Slashdot Mirror
Above.net Blackholes, Unblackholes Macromedia
This is a sequel to last December's article, MAPS RBL is now Censorware. For the (very) long version of how the RBL works, and how it sometimes fills the same role as "filtering" software, go take a peek.
The short version is that a small group of anti-spam crusaders called MAPS publishes the RBL, which many ISPs subscribe to. Those ISPs block mail to and from addresses on the RBL list.
Some subscribers, notably the backbone provider Above.net, whose CTO is a MAPS co-founder, use the RBL to block not only mail but all internet traffic from IPs listed by RBL. Thus, to cleints of these providers, sites deemed to deliver spam -- or merely deemed spam-friendly -- just drop off the net.
That CTO/co-founder is Paul Vixie, author of Vixie cron and BIND and all kinds of good stuff. He makes some interesting observations about censorship in a 1997 SunWorld interview.
I checked the RBL's servers Thursday night and found that two of
Macromedia's IPs were actually blocked.
postal.macromedia.com was blocked, which makes sense for
stopping spam; presumably that's where the spam emenates from.
But the other IP blocked was www.macromedia.com, which
is of course their Web address. Blocking this address, I would assume,
stops no spam from reaching anyone's inbox.
What it does do is get Macromedia's attention. Because Above.net blocks all traffic and is a major backbone provider, being put on the RBL effectively takes a site off the net for many users. Taking down a big corporation's website is a good way to show you mean business.
(Above.net's abuse department said I would have to talk to public relations, but their PR contact did not return repeated phone calls.)
I spoke with a Macromedia spokesperson both last week and today. She confirmed that "there were two addresses blocked, one of which resulted in users worldwide not being able to access the website." She also repeated several times that they were on the RBL for their email newsletter "the Edge," saying it "does have an opt-in model, that does not spam."
She also pointed out that "worldwide access to macromedia.com has been restored." That access happened sometime Thursday night or Friday morning. Our Slashdot submissions about the downed site came in on Thursday, and I confirmed the IP numbers' presence on the RBL Thursday during the day.
I've contacted several people at MAPS, but they had no comment and (per their policy) refused to tell me how long those IPs had been on the RBL.
The
rationale
for the RBL is that it tries to "prevent ... our paying, in money and
resources and our own time, to receive and process, or relay, traffic
which is nonconsensual in nature." (Their emphasis.) What is
"nonconsensual" about reading Macromedia's website?
Why was www.macromedia.com on the list?
I'm only running this story because it's Macromedia. After all, one it's of the larger sites on the net, home of Flash animation among other things. If it can be quietly removed from a chunk of the net, who can't? (If you noticed Macromedia missing last week, post a comment!)
Take a moment to go read that stealth blocking statement, issued last week. I signed as a member of the Censorware Project; other signatories were the ACLU, CPSR, EFF, and EPIC. We're concerned that, as the statement says:
ISPs that practice "stealth blocking" are violating consumer protection principles and restricting user choice and freedom in cyberspace.
What do you think?
As it happens, I did notice that Macromedia's website was unavailable last week. I was going there to download Flash or something of the sort. After making sure that my general Internet access was still operating, I gave up and tried again a few days later.
<P>
The important part is that I had no idea why Macromedia's site wasn't responding. Presumably due to some kind of legitimate, undesired situation on their end somewhere. I never would have expected this to be the reason.
<P>
All this blocking by MAPS and Above.net resulted in was me, a user who has never received e-mail from Macromedia, being unable to do what I wanted to. Neither my employer or me are Above.net customers, nor are we users of MAPS. We had no idea of what was going on (that it had been blocked due to "spam"), and we were not in favor of the action being taken.
<P>
Nevertheless, we were affected by the actions of MAPS and Above.net, as were Macromedia. That isn't very acceptable to me. Is this supposed to be for my own good?
Readers said the same thing last December; go check the story MAPS RBL is now Censorware, its updated section, the information about the BGP and so on.
Trust me on this. I read it very carefully in December: some ISPs use the RBL to block all traffic, not just mail. Not all ISPs. But one ISP is enough, if that ISP is a major backbone provider.
Jamie McCarthy
Jamie McCarthy
jamie.mccarthy.vg
I did. I saw documentation of one statement of one incident from one person alleging spam from Macromedia. Perhaps there were more somewhere, but I did not see them. I would really like to go back and read exactly what it said, but when I asked MAPS if I could link to it or just read it for myself, they said no.
MAPS removed their documentation from public view when they took the site off the RBL -- and in several communications with them, they made it clear that (although they presumably had this information archived somewhere) they would refuse to let me look at it again.
Correct. This is because Above.net and MAPS were unavailable for, and refused to, respectively, comment.
I am not sure why you say that. Thursday, I checked the RBL and these were the only two IPs that were blocked (I spot-checked up and down from those two to see if others nearby were blocked; nope).
