Think about it this way- The end user doesn't
'see' the benifit of the RBL, in the same way
that the end user doesn't 'see' the benifit of a
sysadmin at all- If the sysadmin and the RBL do
their jobs effectively, nobody notices- And that's
considered a good thing! Any attention at all is
likely to be negative.
> It's easy to block SMTP rather than blackhole
> all traffic. It's easy to block the offending
> IP address instead of an entire class C. I
> fail to see the point of your rant.
Well, last thing's first, it wasn't a rant- More
of a plea for understanding. Nobody 'blocked'
anyone. Above.net blackholed all traffic to an
RBL'd address. The RBL, to work, must make it
sufficiently painful to the spammers in question,
while remaining apolitical.
The RBL, if you read what it stands for, blocks
not only mailservers, but any entities that spam,
promote spam, or even ISPs that don't take action
against spam from their networks.
It's a behavior alteration system, not a
MMMMMMM-IM-NOT-LISTENING-MMMMMM passive system.
In my mind, the actions of the RBL are wholly
justifiable by the enormity of the spam problem.
The biggest problem is that nobody sees it because
the work is being done behind the scenes. But
just like an angry manager thinking that a
sysadmin is overpayed and lazy because they see
nothing happening, the public can far too easily
turn its venomous teeth to the task of hating the
RBL. It's the spam you DON'T see that you should
be thankful for.
-Kysh
--=:: Wings and tail and snout and scales of blackest night
I use Abovenet. And I have no problem with them
using BGP blackholing of RBL sites, at all.
I fully support that. Less spam for me, for one.
For two, I fully support the efforts of the RBL,
and know that only struggle and effort on the
part of system and network admins like me, against
the voices of the idiot users who don't see the
full picture, keeps the world as spam-free as it
is. Spammers are winning the battle- They are the
enemy, not the MAPS people, who are providing a
service, and dare I say, a damned fine service,
to the system and network administrators that are
intelligent enough to use it.
Even worse than the spammers are the people who
support spammers and spamming in general, and
the end users who just write off spam as a necessary evil. It is NOT, but if you give up on
anti-spam measures, all is already lost.
-Kysh
--=:: Wings and tail and snout and scales of blackest night
If some city were the origination of massive numbers of phone connections that was depriving people of the use of their phones, and the telco in that city was not acting effectively to prevent the problem, then by all means they should drop said city until the problem gets corrected. They should not only be allowed to do this, but required to.
Of course this is less likely to happen for phone calls than for internet spam, due to the pricing and charging structures involved. But if it did happen, that would be the analogy. If the ISPs that allow spam to come from their customers had to pay for it, you can bet they would suddenly "find" a means to stop it (or else extract the cost for said customer).
now we need to go OSS in diesel cars
Then you need to do 2 things:
- Choose an ISP that doesn't block places on the net.
- Choose an ISP that doesn't do the kinds of things that would get themselves blocked.
Now if you happen to be a spammer, you're not going to be able to succeed with the 2nd item.now we need to go OSS in diesel cars
Get a T1. You know you want it.
now we need to go OSS in diesel cars
That's fine if you live in New York City, and have lots of options. What if you live in Podunk, Utah, and there's only a couple of ISPs operating locally? If all those ISPs have the same policy, then you have a great business opportunity to offer a service to all the people that don't give a shit about the spam they get and only care for total access to everywhere.
now we need to go OSS in diesel cars
How do you define a major backbone? And what makes you think a major backbone somehow isn't paying the cost of the spam bandwidth and having to charge that bandwidth cost back to their customers?
Your analog presumes that it is possible to identify what city someone comes from, but is otherwise unable to tell if they are a speeder. The circumstances needed to make that analog match would be so bizarre that I don't think anything else would be realistic.
Even backbones are businesses who can choose who they take on as customers and who they peer with. And there are choices.
now we need to go OSS in diesel cars
The first 2 are a matter of law, so businesses can't just choose to ignore the law.
In the 3rd example, they actually do have this right. A trucking business certainly has the right to not carry goods to or from Montana.
now we need to go OSS in diesel cars
Then, as they say, choose another ISP. And if there isn't one, start one. Do you think there are enough customers to make it float? Ask around. Maybe there are. If your ISP pisses off enough people, you'll have investors clamoring for your technical skills in making it work.
now we need to go OSS in diesel cars
Suing you is too much trouble. Adding your server to RSS would be easier if it were mine to control. Oh wait. It is. Sorta. I have a shadow zone of my own for RBL/RSS/DUL zones. Wow, I have the power. I can block anyone I want. I can open up anyone I want. So actually I don't have to choose just between all or nothing. I can block you if I want. Or I can let you back in if RSS blocks you.
Have you made sure you're not an open relay? I've heard it's not trivial to do with old sendmails. I abandoned sendmail back around 8.8 or so, when it was too much trouble to keep hacking sendmail.cf to keep all the tricks of the spammers out, and now run Postfix.
now we need to go OSS in diesel cars
Keynote Systems has a service which should catch something like this. Doesn't look too pricey either...
The blocking of Macromedia wasn't even close to secret. Macromedia was blocked because Above.net put their name on a list, and other people saw it. It's not prohibitively difficult to get a copy of that list; anybody could have grabbed one and noticed it.
If all the folks flaming here think the RBL is such a bad idea, take it upon yourselves to examine the list for new additions, publicizing bad moves like this. Or start up a competing service.
For myself, I add a header to my incoming mail based on the RBL, and rate that as more likely to be spam... so while I think Above.net is foolish to be black-holing packets from the RBL members, I think it'd be more foolish to force them to stop.
-- Brian T. Sniffen
Despite the fact that more spam passes through PSI.NET/PSI.COM than any other place on the Internet (source: spamcop.net stats), I have not ever heard of them even being considered for RBL listing. They have been proven to be a spam-friendly provider in the past, but MAPS does nothing.
Yet ABOVE.NET routinely add competing black hole lists (ORBS) to the black hole list without cause.
For these reasons, I don't respect the RBL or MAPS anymore. They are clearly no longer independent entities, but have been subverted to serve corporate interests.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
The catch with Akamai is that there has to be one point at which Macromedia's site is accessed, even before it turns you over to Akamai's caching network. If you knew to access Macromedia through http://macromedia.akamai.net/3/24/99/00/www.macrom edia.com (that doesn't work, I made it up), you could get to Macromedia's site. But if you had to go to www.macromedia.com (IP 111.11.111.11, in our fictional example) through Above.net's network, and Above.net had said "make IP 111.11.111.11 disappear" to its routers, you'd sitll be out of luck.
---
Appropriate quote, since that's exactly what you're trying to do here. The issue is in blocking sites that have nothing to do with spam, just because they happen to use the same ISP and some bastard decides "If i go overboard and block everything then they'll surely listen to me!"
Or do you really believe sites like peacefire.org deserve to be blocked? Or that access to a web site should be blocked because the owners operate a mailing list (which may or may not be classed as spam, i haven't looked into the issue) from a different IP address (so it could easily be differentiated, even if you decide to blackhole all traffic rather than just SMTP).
It's easy to block SMTP rather than blackhole all traffic. It's easy to block the offending IP address instead of an entire class C. I fail to see the point of your rant.
-----
--
perl -e'$_=shift;die eval' '"$^X $0\047\$_=shift;die eval\047 \047$_\047"' at -e line 1.
Because Macromedia doesn't confirm the alleged subscriptions, they started spamming as soon as their mailinglist was large enough to be considered bulk.
Peacefire wasn't caught in the cross fire, it moved into an IP range that was already blocked.
A quick glance at Steve Linfords www.spamhaus.org and Sapient Fridges Spamware vendor list gave me:
209.211.253.68 www.extractor-pro98.com
209.211.253.69 www.list-sorcerer.com
209.211.253.70 www.massmailer.com
209.211.253.71 www.bulkemailpeople.com
209.211.253.73 www.e-mailblaster.com
209.211.253.74 www.marketingmasters.com
209.211.253.84 www.bulkers.net
209.211.253.88 www.bulkbarn.com
209.211.253.89 www.web-promotions.com
209.211.253.139 www.firstlinesoft.com
209.211.253.169 www.peacefire.org
209.211.253.248 www.bulk-isp.com / www.bulk-isp.net etcetera.
Not really a nice region, is it?
Ermm, that is how the Internet works, or do really think that backbone providers don't charge for bandwidth?
I've seen a lot of BS here on this thread about the MAPS lists. Now here's one in (some) defense of MAPS.
One, there are THREE different MAPS lists: the Realtime Blackhole List (RBL), the Relay Spam Stopper (RSS), and the Dialup User List (DUL).
The RSS list has been a life saver for my networks, blocking KNOWN spam relays before they flood my mail servers.
To get on the RSS list you have to submit a real spam email with the relays intact and those relays get added to the RSS. If you complain and can show you've fixed the problem (the open relay) you get taken off - simple as that.
Someome said there was no recource - that's bullshit. I've seen servers land on the RSS and come off in 4 hours - after they were properly (re)configured.
(The other such anti-spam engine, ORBS, simply scans for your open relay and then blocks it - no proof, documentation, prior use or anything - where are the liberatarians yelling at THEM?)
Granted, I would really like to know what the MAPS folks were thinking when they entered the main web server for Macromedia into their RBL. The RBL was *supposed* to be reserved for serious *repeat* offenders... so I tend to think someone either goofed (and goofed big) or seriously needs to be wacked with a stick.
I do NOT however, think MAPS should be damned for the mistake. I think they should re-examine their RBL policies, but still block the servers that relay all that spam to me (aka the RSS).
It's also worth noting that an ISP doesn't need to use the MAPS lists, nor do they have to use ALL of them. Most of the serious whining about this is over the RBL, while the RSS is IMHO a great service.
I can't say that I was affected by the blocking of macromedia's web site. If MAPS manages to help prevent the 200-400 unsolicited emails I receive weekly from arriving in my inbox, I will be more than happy to put up with the occasional glitch.
Hey, we're a private automobile company; it's our right to refuse to put seatbelts in our cars, even if our customers demand it!"
or
"Hey we're a private bottled water company; it's our right to ignore all those safety standards!"
or
"Hey we're a private trucking campany! It's our right to deny goods and services to the state of Montana!"
You see, none of the above campanies above actually have those "rights".
Well, they should.
DrLunch.com The site that tells you what's for lunch!
What do you think?
I think private companies can carry or drop whatever internet traffic they want to for any reason they want.
Pretty simple, actually.
DrLunch.com The site that tells you what's for lunch!
> Above.Net's network is, well, Above.Net's
> network. They are free to run their network as
> they see fit. Free to make bad desicions as
> well as good. If you dont like it, go elsewere.
Not really true. No ISP is an island.
I, for one, welcome our new Antichrist overlord.
What an arrogant sack o'...
Whatever. First off, only someone who knew nothing of internetwork routing would make the statement "so you have to get what you can from traceroute." Try a looking glass jackass.
So, you have no clue. Let's move on anyway.
How do you just "happen to route via above.net"? Either you, your upstream, or your destination is buying transit off them. If you're an ISP big enough to have a peering agreement (no idea what Above.net's policy is) you aren't sending transit traffic to them anyway b/c you've got 1 or 2 hop routes to every other major backbone. Oh, you lost a seesion with someone. You're still going to send it through your own backbone to a direct exchange with the carrier, not over someone elses network. I have nodes off 5 different large carrier nets and hit anything in a single AS hop (meaning no intermediary carrier). I have one net off a smaller, local carrier and they don't use Above.net. If they did, I would know because I actually *asked* who they were downstream from.
So, if you're an Above.net customer directly or indirectly and you disagree with this, stop being one. If your destination is an Above.net customer, well come on, you aren't going to tell me they don't have the right to enforce an AUP against their own customer are you?
It's their network and you don't have to use it if you don't want to. Period.
>And to think that people actually get paid to >be this dumb. I use the DUL and RSS and greatly >enjoy the assistance they give me in filtering >out eroneous and illegitimate mail. I've even >considered the use of RBL or ORBS from time to >time.
.|` Clouds cross the black moonlight,
I think you're on the right track, although I wouldn't have used quite so much sarcasm myself.
Personally, I despise the `guilty by default' that the DUL applies to email; I don't spam folks and I don't expect my IP# to be blocked. However, I do use the RBL in a filtering capacity within exim, just about everywhere I implement it. That works fine by me; I can configure procmail and/or my MUA to drop mail with an RBL-Warning header into the appropriate bit-bucket.
As for extending it to routing... well you have to weigh up the trust you have for the folks who put stuff in the RBL against the chances of you losing any legitimate traffic and against the crime (in a moral sense - go sort your laws out if you disagree) of sending spam.
Me, I also despise Flash and all these other poxy plugins; the web is a content-dissemination medium, so if a site requires me to watch some constipated frog spinning in a blender, it can just bog off.
ProxyBlock macromedia.com
is my fwend(TM).
~Tim
--
~Tim
--
Rushing on down to the circle of the turn
Above.net has never made any secret of their usage of the RBL to blackhole traffic. If you don't like it, don't peer with them. Above.net is under no obligation to carry any traffic other than that stipulated in their contracts with other ISPs. If this affected you, somebody somewhere signed a contract on your behalf that lets this happen.
