Slashdot Mirror
ORBS Forks
Noxxus writes: "Wired is carrying this article about the shutdown of Alan Brown's Open Relay Behavior-Modification System, more commonly known as ORBS. Brown, of New Zealand, closed his operation after two local companies won legal injunctions against him for listing them."
It seems the list of 94,000 open relays will be maintained by:
"Open Relay Black List of Phoenix, AZ, Open Relay Block Zone (ORBZ), of Basingstoke, England, and the Open Relay Database (ORDB), of Aarhus, Denmark."
We've gotten a zillion ORBS submissions since the day
its website
went down, but this is the first post-ORBS story with enough info to be worth a mention. Guess the dust just needed to settle.
We're obviously in the minority, but I think the EFF's John Gilmore has cut to the chase:
For Gilmore, spam blocking should occur at the recipient level, not at the level of self-appointed upstream censors.
"I noticed years ago that the community tends to go 'mob' and lose its morals and principles when it comes to spam," Gilmore says. "Free speech, interoperability, inclusiveness, tolerance, privacy, anonymity -- all go out the window when they get in the way of killing off those damn spammers."
I wonder if he'll get added to spam lists now, like I do every time I post a story critical of anti-spam activists. Yeah, subscribe me and Rob to more mailing lists under the handle "Spamlover." That's real mature.
Instead of one self-appointed tin god organization hammering my mail server with "tests", there will be three self-appointed tin gods hammering my mail server with "tests".
Where do you stop? Or does anyone who feels strongly about a subject have the right to fill my in-box with their opinions?
-dair
The injunction came about because ORBS had, for some time, been including individuals and organisations who did nothing more than annoy Alan Brown, and were not, in fact, open relays, spamhauses or doing anything that people subscribe to ORBS to prevent.
As such, it's actually like PETA choosing to lie about a company's dolphin friendlyness because the person compiling the list doesn't like their logo. The organisations were quite sound in bringing legal action - they were being defamed and their business being interrupted for no reason relating to ORBS supposed mission.
My Freakin Blog
Let's do some logic to find out who the censors are. What does Mr. Brown do?
- He probes mail servers to find open relays. (This is the only "questionable" activity of which I would accuse Alan.)
- He compiles a list of these open relays.
- He publishes this list to those who specifically ask for it.
Now, what word would you use to describe someone who forcefully stops Mr. Brown from publishing his information?Think for a second....
Riiiiiight....
My Freakin Blog
Calling a blacklist of open relays "censorship" is like calling a virus-scanner censorship. Hey, just the other day I got some email with the "Mawanella" VBS trojan in it.. and goddamn McAfee VirusScan deleted it!! That's censorship!! It's a violation of my first amendment rights!! (never mind that McAfee isn't a government body, and I'm not in the USA anyway, it's still a violation of my first amendment rights!!)
Come on, open relays are flat out misconfigured, broken and harmful to the internet as a whole. In a perfect world, if you didn't know how to set up a mailserver, then your mailserver simply WOULD NOT WORK. Unfortunately this is not a perfect world, and there are ways in which people who don't know how to set up a mailserver can end up with something which APPEARS to work, but is, in fact, broken and harmful. These people should NOT have their mail successfully delivered until they fix their problems.
However, just in case I seem too rabid, I will add that of all the responses I've gotten to my spam complaints (all of which involve open relays being raped by spammers), those from the postmasters of said relays are invariably more polite and friendly than those from the ISPs hosting the spammers.
That job offer could have just as easily been blocked because the person sending it happened to use a mail server that was on ORBS. Now, you say, they could fix their open relay... but what if it's a small company using their incompetent ISP's smtp servers (switch ISP's? yes, but then you'd have to deal with Internic losing your domain...) or a big company where the person in Human Resources sending you the message wouldn't have control over the mail server and probably doesn't even know what SMTP is. Should they suffer?
Attempting to block spam is a noble cause, but ORBS and the other lists like it just cause too much collateral damage.
Censorship is bad.
Rejecting spam is not censorship [*].
[*] although it might be censorship if you use a position of power (eg, postmaster at an ISP) to reject spam sent to your users, without their knowledge and/or approval.
These lists don't actually list spammers. They list machines which are configured incorrectly such that people can misuse them. People aren't on the list because of what they are trying to say.
This assumes, of course, that the lists actually do what they're intended to do: prevent unresolved problems from hurting other people. Ideally, you would only end up on such a list if you were running an open relay, you would be notified, and you would be able to get off the list as soon as you fixed your mail server. The censorship issues have been with people getting on such lists when they were not, in fact, running an open relay, or not being removed from the list when they fixed it. That sort of thing, in addition to being generally bad for freedom, also reduces the effectiveness of the lists.
That'd look more accurate.
=)
This is not free speech. If you are forced to pay for it, it is not free. And you do pay for it, however minimally it may seem. Bandwidth, drive space, etc, are all wasted to house and transport spam.
Would you call it free speech if somebody pasted a sticker detailing human rights abuses in China to your car?? I call it defacement, and and forcing me to use MY resources (not free) to remove and repair their damage.
It doesn't matter what the message is, you do not have the right to force it on someone else. There is no double standard, just idiots who don't understand the meaning of the word freedom.
You also might have a point: >SO what if the ISP blocks it? THEY are then >eating the cost of that incoming traffic, they >just aren't forwarding it on to you, so you pay >for it with higher fees. However, if they block this at the IP level they can just refuse connections, so their bandwith never gets wasted. SMTP can look at the IP it's being sent from. Your computer using POP3 will only see the IP of your ISP, until after you've already downloaded the message.
"We are what we pretend to be, so we must be careful about what we pretend to be." --Kurt Vonnegut
They forgot all about ORBZ, run by a friend of mine. It's not the same as ORBZ, the uk ORBS-fork.
The instant I'm paying for it and I didn't ask for it, it's spam. Yes, even if it's about human rights abuses in China.
The least slashdot could've done was post a story that something fishy was going on.
Tell me, editors, why did you suppress this story?
Not enough info? Very funny. ORBS is being sued, and the suit is having an affect. That's more than enough.
Sex is either good or bad. Pick one.
Go you big red fire engine!
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
Censorship is either good or bad. Pick one.
Oh please. Do look up "fallacy of excluded middle" on your favorite search engine then come back with an actual argument.
--
I've finally had it: until slashdot gets article moderation, I am not coming back.
Said the supreme court when they decided that the physical mailbox on the curb was part of a man's house, and that man had say over who could send mail to him or not. As a result, there is a Form 1500 that provides official notice to stop sending shit to a certain box, or face criminal penalties.
An e-mail box should be treated the same way, although I expect that a supreme court decision will be required to make this happen.
This isn't censorship, this is cutting through all the marketing bullshit.
If tits were wings it'd be flying around.
Hello? Not everyone has broadband access to the Internet. Not everyone has untimed access to the Internet.
In many countries, there is a per minute charge for dial-up connections. Every second spent downloading spam is directly costing the user money.
I'm sorry, but you need to get a clue.
As long as it is the end user, and not ISPs, that are filtering based upon the ORBs databases, then it isn't censorship, rather it is simply filtering based upon another's suggestion.
One could argue that personal email is not a public forum, such as USENET and places like slashdot, and that any form of filtering, at any point along the way, is not censorship in the real sense of the word.
In any event, as long as the end user is informed, and has a choice, it isn't the kind of institutional censorship so often, and so correctly, decried here, it is merely voluntary filtering of what those who subscribe to it view as noise, as is their right.
As for slashdot being united about anything, a quick perusal of any discussion, on any topic, should dissuade you of that erroneous assumption.
The Future of Human Evolution: Autonomy
Oh well, i was going to moderate this discussion, but i guess not!
I think your friend has had a harder time than most, though...
If ISP level filtering didn't exist (MAPS, ORBS, etc...), if ISPs wouldn't cancel accounts on account of someone sending unsolicited email, then they wouldn't have to go to the lengths which they currently do to do their jobs. They wouldn't have to try to hijack someone elses mail sever. They wouldn't have to disguise their return address.
They do now simply because of old-fashioned netiquette which is anti-spam... If they did use the same mail server, return address, etc, and every ISP did unsolicited blocking for their customers, then they wouldn't have a means of distribution.
I think it's fine if you don't want spam. I don't want it either. But i think it should be the end users choice as opposed to some faceless systems administrator who works for the ISP they've signed up with...
I've set up a rule that deposits any message with me not in the "To:" line to automatically be filed into my "Possible SPAM" folder. catches i'd say 90 to 95% of it right there... No big hairy deal.
And at that point, it becomes an issue between the people who live in the apartment, and the management. Perhaps it's fraud, and perhaps it's just a good place for a market force to assert itself.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
The solution is really pretty easy. Make it illegal to:
a)use a false or incorrect return
b)not have a return
c)not have a standard solicitors identification.