As Bennett Haselton wrote me when I asked him about this:
Jamie McCarthy
Jamie McCarthy
jamie.mccarthy.vg
You completely missed the point. Macromedia's mail server and web server were separate. Their mail server was blocked for alleged spam, OK, fine. But their web server, on a totally different IP number, was deliberately targeted for blocking anyway.
postal.macromedia.com 216.35.148.39
www.macromedia.com 216.35.148.103
Since (presumably) no spam comes from the webserver, the only point of putting it on the RBL is to annoy Macromedia by having the BGP-subscribed backbone providers like Above.net cut off their web traffic.
-1, Redundant :)
The submittor sent that in, I didn't edit it, we generally do very light editing of submissions (grammar and spelling, if anything).
Jamie McCarthy
Jamie McCarthy
jamie.mccarthy.vg
the sad thing is you'll get modd'ed up to +5 Informative by the blind moderators.
Consumers have the choice of moving to a provider that doesn't opt-in if they desire to.
Someone always raises this. This would be fine if this was just mail blocking, but this is total IP traffic blocking if you happen to route via above.net. Usually you have little choice as a consumer on who your ISP routes through, and your ISP often has little choice too -- what if above.net is a backup route, and ___Net is down today, so you get filtered IP access? In addition, most ISP's are loathe to disclose routing information, so you have to get what you can from traceroute, and have no idea if above.net is a backup route.
You are missing the whole point in your post -- probably due to not reading the whole article -- in this case, it wasn't just a matter of RBL blocking email. It was a matter of censored access to www sites.
This has been mentioned about 10^6 times in respect to censorship here before, but by selectively filtering IP traffic to places they don't like (for political and ideological reasons, not for network integrity reasons) does above.net lose any possible status as a common carrier, and are they now responsible for filtering traffic to meet US law? That is, are they going to have to filter out stuff like DeCSS, porn that violates decency standards, and whatever anyone can get a court order on?
No shit, Sherlock?
http://www.above.net/anti-spam.html
Gee whiz, that is even linked from their home page.
---
It pains me to say this, but the RBL has become something to be abhorred, not loved. The purpose was (is!) noble, but for all practical purposes we have a few elites who are controlling a significant amount of traffic on the internet, based upon their own personal judgment calls. There is no system of checks and balances to make sure that mistakes like this do not occur, nor is there any recourse for someone to take if they do not believe they fit the classification of spammer and have nevertheless been blacklisted.
I hate spam as much as anybody, and hope for a gooey death for all of them. But MAPS is heading towards becoming a de facto totalitarian organization, deciding who gets to see what on the net. This is a dangerous thing, and don't think that there aren't governments out there who will take MAPS' tactics and apply them in even more unsavory ways.
- Rev.;)
DO NOT LEAVE IT IS NOT REAL
Above.net dropped packets bound for a couple of my systems last year, because I was a secondary DNS provider for ORBS, who Above.net was in a pissing contest with (mostly due to MAPS wanting to create a monopoly on anti-spam services, but also due to some questionable things the ORBS operator was doing from New Zealand).
It's a fine line. Clearly, above.net has the right to do anything they want with their systems, and I fully support that right (it's the only thing that allows us to fight SPAM at all).
However, their customers should know what they're doing so they can make an informed choice about who they get service from.
Dave Rand, the MAPS board member and CTO of Above.net, actually sent me a note threatening to block my employer's class C if I so much as connected to any of above.net's mail servers, just because I was associated with ORBS.
Bottom line - Rand's a dick. But, MAPS does good things and Above.net supporting them helps keep the real SPAM under control.
As far as I can see from Jamie's admittedly biased reporting, Macromedia got on the RBL because of an open, unconfirmed mailing list they REFUSED to fix - and they got off again very soon afterwards, probably by promising to fix it.
Remember that the MAPS RBL is very strict about entry requirements, and very trusting. A RBL nomination is _very_ hard, and requires a large amount of evidence. I don't suppose Jamie checked the RBL evidence files before writing the article, did he? The only comment's from Macromedia PR, who are anxious to make themselves look good. Sigh.
What the RBL administrators will have done would be to list the entire Macromedia netblock in which the spewing mailserver exists - NOT just two IPs, as Jamie says. This is 216.35.148.0/23, on Exodus - which contains not only the mail server, but also secondary DNS service (primary is on Concentric) and the Macromedia web server.
Today's traceroute to macromedia.com goes into a loop at a border router in Exodusland, by the way.
Remember that Above.net and Teleglobe are two of the VERY few providers that use what is called a BGP feed to the RBL. This is the original RBL - it provides a feed of RBL data to the border routers, where the IPs are cut off. As they are very private networks, they're entitled to do to them what they like - ISPS ARE NOT COMMON CARRIERS IN LAW. When a second tier ISP decides to connect to the above.net backbone (Above don't sell to consumers, but only to big webhosters - ironically, some of which spam loads themselves, like eBay) they KNOW about the RBL BGP feed. It's one of Above's selling points, the network most free of spam trouble.