You need to pull YOUR head out. One can configure a router to block all IP traffic to/from RBL-listed addresses. See http://www.pch.net/documents/tutorials/maps-rbl-bg p-cisco-config-faq.html for example.
http://www.dotcomeon.com/
I agree that a lawsuit wouldn't be surprising, but I doubt anything would come out of it.
Me too. There doesn't seem to be any indication that Above.net have done anything wrong.
By blocking a business's web site, you're theoretically blocking them from making money, no matter how few ISPs are on the Above.net backbone.
They're choosing not to carry data from this particular source. They are not helping Macromedia to make money, but then they're not obligated to.
What gives Above.net the right to do this though?
They own a network through which Macromedia wish to transfer their data.
A backbone is supposed to be a stable artery for the Internet
You might suppose it to be that, Macromedia who own it aren't obliged to agree with your suppositions. If it makes you feel better don't call it a backbone.
not a judge of the content on other people's sites
I'm sure they make judgments about the running of their network all the time, including what data to let through and what to refuse. I think they'd be negligent to do otherwise, they're not a public utility.
Is their claim that spam is wasting their bandwidth or inconveniencing them?
I assume their "claim" is that they are not contractually obligated to carry this material and are choosing not to. If the people they contract with (I supsect that includes neither you nor Macromedia) disagree then no doubt they'll make their objections know to Above.net.
If adding www to their blockage was a mistake then hey, apologize and it's over, but if it was done on purpose, it's wrong and cost Macromedia business.
Why is it wrong and why do you feel that Above.net have some obligation to facilitate Macromedia's business? Are you obligated to make your home available to Macromedia as office space because to do otherwise would cost Macromedia business?
Q: What IP traffic did Vixie block?
A: None whatsoever. The various ISPs and other sites which freely choose to use RBL blocked the IP traffic, because they trust the judgement of those who put sites on the RBL.
This was probably just a mistake, like we all make from time to time. If RBL lists too many sites that too many of its customers and users want to exchange mail and IP packets with, then those sites will cease to use RBL for filtering.
Why is this a big deal? Presumably, Vixie and the RBL folks want people to use their service, so they'll list sites that do things that their customer really want blocked. If they fail to do this, their service won't be used any more, and they will become irrelevant.
Right, but this is still throwing the baby out with the bathwater. More than that, it's throwing out the whole school because a fly landed in a waterglass. If you have a problem with spam, deal with SMTP and just SMTP. Pressure your government to pass and enforce laws limiting and restricting unsolicted email. Use procmail filters. Use the RBL to control mail inbound to your mailserver. Using the RBL to null router IP blocks in BGP is irresponsible, petty, and childish. Take the moral high ground here (esp. if you're going to have Ghandi in your sig ;) ). Nobody has ever suffered a fatal spamming, and I doubt that it will be happening soon...
itachi
Behind this statement is the attitude that brought us the CDA, banned books, mandatory filtering policies, and book burning. What's offensive or troublesome to me is nobody's decision but my own. My ISP doesn't get a say, and if they tried to, I'd find another ISP. Above.net is just as morally wrong to do this as Fred Phelps is with book banning attempts in public libraries. If they has just blocked mail traffic on their mailservers, and only for those above.net customers who had opted in to such a scheme, it might be morally acceptable, but as it is, they are encouraging the invocation of Godwin's law every time their name is mentioned.
itachi
You opted in. Above.net has a responsibility as a backbone provider. Not every packet that crosses their routers is going to or from someone who opted in. I certainly didn't opt in to such ineffective, petty, childish strongarm tactics. Fortunately, I have access to a variety of good backbone providers, so it wasn't an issue for me. Not everyone is so lucky. Don't impose your morals/personal choices/political beliefs/paranoia/etc on my life.
itachi
You could submit your site, but unless it's a highly linked-to one it's not going to show up anyway (that's Google's basic priority scheme). They use 2,000 (or is it 4,000 - I forget) Linux based servers already, so they'd obviously have some pretty massive upgrades needed if they wanted to substantially increase their capacity.
One way to orgainize the information if they attempted closer to full web indexing would be to attempt to automatically classify web sites (maybe into multiple categories each), and then present a more structured view rather than just straight relevance ordered search results... perhaps show the top ranked sites then let you use those as jumping-off points into the related organized tree.
Actually who really decides what you see on the net are the search engines, particularly as smart algorithms like Googles (the only search engine worth using!) become more prevalant.
Apparently only 1% of the web is indexed and 99% is not!!! The 99%, which is referred to as the "deep web" is only there if you stumble into bits of it, or utilize any of the specialy engines or indices that touch upon it.
when you purchase internet access you do so under the terms and conditions of the isp. it's a service, and if you dont like it dont use it. people are getting so used to internet access that they think it is some sort of "right". its something you purchase, like paying somone to come in and clean the house. if noone in town does windows then you are just out of luck.
if you think this has something to do with free speech, you can stop over exercising that poor hampster for a minute. that argument only comes into play when the government is involved. the isps have no such obsticles holding them back while administering their network.
if you signed up and it says somewhere in your contract that you will have access to "all" publically available internet sites then you might have a case.
use LaTeX? want an online reference manager that
-- john
I knew there's a reason I'm proud to be one of their customers. Die spammers die. Even corporate ones.
Vixie helped contribute to the net via Bind. He helped contribute with cron. Now he spends his rep like this. Sorry, but, Vixie is a godamned idiot. This takes the cake. It really does.
It would have been one thing to block mail servers. Its quite another to remove the whole company from the damned map. Its lame. Highly. I held my opinon when he censored peacefire. Now, he can have it all:
Paul: your a fucking idiot. A lamer. And, nobody wants you deciding what we get to see, and what we dont. Your one presumptious prick to think its your right to block web traffic.
The implications are horrid on this scale. Imagine if you will, with the current legistaltive mood, trying to censor libraries and whatnot. Well, the government could just set up a central RBL like entity and require subscription. Now the government, and anyone willing to push their agenda can just enter the IP into the governments new version of the RBL. Napster? Blam! Parody? Blam! Any website containing the MP3 of bush saying he thinks there oughta be limits to free speech. BLAM! Critical Speech of Scientology in california? BLAM!
Yep, what a PRECEDENT you set here for us Paul. What a great guy you are.
Thanks Paul. In the future, do not do us any godamned favors. Wasnt BIND enough?
Supernaut
Hogwash. Membership is voluntary.
So what? If I disagree with what MAPS decides, and somewhere upstream is a MAPS member, then I have no choice but to go along with what they say I can or cannot see. That is totalitarian in this context. And moving to another ISP is unacceptable for the simple reason that that should't be required. The Net was founded upon open access to all IPs, with no central authority deciding what users can or cannot see. Period.
- Rev.It pains me to say this, but the RBL has become something to be abhorred, not loved. The purpose was (is!) noble, but for all practical purposes we have a few elites who are controlling a significant amount of traffic on the internet, based upon their own personal judgment calls. There is no system of checks and balances to make sure that mistakes like this do not occur, nor is there any recourse for someone to take if they do not believe they fit the classification of spammer and have nevertheless been blacklisted.
I hate spam as much as anybody, and hope for a gooey death for all of them. But MAPS is heading towards becoming a de facto totalitarian organization, deciding who gets to see what on the net. This is a dangerous thing, and don't think that there aren't governments out there who will take MAPS' tactics and apply them in even more unsavory ways.
- Rev.Tell me something. What kind of idiotic netadmin would use something like the RBL to block routes on a router? That is the most assinine thing I've ever heard of. What happens if your provider's mail server gets listed? Whoops. What happens if the mail server of your DNS registrar gets blacklisted for whatever reason? Whoops. Gee I sure hope we don't need to update any of our records or renew a payment on our primary domain. Good thing I have that Yahoo address for when things like this happen. Oh darn, did the RBL just list keiko.ebay.com and the CEO missed an outbid notice on a gift for his wife. Well he should know better than to rely on such tempermental things as email from a very well known company like ebay to be on time and accurate.
I don't mean to sounds sarcastic but... Wait, I take that back. Yes I do mean to sound sarcastic. I mean to sound very sarcastic. Using the RBL to drop routes on a router is one of the dumbest things I think I've ever heard of. It's even more dumb than the time my super asked why we couldn't just turn off spanning tree in our flat-as-Calista-Flockhart's-chest network. And to think that people actually get paid to be this dumb. I use the DUL and RSS and greatly enjoy the assistance they give me in filtering out eroneous and illegitimate mail. I've even considered the use of RBL or ORBS from time to time. I have to have a certain degree of trust with a group that puts something like RBL or ORBS together. I trust them to filter out mail servers of spammers, spam friendly hosts, or misconfigured/compromised machines acting as an open relay. That doesn't mean that I want to drop all traffic to and from those hosts. I just don't want their damned spam. Does anyone else feel that RBL and routing just don't mix? My views may be skewed coming from an ISP and a university standpoint (separate thoughts and jobs) but this just doesn't make sense to me.
Ok, I just thought of an analogy that describes my thoughts on this. Using the RBL to drop routes at your border routers, hence dropping traffic that someone else deemed to be bad, is like the DMV or DOT using road spikes at on ramps to prevent all vehicles using Firestone tires from getting onto the highway. Someone else said they were bad tires and you automagically believe them and prevent all of them from entering onto your section of the highway, no matter what you tax-paying county/state residents want. That's a good business plan. Make them pay their dues but don't give them any say in what they get in the end.
In all honesty, using the RBL or any other such list to decide my filtering rules goes against every belief I've ever had as a network and/or security professional. Security. I haven't touched on that. It's late and I need my beauty sleep so I'll leave you with this one last thought. Consipiring with others to submit bogus RBL nominations or lightly compromise a machine enough to spam from it to get it on the RBL is one helluva DoS attack, don't you think? It's like probing ports of a machine that's running portsentry (set to drop routes) with their gateway of last resort, mail server, DNS servers, etc... addresses. That makes for a nice DoS attack too. Not only would this make them fall off of the face of the 'Net, but it would quite easily cast the shadow of guilt onto MAPS for accepting the bad nominations, or at least off of your trail for some time. It's an interesting thought...
--
Lacking <sarcasm> tags,
But don't let the spammers abuse language that way. It's not "double opt-in." it's confirmed opt-in. The former is supposed to sound complicated and burdensome. The latter is much more accurate and doesn't carry the baggage.
I can understand why they have moved to IP blocking, most email is directly sent to the receiver these days and email routers are not used nearly so much. HOWEVER blocking all connections to an from the site is unacceptable in my book. If block outgoing SMTP connections. Perhaps blocking incomming ones... but thats is blocking us non spammers so that kind of unfair, blocking all net access, frankly I would be tempted to go to court on that one.
As said before blocking IPs from routing affects people who do not opt in, personally, I think they should only decide what there end usrs get not everyone else.
James
Ok, now every slashdotter is going to turn 180 degrees and whale on RBL, I'm sure. "It's censorship! *Burn her*!"
I can stand RBL because, as Paul says, it does not (or claims not to) make a subjective judgement of the *content* of the spam. If it was unsolicited, it's spam. Whether somebody wants to give you money or send you a picture of the virgin mary with dung on her face, it's still spam. Secondly, at the bottom of the spam problem is that it is a denial of service, or at least degradation of service. It wastes bandwith, mail queues, and *my* time. That big sites, or innocent people, get hit once in a while is the price for an organic system like this. And I do consider it a more "organic" system than the typical censorware here-is-the-"thou-shalt-not"-list approach.
Yes it may be mean. But it's a necessary evil (oh, no I'm compromising my principles! put on my asbestos pants). If you think of the internet as an organic, ever-changing system, then you'll have to accept organic solutions that err once in a while, but most often get it right.
It's 10 PM. Do you know if you're un-American?
Their customers pay them for that "crap".
How we know is more important than what we know.
I think like 99% of stories on Slashdot today you're blowing it totally out of proportion.
How we know is more important than what we know.
Amen. I note that Jamie has violated Godwin's Law, and therefore automatically loses the argument. Here's the text from the jargon file: Why do I get the feeling that if somebody sneezed while Jamie was talking he'd declare it a cynical cryptofascist attempt to interfere with his right to speak without interference and demand an immediate boycott of all sneezers and mandatory administration of Benadryl?
Except in my locality broadband is a monopoly! I CAN'T choose someone else. Otherwise I'd be more inclined to agree with you.
Assuming that your link is to your broadband connection, I don't buy it. There may be only one company the provides cheap high-speed connections in your area, but I'd bet you can get cheap low-speed connections or pricey high-speed ones.
If you're only willing to pay for low-budget, you shouldn't expect a lot of control over the outcome. At a fancy restaurant, they'll make whatever you want as long as they have the ingredients. At McDonald's, you only can order what's on the menu.
If all ISPs choose a solution like RBL, how is it an opt-in for their consumers?
Even if all ISPs used the RBL today you could go out and start your own ISP tomorrow that didn't use it. And given that above.net is, AFAIK, the only major ISP to use it for blocking anything other than mail, you're safe so far. And given how much outrage it seems to cause, it looks like there will always be a market for ISPs that allow non-mail traffic to RBL-listed sites.
I'm afraid your analogies don't really match up. Microsoft doesn't count; it has a monopoly, and above.net doesn't. The encryption of DVD is more a cartel, but the RBL doesn't have one of those, either. And leaded gasoline and smoky flights were both outlawed by the government because they were health hazards. Even in Paul Vixie's wildest dreams I doubt the feds will be mandating RBL usage anytime soon.