And without any identifying information, and with fragmented juridictions, and with open relays a-plenty enforcement should be a snap!
Do you have any suggestions on how to track down the spammers that break your law? Did you even think about that?
I like to play children's songs in minor keys.
"We're all sons of bitches now." --J. Robert Oppenheimer
Well, spam is defined as being unsolicited commercial email, so unless they were offering to sell me something to help ease the plight of the Chinese, I'd consider it speech.
If they *were* trying to get me to buy something, then it'd be spam.
Cheers,
Tim
It's official. Most of you are morons.
The argument in this case would be that by denying them free speech in this case, you are preventing them from denying you and many others the right to free speech.
Of course, spam is not a free speech issue; Freedom of Speech does not cover freedom of making others pay for that speech. Spammers are still free to stand on a street corner and tell passersby of their wares, or even pay for their advertising.
Cheers,
Tim
It's official. Most of you are morons.
The main problem is that it's the spammer's computer that decides ( theoretically based on MX records ) which mail server to connect to. The only way to make this happen is to use multiple hostnames for users, eg. x@open.domain.net vs. x@orbs.domain.net, instead of vanilla x@domain.net. You'd need the servers configured with lists of users they should accept mail for, and some way for users to maintain that list. I'd prefer headers myself, but I'm a firm believer that if an ISP doesn't do procmail I don't want to use that ISP for mail.
You stated that this "is not simply a war on censorship."
It isn't a war about censorship, and doesn't involve censorship of any kind.
I run a mail server. I choose not to allow others to use my mail server to relay *anything* that didn't originate with one of my users.
This is not censorship, any more that it would be censorship for a local newspaper to refuse to allow you to use their presses and paper for free.
It also isn't censorship when a municipality refuses to allow "sound trucks" to roll through their neighborhoods, especially at odd hours of the day.
It isn't censorship to refuse to allow someone to nail an advertisement to your front door, or put a bumper sticker on your car.
Freedom of the press belongs to those who own a press. Freedom of speech doesn't mean you can force other people to pass your message along.
Specialization is for insects. - R.A.H.
I run several mailservers. I need them to be at least profit-neutral, preferably profitable.
Why? So I can keep running them. I don't get government grants, and I have a spouse & kiddies to support. If I am to continue to contribute to the Internet community, I must not only survive, I must be able to pay for my links.
Spam, generated with the help of people who insist on open relays, finds my users and clogs their mailboxes. They (the users) no longer receive optimum value from time spent interfacing with my mailservers. This in turn impacts profitability.
State-supported academics and wealthy ideologues can rant as they please, but stifling the right of anti-spam zealots to list open relays is pure censorship - the suppression of someone's right to speak out. In contrast, spam is the theft of disk space and bandwidth - and whenever I try one of those "opt out" things the spam load noticeably INCREASES, incidentally.
Open Relay blacklists let me continue to feed my family while doing work that helps the Internet as a whole. Spam eats my time and other resources and robs the Internet of any potential fruit of those lost resources. My preference should be obvious.
--Charlie
PS- All the things the open relay advocates claim they need to do can be accomplished without the use of open relays. Except spamming and mailbombing.
If all mail servers fell precisely into one of these two categories:
- sends mail that people do not want to receive
- sends mail that people do want to receive
then the situation would be simply solved by not accepting mail from servers that send what you don't want. The problem comes into play when a mail server, usually as the result of misconfiguration (which itself is usually the result of an incompetent or ignorant system administrator, or the management above them restricting what they can do), mixes up legitimate mail with the spam. What many people who run clean mail servers then choose to do is to just not accept the whole lot.Gilmore is certainly well intentioned. Anti-spam measures do pose a risk to true free speech, which unfortunately due to the way society and its leadership tends to react, must often be done anonymously to avoid risks of retaliation. However, he has the mechanism all wrong. Once unwanted mail has been accepted at a server, the damage is already done. Now processing cycles must be used to analyze it to filter it out by other means, and storage is occupied over time to hold on to what then takes up human time to read it (usually because of a misleading subject like "oh, I forgot to mention" which could cause almost anyone to read it thinking it might be legitimate mail). The real practical solution is to use mechanisms that are the most efficient at discovering the most accurate level of unwanted mail and separate it from the wanted mail. And one of those mechanisms to choose from are the various lists of mail servers that are discovered to be sources of generally unwanted mail called SPAM.
Different people do vary in their belief in the benefit of losing unwanted mail like SPAM versus the cost of losing wanted mail. One could think of it as a ratio. How many pieces of SPAM would a scheme need to be able to get rid of to make it acceptable to lose one piece of legitimate and wanted mail? Some people will say there is no acceptable number. They won't be filtering SPAM at all. Others consider it acceptable to lose some legitimate mail to reduce their costs of processing and the time taken to read the junk. When it is realized that the senders could move on to a different network services which carries out actual and effective measures to ensure their mail server is in the 2nd category above, then for many people it is acceptable to lose some mail because they know the sender can remedy the situation.
I use the MAPS databases in blocking spam coming in to my servers from various classes of known spam sources, including open relays. I review the logs and have found that so far it has been very effective in blocking spam while not blocking legitimate mail. It's not as effective as desired in being comprehensive in blocking all open relays. But I have found that if I also block mail arriving from mail servers which have no PTR record available at all (reverse DNS) for its IP address (reversed in the in-addr.arpa zone), the blocking is nearly as effective as MAPS. In fact it blocks more SPAM than MAPS does, although there have been 3 cases of apparently legitimate mail being sent in and lost (one of those being from OSDN itself ... heads up Kurt!).
In general there appears to be a very high level of correlation between servers misconfigured to allow SPAM to be relayed and servers misconfigured to not have functional reverse DNS. It's not perfectly 100%, but it is well over 99%. Most of the open relays seem to be the rapid growth of businesses connecting to the network, especially outside of the United States (the US having done most of its initial connection growth already). This is probably made worse by the fact that most of the documentation is in English, and English is not really universally understood. That doesn't mean that when a new mail server comes online in China as an open relay that the administrator intended this to be so. More likely they are not getting good documentation in their own language to explain to them the importance of making sure the server is closed for relaying, and the steps needed to do it. Another problem that is probably contributing is a very high use of pirated software, which tends to be older versions of Microsoft Exchange server, and limits the ability to get service packs for it.
Where's there smoke there's often fire. If the server lacks reverse DNS it most likely is also an open relay (or worse, a direct spammer).
Still, the fact that an administrator would not want to relay SPAM does not in my mind mean I should go ahead and accept SPAM from them. So I find it perfectly acceptable to use at least some of the databases of SPAM sources out there, and even additional techniques, to block the unwanted and costly mail. It's my server. And my customers can move on to someone that lets SPAM in if they so choose. And I am now setting up a 2nd mail server with NO anti-SPAM measures (it won't relay, but it will take mail from all sites to be delivered here) and let customers choose which they want their incoming mail to go through. I wonder which one they will choose. I wonder how long it will be until they go back.
And BTW, I did test out using a context based mail filter for my own mailbox once. It killed more legitimate mail than I found acceptable; far more than my current methods do.
now we need to go OSS in diesel cars
They added you to their list. You added them to your list. Sounds fair enough to me. They finally deleted you from their list, so you in turn deleted them from your list. Still sounds fair enough to me.
Was it criminal for you to add them to your list when they didn't want to be added? If yes, then it would be the same for them as well, right? I think so.
Good job!
now we need to go OSS in diesel cars
If you want someone else to do the filtering for you, would you be satisfied by using an ISP that used MAPS/ORBL/ORBZ/ORDB to block spammers? Or would you be complaining that the ISP is "messing with your mail"?
now we need to go OSS in diesel cars
Some spam does indeed have the filtering. Some does not. In fact most does not. Most are from throw away or even non-existant accounts, usually mangled to bypass the filters. The only safe way is to have a list of everyone that can send you legitimate mail and block everyone else. But then, you'd miss out on some mail anyway.
now we need to go OSS in diesel cars
Which is one of the reasons I blocked the entire country of Korea. I'm lucky that I can do this because I have no legitimate mail coming from Korea. Taiwan and China are similarly blocked, though I might have to unblock some of Taiwan since there are businesses there I might end up working with. Even Japan is a huge source of relayed SPAM, and I'd like to block it as well, but I get a lot of legitimate mail from there so it's not an option (I just block the networks that happen to send SPAM).
Then there is that guy who has 500 dots in his PTR receord (so he must be using some static IP) that causes mailers to overflow their header and hide his IP address. I had to block "9netway.com" to get rid of that guy. And he may even be forging that.
now we need to go OSS in diesel cars
Right now the various MAPS/ORB* type databases are hard to get removed from. In my experience the bulk of open relaying (as opposed to direct spam, which is in a separate list now anyway) comes from places that won't even try to do anything about it, much less try to be removed from the list. My idea is to have the usual method of detecting open relays, but making it easy (an easy to use web form) to be removed from the list. The web form will use an email verification by sending the usual verification code to the provided email address, and then once verified on the web page, automatically remove the specified address. Those places that continue to relay spam are going to end up back on the list anyway, probably real soon, too. Oh, they can go through the cycle of having themselves removed again. If the web form is structured to make automated bots filling it in not viable, it should be effective. This way anyone who thinks they have been placed on the list inappropriately can just remove themselves.