Of course, BGP is becoming more troublesome than it's worth. But Peacefire, your favoured "hey, there's another example", is collateral too - it is in the middle of a netblock containing a load of spam support sites (Sam Al's Samco, in this case) and was MOVED there by Media3 in August 2000, after the RBL listing for that particular netblock was in place (the listing is dated June). And Media3 is suing MAPS, and so MAPS is not going to remove the listing. I wonder whether Media3 was trying a publicity stunt, and using Bennett as a figurehead?
Whatever. As for Macromedia, they're not blocked now. Obviously, they've been educated. Let's move on.
(Oh, by the way...whichever comment referred to us antispammers [and we are no means a coherent whole - some of us oppose the RBL, some of us oppose ORBS, some oppose both, some of us have HUGE private blocklists of our own] as "spam nazis" is violating Godwin's Law at stage one, as well as being factually inaccurate. We support free speech, just not your right to force it on others at the expense of theirs. Shame on you.)
OK, back to the facts: Macromedia was listed on the RBL because, after several warnings, they continued to operate their 'opt-in' mailing list in an unsafe way, i.e. without requiring confirmation of subscription requests. The RBL is subscribed to by a large number of ISPs to keep their mailservers free from spam: Abovenet uses it to filter all IP packets from or to RBL-listed destinations from their network, which is a little extreme, but not 'stealth' in any way, since it is their stated policy to do this. (Don't like this? Don't buy transit from Abovenet or get an ISP that doesn't transit Abovenet...)
Since Macromedia apparently used their web server to send mail at some point, the result of their RBL listing was: no more Macromedia web services to Abovenet customers, or customers who receive their transit via Abovenet. Does this suck for these customers? Yes. Does it suck as much as large corporations not being a responsible Netizen? No, not at all.
Macromedia could have fixed this 'censorship' problem in 10 minutes by separating the mail and web services on their server, and assigning the web server a new IP address. One DNS change (and a few cache expiries later: give or take 4 hours) later, all would have been OK, web-wise. Why didn't they do it? Probably for the same reason their mailing list practices still suck: ignorance and/or incompetence.
This is not a censorship issue: it's an issue about weeding out the clueless on the Internet. And Macromedia apparently is the weakest link. Goodbye!
This is a crap argument for two reasons. One is that there's no guarantee that even switching to another provider would actually help the situation. Above.net is a big backbone provider, so in practice it may be impossible to avoid using them short of building your own network. Saying that the alternative to accepting censorship is to create your own multinational corporation is not a strong argument.
The bigger point is that getting access to web sites is not an optional service for a web provider. You claim, in essence, that you get what you pay for and that if you want good service you may have to pay more for it. But your restaraunt analogy points out that there are some aspects of a service that we consider to be essential, not optional, and businesses that fail to provide them should be shut down. In restaraunts, we expect that the food and facilities will meet certain minimum standards, and we have periodic health inspections to ensure that the restaraunts are meeting those standards. We are merely expressing the view that the minimum acceptible standard for an internet provider is that they deliver the information that their users request and not censor it because they disagree with the policies of the source.
This is actually a pretty good analogy, because the kitchen of a restaraunt, like the backbone provider for an ISP, is something that's generally hidden from the end user. Most people aren't given the option of inspecting the kitchen of a restaraunt for roaches before eating there, and most users aren't given the option of finding out about their ISP's backbone providers before deciding whether to pick it. This is reasonable behavior in each case, but it means that the companies involved have a responsibility to maintain acceptible standards even when their customers aren't looking.
There's no point in questioning authority if you aren't going to listen to the answers.
But they do! The United States does not accept any imports from Cuba because of political differences. You can argue that there are consequences to that (non-)relationship, but don't think that it doesn't happen in the real world.
Unfortunatly, they can. Here's why:
"The net, just as government, should follow the Principle of the Least Rrestrictive. this means you block only the service causing the problem. Their tyrannical policy of refusing to say just how or why a given company, service or address is antithetical to their alleged goal."
I totally agree with you! Well said!
I think I can explain WHY MAPS refuses to justify their decisions with an explanation:
To do so would be to get sued. Why? because they'd have to BACK UP every word.
So, they operate clandestinly, hiding behind the vague "we have the right to block any traffic coming through our network" BS.
Sooner or later, MAPS is going to piss off someone too big to defend against the lawsuit...
Why Macromedia?
I can name THESE sites that SPAM you FAR worse than Macromedia (ie, have "opt out" systems when registering software or signing up for services)... Think MAPS will block THEM anytime soon?
Real Networks
Microsoft
Doubleclick and most other ad servers (sick of all those "cursor upgrades" that pop up and install automatically when using `Doze, one reason why I do all net surfing under Mandrake now).
Or does "who" you are matter more to MAPS than how offensive your tactics are?
Operating the way they do, in refusing comment or to justify their actions AT ALL, MAPS is setting themselves up to be "avove ALL question".
NOTHING offends me more than that attitude! There is NOTHING... NOTHING that is above ALL question!
=== The price of freedom is eternal vigilance