This is a frog-in-the-pot argument...
Not really; that would require that the RBL were somehow quietly infectious. Even if you, playing the role of frog, wake up to realize that the sinister anti-spam forces have assimilated some ISP other than above.net, it looks like their are plenty of cooler puddles to hop to.
My previous comment was moderated "off-topic" and "troll".
When Jamie calls somebody a Nazi, I think it's fair to bring up the Jargon file's entry about that. And I meant the comment as a funny way of making a serious criticism of Jamie's over-the-top editorials disguised as news pieces. My previous posts on Jamie's stories bear that out. Ergo, no troll, either.
You can say that again. All of it.
------
If only...
------
With most internet-related issues, I strongly advocate a laissez-faire attitude, but I have absolutely no tolerance for network abuse (DoS, spam, etc). I say, if an entity is spamming, or its mailing-list subscriptions don't require a double-opt-in, then that entity should be kicked off the internet and forced to take netiquette classes.
I just really don't like network abuse, because it hurts everyone. I like to see spammers (including those whose laziness encourages spam) get nailed hard.
------
Does someone have the actual RBL entry including the real reason Macromedia was on the RBL in the first place?
------
I get my fair share of spam. I report all to spamcop for processing. Many messages get examined and the IPs get sent to ORBS for possible blocking and such. The part where macromedia comes in is when spam, in HTML, has flash. There is the url in the html telling the browser where to get the appropriate plugin. Spamcop picks up on this and reports it as a spam-related service...
I don't really mind double posts on
Im sorry, but i have been using macromedia products for well over 5 years (Since director 4 came out). Not once have i received unsolicited e-mail from them unless i was stupid enough to leave the 'Send me The Edge newsletter' checkbox checked when you register with macromedia - this is not uncommon to many software sites.
If people dont read what they are submitting then its PURELY their fault that they receive that mail.
Furthermore, the macromedia technotes are invaluable to developers. If i was ever blocked from the information that i needed to get my job done - i would be one EXTREMELY PISSED OFF dev. Especially in this case were i am highly suspicious of the reasons for the blocking (ie was it some dumbass user who didnt notice the checkbox, who then complained to the ISP that it was unwanted mail ??).
One could also call it "self-regulation", which most people here seem to prefer over law.
//rdj
No one can understand the truth until he drinks of coffee's frothy goodness.
--Sheikh Abd-Al-Kadir, 1587
;)
DO NOT LEAVE IT IS NOT REAL
>sure that mistakes like this do not occur, nor is
>there any recourse for someone to take if they do
>not believe they fit the classification of
>spammer and have nevertheless been blacklisted.
Bull. There most definately *IS*.
A) Yes, I agree that above.net dropping www packets as well as mial packets from spam IPs is excessive, and goes beyond what should be MAPS' mission... HOWEVER... above.net makes NO secret whatsoever that they use the RBL in this way. Don't like it? Then don't get your bandwidth from above.net. I don't.
B) The RBL for mail only... don't like it?
1)
# vi sendmail.cf
2)
Find, and comment out the line containing:
FEATURE(rbl)
(yes, I know I should upgrade to 8.10 instead of lingering in 8.9 land... sue me)
3)
:wq
4)
/etc/rc.d/init.d/sendmail restart
Voila... in less than thirty seconds, I can open my systems up to all the spam in the RBL hall of shame. And you know what? No one's would stop me. It's not as though MAPS has its own swat team that would burst through my door ten seconds later and force me at gunpoint to reenable the RBL in sendmail.cf.
john
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
while stopping spam is a noble idea, this method is just too extreme and unjust. i'll bet that things are only to get worse from here. blocking the mail server is one thing, and makes some sense, but the web server? totally unwarranted.
MAPS is a vigilante group. All one has to do is look through their website. They're blocking people for not doing a '3 stage mailing list acceptance protocol'? WTF?
Or, go check out their 'DUL'.
I'll be happy when they go away.
It's not like they are protecting any of thier end users? Do they even HAVE end users?
If my ISP ants to subscribe, that's fine and dandy, but if my ISP has no choice in subscribing, that is another issue. Don't give me that "If they don't want to subscribe, they can find another backbone provider" line, because that's bull. Servicing the end users (filtering ip addresses is a service) is the responsibility of the ISP, not the backbone provider.
-Joe
Take your own advice (above). RBL is also exported as a BGP feed, so it affects your routing, if you subscribe to it, and this affects ALL IP traffic.
This message has been scanned for memes and dangerous content by MindScanner, and is believed to be unclean.
It should be up to me what traffic I want to block, not my ISP. If I were an Above.net customer I would be looking for another ISP. I'm suprised their customers let them get away with that crap.
This is like InstallShield... how many lists do those *sses have anyway? After two years, I finally got tired of it and mined their website for email addresses (I only took the first 20 it found) and mailed them the same "remove me" message once per hour for most of a day. There's nothing like spamming the sales force to get your name removed. (I especially liked the extra effort of finding my home phone number and calling to ask me to stop.)
Above.net dropped packets bound for a couple of my systems last year, because I was a secondary DNS provider for ORBS, who Above.net was in a pissing contest with (mostly due to MAPS wanting to create a monopoly on anti-spam services, but also due to some questionable things the ORBS operator was doing from New Zealand).
It's a fine line. Clearly, above.net has the right to do anything they want with their systems, and I fully support that right (it's the only thing that allows us to fight SPAM at all).
However, their customers should know what they're doing so they can make an informed choice about who they get service from.
Dave Rand, the MAPS board member and CTO of Above.net, actually sent me a note threatening to block my employer's class C if I so much as connected to any of above.net's mail servers, just because I was associated with ORBS.
Bottom line - Rand's a dick. But, MAPS does good things and Above.net supporting them helps keep the real SPAM under control.
I signed up for the Edge from my work address over a year ago. Haven't heard a damn thing from it.
I wish all spammers sent that much mail...
--
Never mind Spamassassin. When's Spammerassassin coming out?
Meta mod this down at once. The person that wrote it a) clearly is using the incorrect meaning of state, b) clearly does not know what a truck is, c) talks about political ties rather than network congestion. This needs to be marked off-topic as it clearly is.
According to the story, they say it has an opt-in approach, clearly not unsolicited. The documentation, no longer publicly available, had one complaint. It is possible that perhaps this person wanted to unsubscribe, and they had a glitch in their software or something - accidents do happen. I don't know the details - and neither do you. I do know that I believe in innocent until proven guilty and I feel that the many people who complained about not being able to access the web site have a more pressing gripe than the one complaint of unwanted newsletters. If I had wanted to go and buy Flash, I'd have been very frustrated that without my consent and with completely self-granted authority a private group is preventing me from doing this. If I ran a major backbone provider and I suddenly became a born again christian - would it be legitimate for me to suddenly drop all traffic to or from porn sites and non-christian religious groups? I don't think so - I think backbone providers have a duty to act as a common carrier whether this is codified in law or not. Of course since they're not, as RBL blackout supporters always point out, I could do the above and there is nothing anyone could do to stop me. The problem with the RBL vigilantism lies in the fact that there is no oversight or review, we are asked to 'just trust' this group whose actions are totally opaque to the public.
According to the info in the story and followup, there was ONE complaint. About a newsletter that macromedia says is an opt-in. Obnoxious? Or just one annoyed customer trying to get revenge? I have no way of knowing since rbl has removed their documentation. It is unacceptable that they can block access to a site without me being able to find out why. It is unacceptable that the technological elite would then be able to figure out a way to the site but the majority of users wouldn't.
Godwin's Law: http://www.tuxedo.org/~esr/jargon/html/entry/Godwi n%27s-Law.html.
Well, (although it's really none of my business...) I don't think AC was attacking you so much as he/she/it was attacking this entire story. In the first sentance of the story, neonzebra makes a reference to "SPAM nazis", at which point inquisitor invoked Godwin's Law.
Anyway, that's what I think is going on, so I wouldn't take it too personally.
The RBL is opt-in. Consumers have the choice of moving to a provider that doesn't opt-in if they desire.
This is a frog-in-the-pot argument. (A frog won't notice the water heating slowly until it's too late to save itself from cooking.)
Let's rephrase this:
The subscriber software application market is opt-in. Consumers have the choice of using other word processors or spreadsheets from competing providers that don't charge for software if they desire. (That is, except for those file formats that are proprietary but ubiquitous throughout many organizations, like Flash or MS-Word. Seen an open source Windows Media Player lately?)
The DVD digital scrambled content is opt-in. Consumers have the choice of viewing movies from tape or laserdisc providers that don't scramble digital content if they desire. (That is, until the players and tapes and laserdiscs are no longer produced. Seen a laserdisc lately?)
Unleaded gasoline and smoke-free flying enjoyed similar "consumer choice" periods until the opponents were worn down. RBL may be seen as a "good thing" too... but if all ISPs choose a solution like RBL, how is it an opt-in for their consumers?
[
What Macromedia's newsletter appears to be is opt-in in one sense: you enter the email address into a webform and check a box where you recieve it. However, this is NOT confirmed opt-in: confirmed opt-in goes something like this:
Macromedia recieves subscription request from a webpage. It then sends out what is a confirmation email - it asks you whether it was you that elected to have the letter sent [email boxes on websites can be abused, thus "listbombing" attempts can be made.] It includes a unique, random code - most mailing software, including recent Majordomo, listserv and GNU mailman can do this - which is either sent back to Macromedia using a WWW link or by an email reply.
If this is recieved, the list is confirmed and the list will begin sending - if it isn't, the list will not send until it is. That is confirmed opt-in, because the list sender is definitely sure that you elected to recieve the mail.
eBay and company abuse this by rechecking your "I don't want marketing email" boxes; companies like FloNetworks (my personal hate) or Exactis don't confirm and share your address with other lists. That's why Exactis went on the RBL; that's why RealNetworks is on the RBL. (And has been for a long time - Real under and after Maria Cantwell [now a Democrat senator] were and are unrepentant spammers. Online privacy? HAH! TrustE certificates don't mean s*#t.)
By the way, as a reply to Jamie, it just didn't appear from the article that you had checked the RBL evidence file - and, of course, I had no ability to check it myself, as Macromedia are off the RBL. Thanks for replying, though...helped to clear up a few things. (I wrote that message whilst very tired. Surprised it was as comprehensible as it was.)
I ignore-lined most of Bennett's discussions on NANAE and SPAM-L because they turned into major-scale flamewars even before he made his comments about date - and I have no wish to start another now. As a former PF supporter, I still visit from time to time. Certainly, his argument is flawed - but so is everyone else's. It's hard to rationalise any other way.
As far as I can see from Jamie's admittedly biased reporting, Macromedia got on the RBL because of an open, unconfirmed mailing list they REFUSED to fix - and they got off again very soon afterwards, probably by promising to fix it.
Remember that the MAPS RBL is very strict about entry requirements, and very trusting. A RBL nomination is _very_ hard, and requires a large amount of evidence. I don't suppose Jamie checked the RBL evidence files before writing the article, did he? The only comment's from Macromedia PR, who are anxious to make themselves look good. Sigh.
What the RBL administrators will have done would be to list the entire Macromedia netblock in which the spewing mailserver exists - NOT just two IPs, as Jamie says. This is 216.35.148.0/23, on Exodus - which contains not only the mail server, but also secondary DNS service (primary is on Concentric) and the Macromedia web server.
Today's traceroute to macromedia.com goes into a loop at a border router in Exodusland, by the way.
Remember that Above.net and Teleglobe are two of the VERY few providers that use what is called a BGP feed to the RBL. This is the original RBL - it provides a feed of RBL data to the border routers, where the IPs are cut off. As they are very private networks, they're entitled to do to them what they like - ISPS ARE NOT COMMON CARRIERS IN LAW. When a second tier ISP decides to connect to the above.net backbone (Above don't sell to consumers, but only to big webhosters - ironically, some of which spam loads themselves, like eBay) they KNOW about the RBL BGP feed. It's one of Above's selling points, the network most free of spam trouble.
Of course, BGP is becoming more troublesome than it's worth. But Peacefire, your favoured "hey, there's another example", is collateral too - it is in the middle of a netblock containing a load of spam support sites (Sam Al's Samco, in this case) and was MOVED there by Media3 in August 2000, after the RBL listing for that particular netblock was in place (the listing is dated June). And Media3 is suing MAPS, and so MAPS is not going to remove the listing. I wonder whether Media3 was trying a publicity stunt, and using Bennett as a figurehead?
Whatever. As for Macromedia, they're not blocked now. Obviously, they've been educated. Let's move on.
(Oh, by the way...whichever comment referred to us antispammers [and we are no means a coherent whole - some of us oppose the RBL, some of us oppose ORBS, some oppose both, some of us have HUGE private blocklists of our own] as "spam nazis" is violating Godwin's Law at stage one, as well as being factually inaccurate. We support free speech, just not your right to force it on others at the expense of theirs. Shame on you.)
Agreed one hundred percent. Why are they taking consensual packets (http packets) and routing them, then blackholing them? This is despicable.
That was your first mistake in this post.
Now, when we most need it, it seems everyone wants government controls on network providers. Our loyal libertarians now want to be able to sue someone for not forwarding their network traffic. What?!