Oh, and there would be an opt-out "would you like to receive our newsletter" selection for those whose email address is used more than 10 times :-)
now we need to go OSS in diesel cars
Sheesh. I understand that not everyone has the time and talent to write their own mailfilters and admin their own servers, but why sneer at those who do? Got something against taking responsibility?
You say that as if these were bad things. Why not indeed?
I am against the censorship of this list of open relays. Don't forget to look both ways next time you cross the street.
Tick "Jamie" in your personal preferences.
> ORBS does not censor content.
Agreed.
> ORBS gives people the information they need to make an
> informed decision to filter traffic from incompetent idiots.
>
> Is that clear enough, or do I need to use shorter words?
Shorter words won't help, it won't change the fact that in many cases ORBS gives information to people who then decide, *on behalf of actual recipients*, whether to give the recipients the mail addressed to them, or not.
What happens when it's *not* spam?
Having been on the MAPS DUL briefly, I can speak from personal experience about the fury and frustration of being the innocent collateral damage in the war on some email.
If my recipients had chosen to make an informed decision about ORBS, fine and dandy, but the presumptuous paternal patronising that ISPs do by instigating these (and many other) corruptions of the "end to end" principle that is the core of the success, both technically and commercially, of the Internet, is not beneficial, IMHO.
The golden goose is being choked by all these "gateway" blocks that are being installed, for our own good, without choice, by well-meaning zealots.
I'm with Gilmore.
(http://sneakemail.com is a good end-user-choice choice, )
Ah, the irony.
I was responding to an article here and got this response:
I wonder if it was the ? Who knows. I removed them, and tried again:
I can't think of a better illustration of the tangled web we weave when first we practice technological control of human behaviours.
"There is a huge freaking world of difference between censorship and closing open mail relays."
And there is now a huge freaking difference between the actions of ORB.*/MAPS and "closing open mail relays."
They do a lot more than just that, and some suspicion has fallen on the motives of some of the shutdowns that have been instituted, with no right to petition for redress.
It's not just for Open Relays anymore.
you might have a point.. however.
SO what if the ISP blocks it? THEY are then eating the cost of that incoming traffic, they just aren't forwarding it on to you, so you pay for it with higher fees.
The reality is, spam doesn't really cost us that much, we just don't like it.
Spam is not Theft of Service, I'm sorry. You have an email box which anyone can send email to, whether you like that mail or not. They have not 'stolen' any service from you by sending you mail, just as when you go to a web page and get a big graphic you didn't expect.
By the super-idealistic mentality people use, I could say that NO service has been stolen from you, because your POP client CHOSE To download those messages from the mail server; you could have left a few out.
This is not someone walking into your house and ransacking it. This is someone leaving junkmail in your mailbox.
Maybe, if you pay per-message for your email, you'd have a point.. similar to why telemarketers can't call cellular phones... because it costs the receiver.. but...
Can you show how an unwanted email address cost you money? Would Your or I have more money to show for it if we didn't get 200 some pieces of spam a week? I doubt it.
Get them for deceptive advertising, fraudulent communications, or harassment... but not for 'theft of service'. By your logic, when the Jehova's Witnesses knock on my door and waste my time, that would be 'kidnapping'.
These are all how I feel on the subject... what do y'all think?
1) Spam sucks.
2) Even though it may not cost that much in ISP fees, people argue that TIME=MONEY. I'll grant that.
3) The average anti-spam activist spends far more time whining on the net about spam and/or configuring anti-spam systems than it would to simply delete their spam every day.
If time=money, why not simply take the quick route, delete those spams, and get on with your day?
I didn't say I hate them, I don't. I also didn't say I like spam, I don't, and I realize that if we got hundreds or thousands of pieces a day, it would be a different story. But we don't.
I think there are several legal avenues by which we can reduce spam.
My point was that, currently, far more time is spent working on anti-spam systems (which also only treat the symptom, not the disease) than would be simply ignoring/deleting spam.
I'm not saying don't work on them either... simply that some kid who whines about how 'valuable' his time is so he spends it working on his anti-spam system to save him time is being a hypocrite.
I also think that, the reason spam persists is because SPAM WORKS. As long as people respond to spam, then there is a reason to spam. And if spam is working for some people, who are we to block it from them? We're better off to educate people and have people refuse to do business with companies who spam... when spam no longer gets a response, it will stop.
Yes, I'm aware of that, I live in one of those countries.
Most poeople, however, who are whining about spam are NOT living in those countries, funny isn't it?
I don't dispute that spam is bad... just that people need to make a better and more convincing case for it.
Yes yes, I know that it costs money.. but how much money? Show how much more/less your monthly bill would be without spam... that's what I'm saying.
I'm not implying that bandwidth is free, only that the amount lost to spam by end users is negligible.
All I asked for was an example, and you provided the first one that actually makes really good sense.
Yes, I can appreciate that spam will cost you money.
What about a protocol that lets you choose which messages to download? I mean, that's what I do.. the beauty of imap.
You are still making the choice to download eachindividual message, even if you simply chose to download them all.
I still maintain that the bulk of people who whine about spam are just whining for the sake of whining; it's not costing them anything.
You're twisting it around. I agree with what you said completely....
BUt I'm not talking about the abuse of a mail server by brute-force spamming, I have no problems seeing how that should be illegal.
I'm talking about Joe Average who checks his email now and then, online, because that's who whines about spam the most.
You are talking about the mechanism used to deliver the spam, I'm talking about the end users actually fetching the mail.
I have no sympathy for spammers either... and I support anti-spam policies of ISP's... open relays are bad, etc etc etc.
I live in europe, I know full well how the fees work.
My point is that so many of the people who whine about spam are people who spend far more time trying to block it from entering their mailbox than they would simply deleting it.
I understand perfectly. As I said, I understand that spam can cost money. My question is how much does it cost YOU.
As you have this information readily available, can you give a good guestimate as to how much extra money you paid last month because of spam?
I'm saying that, all other things being equal, how do you have more money if you don't get spammed. How does the presence of 'spam' in your inbox cost you money.
Yes, time is money, but please show me how you actually would have earned more money had you not had to delete, let's say, 20 pieces of spam a day.
Now.. a mail relay getting hacked or otherwise used for bulk spamming, THAT Is theft of services, no doubt about it. That's not what I was talking about. I'm saying that, when you, as the end user, get some spam, it is NOT 'theft of service'. You're mixing up two different aspects of it.
I'm not in favor of spammers, I think there are several legal avenues to persue regarding making email sane again, I just don't think end users claiming 'theft' of services is the way to do it.
I understand what unsolicited means.
My time is worth a great deal to me (and those who pay me), but I'm realistic. Most spam whiners spend FAR more time whining about spam and setting up filters than they would simply deleting the spam. I know deleting the 30+ pieces I get a day takes me LESS THAN 2 minutes a day. I spend more time than that going to the watercooler and back. Get real.
Okay.. I don't really care for MAPS or ORBS and I don't want to use them for the company I work for. What's another way to stop spam from flogging us?
That's like giving everyone in the world a key to your house and getting angry when people you don't want in there come in anyway.
Actually, it's like leaving the door unlocked. I expect you to go away if I ignore you. If I go a step further and tell you to go away, I don't expect you to sell my address to a thousand of your mates who will knock on my door because they know I'm at home.
My phone number is in the phone book. That doesn't give everyone in the world the right to make collect calls to it (particularly not from Korea).
--
--
E_NOSIG
How many people are on this planet? It's about six billion now, right?
How many of them have something to sell? What if it's only one person in a thousand?
People who naively say "spam is free speech, just delete it" are fundamentally missing the point. If you get six million spam messages in your inbox daily (and based on the above "one person in a thousand has something to sell", that's what you'll get if spam is "OK")then email has ceased to be a usable communications medium.
I am postmaster@the.company.I.work.for, and I see a continuous flood of spam - dozens of emails a day - to the address of one person who left the company over ten years ago. For ten years, this email was all bounced "No such user", but since the return addresses on the spam are forged, they never see it, and the address remains on all the spam lists. (I'm now using his old address as a "spam poison pill" address.)
The postmaster mailbox gets hundreds of megabytes of "no such user" bounces a day. In an ideal world, I would scan the "no such user" bounces and facilitate legimate senders of email getting their mail to its intended recipient. In the spam world, all I can do is procmail all "no such user" mail into a separate mailbox that is deleted daily, and never looked at. (No, I am *not* exaggerating when I say "hundreds of megabytes per day.")