Being libertarian, or even Libertarian, does not mean one believes there is no right to sue for redress of grievances. Providing a justice system for resolving disputes and enforcing verdicts is one of the proper functions of government.
One guy with a Score: 3 complains, "Hey! I paid for the full internet! Who's trying to censor me?"
If you paid for that, and did not receive it because your provider is blocking traffic you wish to transmit or receive, then that is exactly what is happening. You have a legitimate grievance with your ISP. It's called breach of contract. Some would call it fraud. Even Liberatarians believe fraud should be illegal, and punishable by government enforcement of laws prohibiting deceptive practices.
Edith Keeler Must Die
reject=553 Mail from 209.210.138.47 rejected;see http://mail-abuse.org/rbl/
When it receives a connection from a client on the RSS, it logs this reason:
reject=553 Mail from 203.167.121.7 rejected;see http://mail-abuse.org/rss/
Checking my logs for the past three days, I find the following:
# grep '/rbl/' syslog* | wc -l
17
# grep '/rss/' syslog* | wc -l
2018
#
So why bother with RBL anymore, especially in light of the recent revelations about the operators abusing their position of trust? It doesn't do the job, and the criteria for inclusion have become highly subjective, even prejudicial.
In contrast, the RSS - while operated under the aegis of the same people that run the RBL - has completely objective criteria for including addresses, which anyone is able to verify if required. It also stops a hell of a lot more email than the RBL.
Edith Keeler Must Die
I would bet it is more likely a lack of understanding. Most people aren't network engineers. The concept of backup routes is probably lost on people (even geeks) who just want to get their work done, surf the web, or play their games.
That does not, however, mean that they aren't missing the point.
Apparently, of the rich, by the rich, for the rich.
I think the biggest problem here that most people are missing is that Above.net is not your standard ISP. They are what is commonly referred to as a Tier 1 ISP.
When I connect to the Internet as Joe User I have no voice whatsoever as to what path my packets take. I may buy my connectivity from Local.net who in turn buys it from NSP.net who in turn peers with Tier1.net who then peers with Above.net. If it were simply a case whereby I could change my ISP to voice my diapproval with their policies that would be one thing, but as it is I have no way to opt out of using Above.net's pipes.
As a Tier 1 provider it is generally assumed that it is their duty to provide nothing more than an open pipe, anyone with a networking background knows you never apply filters at the core level, that should be handled at the access level. By the very practices of the networking industry in general Above.net is committing several transgressions.
In all honesty they can't afford to commit too many more of these blockings without risking their peering partners dumping them in favor of someone who doesn't apply filters. As a NOC Manager myself I would be horrified to find out I was directly peering with someone who doesn't understand the basics of network topology.
I urge anyone working for the major ISP's to drop Above.net as a peering provider in favor of someone a little more user friendly.
Never underestimate the power of human stupidity -RAH
Why is Slashdot always down on the RBL? Every time one of these anti-RBL pieces gets put up it is pointed out by everyone and their dog that getting listed in the RBL requires that some very strict requirements be met. As long as you aren't a spammer and aren't hosting any spammers you won't be listed -- it's that simple.
The only realistic way to stop spam is to make it thoroughly unattractive and the only way to do that is to hit the spammers where it hurts: the bottom line. "If this can happen to Macromedia who else could it happen to?!" with the implication of "who else" being "you" is the sort of vague statement designed to worry people who don't understand the RBL or how it works.
And what list was this? I receive THE EDGE newsletter...I elected to. You can elect to receive it when you download extensions, trials, etc. I didn't receive it until I told them OK (after a few downloads). So what list/infraction are you referring to?
In addition, I have a yahoo account or two that I use for such lists...And macromedia was the first company I gave (used for an account) a particular address to, and I have seen no increased traffic to that account as a result.
For what those facts are worth...
Galego
Que Deus te de em dobro o que me desejas
[May God give you double that which you wish for me]
Still don't know if it deserves black-listing, but what they were doing was definitely not best practices. Was there any contact, reccomendation given before the blackholin'?
My favorite though..is people who get on lists and then send (and reply with the whole digest quoted) saying "Take me off this list"...and reply the same way 5 times a day. So, yeah...I agree Opt-in is a good thing.
Cheers,
Galego
Que Deus te de em dobro o que me desejas
[May God give you double that which you wish for me]
What do you think?
I think you should provide us with a link to the nomination that caused the listing, and then let us decide if it was fair or not; instead of just stating "it was listed."
You confirmed that the listing was present here...
A snapshot of the nomination would only be appropriate. Failing that, I would say that you don't really want our informed opinions, but a kneejerk anti-censorship reaction.
--
i don't see the problem. MAPS has a set of guidelines that must be met before an IP is put into the database. Macromedia was, according to MAPS rules, talked to about their ongoing problem and what they need to do to resolve it. Macromedia obviously did not take their advice and were thus added to the RBL.
No replies made to AC posts. Please log in.
Okay so you have a spammer; known, identified, caught in the act. How do you stop the spammer, shut down all traffic to that site from the backbone so that the site effectively dissapears? I guess that's effective, except that it really doesn't stop the spam from going out, it still gets sent but just never makes it to a destination. Additionally it blocks people who are legitimately and legally doing business from doing said business. That company could then turn around and take legal action against any company that willfully attempted to keep it from doing business. To date only a few states have any laws limiting spam and there is currently no federal law that I know of that does so.
Now if I choose to filter out spam or websites for ME, then it's my choice to do so. Just like it's my choice to turn the channel when a commercial comes on. I guarantee that if a company made a device that filtered commercials there would be thousands of companies lined up to bash their head in for loss of potential profit. Now the bashing wouldn't come because there's not a market for the product or because the product isn't good for or accepted by the consumer. The bashing and lawsuits would come from the disruption of legal marketing and loss of profit posed by the product.
All this hoohah about 'let the market sort it out' and 'let your money do the talking' is pretty much crap and I can give you one excellent example: AOL. Here's a company that's even more morally bankrupt than MS. They market a product using mostly peer pressure and spin. Their best product/service is pretty lackluster in it's performance and features and is one of the very few products that has ZERO handicap accessible features and ZERO plans to build such in. There's hypocracy, greed, heavy handedness, intimidation, lying, and a host of other reprehensible behavior that could be added to their pedigree. Most of the people you will talk to, current members or not, would agree with some if not all of the above, and yet year after year the company gains more subscribers, controls a little more of the net and a little more of the media. So don't come to me and say that lovely catch phrase "let your money do the talkin'". That phrase might work with some local business that can't afford negatvie press or the spin doctors that are needed to correct it, but it doesn't work on multimillion/billion dollar companies and companies that noone even knows they are paying (like above.net).
If you wanna take to killing flies with sledgehammers be my guest, but do it in your own place not mine. I know how to ignore spam just like I do commercials and better still I know how to avoid getting spam unfortunately unlike commercials. Make a law or set up some ethical guidelines and peer review boards and I'm all for it, but this crap just isn't the way to go
"Do not be swept up in the momentum of mediocrity." - anon
Unfortunately there are ISPs that have sunken so low as to actively tolerate and encourage spammers. they provide the web space and secure places for them. I applaud any ISP that refuses to route traffic from these spam houses. No, it is not.
SPAM goes too far
f.
Legislatively clarify that spam is theft
then RICO the Direct Marketing Association (because it works so hard to further spam, so it works to organize and further theft). Put all its leading figures behind bars for a loong time.
then do a survey of the remaining direct marketing firms. If anybody still makes moves like coming near a political action comitee or a political campaign fund, (near, like, less than 100 kilometers), then construct a conspiracy and RICO them as well. Put half of them into the slammer for the rest of their pathetic life, and - for good measure - shoot a few at an attempt to flee. That is not so much to do them justice (that idea is futile - the concepts "justice" and "living spammer" do not overlap anyway) but just to scare them shitless to keep their sticky little fingers out of politics.
once you have got the crooks out of politics (at least on the spam issue) get the remaining people on a table and talk about controls to scare away the small fish while not bothering the regular user. Torts law will probably do fine, as might do misdemeanor fines (imagine: $5 fine per sent spam; sherrif office that identifies and arrests subject each gets to keep 20% of the fine).
Oh, and disconnect China. Nobody needs them anyway. (Don't believe me ? Go try arguing with a Korean on battle.net. Same issue).
Now you don't need MAPS any more. Problem solved.
f.
/me, wondering - was that meant funnyly ?
Defend! pfff!
f.
Hey. I just tried sending my IP datagrams through your networks? You got this firewall in place.
You are interfering with my right to free speech.
I don't care if you are a private entity. I want to send my IP datagrams though your network.
Bill, wahhhhhhhhhhhhhhhhhhhhhhhhhhh!
I don't know about this. If it's private, then why are the IP's controlled? Why must you use a public IP?
Crap.... That last "Covad sent out," should say "Above.Net sent out." I need to start using my PREVIEW button.
A lot of these "blackholed" sites weren't actually blackholed... (Example: Macromedia [there is no reason whatsoever to blackhole macromedia])
Above.Net is such a large backbone provider because of its very large collection of peering agreements (ie. direct connection to another provider). This allows numerous valid routes to be found, and the more routes you find, the more chances that a quicker route will be present.
One of their big peers (which will rename nameless, but you can figure it out with a little research) took a major dive, but all their routers still showed that the shortest route was through the dead peer. Hence the seeming of pointlessly "blackholed" sites.
Attached below is a copy of the letter that Covad sent out.
--
Dear xxxxxxxxxxx,
One of our peers is experiencing network issues that are affecting our
peering points. We are working with the peer to resolved these issues, but
at this time we have no ETA. You may notice latency or packet loss across
these peering points.
We apologize for any inconvenience this may be causing. If you have any
questions concerning this technical contact or would like to be removed
from this mailing list, please contact our 24x7 Call Center by email at
xxxxxx@above.net or call 1-877-xxx-xxxx / -1-408-xxx-xxxx.
Thank you.
AboveNet Communications
Metromedia Fiber Network
OK, back to the facts: Macromedia was listed on the RBL because, after several warnings, they continued to operate their 'opt-in' mailing list in an unsafe way, i.e. without requiring confirmation of subscription requests. The RBL is subscribed to by a large number of ISPs to keep their mailservers free from spam: Abovenet uses it to filter all IP packets from or to RBL-listed destinations from their network, which is a little extreme, but not 'stealth' in any way, since it is their stated policy to do this. (Don't like this? Don't buy transit from Abovenet or get an ISP that doesn't transit Abovenet...)
Since Macromedia apparently used their web server to send mail at some point, the result of their RBL listing was: no more Macromedia web services to Abovenet customers, or customers who receive their transit via Abovenet. Does this suck for these customers? Yes. Does it suck as much as large corporations not being a responsible Netizen? No, not at all.
Macromedia could have fixed this 'censorship' problem in 10 minutes by separating the mail and web services on their server, and assigning the web server a new IP address. One DNS change (and a few cache expiries later: give or take 4 hours) later, all would have been OK, web-wise. Why didn't they do it? Probably for the same reason their mailing list practices still suck: ignorance and/or incompetence.
This is not a censorship issue: it's an issue about weeding out the clueless on the Internet. And Macromedia apparently is the weakest link. Goodbye!
# jamie script Version 1.1
foreach $company(@enemies_of_peacefire) {
blow_out_of_proportion($story);
write_slashdot_story($story);
bash($company);
defend(enemy_of($company));
give_sexual_favor(taco,hemos,katz);
post($story);
wait_for_negative_comments();
defend($story);
pretend(journalism);
}
# Not that I don't think this story should have
# been posted, but at least be honest. This was
# about Peacefire, not Macromedia, and their
# troubles with the RBL.
icqqm [ICQ:11952102]
Route so we get 'Error - SPAM Not Found! Why? Click here. Who? Click here.' or at least *some* explanation when we try www.spammysite.com!
Blocking people who spam your network is a choice. Not telling your customers that you're blocking is pathetic (and possibly censorship and denial of service as well).
PS. There was a crack about Jamie automatically losing because of Godwin's Law. Nice try, no kudos. First, this isn't Usenet; second, Jamie was quoting someone else. However, it has demonstrated the codicil - intentionally trying to trigger GL will be unsuccessful. :)
umm no...censorware is used by choice. What abovenet does is pre-consumer...so, yes they would be liable.
Given that UUnet is the biggest source of spam on the net, that death penalty really ought to be imposed. By bouncing all my spam to sales@uu.net and info@uu.net, I finally reduced the spam from them from 7/day to almost 0. Unfortunately gridnet is also part of UUnet, and now constitutes the vast majority of the spam I receive.
Other than what I've done, I can't see how you might piss off UUnet. Even if you spam, they won't do anything. According to Spamhaus, their VP is pro-spam, as it apparently increases revenues for them.
The first thing we do, let's kill all the lawyers. Shakespeare, Henry VI, Part 2, Act 4, Scene 2
I used to sorta like the RBL as an idea. But it looks like Vixie is just going WAY to far now. SPAM email is one thing, but blocking all IP traffic just because you can is neither moral nor likely to be legal.
A well-crafted lie appears unquestionable - Dama Mahaleo
Sure enough, I was trying to get some support info from Macromedia last week and couldn't get through from work. All the traces died on Above.net's network. From home and from my colo it worked fine.
I just figured it was more crappy above.net service. Hell, I even opened a trouble ticket with them about this...the tech I talked to didn't know about the RBL listing, or it would have been a whole lot easier to troubleshoot.
So why is it that I can't get mail from Macromedia but I still got REAL spam? Also, why is it that they feel it's necessary to voluntarily block traffic when their network already does such a fine job of that already?
-------------------------------
What, me worry?
"Reputable" organizations should be held accountable if they don't follow-up on "newsletter" problems. I subscribed to a major news company's "breaking news" mailing list, only to discover their web-based subscription system repeatedly failed to execute my UNsubscribe request. After many unreturned e-mail and website form complaints I finally added this company to my spam filter. I'd have hauled them into small claims court if I was 65-years-old and had such time on my hands.
Blocking websites doesn't stop spam, and using the RBL to block websites will just end up pissing people off and causing a backlash against the use of the RBL for anything.
There should be made a distinction between what is wrong and what is illegal. Surely, nothing has been done that is not legal, as Above.net has full rights to do with its network as it pleases. We must however, consider that what has been done is not 'good' in the light of freedom of information and abuse of power.
It is in poor judgment for an organization whose purpose is to facilitate the filtration of spam to block content which it is not meant to block for the sole purpose of making a statement. They are not following the guidelines of their objective. They filter spam; they do not make commentary to the industry with abusive 'power moves.'
Likewise, Above.net is therefore providing its customers with a crippled version of the service to which they have subscribed. That is not illegal. I mean, if I had a network like Above.net, I could theoretically only allow users to visit persiankitty.com. I would of course need to be only providing a service that is meant to grant access to this one site, and as bad business decision as that would be, I would have full legal rights to do so.
As far-fetched as that is, Above.net is obligated, not necessarily legally, as I assume that they probably retain the right to alter the 'fullness' of their service, but rather as good net etiquette to not do that which they are not meant to do.
People should be able to choose what they want and don't want to see; this should not be left to be an arbitrary judgment of a 'higher power.' I understand that if people are not satisfied with the fullness of their service, they can always look for alternatives, but in this case, as in many others, there really aren't any alternatives for most of the people affected.
So although legally, they are slaves to whatever Above.net wants to do, 'preferably', they should not have to be. People should not only have the right to only view that which they want to view, but also the right to view everything that they want to view (permitting legal exceptions.)
Two, when you provide the serviuce, you are not being notified about what is being blocked. In the above.net situation one is made to believe that there is a server problem. In a censorware situation, you are told that the site has bad material.
In the case of censorware, you (or your taxes) are paying for a service that is flawed.
Fight Spammers!
The difference between a censorware list is that you don't have a libel claim...or do you. The above net practice could give the impression of bad system operations or of being a spammer.
Fight Spammers!
Fight Spammers!
The real issue here seems to be that above.net is doing it 'stealthfully'. Would it be better if they returned a message saying "We're pissed at Macromedia (or site x), heres why, hope you agree"? Okay, it would be better, but I mean, would it be enough? Would it no longer be a slashdot-sin?
John
Wouldn't it be possible to use IP tunnelling to get around their filters? Currently people are running an IPV6 network over the internet using a similar mechanism iirc. Using Freenet, we could set up a way to keep a list of IP addresses to use so that they couldn't block them all...
OTOH, this kind of shit shit shouldn't be tolerated and the companies providing upstream links to them should cut them off. Or maybe the government could regulate this somehow. They don't seem to give a shit about our rights, so why would they care about some ISPs?
Score +1 for Above.net. Now if only AT&T Broadband could filter some of that spam out of my mailbox... oh wait, those spammers get free connections, never mind. :)
-Pat
Taco had a problem: lots of crapflooding and noise that the user moderation system couldn't filter out. Sure, there was administrative moderation, but who was going to read thorough the thousands of posts to use it.
The solution was to find someone that was absolutely facist about free speech and could be bothered to want to make judgements about all the stupid anonymous and offtopic postings here. Sims apparently fit the bill according to the accounts, so Taco hired him.
The end result is that anonymous posting is pretty much been systematically eliminated. You can still do it (there's that nice checkbox), but you're likely to end up at -1 Offtopic no matter how on-topic you are. Why this is necessary, given the viewing threshold system, is unknown.
When I hear the word 'innovation', I reach for my pistol.
I'm downstream from above.net, and I'm fully behind them on this.
I almost feel sorry for the small time trailerpark crowd trying to sell me diplomas or CDs full of e-mail addresses. It's the mainstream spamming which must be simply absolutely not tolerated on the Internet, and I'm glad that there's powerful forces fighting it.
If it becomes acceptable for reputable companies such as Macromedia (or EA or eBay to name a few perpetrators) to spam, do you really think there's any hope stopping bubba19023@hotmail.com from flooding your inbox with MAKE MONY FAST?
When I hear the word 'innovation', I reach for my pistol.
And why, other than convention, is it limited to mail?
Put the list in a router and ban anything to/from those addresses. Which is apparently what above.net did, and has been reported doing in the past.
and why the heck isn't AOL on the list? seems like every other piece of spam i get is from some AOL ip, and no one i care about uses that schwag...
...or maybe i could get off my lazy butt and set up my filtering right.
in any case, i think that it's a good strategy to block certain high profile WWW sites if their apathy is causing me to waste my time sorting mail. however, this system does lend itself towards abuse.
muerte
for example the bit about Yahoo and the nazi memorabilia vs France last year. What if they said the the material would only be available via certain IP numbers, and French ISPs could be require to block those numbers?
Insert those groups that small vocal groups love to hate. Stir well.
Check out the Vinny the Vampire comic strip
"It is a greater offense to steal men's labor, than their clothes"
I keep seeing the following equation repeated all over the internet: too much power + morons = fsck'd operations....
there are no stupid questions, but there are a lot of inquisitive idiots
...especially to me. Since I started filtering based on the RBL database (RSS and DUL as well), the amount of SPAM in my inbox at the end of the day is significantly reduced. I don't take as many SPAM-related calls and SPAM-related emails either. Granted, I don't use the RBL's bgp-based service to filter all traffic from banned sites, so my users were still able to see macromedia's site. All in all, the RBL system has benefited myself and my customers. It's certainly classified as "stealth filtering" in that it's completely transparent, but my customers made demands that only the RBL database could fill.
Abstainer: a weak person who yields to the temptation of denying himself a pleasure.
Abstainer: a weak person who yields to the temptation of denying himself a pleasure.
--Ambrose Bierce
Well, ideally, people shouldn't have to worry about this things. Unfortunately, with the rampant popularity of the 'net, you've got to be paranoid as hell these days. If we ever wind up doing a mailing list at work, in addition to the standard opt-in confirmation paranoia, we'll also have a "personal reminder phrase". That phrase'll get included on all the mail as a reminder of the fact that they actually signed up for the list and that's it's not spam. Hopefully, that should cut down on the number of spam complaints. (We'll also keep copies of all the confirmation emails, as extra protection.)
As for the pre-blackhole contact, it's my understanding that before being RBL'd, hosts are first given an opportunity to fix the problem. It's only when they refuse to fix it (or when mail to postmaster bounces) that they wind up blackholed.
Think about it.
krystal_blade
It will be easy to motivate our fellow man; there is hardly anything people treasure more than not being annihilated.
I had read the article and I did mean my comments to address the blocking of email. I don't really have enough information to have formed a cogent opinion on the blocking of whole subnets (you can hardly call the editorial unslanted), and have mixed feelings about it, so didn't want to address it directly. My initial reaction is that I don't like the idea, but you also have to look at the real impact. If there are only 7 backbone providers in the world and all 7 subscribed, what happens then? Would we all be mad because half the net just disappeared, or would we all be happy because we could no longer be bothered by unsecured mail servers and spamweare sites, and the people sending the spam would see such a massive drop off on their return that they might actually stop? And when the half the net that disappeared came back because they cleaned up their act, would that be a better net than the one we have now? Is the short term pain worth the long term gain? Is the long term gain even possible? These are not simple questions, but certainly deserve consideration.
Thanks for pointing out my omission, though. I need to be more complete when posting.
Another point I want to add is that RBL works. I once worked for an ISP that refused to secure their mail server, because it meant the pointy head bosses might actually have to understand how their mail works when they were travelling. They ran for a year that way, against advice, and then one day popped up on the RBL list and started getting complaints. Problem fixed in about a day. The Sys Admin had to work his butt off to fix the relay, but he got it up and got off the RBL within a couple days. And he understood the net better afterwards.
But this is for network integrity reason! By using RBL, above.net helps punish a spammer and thus improve the 'net for everyone.
I'm also puzzled by this differeniating between blocking e-mail traffic only (acceptable) and blocking all traffic (unacceptable). There is no qualitative difference. Only quantitative. Such blocking helps the quality of the Internet by making it difficult (or impossible, or unaffordable) to spam.
In Soviet Washington the swamp drains you.
Macromedia's EDGE newsletter is definitely not spam, and it's unfortunate that the MAPS people added them to the RBL without verifying that. It's a legitimate newsletter.
I've always thought that /. was full of Raving Libertarian Nuts who wanted to privatize environmentalism.
Now, when we most need it, it seems everyone wants government controls on network providers. Our loyal libertarians now want to be able to sue someone for not forwarding their network traffic. What?!
One guy with a Score: 3 complains, "Hey! I paid for the full internet! Who's trying to censor me?"
If I put a network node up, why do I have to agree to pass your shit through? Why can you sue me for not wanting to forward your traffic? There's no requirement. Route your own damn traffic around me.
At the rate we're going, by the look of reader response here, it seems that if someone decides that they don't want to route traffic any more (say, they decide to turn all of their computers OFF), that they may be in for legal trouble. YeeeE!
What I need to do is, instead of posting to slashdot, notice the way people behave about these things. As one person only peripherally connected with all this, I have no influence whatsoever on this irrational behavior. I need to take this as an opportunity for learning about human behavior, and take note of the underlying influences, so that if they ever pass before me, I can take the correct motions.
Note to self: Zillions of dollars are wrapt up in the InterNetwork. Turning off your computer WILL be a crime.
Holders of Internet mailboxes pay real costs -- money, time and other resources -- for each and every e-mail message they receive. It is immoral not only to force them to pay to receive unsolicited messages, but also to insist that they either manually filter or use special filtering software to avoid reading e-mail they never consented to receive, either implicitly or explicitly.
Is it immoral that telemarketers call me? It costs me time to answer the phone - but that's what caller ID is for. Is it immoral that people come knocking at my door for charity fundraising? Perhaps, but that's what a peephole is for.
Suddenly it's IMMORAL to send an email to someone who didn't 'request' it? And their response is to stop people from getting stuff that they DID request (URLs)? I don't get it.
Who elected these people to dictate the morality of the internet? I certainly don't subscribe to their version of morality, and the heavy-handed imposition of this worldview is unacceptable behaviour, imo.
I suggest more people start using IMAP servers and clients, and avoid downloading 500 pieces of junk - delete it right at the server.
creation science book
Get a life!!!
It is called free enterprise.
If you don't want to be a part of it, then change your ISP to some one who does not care that his T3 pipe is filled with trash.
RBL started years ago, came out of ISP list groups (I still have the email here some where).
It was checked by lawers to besure it was legal and non monopolistic.
It is the right thing. Why should an ISP waste money to support a bunch of free loaders posting "Girls Girls Girls" or "make money fast"?
Why do people get on their HIGH HORSE, force someone else lose money.
Remeber this came form the days when T1 was big and expensive and Usenet would fill a 33k line 24hrs a day.
If you spent a moment and read the RBL -- to get off RBL -- FIX YOUR OPEN SPAM RELAY. Yup that is.
If Macromedia took to fix the problem was taking out their whole site... YEAH!!! Another dumb corporation learns.
It you want to bitch and moan about your damn rights... Then you put your ass and help the blocked sites fix their spam relays. Why should an ISP have to support them???
If you still want to bitch and be nailed to a wall. Join inet-access list.
Maybe I sound a little stupid here, but is there a possibility to access those sites if you are located at above.net powered backbones by going through providers like anonymizer.com? Or would it help if macromedia.com used Akamai? How would that look like for above.net customers? Would it still be an access to macromedia.com or would it be an access to a232....akamai.net? Just wondering ...
"I'm not above.net the law, I AM the law!"
I wish that my inferiority complex were as good as yours.
-RenderHead
When did Cooba become a member of the United States? I slept a lot in history class, but I didn't think I slept that much.
Gosh, you're right, that would be awesome! And then we can go after all those scum that host porn sites! And anybody with a dancing hampster! I mean, that stuff's all just a useless waste of bandwidth too, right? Not to mention the fact that right now--this very instant--I'm having to pay my ISP extra to carry packets from people just posting crap on /. The nerve!