Contrary to Gillmore's naive ideological purist anarchism, spam is not a trivial problem, and the volume is such that it constitutes a Denial of Service attack. It must be treated as such.
Think of it this way: if someone made a mass mailing detailing human rights abuses in China, would you consider it spam?
I occasionally receive mass mailings about human rights abuses and stop-this and stop-that and so forth. When I was the news director for my campus radio station briefly, my inbox was *FLOODED* with anti-Bush, anti-Gore, anti-Nader, anti-everyone rants that people were trying to pass off as news. Even though I'm no longer on those lists, I still receive the occasional human-rights message from some country somewhere. While not commercial, it is still unsolicited, and quite frankly (speaking as an Ugly American) is of little interest to me.
I define "Spam" as any mass-mailing that is sent to me without my explicit permission. I only wish everything were "opt-in," rather than the click-here-to-remove-yourself this-is-not-spam nyah-nyah "opt out" bullshit we have now.
For more information, click here.
Okay, I'm responding to a Troll and I know it but...
:-)
SPAM is NOT free speech! If I stand outside your door at 3AM with a bullhorn and "tell you about my issue" is that okay?! It shouldn't be but by your standards it would be - no thanks!
Try running a mail server these days. I've got a friend with a small business who's mail server has to withstand brute force password attacks, folks who send mail to any address they think MIGHT exist on the server, and a whole host of other dirty tricks being done by the idiots who want to "tell me about their issue". Why don't these idiots put up their own mail server and send ATTRIBUTED mail? I'll tell you why - it's because people like ME would put them in their SPAM filters and NEVER see the mail after that first one that's why! Should that not give them a clue that their message is one I don't wish to hear? Apparently not becasue they'll resort to any tricks they can think of to sneak their message into my mailbox - even though they KNOW I don't want it! They troll through sites like this one with their bots, through sites like E-Bay, and through all sorts of other sneaky means to include putting cookies in their crap so they know if I've looked at it in order to get valid E-mail addresses.
If these jerks have to goto those lengths to figure out who's reading their junk and to hide from those of us who wish to tell them to stick their message up their ass then it's not free speech anymore than yellig FIRE! in a crowded theater is. Why should I as an end-user be forced to go through mail address after mail address to avoid these folks, why should I endure that burden and make MY life harder as a result?
FWIW - my friend's mail server has been using the various black hole lists forever and he's had to resort to literally blocking out entire IP blocks at his router too. These are the only things that keeps his mail SPAM free, if you think that the cost of doing this is nearly zero you need to get a clue. SPAM is NOT free by any means, not when it's in the volumes that it is and not when these people have to hack servers to disguise their origins.
I'm thinking it's time we hung a few of these more prolific SPAM mongers as an example to all of the others
Build it, Drive it, Improve it! Hybridz.org
I PAY for my internet service. I have a limited amount of space available in my e-mail account. When somebody spams me, they are benefiting from what I have paid.
My ISP is paying for servers and storage space. They are paying for bandwidth. When they have to receive and store all of the spam, they are basically paying for the spammer to use their services.
Everybody in between me and the ISP is paying for the spammers to use their services.
Except that you have no right to speak for everyone upstream or even your ISP, only for yourself so points #2 and #3 are meaningless.
As far as your paying for the space: Internet & Online access costs have done nothing but come down in price since the beginning. They have never been cheaper -- and with all that spam driving your costs up! Oh, my!
Here are 3 simple solutions:
1. Set a filter up in your e-mail client to file anything from ANYONE NOT KNOWN TO YOU in a separate folder. This will leave only e-mail from people you know. Sort through the rest at your leisure.
2. Get an free webmail account with Hotmail and use that e-mail address for anything that "requires" it that you don't want; posting to newsgroups/slashdot/etc. Send your "real" address only to friends and people you know.
3. Convince your ISP that spam is such a damn nuisance they could make a couple extra bucks a month (per subscriber) by offering an optional blocking service. Write the scripts for them and license them out. Make a fortune.
Don't get me wrong: ORBS is a great idea. Anyone running an open relay needs to be slapped and their MCSE taken away. But today's prevalant anti-SPAM kill-em-all attitude is way out of line.
--
Charles E. Hill
Learning HOW to think is more important than learning WHAT to think.
So get a Hotmail address for that and swamp Microsoft's servers. Imagine if everyone would do this...
--
Charles E. Hill
Learning HOW to think is more important than learning WHAT to think.
Some censorship is good, some is bad.
:-)
I censor what by children (ages 11, 11, 12) see and hear. They can't watch X-rated movies or some R-rated. There is speech I don't want them to hear.
However, I censor less and less as the years go by. Right now, I censor what they are too ignorant & young to comprehend properly. As they grow and learn, I explain more and censor less. By the time they are adults, it will no longer be my job to censor anything from them. It will then be their own problem.
I censor things from myself. For example, I've got a block on that Goat Sex link that pops up hourly in Slashdot posts
However, as an adult I resent anyone else making a decision to decide what *I* can and cannot see, hear, read, etc. (With the exception of possible National Security items & military plans, etc.)
Partial censorship can be good. I don't have to worry about hardcore porn showing up on Network TV when my kids are watching (FCC Censorship). However, if I want to see it I can always watch one of the adult channels or rent a DVD. It isn't blocked completely, just regulated. Think of a city/county zoning law.
Finally, ORBS and private commercial enterprise (Anti-SPAM software, ISPs that block SPAM, etc.) are the proper way to go. I know people who'd pay an extra $5 a month to their ISP if they offered to block most of the SPAM coming in.
Gov't laws and regulations are not the way to go. I fear what a "well meaning" Senator or Congressman can inadvertantly do much more than a spammer.
--
Charles E. Hill
Learning HOW to think is more important than learning WHAT to think.
you've been awfully vocal about your distaste for orbz and other spam blocking filters.. i wonder why. could it be that you write spam software?
http://www.cs.utk.edu/~moore/software.html
honestly, orbz is not a system that's forced on people. it's used by a group of people who can't stand getting 100 pieces of crap in their inbox everyday, all from open relay mail servers. when my mailserver moved over to maps/orbs, the flow of unsolicited email decreased to a bit under one a week. i got zero complaints from people who said they couldn't send me email. i think that's pretty effective.
Why can't people just select all and hit delete
Because my delete key wore out.
I can delete a couple of spams a week, but the current several hundred? Get real.
Oh damn, I just responded to a troll.
EZ
"Oops, I always forget the purpose of competition is to divide people into winners and losers." - Hobbes
this article did not explain how the ORBS service was doing any thing to this company. they where simply letting prople know that this server had an open relay that is all!
this is not hurting any one you could use this info or not
There is a huge freaking world of difference between censorship and closing open mail relays. This is *not* a free speech issue. The people using open mail relays are not legitimate businesses. They are hijacking other peoples 1)ignorance or 2) goodwill in order to hide their origins and make it impossible for the *end user* to block these unwanted messages. If people want to send spam, fine. All the best of luck to them. But they should at least be honest about it. This has absolutely nothing to do with free speech.
---- El diablo esta en mis pantalones! Mire, mire!
Maybe you missed it -
We're obviously in the minority... and I wonder if he'll get added to spam lists now, like I do every time I post a story critical of anti-spam activists.
jamie is on your side. It's just that you're both wrong. You may have a right to free speech, but you don't have a right to force the television news to broadcast your message, and you don't have a right to force me to listen to you. With the ORBkins, it's like having a news director at the TV station - yes, sometimes important things don't get covered (at which point some people will complain, and perhaps something will get done), but most of the time, it's just raving loonies who get ignored, and no one but the loonies gives a damn.
Until it's government mandated, or public institutions start requiring its use, there's no censorship issue involved. When the Southern Poverty Law Center maintains and publicizes a list of suspected hate groups, that's not a violation of civil liberties (although if they're wrong it might be libel). When the FBI does it, it's a different issue.
Right...
This is a very good response with a very good point.
Let me add a kicker -
The US is not the entire world. The US constitution does not give any rights in any
other couintries.
Why should I, here in Belgium, allow spammers in the US, or any other country, spam me?
I didn't notice any bit in the Belgian constituition giving the rights to free speech
to foreigners in other countries.
If China doesn't allow Chinese free speach in their own country, why should Americans be
allowed free speach in China?.
"The best part? I became an ordained minister while not wearing pants." -- CleverNickName
Sigh. Anyone who knows anything about debate knows that the "slippery-slope" argument is not a good argument.
------
MAPS and the various ORB* systems are not censoring my email. I am doing so myself, on a conscious decision that those who send or facilitate spam are not welcome to send to me. Nobody else has the right to question my decision in the matter.
I believe that ISPs have the right to determine who can use their property. They should disclose fully what filters, if any, they use to their customers, so that those customers may make an informed choice, but the decision of what to filter is theirs alone, influenced only by market pressures.
--
Disinfect the GNU General Public Virus!