While I agree that there are some things egregeous enough to demand relatively harsh actions, I think it's clear to most reasonable people that the RBL is overkill for what it's reacting to. Combined with the fact that it's relatively ineffective at blocking spam, which is its stated purpose (see cites in Jamie's previously posted article--third-party research indicates that MAPS is one of the worst filtering systems out there) I think that this is more of a witch hunt than a socially responsible act of network defense. Do you honestly think that spam really absorbs a significant percentage of bandwidth in these days of fat pipes and graphics heavy websites? (actually, if anyone knows that stat, I would seriously be interested in seeing a cite for it... I've always wondered). I understand, and share, the common disgust with spammers. I'm all in favor of most anti-spam tactics, even including retaliatory spamming (especially liked some previous posters method of harvesting salesperson's e-mail addresses and hitting them back) which are easily seen as just as evil as the original abuse. But the RBL affects too many people who cannot have any control over it, and operates in too much secrecy to have any broad educational effect. I see all kinds of posters to this story clamoring about how you should shop for another ISP if you don't like one that uses the RBL, but that's both impractical for users who can't track down backbone providers (which is what we're really talking about here) for their ISP options, and flat-out impossible if you don't realize that the RBL is causing your problems--they provide no notification to the end-user. Not everyone has the base level of technical ability that the average poster here does.
And for those here blaring loudly that as a private company, Abovenet can do whatever it damn well pleases with the traffic it carries (quite correctly), I have two comments: one, extend that notion to other commonly provided services you patronize and see if it still sounds good; two, don't bitch about the inevitable lawsuits... that's how matters are resolved when companies do whatever they damn well please.
Thank you.
No relation to Happy Monkey
But they do! The United States does not accept any imports from Cuba because of political differences. You can argue that there are consequences to that (non-)relationship, but don't think that it doesn't happen in the real world.
If I was a customer of Above.net and they suddenly decided to block my web access to a site which I use for support, etc I would think it would be a violation of our contract. They cannot just block access of their customers to resources and sites on the Internet without the consent of those same customers. If you were blocked from accessing Macromedia file a formal complaint with your ISP. Somewhere down the road someone you have access through is the check-writing customer of Above.net's. Enough formal complaints coming up the pipe might be a better message to them than the one they were trying to send to Macromedia...
From a certain spin, it sounds like terrorism.
It can also be called vigilanteism, guerilla warfare, or vandalism, if you treat the pipes to macromedia as a street that has been destroyed...
Subjective name calling and semantics aside, this might revolve around the fact that there is no kind of 'rules of engagement' among netizens. In real life there are governments, societies, and political bodies to define right behavior and civic mindedness and stuff. Wars are fought over this.
So Macromedia, and others, are accused/defined as spammers, and are treated as such.
Spin, sensationalism, defamy, etc, spring up to attack, defend, rationalize, explain the event.
What can we do to address the bigger issues? What can we do to define and understand what these issues may be?
It's very vague for me; parts privacy, security, trust, parts honesty, integrity, and cooperation. There is probably more I'm not defining as well. All netizens need to be involved. Governments, net bodies, and corporations are also strongly tied into this, as well.
Geek dating!
GPL Deconstructed
If I don't want to be part of what?
I don't question the actions of the RBL; they acted, and I didn't criticize their actions, other than mentioning that it was symptomatic of something grander than RBL or Macromedia.
Tell me what my high horse is? When did I advocate forcing anyone to lose money?
When did I criticize or advocate or demonize the RBL and bitch about getting of the RBL?
When did I bitch and moan about my damn rights? When did I complain about the ISPs?
Geek dating!
GPL Deconstructed
So when did I invoke Godwin's Law? No Hitler or Nazism. I did invoke the comparison that individual action taken by the RBL can be described as vigilante action because they are self regulated in an environment not clearly delinated by laws, regulations, or regulatory bodies such as government, culture, religion, or tradition.
Is that the Godwin component?
Geek dating!
GPL Deconstructed
First, since the early days of spam fighting, web sites advertised by spam were subject to blocking because the actual machines sending out the email were often more of a victim than the recipients, and the only way to discourage spammers from using innocent third parties as their spam hosts was to block the web site they were advertising.
Second, a good network administrator is going to block connections from other sites/networks engaged in activity that threatens the integrity of their network. Spam is a threat to the integrity of the internet as a whole. Individual administrators were closing off access to abusive sites long before the RBL and the RBL formed more as a convenience to lessen duplicated effort than as any censorious force.
Third, the decision to block Macromedia's web site is part of a content neutral policy regarding the treatment of spammers. Most network admins are supportive of free speech and react strongly to accusations of censorship. Because web site blocking is the only way to deal with porn spammers playing whack-a-mole by sending their spam from a horde of third party accounts, web site blocking is part of the RBL "experience." Macromedia lost connectivity to their web site because of past flame wars which resulted in declarations that the content of the spam would not be a consideration in the treatment of offendors. Macromedia was treated exactly the same as a sleazy porn spammer with no judgement as to the content of their wares because their actions were indistinguishable from those of sleazy porn spammers.
Finally, it's very hard to get onto the RBL. Macromedia had to blatantly ignore several warnings and be the subject of continuous complaints to be added to the RBL. (Note that it doesn't take that many complaints, only a continuous stream of them.) I suspect that macromedia had a small number of people who were getting spammed despite requests to stop and that they were unresponsive to the complaints. (This is always frustrating for the person being subjected to problems originating outside of their own network. The offending site has a duty to correct the problem and failing to do so within a reasonable amount of time is ample reason to stop passing their traffic.)
I have one email account that I give out ONLY to family and friends. I have NEVER given out that address to ANY business. I had NEVER received a single spam at that email address before.
Suddenly, I began receiving spam from Macromedia. I proceeded to follow their steps to remove my name from their spam list and continued to receive their spam.
I sent an email to their customer service department and they replied that they don't spam. That I HAD to have given them my email address.
Well, folks, I HADN'T! I went through their removal process a couple more times, then just added them to my email filter. I may continue to receive their spam. I just don't see it any more.
But why is the rum gone?
long ago, any e-mails i would send to friends and relatives using aol would forever be bounced back as my ISP had been basically banned by aol. Of course it didnt matter that I had nothing to do with spamming of aol, but it was well over a year before I could send e-mails to anyone there.
-
If the censorware providers can just suddenly remove a segment of the Internet from apparent existance to its users, who really controls the Internet? Is it the content providers (partly), the bandwidth providers (partly), or the people who "keep our children safe from the evils of freedom of information and viewpoints their parents might not desire" as one site I don't remember put it.
They tried to get away with something very bad. Yes, I know that there -is- pornographic Flash movies. There's pr0n in every format in existance today - GIF, JPEG, movies, flash, even ASCII art. (No, I am not an expert on the subject.) However, just because the potential for ill use exists doesn't mean that every use of it is malignant, and they were partly shown this when the site was "reopened."
We need to make sure that those who provide the networks and provide the content control the Internet, or at least control more of it then the people who use software to control other people's networks out of fear.
J.W. Koebel
There are two basic issues, I think.
(1) If all you do is stamp out spammers, it's an eternal game of whack-a-mole. Arguably, if you really want to stop spam by making it nonviable, you also have to shut down the channels by which responses come back to the spammers from their victim/customers. Since one way those responses come back is by hits on web pages, you can try to get the web pages shut down. Indeed, many AUPs prohibit web pages which are advertised using spam.
But shutting down web pages is obviously a dicey issue. So the second issue is (2) the RBL is a bit too monolithic. If you want to limit yourself to putting just one toe in the dicey water of censorship, if you want to shut down the IP addresses actively involved in sending spam but if you're not ready to take the much more contentious step of shutting down every IP address of any web server that hosts, among its many pages, one pointed to by a spam message, last time I checked, you can't do that with the RBL. Subscribing to it is all-or-nothing; once you're using it, you're elminating everything its maintainers want to eliminate.
Don't get me wrong. I'm not pro-spam, or anti-RBL. But if I were using the RBL, I think I would want to use it in this one-toe-in-the-water mode; I'd want to know why each address on it was on it, so that I could choose to block traffic to/from only the active spam sites, not the passive spam victim target sites.
truckers from cuba have bigger problems than that....mainly a large expanse of water.
There's nothing Intelligent about Intelligent Design.
Perhaps I should start the PixelDate.com Whitehole List (PWL), a list of IPs that have been blocked, but shouldn't be. Naturally, it would be optional for ISPs to subscribe to the PWL - and presumably, they would only do so if they believe that the advantages outweigh the disadvantages. Of course, it would take a certain amount of effort to keep the list up-to-date. But if this service adds value, they should be willing to pay for it, shouldn't they? What do you think would be a fair price for a subscription to the PWL?
sig: BeanShell: lightweight scripting for Ja
...block MSN (and AOL?) ? This would effectively stop 95% of the spam I receive.
- I am made of meat.
The Internet is a collection of private networks, not a common carrier. Therefore, anyone connected to the Internet, whether it is an office LAN, an ISP or a backbone provider, can block traffic from any part of the Internet it chooses. Anyone who doesn't like the policies of their upstream can find another connection point.
Yes, that sounds harsh, but consider the alternative. If the Internet was a common carrier, the whole concept of self-policing goes out the window. If you're a service provider, you can't block any traffic entering or leaving your network. Forget about filtering spam, and forget about refusing to sell a connection to that guy you know is going to use it to send spam. Forget about cutting him off if he's already connected, unless sending spam happens to be illegal in your jurisdiction. You have to serve anyone who can pay and who don't have some legal impediment to getting service, and you have to allow all traffic to enter and leave your network, whether you want it or not.
That light you see at the end of the tunnel might be from an oncoming train.
Well, you have to use a public IP because, if you don't, there's no way for your traffic to get routed, since others have to know your IP in order to send and receive data to/from you. You could set up your network to use all private IPs, but you'd only be able to talk to your local machines.
OTOH, if what you're asking is why we have things like ICANN and why the Commerce Department is involved, you have to trace the history of the Net back to its beginnings, when it was dominated by the military and universities, but that's too long a discussion for me to get into here. But what it boils down to is that you don't have to use the root servers and DNS infrastructure that ICANN is taking control of if you don't want to. In fact, there's been some discussion on /. about bailing out on ICANN. If enough site admins decided to do it, then it'd happen.
But what it comes down to is this: Being a common carrier is a legal definition, so if you want to know whether or not the Internet is or isn't (it most certainly isn't), you can look up the Telecommunications Act of 1996, or, if you don't want to do that, give the FCC a call and ask them, since they regulate all common carriers in this country. You can reach the FCC Consumer Information Bureau at 1-888-225-5322 or the FCC's main switchboard at 202-418-0190.
That light you see at the end of the tunnel might be from an oncoming train.
I will agree that state/government owned bandwidth should not be blocked. Therefore if I require full access to the net I should be using state/government run access points.
/.'s) Know that the hook up points for USA government nodes are under funded and lack real bandwidth. I believe there is a write up in /. but I could not find it.
/.er's to find a better ISP that would not restrict traffic to all site (no filtering) therefore I moved my account to them.
.)
Furthermore some people (maybe even most of
Now let's discuss commercial bandwidth. Someone is paying for this bandwidth. I as a subscriber to xyz isp must be subject to the terms and conditions of the xyz isp. I am required to read the terms and conditions of this ISP. In a past post of mine, I had to request the help of
If you as the user find yourself restricted in anyway when surfing the "net", you should research to find the alternatives. I can say that earthlink is one provider that "filters" traffic.
Backbone operators are in no way required to carry any traffic that they do not desire or might be required to move that traffic at a restricted rate so that it looks like it never is there in the first place. So if I am not interested in moving xyz.com's traffic, I should, by my right or contract agreement, delete it's existence or move it slowly, unless you, as the consumer demand it back (at that point I'll charge you for it
Is this alternative an acceptable one? I for one do not find it acceptable, but it seems that unless there are others like myself that are willing to ask and switch their services to keep on enjoying the net as a free source of information, the future of the bandwidth road is now visible.
ONEPOINT
if you see me, smile and say hello.
ISP's in the USA have 2 ways ( that I know of ) connecting to the internet.
1) via government sponsored backbone, and if you use it then your subject to those rules.
2) via backbone providers that run their own networks. then your subject to those corporate rules.
ONEPOINT
if you see me, smile and say hello.
This is precisely what email confirmation is designed to ensure.
Still think it's dumb? Wait 'til I go visit 400 websites and 'opt-in' using your email address.
OK. You've made the case why Above.net is not obligated to carry Macromedia's traffic. But what about Above.net's customers? Above.net has deliberately failed and deceived them. They should receive 100% refunds of their fees!
If above.net is not subject to the First Amedment, then they ARE subject to discrimination laws. So they still can't "firewall anyone and everyone they choose to firewall for any reason whatsoever."
They can't drop packets based on characteristics like religion, sex, disability, or any other 'protected' group.
That said... 'Spammers' is most certainly NOT a protected group and Macromedia does not seem to fit in any other protected group. So, Macromedia must either ask Congress to protect 'spammers', or convince a court to overturn their inclusion into the blacklist. Until then above.net can do whatever it wants.
Cyberia
Hotmail offers something similar. The biggest problem with Hotmail's is that if a new address sends you something it automatically gets placed in the bulk email box and you have to wade through the spam to find it and approve future mailing from the sender.
Thank you for reading this comment.
point is: don't blame MAPS for putting macromedia on the RBL. Blame Macromedia for being so obnoxious they got put on the RBL.
i had a sig, once..
Why doesn't someone put together a Paid Brightmail service, modelled on the soon-to-disappear Free Brightmail service?
Apparently the problem is that they allowed you to fill in any email address you liked as your own address when you registered. Don't like someone? Register in their name. Maybe register them with a few hundred different newsletters from other sites too, just for fun.
I imagine there are scripts around to do this.
It would be easy for Macromedia to send one email saying "Please confirm your registration by replying to this message." If they did that, the victim would get just one message per forged request, and the problem would go away if ignored.
imagine if states started blocking truckers coming from certain states
i think the consequences are obvious and so they are here.
the answer ? what would happen if all other major backbones dropped traffic to/from above.net
they would cease to exist as a business.. as, in my opinion, they should
censorship shouldn't be tolerated especially at the backbone level
I'm a little confused. As a customer of Above.net, I received a notice from them stating they were no longer going to use MAPS RBL. I found this a little surprising, considering that Paul Vixie was one of the founders of MAPS and is the CTO or VP of Something at Above.net.
In light of this, I'm confused. Is Above.net using MAPS or not? This notice came a couple of weeks ago.
Well, for starters, macromedia wasn't down for me, so no cookie here.
/. exist (no, not trying to shove my head into anybody's a**, it's just an example) and these communities react sufficiently sensitive to censorship, the maintainer will be able to post there. And he will get an reaction.
.02 E
I dont't think it is possible to remove a web site from the 'net like this w/out anyone noticing. Why?
1) Not everyone uses the same provider. Not all providers use RBL. So, there's always someone who can see the page (although I have to admit this is a pretty weak point)
2) There are other web pages. As long as open forums such as
Just my
anno.
In the society we all have created on-line, many organizations and companies have created credit reports, blacklist, and "consumer protection" software. The idea is sound, however the implantation is unacceptable. Many services are quick to block, ban or badmouth anyone or anything on the Internet with out a minutes' worth of investigation. And it is damned near impossible to clear someone of these "charges". Ever try to clear up a faulty credit report or get off a banned site list for censor ware? It is likely I the future there will be some checks and balances for reporting and censor. Just hope your company doesn't get tagged.
"Get them before they get....
This is such a touchy topic. On one hand, spam == evil, but on the other, does one company have the right to censor their portion of the internet with not a single entity they have to answer to? The biggest problem that I personnaly have with spam isn't the advertising facet, ads are a fact of life, deal. The problem is that they are ads sent to me at MY EXPENSE! Everytime some idiot sends out a million e-mails telling me about the latest penis-enlargement, or get-rich-quick scheme, it costs every 'net user money. These costs are incurred in higher access fees, slower networks, etc. If you want to advertise, fine, but don't make others pay for it. (yes, I do understand that ad prices are embedded in product prices anyway, but this is different). On the flip side though, what the hell gives Above.net the right to effecitvely drop sites off of a signifigant portion of the net with no repurcussions. There is no real process to this, it all seems arbitrary.
Where's my lobbyist? Right here.
We were considering colocating some servers at Above.net, now we won't, our philosophy is to give the individuals more control (hence our filter technology) and not do system wide filtering.
ZDNet testing labs did a comparison of various spam filter technologies, the RBL ranked rather low and also filtered out a small percentage of "legit" email.
Check it out.
Nice to see the looney tunes at Peacefire have once again gone crying to the media in a blatant attempt at attention.
After SEVERAL requests that Peacefire's host deal with a persistent spammer, the RBL listed that section of the ISP, What do they do? Fix the problem that's causing the trouble?
No way, Jose.
They move the Spammer AWAY from the block, and move Peacefire INTO the block, so Peacefire can shout "Help Help, we're being opressed! Come see the censorship inherent in the system!"
I have NO sympathy for spammers, OR Spam-Supporters. Everybody says just hit delete when it comes to spam. Or opt out.
Even if opt-out DID work, which it cannot, due to all the "Remove" instructions that turned out to be just new ways to verify live address, that means everybody has one free crack at my e-mail box. Who pays for the upgraded servers caused by junk email? Who pays for the staff to deal with crisis situations when some fool who thinks he can "Make Money Fast" Sends out a couple million pleas?
You do. I do. Joe Average does.
And despite claims to the contrary, not all sites that subscribe to the RBL drop packets from the websites listed therein. That is an OPTION that the ISP's who USE the RBL can use or not. The RBL isn't dumping people into a black hole by itself. It's coming from ISP's WHO TRUST the RBL, and confirm their judgement to say "These people do not wish to work in harmony with the rest of the Internet, therefore we do not wish to associate with them"
Anything else is blatant kookery by a Don Quixote wannabe who can't stop jousting at windmills.
People Talking in Movie shows.. people smoking in bed.. people voting republican.. GIVE THEM A BOOT TO THE HEAD!
Don't like it? Find a provider that doesn't use it. You don't have First Amendment Rights when it comes to a PRIVATE COMPANY! The only thing the first amendment covers is "Congress shall make no law to abridge free speech" Spam, and Spammers do not follow "free" speech. You pay for the bandwidth so THEY can annoy you. "Speech isn't free when it comes postage due"
People Talking in Movie shows.. people smoking in bed.. people voting republican.. GIVE THEM A BOOT TO THE HEAD!
So although legally, they are slaves to whatever Above.net wants to do, 'preferably', they should not have to be. People should not only have the right to only view that which they want to view, but also the right to view everything that they want to view (permitting legal exceptions.)
Net: There is no law that says you have the right to view anything you want to view. As long as Abovenet makes it perfectly clear, WHICH they most certainly do (linked off the main page even with the Anti-Spam link), it's not false, it's not fraudulent, it's their choice.
And I understand Full Well the rationale behind people blocking web sites that support spammers and/or Spam. Quite a few people spam to get click through hits more then to get them to buy something. This prevents the spammers from getting those click throughs, thus it is not profitable and they stop spamming
People Talking in Movie shows.. people smoking in bed.. people voting republican.. GIVE THEM A BOOT TO THE HEAD!
I don't see that blocking the web page really accomplishes much other than alarming Macromedia.
I do know that a big company like that cannot afford to have huge spam-suits, and so would very likely unsubscribe one upon request. This is serious business!
This has really gone a mite too far. Perhaps people should've done their homework better.
Using the RBL is volentary, your ISP dosn't have to use it. I've heard the line before, "our mailing list is Opt-In, and is not spam", when it clearly is spam. My ISP uses all 3 MAPS filters, which has cut down on a tremendous amount of spam, for which I am thankful. If there is anyone here who dons't think they are getting enough spam in their lives, let me know, the MAPS filters dons't catch all of the spam. I'll be happy to forward any spam that gets through the filters to you. "DEATH TO ALL SPAMMERS!!!!"
They need to add MSN.com. I receive at least 20 pieces of SPAM a day from people using the fake MSN domain name. To bad I cant write in my Hotmail fliters : *@*.msn.com www.DanCclark.com
Why is this website so kickass ?? Find out for yourself --> Danny D
What's truly amazing is that yet another group of do-gooder idiots (read "I want power! waaah!") is out to 'save the world' from spam.
I hate spam. But I sure as hell don't want *you* deciding for *me* what I can and cannot get in my inbox. I signed up for no such service; to have a backbone blindly implement yet another anal control-groups blacklist is annoying, to say the least. If they offered to allow me to opt-in to their program, no problem; but I don't have a choice in the matter.
Bah. Extremist morons. Next you'll be telling me what web sites I can go to...oops!
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
You may feel this way - but it's not the way it is, nor is it the service you purchased. You'd better go back and read your fine print.
Ever hear of the IP badlands (you know all of those unroutable Class C addresses that are about)....or remember the whole stink about CIX NAP points? Paying for Internet Access does not pay for access to ALL the Internet. Read the fine print and you'll note that most standard ISP agreements specifically indicate that routing is not guaranteed beyond their NAP access routers and that even then, they may not route traffic they deem inappropriate on or off their networks (most AUPs state the right to cut off traffic from offending sites external or internal to their network).
And seeing as they aren't common carrier - they have a right to run their business as they see fit...there's no regulations to tell them otherwise or that they MUST provide EVERYONE with ubiquitous unhampered access to everyone....so keep dreaming;)
anyways - i have nothing more of value to add - just really hate it when people assume things about what they bought rather than know about what they bought...
So; above.net just decided to block Macromedia in attempt to get them to stop spamming? What an aggressive step. They effectively took down a website because of a newsletter.
I've been to www.macromedia.com many times; and not once have I recieved spam from them. So why take down the entire site to stop the newsletter that many people probably never get?
Phoenix
I've actually come to love Hanson and here's why: These kids are a giant rehab festival just *waiting* to happen!
The idea of "blocking out" spamming hosts and such seems at first glance like a useful tool to block unwanted solicitations and such, but blocking an entire host at the IP level essentially cuts off a portion of the web to a client, as shown by the macromedia example. This is essentially like filtering software, where the "parent" is the ISP.
Personally, while I detest spam, I think giving a few people the power to arbitrarily cut off traffic from an IP is far too broad a power, because it is something that can be used insideously. Sure, cut off some major corporate websites, and have them rattle their sabres, and say "sorry, our mistake", but what happens when the little guy who may just have an opinion that is controversial? I would prefer the spam to the eerie silence of the alternative.
Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
Some people say that private companies should be allowed to filter whatever traffic they like, and some are opposed to this idea. The internet is for the free trade of data including information and ideas. If an individual comany regulates that data what about the users that are paying to get whatever information they want? However, then on the other side the users always have the right to choose another ISP. So which is right and where do we draw the line? When does filtering step over the boundaries?
Well, Haselton and McCarthy's knees jerked exactly like Hayes hoped they would. Between the two of them, Peacefire's reputation among non-spamming people has gone into the toilet - but I'd bet Joe Hayes is really happy with them both!
From: sorbus_rowan@my-deja.com (Rob Mitchell)
Newsgroups: news.admin.net-abuse.email
Subject: Media3/Peacefire developments
Date: Tue, 29 May 2001 20:40:07 -0500
Message-ID: sorbus_rowan-2905012040070001@hunt-pri1-a21.t xucom.net
Mr. Hayes has at last responded with a fairly lengthy explanation as to why Peacefire was moved to 209.211.253* in August. Without going into great detail, much of it is actually quite plausible, including the addition of a new improved server within that space shortly before new websites began being run on it.
Mr. Hayes, however, ruined his explanation at the end, by making an outlandish claim, which is quite provably false.
He said that from June to November 2000, only mail originating from 209.211.253* was being blocked by the RBL, & that websites in that IP space were not blocked until November.
This of course does not fit the typical practices of MAPS. Usually, as was the case with Cybercreek for example, it was the spamware sites themselves which were blocked from the beginning, not necessarily mail directly associated with those domains, & often not even that. Then too, it is quite obvious from the RBL evidenced file that 209.211.253* was blocked in its entirety from June 2, 2000 onward. My understanding is that (depending on how certain ISPs chose to use the input, of course), if an entire C-block is listed, then everything within that IP range can be blocked. There is not necessarily any distinguishing between mail-servers, websites, etc. within that IP range. Certainly certain ISPs can chose to block only mail, not http access, but the entire range can also be blocked.
Contemporary evidence that websites within 209.211.253* were indeed being blocked by early July at the latest may be found here:
http://groups.google.com/groups?hl=en&lr=&safe=off &ic=1&th=6061bc8accbab793
In the first article in the thread one can see Steve Linford confirming that the sites were unavailable behind the RBL, & at least one other poster within the same thread added further confirmation that this was so. The traceroute provided proves the inaccessability of the C-block. Other articles were posted in the same month which further verify that indeed the RBL was blocking websites in that IP range, not just email. As I pointed out to Mr. Hayes in my reply, such articles would obviously not have been posted had the RBL only been blocking mail.
The RBL evidence file for 209.211.253* confirms that Mr. Hayes was told over the phone that the entire C-block would be added to the RBL by June 1 if the SAMCO sites were not removed. Nothing is said there that Mr. Hayes was told that only email would be blocked, & in any case it is obvious that no such guarantee could have been made, as many ISPs would simply chose to block the entire range, http & all.
Much of Mr. Hayes' explanation for the moving of Peacefire seems quite valid, but I am extremely disappointed that he would make a claim that would be so easily proven wrong. And unfortunately it is this particular aspect that lies at the heart of this issue: did Mr. Hayes know, before Peacefire was moved to 209.211.253*, that Peacefire the website would be blocked from the moment it entered that C-block?
There is no possible way he could not have known.
Witnesses to this most recent exchange include, as previously, Mr. Hayes, Mr. Linford, Mr. Finkelstein, Mr. Haselton, & a new addition, Jamie of Slashdot. In my reply sent to all these men, I advised Mr. Hayes to come clean, especially with Mr. Haselton, & admit that he did know www.peacefire.org would be blocked by the RBL before it was moved to 209.211.253* in August, & explain why he neglected to inform Mr. Haselton of the fact until November.
Rob
Taken from news.admin.net-abuse.email
Message-ID: spicy_crust-2505012218280001@hunt-pri7-a20.tx ucom.net
Subject: Joe Hayes of Media3 refuses to deny that Peacefire is a pawn
Date: Fri, 25 May 2001 22:18:27 -0500
Posted by Rob Mitchell
Let's look first at the history of how I got involved in this.