Nobody's saying spammers shouldn't be allowed to say what they're saying, it's how they're saying it. Pepsi can run commercials on TV telling me to drink pepsi all they want, but if they hire someone to tap the message "Drink more pepsi" in morse code on my forehead then they've gone too far and should be stopped. If someone wants to sell me a list of 50 billion email addresses of eighteen year old girls who want to enlarge my penis while making money fast that's fine, I have no problem with them doing that, get an ad in a newspaper or magazine but don't email it to me and don't tap it into my forehead and don't shout it via megaphone at 3:00 AM outside my house.
You've *got* to be kidding.
The time to post this news was when it was news, while there was actually a lot of interesting discussion going on about what to do about the ORBS shutdown. Now, it's history, not news.
The ISPs in question believed that they were not running open relays. The issue is not spam, but the possibility that ORBS is using its position of trust with the community to block legitimate e-mail because its manager (who owns his own competing ISP) has personal grievances with the ISPs.
In finding in favour of the ISPs, I would imagine that the court decided that ORBS failed to provide sufficient evidence that the ISPs were in fact running spam relays.
Why do you respect him?
Well, China doesn't recognize Taiwan as an independent nation, so he was half right :)
Your argument only works if a user can ask the ISP to not filter his email, and the ISP complies.
It can be difficult: paying the setup fee to the new ISP, and making a final time payment to the existing ISP (for people on low budgets this sort of thing matters). :)
Also, losing your email-address is a big thing (many people use their ISP address for primary mail, if only because the free email services out there are pretty awful). On the other hand, this is one way to clear out the current spammers
I know this is a little more general than the topic, but I feel it's very relevant. In the United States, and increasingly everywhere else, consumerism drives power and legal structures. Advertising is a major component of consumerism. As long as capitalism rules the land, you will never see strong anti-advertising laws, including those against spam.
* Try stopping junk mail from filling your snailbox. Good luck.
* You paid for that movie ticket. Why are there advertisements before the movie?
* You paid for that concert ticket. Why are there sponsor banners all over the place?
* And that damn magazine you paid 6 bucks for. Why the hell is more than half of it ads?
* There are beer and liquor advertisements on the PUBLIC subway car here in NY, two feet in front of your and many childrens' faces! What's all the noise about advertising cigarettes to children with such blatant government hypocrisy?
Don't expect ads to go away anytime soon... and don't expect spam to go away anytime soon.
LS
There is a fine line between being a cultivated citizen and being someone else's crop. - A. J. Patrick Liszkie
I don't see this as being a freedom of speech case at all. ORBS was mearly a tool to help you identify open relays on your network, and an extreemly valuable tool at that.
I used to work for a Univeristy and we used it to identify ORs on our network so we could take care of the problem (You wouldn't believe the number of bumbling Professors who set up linux boxes which are open relays). We got an email every once in a while that said, "Hey, OR on your network". Then we'd hunt them down and say, "Secure your box or turn off sendmail" to which the normal reply was, "Ok, I downloaded the latest version of pine!"
Oh well, at elast alternatives exist.
Yes, I agree with this. However there is a difference when it's free speech at someone's expense. You can shout at the top of your lungs as much as you want, but as soon as you try and make me pay to listen to you, your rights to "free speech" with regards to me end.
And yes, I've heard all the arguments about how the cost of receiving an email is miniscule. However there is still a cost, and that's all that matters. It may only cost a cent for me to receive an email, but if I get 20 spams a day, that's 20 cents a day, $5 a month, $60 a year. These things add up, and the point is not that I have to shell this obscene amount of money out, it's that I shouldn't have to pay for someone else's advertising. You hear griping about junk mail (postal), but you don't see the pure hatred that you see for spam. Why? Because they're paying to send it out. The costs are in the right place.
So while I agree that you can't have it both ways, you also have to concede that there is a difference here. If spammers were paying to send out their ads, it would be a different story. However it can't just be a matter of them paying their provider to send out the ads, they have to *remove* the cost of receiving it from us.
-Todd
---
"The details of my life are quite inconsequential..."
For someone who advocates freedom and choice on the "electronic frontier," John Gilmore is sure quick to sacrifice other people's property in the name of a free Internet.
His analogies simply don't wash: the guy on the street corner, and the bulk-mailer leaving ads in my postbox, are bearing nearly all of the transmission costs. That's not how it works on the Internet. Bulk-mailers have no right to consume my resources without compensation. It's really that simple, and I don't understand how pseudo-libertarians and bulk-mail supporters can't grasp this simple concept. And while it would be great if every 'net user understood how to write procmail filters, most don't (and won't), and it's unreasonable to expect them to.
The censorship argument doesn't wash, either. Private networks have the right to decide what data to carry through their wires and servers. Whether they make morally or ethically sound decisions on what to censor can be debated, but their fundamental right to do so cannot be abrogated.
To make matters worse, Gilmore is willfully choosing to remain part of the problem by running his own open relay. He doesn't get that his rights end where others' begin. Maybe he will never get it.
I have two points. The first is relatively trivial. At some point during the acquisition process of TLG -> Best -> Hiway -> Verio, someone (Gilmore) should have noticed that the AUPs regarding open relays between the acquiror and the acquiree were contradictory. In particular, that his (admirable) open use policy was not amenable to Verio's policies. I suggest, if I may, that someone in the process forgot (or omitted) an acquisition clause requiring that the AUP of the acquiree be honored by the acquiror. If ntentional, this was a business decision that I ssume was out of his control. If he felt so trongly about his AUP, he should resign and found nother ISP. He did it before.
:)
Second, in regard to open relays per se, I point out that freedom must always be considered in context. The First Amendment is not a carte blanche rule that says anyone can go out and say anything they like. There are restrictions to speech, such as it being illegal to shout Fire!" in a crowded movie theatre. The crux of the matter between Gilmore and Verio is whether or not some or all of the content which passes through his open mail relay should be restricted.
I do not claim to know the right answer. All I can offer is my opinion, which you are, of course, free to disregard. After all, our country believes in free speech.
I believe that freedom should be restricted only when there is a provable, substantially negative impact on another individual or group. Of course, this is a completely vague and gratuitous statement. I believe it is up to political activism to define "substantial", and up to the legislature to capture that in laws for the courts to regulate. My personal opinion is that some levels of economic burden fall under "substantial negative impact", and that 'spam' can sometimes cause substantial burden. As I do not believe a resource should be outlawed on the possibility of doing harm, the obvious solution would be for those ISPs that considered themselves substantially harmed by Gilmore's open relay to deny forwarding for his relay only. That is, of course, their decision. If Verio considers itself harmed, by bad press or what have you, for being responsible for this open relay, and if, of course, it goes against their AUP, then I believe they have every right to close the relay. As I said before, there is nothing preventing Mr Gilmore from starting a new ISP.
This post expresses my opinion, not that of my employer. And yes, IAAL.
Spam is free speech, people! When you prevent someone from telling people about their issue or product, what ever it might be, in the United States, you are restriting their Constitutionally-guarenteed rights to free speech. (emphasis added)
This is false. The Constitution prevents THE GOVERNMENT from regulating such speech. It does not prevent me or any private third party from doing so, nor does it obligate me or them to use my private resources to forward on an endless supply of mindless chatter. And it most certainly does not stop us from sharing information on who we think is irresponsible enough to privately block.
In fact, it is an exercise of free speech (and property rights) for me or them to put a privately owned mail server on the internet and choose not to forward mail designated by whatever source I choose to. If you don't like it, too bad. You are free to start routing your own mail with your own resources, but I'm free to block whatever mail I feel like from being transferred by my private property.
Everyone should have a right to tell people about events.
They do, but not with the assistance of private resources of those who oppose their message or editorial style.
I would prefer that my provider use the blacklists, but in case they don't, I fashioned this procmail entry to help out. It strips out all of the IPs from the Received: headers and checks them all against whatever blacklists you want to use. rblcheck is used.
/usr/local/bin/formail -xReceived: | egrep \[[0-9.]+\] | sed -e 's/.*\[//'
-e 's/\].*//' | xargs -n 1 /usr/local/bin/rblcheck -c -q -s blackholes.mail-abuse.org -s dialups.mail-abuse.org -s relays.mail-abuse.org -s inputs.orbs.org -s spamsources.orbs.org
* !?
Although your suggestions are good; I'd like to point out that the previous poster did touch on some good points.
:)
While unsolicited snail mail is paid for by the party sending the mail in proportion to the amount of mail sent (thereby adding capital to the system they are using), spammers pay a flat fee and use the system to its limits without giving any additional money to the internet infrastructure companies.
When over simplified (like I've done here), you can see that the US postal service can fourish while handling gobs of unsolicited mail while email servers are choking on the excess baggage. Likewise, while US Postal will do better with the income from bulk mail, email servers will not benifit at all from spam.
Although I'm an avid free speak suporter, I don't feel that spam qualifies as "opinions." Rather, they are an attempt to get more customers at a decreased price (ie. you're paying for it).
Just my two pense
"One man can change the world with a bullet in the right place."
- Mick Travis, "If..."
For his part, Gilmore believes spammers have a right to peddle their messages, and mail server operators have a right to forward mail if they want to. For Gilmore, spam blocking should occur at the recipient level, not at the level of self-appointed upstream censors.
Mails server operators have the right to do whatever the hell they want with THEIR wmail server. Sorry, but its my mail server, and I have every right to protect it from spammers flooding my pipe.
We are not censors. we are not targetting specific users. We are targetting MIS-CONFIGURED email servers.
Get your head out of your ass Gilmore.
I'm disgusted that the EFF, or a senior member of the EFF, would openly support one of the cancers of the internet.
Feed the need: Digitaladdiction.net
And you can even simplify the process of fighting back by using SpamCop to help identify all the appropriate places to report the abuse.
Spam is free speech, people! When you prevent someone from telling people about their issue or product, what ever it might be, in the United States, you are restriting their Constitutionally-guarenteed rights to free speech.
I agree that preventing someone from speaking is wrong, however, this is not quite that cut and dried... In the case of product based spam, it is restricting them from speaking anonymously. They are still free to send their message without using an open-relay. If they truly are trying to sell a worthwhile product they believe in, why are they often hiding their identity?
Why does everyone moan and groan about email when it is very easy to not get any. I've had the same primary email address for 8months now and i've gotten 7spams during that period. Here are some
simple steps:
1)Never, NEVER type your primary address ANYWHERE on the Net (see my email address above? thats not my primary).
2)Fight Back. Every single time i get spam, i go through the headers and send it to the abuse@*.* address with the email as an attachment. If that address bounces i send it to root@*, webmaster@*, admin@*. I make sure it gets seen.
3) Dont use any major email provider email as your primary email. I recently got pacbell DSL, without even using the account i started getting spam. I then realized that, all of these ISPs are giving free webspace, using your *username* as the folder to hold it all, so spambots just need to read the contents from one folder and BAM!.
If anyone cares, i use mail.com, they bought up tons of addresses which allows me to have the @techie.com address. I wouldn't fully recommand it because they're currently doing a server switch (which has lasted for over a month) and things dont fully work.
Only dead fish swim with the stream...
IP filter rules fall into two general categories: default allow or default deny. Perhaps we're headed towards the day when the only thing that makes sense is to apply the same default deny rules to urls. I'm seriously thinking about it. Maybe then ORBS won't seem so draconian.
/unpaid-for/ email a crime. People should not be forced to use paper to advertise. But they should not take advantage of bulk email.
Since we're talking about SPAM, I will plug once again for a spam tax. Allow spam. For a per-copy fee. Then make sending unsolicited bulk
--Lawrence Lessig for Congress!
Truly, AC, you have a way with words.
--
First, I definitely think that ORBS-style blacklisting at the ISP level is bad for consumer choice, and blacklisting at the recipient level is where it should be done.
But PLEASE stop mis-using the First Amendment.
When you prevent someone from telling people about their issue or product, what ever it might be, in the United States, you are restriting their Constitutionally-guarenteed rights to free speech.
Here's the First Amendment of the Constitution of the United States, in FULL:
Does that say anywhere in it that ISPs cannot choose who or what to block from their networks? Let me repeat: ORBS at ISP level is bad business because it removes choice from the consumer. It is not, however, against the First Amendment. ORBS and ISPs are NOT the US Federal Government. They are NOT beholden to the First Amendment. They can do whatever boneheaded bad business decisions they want to do, with respect to controlling their own networks.
Secondly, the right to free speech does NOT mean that you have the right to be heard. If someone refuses to listen to your advertising message, that's their choice. You do not have the right to force them to hear your jingles or your offers for sexy hot teens.
It's such a short amendment, with such clear wording. Why does everyone mistake it so much?
[
Why not instead of Black Listing Open Relay operators just create a rule in your own mailbox forwarding all spam you recieve to every Open Relay Postmaster you can find.. eventually they will get the idea when there box has 5000 messages an hour.... Just a friendly way of saying you got open relay :)
And you're saying you believe filtering spam is censorship? Wouldn't that be rather hypocritical given the E-Mail address you have attached to your account name?
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Do you have a nospam in your user profile E-Mail address? Do you even list a user profile E-mail address? If so, you're a hypocrite and a troll. Why do you do that if you believe spamming is someone's constitutionally guaranteed right?
If you do have an unadulterated E-Mail address in your user profile, I'll hit all the porn sites in your name and see if you feel the same way about spam in a month or two.
2) The end user should filter the spam...
Once it's hit the wire, you've already paid for most of it. Actually once it's hit your provider's wire, you've already paid for most of it. The cost of all your users' data transfers are worked into the monthly bill one way or another. If your bill's dirt cheap, your ISP is probably massivly overcommitted on resources and you spend more time waiting for your files to come down or waiting for a line to open up. Don't think for a second that you're not paying for spam, even if it's not listed as a line item on your bill each month.
3) The user should run his own mail server...
See number 2. Not everyone can run a mail server either. In fact, most people can't. You need a static IP, a dedicated connection and an ISP that isn't an asshole about you running your own servers. You won't find a reliable provider who will give you all that on the $20 a month plan.
I'd like to see a revised mail server RFC that operates on the web of trust model. To talk to a server, your server's key would have to be registered with it. If mail admin Dan trusts mail admin Paul, anyone trusted by Paul's server would also get to talk to Dan. If Paul turns out to be a spam house, Dan just revokes his key and shuts everyone coming through Dan down. The mail log would list all relevant keys that allowed a transaction.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Sorry, I missed your E-Mail address in your user profile. Please post it so we can help the spammers practice their constitutionally guaranteed right of free speech on you.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
The Internet treats censorship as damage and routes around it.
ORBS was censored by a lawsuit, so, like the Hydra, four more ORBS sprouted and carry on in its place. And if they are likewise censored, more will follow.
This should be a surprise?
There is a need in today's Internet for open-relay blacklists; people on the Internet will fill that need.
And in fact the technical side of the problem pales in comparison to the financial and political sides. As long as money! money! money! can flow towards abusers of the mail systems, they will find, and be able to afford, methods of circumventing any legal or technical action against them.
One of the major cases on this issue is Valentine v. Chrestensen. There is a short version of the relevant points here, the full argument can be found by searching for "commercial speech" here.
Furthermore, the first amendment only applies to the government's actions to restrict speech. "Congress shall make no law..." It has nothing to do with what individual companies or persons do to restrict speech. If an ISP decides they're not going to deliver or relay spam because it costs them money and resources to do so, that is their business and not a violation of the first amendment.
---
"This message is composed of 100% recycled electrons."
Why do open relays matter for anyone except the people operating them? If there were no open relays then spammers would just send direct to recipient's mail servers. Of course, the DUL would like to stop that, but that's a fucking joke if you ask me (an annoying joke too, more than once I've had mail bounced just because I run my own MTA instead of using my ISP's).
In summary, I'm on neither side. I have little sympathy with spam-fighters, and none with spammers. I'm afraid MAPS is the only bandaid keeping spam in check for the time being, and it must be constantly watched for abuse.
I'd like to congratulate them
---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
--
Free Mac Mini
is X-10.com anywhere on this list?
if not they should be.
stop this madness!!!:P
TIME is the Aether...
I tend to assume that spam can only be handled on the level of me and my personal friends. Which is why i own and/or control every server that hosts my email, and i can filter what i want/dont want. The "if you want the job done right, do it yourself" attitude may seem a bit cynical, but it works, and doesnt rely on some company thats either a) struggling to stay afloat or b) trying to make more profits of my personal info.
I am !amused.
SPAM hasn't been reduced to any noticable degree.
I implement[ed] ORBS for my personal email account (rather than server-wide) and blocked 1563 "spams" from November 2000 through May 2001. 4 of those were legitimate emails.
"Noticable" is objective, but for me, the ORBS was cherished because that was a huge chunk of my inbound email.
ORBS would have been ``merely'' a tool to help identify open relays if they hadn't also advocated that folks not accept mail from those relays. As it was, ORBS was a denial-of-service attack on Internet email.
If ORBS is a good thing, then persumably security systems that routinely sound alarms when authorized people are going about their designated business are also a good thing.
1. bulk_mailer was written for use by legitimate mailing lists, because sendmail's default method of handling list mail is too slow. Users are forbidden to use it for spam.
From bulk_mailer.c:
* License to copy and use this program is granted according to the terms
* of the current version of the GNU General Public License. However,
* there is one exception: this program may not be used to send unsolicited
* commercial messages.
2. using ORBS would indeed reduce the amount of spam you received. it would also reduce the amount of legitimate mail you received.
perhaps the reason you got zero complaints from people who couldn't send you email, is because they couldn't send you email.