On 1-20-01, one Seth Finkelstein, a self-proclaimed "Peacefire member" (whatever this means), began a thread in this newsgroup titled, "Peacefire, MAPS, accusations spinning out of control." This was in the month following the media story in which it was noted that "innocent sites" on Media3 were being blocked by the RBL, because they happened to be placed in the same Class C block as certain Samco spamware sites. It soon emerged (from Bennett Haselton himself of Peacefire) that Peacefire had been moved from its previous IP address & put into this C-block in August 2000. It was quickly noted also that this C-Block had been in the RBL already for 2 months by this time. Mr. Finkelstein raised several issues, but what most interested me is the point raised by numerous regulars as to exactly why Media3 chose to move Peacefire into this particular C-block at this particular time. In response to this point, Mr. Finkelstein several times stated that it would be more appropriate to question Joe Hayes of Media3 about this issue, rather than attacking Mr. Haselton. I reproduce below all of Mr. Finkelstein's statements to this effect in this thread, as well as his statements that he was a "Peacefire member," & had "worked with" Mr. Haselton (the veracity or lack of which I assume Mr. Haselton himself can confirm), up to the point of my entry into the thread.
The entire thread may be seen by anyone with standard Internet access at this URL:
http://groups.google.com/groups?hl=en&lr=&safe=off &ic=1&th=f891c74647a47099
1-20-01:
Mr. Finkelstein began the thread with this article, in which he (among many other things) said:
"This is all spinning out of control. Let me state my affiliations and biases up-front. I'm a Peacefire member, and a Peacefire Honorary Teenager. I've worked with Bennett Haselton, and think extremely highly of him. But I'm speaking for myself and only myself, Bennett didn't ask me or induce me to write this in any form. I didn't discuss it with him. This message is informed by my general background, but he had nothing to do with it."
1-21-01:
Message 15:
"Me, I think Joe Hayes of Media3 has a lot of explaining to do. Remember, I'm not Bennett, I'm not Peacefire's PR officer. I'm just a person who knows them both writing on my own to try to do something about a situation I see as spinning out of control."
Message 22:
"The person to badger is Joe Hayes of Media3, not Bennett Haselton of Peacefire. Don't expect Peacefire to go after Media3. Go after Joe Hayes for a what-did-you-know-and-when-did-you-know-it."
Message 33:
"I went over this as error#3. Hayes != Haselton. My opinion is that *Hayes* should be getting the grilling, not Haselton."
Message 54:
"I don't think Peacefire is being Media3's sockpuppets. However, I think the best thing to do is to put *Joe Hayes* on the hot-spot. The more Bennett Haselton gets attacked, the worse this'll be."
Message 60:
"I don't have the ability to grill him and make it *stick*. I can *try* to get people who do have that ability to go after Hayes instead of Haselton. But perhaps I'm wasting my time, in that people would rather flame me instead of grilling Hayes."
Message 70:
"I'm not obscure. I *like* Bennett. I respect him tremendously. I've worked with him. I'm a Peacefire member, and honored by it. I think this whole situation is spinning WAY out of control, and I was moved to try to do something about it."
1-22-01:
Message 199:
"I keep pointing out, I'm not in a position to grill Joe Hayes. I'm not on the right lists, I don't have the expertise to argue with him about hosting. I suspect there are people in this newsgroup who can do so. But it seems it's easier to berate me on and on for not having an answer that I cannot have."
Message 207:
"First, as to messages on my screen, it's got to be literally 6 to 1. And as I just wrote, *I* *don't* *know* the answers to any hosting questions, and I can't get them in any reasonable way, and I believe some people on this group could do a much better job than I could...I am not in position to have complete facts. I don't think anyone is, with the possible exception of Joe Hayes on the hosting issue."
In response to this very article, I wrote in Message 247:
"Then why are you still here? Give their addys to me & I'll give it a try."
Thus what I saw was a "Peacefire member," apparently putting out a call for help in this newsgroup for someone who had the "expertise" to "grill" Mr. Hayes about the reasons he chose to move Peacefire to a C-block which was already in the RBL, to do exactly this. And common sense suggested to me that if one Peacefire member felt this way, undoubtably others did too. Mr. Finkelstein just happened to be the only "Peacefire member" posting in this newsgroup at that time. I thought that I might possibly posess something at least approaching the "expertise" being asked for, as I have a few times, armed with extensive documentation, "grilled" certain entities, occasionally with visible results (Maxim, Ibill, & Altopia come immediately to mind).
As I recall, very shortly after I posted Message 247, Mr. Finkelstein himself emailed me, & gave me 2 addresses for Mr. Hayes. Thus I was indeed "asked" to be a liason with Mr. Hayes; I was asked by a member of Peacefire. I find it fascinating that Mr. Haselton himself, in a recent article on 5-24-01, made this statement which I made in my first email to Mr. Hayes on 1-23-01 out to be something which would probably cause Mr. Hayes to be "pissed off," & to be merely calculated by me to be "something someone would say just to get a faster response," when in fact it was one of his members, someone who had supposedly "worked with" him on issues which he felt important, who had requested me to contact Mr. Hayes. Also Mr. Haselton has seemed not to notice that I was in fact complying with one of his members' request that pressure to resolve this issue be put on Mr. Hayes, not on Mr. Haselton, & that one of my objectives was obviously to determine Mr. Haselton's innocence regarding the accusations that he & Mr. Hayes "conspired" to move Peacefire to an RBL'd C-block for the purpose of giving MAPS bad publicity.
Little thanks, it seems, do I get from Mr. Haselton for my attempt to clear his name.
In preparation for my first email to Mr. Hayes, I investigated the Media3 netblock in which Peacefire had been moved, 209.211.248.0 - 209.211.255.255. Of the 8 Class C blocks within this netspace I could find only 1 that was in the RBL, 209.211.253*, the block which contained Peacefire. My suspicions were immediately aroused, & I began to wonder why Peacefire had been moved into the 1 block out of these 8 which was blackholed. I started to check at random various individual IP addresses within the 7 blocks which were not blackholed, found a number of them which contained websites, but also a number of them which contained no websites, proving beyond all possible doubt that there were plenty of IP addresses on which Peacefire could have been placed which were not blackholed.
All this I noted in the email which I sent to the 2 addresses Mr. Finkelstein gave me, on the day following my offer to contact Mr. Hayes in Message 247, the complete text of which I posted publicly here a few days ago. I also made note of the fact that Media3 also owned 206.67.48.0 - 206.67.63.255, which amounts to 16 other C-blocks.
In his response, Mr. Hayes said that he would be happy to answer my questions, but pleaded constraints of time & many other responsibilities in asking me to be patient in understanding any delay in his future replies. He also said, however, that some of the facts I presented were "inaccurate," & that I apparently had a "slanted" disposition (this text also has been posted publicly here, along with full headers proving that the email was not "forged" or some other such nonsense). He did not, however, answer any of the questions I raised in my email. In my reply of the same day (which I have not yet posted although several people have now seen it, including Mr. Haselton himself who has posted parts of it here), I asked what was "inaccurate" about my statements. Did not Media3 own these blocks? Was it not true that only a small minority of them were in the RBL? And in response to the "slanted" inuendo, I stated that I had been asked to initiate this correspondence (which was indeed true), & made it clear to him that many people believed that Media3 had purposefully moved Peacefire to an RBL'd C-block, even though it had a far greater number of C-blocks which were not blackholed, for the purpose of causing MAPS embarrassing press. I also made it plain that I was quite prepared to listen with an open mind to any alternate explanation Mr. Hayes chose to give me, but I warned him that a failure to offer such an explanation might reasonably be interpreted as an indication that no such explanation existed.
Mr. Hayes did not take me up on this offer, as no further response ever arrived. Out of respect for him, I did not email him further at that time.
Much more recently, with Mr. Haselton once again going on & on about this matter, I decided that I would attempt one more time to resolve this business once & for all. This time I purposefully cc'd my email to Mr. Hayes to Mr. Haselton himself, & to Steve Linford & Spamjamr, so that I would ensure objectivity by having 2 witnesses on each side of this issue. I presented my 2 January emails again, & made the point that out of Media3's netspace which I have so far discovered, 63.74.120.0 - 63.74.123.255, 206.67.48.0 - 206.67.63.255, & 209.211.248.0 - 209.211.255.255, which amounts to a total of 28 Class C blocks, I have only been able to find 3 entire C-blocks which have ever been in the RBL, 206.67.53*, 206.67.55*, & 209.211.253*, & only a portion of a 4th, 206.67.58*. Thus this meant that something around 24 C-blocks had been available to which to move Peacefire which were not blackholed, yet Media3 chose to move the site to 1 of only 4 which was blackholed. I asked Mr. Hayes once again to provide an explanation as to why this was done. Twenty-four hours later no response had yet been received from him, which I noted in another email to the same 4 recipients on 5-24-01.
To this Mr. Hayes did indeed respond, but even though on 1-23-01 he had begun his email with, "I would be happy to answer what I can for you," this time his reply was far different in tone. In this email, in which he addressed to Mr. Haselton, but which according to the header was sent only to me, although he may very well have bcc'd it to others, he said:
"Bennett,
Would you mind forwarding my previous yo last email to him. I really don't have time to deal with this idiot."
My reply to this was considerably less polite than my previous emails had been, although in none of this correspondence had I ever even once lapsed into vulgarity. Without going into detail, I made it plain that I will never email Mr. Hayes again, unless circumstances change.
I will be happy to reproduce this entire correspondence publicly, full headers intact, should Mr. Haselton or Mr. Hayes challenge the accuracy of my summary in the slightest, & Steve Linford & Spamjamr will be able to verify that I am producing exactly what I sent, without the slightest alteration.
Here are the facts, which are currently to my knowledge undisputable. Media3 owns at least 28 Class C blocks, & only about 4 have at any time been blackholed by MAPS. The MAPS evidence file, when one does a lookup on Peacefire's IP address, shows that the file was created early in June 2000. Mr. Haselton has said in numerous public statemtents (horrendously easy to find on Google), that Peacefire was not moved into the RBL'd netblock until 2 months later, in August. Mr. Haselton has also made numerous statements in Usenet, & also in some articles to Spam-L which were quoted by other posters, that there were various reasons why Peacefire's IP address had to be changed in August. However, I have searched in vain for even a single article in which he has offered any explanation whatsoever as to why the decision was made to make this change into a blackholed C-block, when a far greater number of C-blocks were available which were not blackholed, nor has he ever reproduced any communication from Joe Hayes explaining why this was done. Nor have I been able to find a single example of anyone else producing such a communication, though I have found several articles in which others said they had tried to get this answer from Mr. Hayes, & had been met with silence; some of these can be seen in the January thread I have cited above.
If any of this is in error, I would be more than happy to be corrected by anyone presenting solid documentation to the contrary.
Thus even though a member of Peacefire specifically asked me to attempt to clarify this issue, & repeatedly voiced the concern that Mr. Hayes had an obligation to answer this question truthfully & without equivocation, & even though I attempted to convince Mr. Hayes to do this very thing in January & again this month, he has so far refused to offer any explanation whatsoever. And surprisingly Mr. Haselton, instead of supporting my efforts to find out the truth (which one would think he would be intensely interested in), & thus potentially clear him of any claims that he himself had "conspired" with Mr. Hayes to embarrass MAPS (which is an accusation I have never made, or even purposefully implied), excused Mr. Hayes' lack of response thusly:
"Do ISP managers have *nothing* else to do other than answer letters?"
I was quite willing to give Media3 the benefit of the doubt & listen with a open mind to any explanation as to why Peacefire was moved of all places, to an RBL'd block, when a much larger amount of unblocked Media3 netspace was available. However, with Mr. Hayes' rudeness toward me, & his refusal to offer even the most meager alternate explanation, I am now leaning toward the opinion that Media3 purposefully used Peacefire as a pawn in order to undermine the credibility of the RBL. This opinion is powerfully supported by a preponderance of evidence, as I have demonstrated here; the evidence supporting any alternative explanation is nonexistent, as the only entity which could provide such evidence, Media3, absolutely refuses to challenge this opinion in the slightest.
And I am guaranteed the right to express this opinion by our Constitution, without the slightest fear of reprisal. Media3 certainly cannot successfully "sue" me, since I can easily prove that I gave Mr. Hayes repeated chances to present to me evidence which demonstrated this opinion to be false, & that he failed over a period of 4 months to contradict this opinion.
Rob
"Jamie" has published here what is essentially a paraphrased press release from Bennett Haselton, head of Peacefire.org - and Haselton has openly admitted that his Web site was moved inot the middle of the RBLed IP space *months* after that space was RBLed. So it is obvious that (1) Peacefire is now openly operating to provide public relations for spammers, and (2) Jamie McCarthy is providing "news" articles to /. as a service to Peacefire - for which he is compensated in same way (being listed as a senior member, perhaps - publicity hounds are usually happy with that sort of payment).
I strongly suspect this comment will be moderated out of existence here, but it will appear in public news fora elsewhere.
(a) The RBL isn't "supposed" to be used for anything - each implementor is free to use it in whatever way they wish. As was pointed out by a poster to news.admin.net-abuse.email (note: this is not an invitation for attacks on or deregatory comments regarding nanae) recently, if a sysadmin wished, they could use the RBL to only accept traffic from sites on the list, and blackhole anyone not listed. Why they'd want to is another question, but it's possible.
(b) Notwithstanding (a), what the heck do you think the BGP feed - the *original* implementation of the RBL - is for, other than blocking "EVERYTHING"?