3. ORBS was forced on people whose ISPs naively adopted their blacklist.
As far as I can tell, these are the chief results of ORBS:
- SPAM hasn't been reduced to any noticable degree.
- Many people have had legitimate mail blocked because their sysadmins naively trusted ORBS's blacklist.
- Many SMTP servers cannot accept mail for the domains for which they are listed as mail exchangers, because of broken relay-blocking code.
This is now a primary cause of failed mail for my mailing lists.
Misrepresentation of others (or for that matter, their SMTP servers) is not part of free speech, especially when it harms the operation of essential services such as email.This is no troll, it's the truth, the overall sentiment that I've seen in comments on the site in the last several years is "Oh my God they're trying to stop us from saying what we want" on one day and "We must censor spammers" on the next. It seems to be a recurring theme that censorship is bad only when it applies to something you want and good when it's something you don't. People this is a ridiculous, although most likely natural as far as human nature goes, way to view things. For a thinking adult. A little common sense would tell you that number one, freedom of speech must apply equally to all, and number two, if you are able to stop someone else from saying what they want, how long will it be before someone stifles you?
I'm the big fish in the big pond bitch.
Insightful?? What an odd moderation for a post that entirely misses the point. I never said open relays were good, my comment was based on the thread that said censorship is good or bad you have to choose. If you read first, and thought before posting and maybe you would have seen that I was talking about the hypocrisy over getting mad that RBL ORBS sites were censored, and celebrating when spammers are censored.
I'm the big fish in the big pond bitch.
Again, I said nothing about keeping relays open, try reading the post. If you have a comment about open relays, respond to a post that is discussing them, not to one that's looking at the larger issues.
I'm the big fish in the big pond bitch.
I hate to say it but it's just too bad that you didn't ask for it. You have a address in a public medium, that means that anyone who wants can use it. You can filter it all you want, and you have every right to, but you cannot prevent, or ask anyone else to prevent access for you. That's like giving everyone in the world a key to your house and getting angry when people you don't want in there come in anyway. It's not someone elses responsibility to filter who comes in, it's yours. If you're so concerned with privacy only give keys to those you want to have access.
I'm the big fish in the big pond bitch.
Organizations like this are GOOD, they allow freedom of choice on the personal level by providing information to anyone who wants it.
I'm the big fish in the big pond bitch.
It got a little more complicated. If your provider decided to use it, for one thing, you didn't get the choice to turn it off. Cf. the problems with MAPS and sites hosted at Abovenet.
Much, much worse is when one of these systems starts picking up "spite" entries that do not tie back to any demonstrable spam incident.
That's the mob mentality Gilmore is describing -- "all those who are not with us in the battle against spammers are our enemies!"
If I ever win the lottery, I've got $100,000 earmarked to picking out the spammer who'll make the best example, and putting him or her in jail.
But rabid as this subject makes me, I still have enough self-control to realize that ORBS was perceived as being abused, and that this ultimately rendered it useless.
--
"Ain't no right way to do a wrong thing."
Saying "spam is free speech" is like saying "I, posing as you, using your neighbor's phone card, calling some guy in California to sell him a penile enhancement tool which he doesn't want" is free speech.
The best strategy I can see for limiting spam is ending the open relays. I don't see any legitimate use for an open relay. Anyone care to enlighten me?
Ceci n'est pas une pipe.
A responsible and level-headed version of ORBS is very possible and quite welcome to me.
You're talking about RSS, right?
RSS has the same stated goal as ORBS - to allow people to block open relays if they so choose. But RSS is run by different people and is run much more responsibly. They do not probe IP blocks looking for open relays. They wait until someone submits a piece of spam with full headers. Then they check the relay listed in the spam to see if it is indeed open. If so, a human looks at it and blocks it. Once the open relay has corrected the problem, the RSS people take them off the list.
I believe ORBS also blocks anyone who does not allow their probing. RSS is blocked by ORBS, for example. I've also heard people say that it is very hard to get off the ORBS list. None of this is true of RSS.
Censorship is either good or bad. Pick one.
Vintage computer games and RPG books available. Email me if you're interested.
modify MTA to use local blacklist file.
fetch the list via the freenet-request script.
do that every day via cron.
greets,
multiview
p.s.: this is could become a common strategy against this kind of information banishment. freenet.sourceforge.net
"Wired is carrying this article about the shutdown of Alan Brown's Open Relay Behavior-Modification System, more commonly known as ORBS. Brown, of New Zealand, closed his operation after two local companies won legal injunctions against him for listing them."
Anyone know which two local companies? I'd like to publicly shame them.
I Meta Moderate and I lose karma?
"I'm The Bounty Bear. I will find him anywhere. I'm searching."
1) download the latest list of open relays.
2) pick a random one
3) try spamming through it, if not possible or too slow go to step 2
Talk about making a spammer's life easy. The ORBS people are doing ALL the work of finding open relays for spammers.
Even better if there is a delay between the latest list and the list used for blocking!
ORBS makes it easier to spam. Grateful spammers around the world are probably dreading the day ORBS is totally shut down.
ORBS is reborn
ORBS splits into ORBZ and ORBL
ORBS now split into three
One of them was XTRA, the ISP owned by the ex-SOA telco Telecom New Zealand. I believe the other was Actrix, a Wellington based ISP. Before you go "publicly shaming" those two organisations, you should be aware that their blacklisting may very well have had more to do with Alan Brown's personality (I like the guy and respect him immensely but must acknowledge that he can be extremely difficult) and his commercial interests than it did spam. That said, more power to him and Manawatu Internet services. He keeps "the Man" on his toes.
As much as I agree that cutting spammers off upstream is a bad idea, but isn't shutting down a website that lists you ALSO cutting off free speech?
icqqm [ICQ:11952102]
The article was about spammers suing because they where blocked. :
What this would mean is we could still block any spam that didn't have the info, and any spam we want that may or may not want.so the people we blocked couldn't sue because
a)there not following the law
b)they are following the law, but we as consumers don't want there spam.
There are many crimes where tracking down the offender is difficult and/or impossible, should we repeal them?
Of course I think we should have a database where people who want spam/junk mail can opt-in for those options.Naturally the address reseeler wouldn't want them.
no there not perfect ideas,but the point was how to stop companies that make spam filters from being sued.
and finally, yes I did think of that, and I am getting money to sell a way to do just that.
The Kruger Dunning explains most post on
To shut down ORBs and force the individule to get unsolicited emails must also mean that TiVO is illegal because it prevents advertisers from expressing there 'free speech' advertisements.
I will also presume that everybody who is for spam never turns the channels, or leaves the room when a comercial is on.
I don't want spam. why is my rights come secondary to somene who wants to sell something that 99% of the people the spam don't want? If there is something I want, I'll search for it.
The solution is really pretty easy. Make it illegal to:
a)use a false or incorrect return
b)not have a return
c)not have a standard solicitors identification.
those are the only way to protect the individule while still alowing companies to spam.
It is reasonable, protets all parties rights, and easy to impliment.
I know the spammers won't like it because they seem to think we're not allowed to chose what we want to view, and they seem to think sending repeated spam to everybody over and over again generates revenu for someone besides address sellers.
Next I'll be sued for not leaving my TV on all the time and blocking all those advertiser free speech.
The Kruger Dunning explains most post on
Come on, people. ORB[SZ] is a GoodThing(tm). Nobody is coerced into using it. ISPs who use it should be commended! If you have stron feelings against it then get another ISP! Better yet, get the people sending you mail to get their ISPs to close their relays!
--john
While there is no question that Brown was too often a bulldog, a service like ORBS noticeably helped cut down on spam for our ISP that services about 16,000 customers. Significantly.
Anyone who says that spam should only be blocked/fought at the recipient level doesn't have to run a mail server for thousands of customers. Spam bogs down our mail server often and we also have to respond to complaints from our customers, etc.
There is a lot of room between censorship and giving spammers free reign. A responsible and level-headed version of ORBS is very possible and quite welcome to me. For example, they can help notify us, and our customers who run their own mail servers, when a mail server allows open relays and we can try to get that blocked before a spammer compromises their machine and our bandwidth.
Spam doesn't only affect the mail boxes of end users, after all. Most spammers are reprehensible and a couple of procmail filters isn't enough to keep this in check. I just hope that one or more organizations will step up, learn from the mistakes as well as the successes of ORBS and help us no drown in spam.
Spam happens because sending mail costs the sender almost nothing. In the snail mail world, the amount of junk mail sent is limited by the fact that the mailer has to pay postage. But even if the email sender paid the full cost of sending email, that cost is likely to be so low that it wouldn't provide much of a deterrent. And this still doesn't take account of the cost to the receiver of having to look at the email to decide whether or not to read it.
So in addition to emailers paying the actual costs of sending the mail, we need a way for receivers to set a price they will charge to notice the mail. Here's one way this might work:
I set a price for my personal priority stamp. Anyone who wants to send me an email can do so, but their message will only be marked as a priority mail if they pay my priority price. The proceeds from sales of my stamp go to me, since it's my attention that is being purchased.
The priority stamp is purely a signalling device which I am free to ignore, i.e., I can read or not read priority or nonpriority mail as I see fit. But when I see a message bearing the stamp, I know the sender thought it was important enough to pay my price, and that may be reason enough for me to look at it. If I think I'm getting too much or too litte email, I can always adjust the price of my priority stamp. My ISP can be instructed to discard messages without the stamp.
The sender has no guarantee, of course, that I will look at his email even if he pays for my priority stamp. So we could expect that email advertisers would collect not only demographic data associated with email addresses, but response rates as well. They would use this data in deciding on a case by case basis whether or not to buy the priority stamp.
So here's the next big thing. Some organization (AOL maybe?) sets up a clearinghouse where priority stamps can be bought or sold at posted prices, and distributes email clients that can show the presence or absence of a priority stamp. This same organization would certify the stamp as genuine, and perhaps take a cut of the selling price. There could be more than one such entity, just as there are for security certificates. Ultimately, marketplace competition would determine the sales commissions charged by various clearinghouses.
Jeff Hallman
Federal Reserve Board
Even it's most basic premise, its original intended function, was to strike down free speech.
Actually, it was an expression of free speech itself. It simply was someone saying "these ip addresses are used to send mass unsolicited e-mail"; ISPs and individuals could deal with that information how they saw fit. There is no free speech issue involved; I may have a right to say just about anything I want, but you don't have the obligation to have to listen to me.
--
its a damn shame. it sucks to have to blacklist a whole region of our world. but its been demonstrated again and again that most of the admins in china and korea don't seem to be 'white hats' (using the NANAE term; it means 'good guys') and that complaining to 'abuse@' and 'postmaster@' falls on deaf ears.
I'm now fine with filtering all email from .tw and .kr in my return error code (to the spammer), I include a web address that they could go to mail me, manually. if they really need to get hold of me, they can; but none have, so far - which means the spamblocking I'm doing based on country-code sure is working.
--
--
"It is now safe to switch off your computer."
I first tried contacting most of the admins that ran open relays (which actually hit my box with relayed spam). most frequent response: "oh, we just installed that box and didn't know it was open by default."
sigh. it took M$ so long to configure their xchange server to be closed by default, that simply probing for M$ relays is almost the same as probing for open relays.
at this point, I don't even bother trying to educate them. if they were smart to begin with, they'd not be running M$ mail on a public server...
--
--
"It is now safe to switch off your computer."
TOS = Theft Of Service
--
--
"It is now safe to switch off your computer."
yes, you're right - I forgot to list .cn.
still, I get much more spam from .tw .kr combined than I do from .cn. not to say that .cn isn't becoming as bad as the other two country-codes.
--
--
"It is now safe to switch off your computer."
can't you see that that's too late?
by the time the packet has reached my wire, it has already stolen my resources. I can block on the Rx side all I want; but the PDUs will still eat up my precious wire bandwidth.
blocking at the source is the only way to stop theft of service. spam is TOS - no other way to look at it.
suppose you didn't lock your doors at home, so that any thief can come in and poke around your stuff. then, as he's walking out, you automatically snap a photo of him. what good does that do? he's already come in and messed around and had his way - 'protection' after-the-fact is totally useless once the crime has been committed.
--
--
"It is now safe to switch off your computer."
some joker in mpinet.net just wouldn't give up - I had several hits PER SECOND on my home dsl line. quite the TOS attack.
I was forced to learn more about my mail system (qmail on openbsd) and the oh-so-useful tcp-wrappers. I also learned about the ORBS, MAPS/RBL/RSS servers.
in a few days I had hacked my qmail and tcpwrappers system to consult the RBL lists and if there was a hit, add the offender to a local cache (so that I can recognize him quickly next time).
since my site has very very few valid usernames, it was also easy to honeypot the spammers and when an invalid username was sent to, the source IP and username would be logged for future auto-blacklisting.
I've found that cutting the spammers off at the tcp-env level is quite effective in cutting down bandwidth. they can't even telnet to my port 25 anymore - I immediately shutdown the connection! no more megabyte-of-.doc crap, no more offensive spam, no more crapola, nada. just clean and quick tcp rejects ("connection refused").
the only shame is that I fear most mass abusers don't check the return codes of mail attempts and more than that, they engage the STOLEN use of open relays. so its the open relay that queues and retries and retries (I see it in my logs..) over and over. I almost wonder if I should let them complete their junk email exchange (only after hours, when I don't need my line) just to help purge their queues (?).
at any rate, the following scripts are quite useful in this battle:
rlytest.pl, checks (sends mail to) open mail relays
blq.pl, checks the MAPS,ORBS,RSS,DUL realtime blocking lists
--
--
"It is now safe to switch off your computer."
Yeah, but the problem was that large, enterprise-scale ISP's (eg. Earthlink) decided it would be a good idea for them to block mail from these IP's, so then people who were incorrectly added to the list could no longer send mail to 3% of the internet. That blows.
"there's a gap missing..."
:-)
didn't quite mean to put it that way, but y'all know what I mean
/Brian
It's like this -- you run an open relay, you're essentially creating a sort of hot zone that can contaminate downstream systems. What ORBS and successors are doing is essentially spanking people for being careless. Yes, it's a bit ham-handed, but the logic is essentially that the ISPs in question are going to get bitched at by their customers (who won't know why, but the ISPs probably will) and therefore need to do something about it.
If you've got a better solution, put up or shut up. It certainly wouldn't be a bad idea to try.
/Brian
This is one of those situations that strikes me as being a misguided application of civil liberties thinking. Fact is, this is a technical and financial problem, not a freedom-of-speech problem. Spam annoys people and cuts bandwidth. I really don't think freedom of speech extends to dumping junkmail by the grocerybag-full in my backyard, which is essentially what spam is. A spammer makes a mess of my mailbox, I have to clean it up (maybe pay for it if I'm using a service like Palm.net -- there are still services that charge for downloads), and this is protected speech? There's a gap missing in the logic here.
Just out of curiosity, what's Gilmore's take on junk fax? I'm sure even he realizes that that's an issue...
/Brian
This sig is xenon coated, and will glow red when in the presence of aliens
Any time they say "I have the right..." I quickly cut them off with a "nope."
This sig is xenon coated, and will glow red when in the presence of aliens
They can't find it if we block them at the perimeter, now can they?
This sig is xenon coated, and will glow red when in the presence of aliens
It DOES make it an issue, though, because despite any evidence of open relays, ORBs will list those who block them, purely out of spite. It's exactly that kind of childish activity which got them sued in the first place.
This sig is xenon coated, and will glow red when in the presence of aliens
"I'm now fine with filtering all email from .tw and .kr"
Uhm... filtering all email from .tw and .kr isn't going to stop any mail from China. .tw is Taiwan.
This sig is xenon coated, and will glow red when in the presence of aliens
And how is advertising not a form of free speech?
Because in the case of spam, the "advetiser" is making ME bear the costs of receiving THEIR spam.
If I get junk mail, I can leave it sitting in my mailbox until the wind blows it away and it doesn't really cost me anything. If I leave it sitting in my e-mail inbox, I might go over my mail quota and then I'll be losing the real mail that I PAID to get.
Let the company go buy billboard space, or an ad in the local paper, or go buy some raido or TV ads, but please leave my e-mail inbox out of it.
--You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
- We catch, on average, something like 200 messages per hour; that works out to about 30k-35k messages per week. Check out the latest results here (http://selenium.dowco.com/spam/spam.html for the goatse.cx paranoid).
- Our customers have 56k modems or slower, and they're not terribly clueful for the most part (then again, I work on the help desk, so that's all I see). So not only does it take up time while the meter's ticking to download it, there's a significant chunk of them that don't understand that spam is, unfortunately, epidemic on the net, or that spammers won't remove their names, or that they're hawking pyramid schemes that just won't work. Add to that a call every now and then from someone genuinely upset and offended about pr0n spam, and it makes for an interesting time talking them down from the ledge...
- Upshot is that spam costs us the isp, and them the customer, a lot to deal with the crap that keeps flooding in. You shouldn't have to be paranoid about handing out your email address on the net, or posting it in plain sight, for fear that you'll be hacking your way through MAKE MONEY NOW for the rest of your email address' life.
- Remember that scene in Futurama where Fry goes on the Virtual Reality Net of the Future, and they get dive-bombed by spam messages and have to take cover? That's no kind of net that I want to have, or to have to deal with, and I don't think it should be up to the customer or the ISP to pay to read crap.
Uh, that's all.Carousel is a lie!
If I assume your identify, that not fraud, is it? Denying me such creative self-expression would be censorship, right?
If you invite me over for a party, I have every right to go into a back room and run up a lot of long-distance charges on your bill, right? It's just a form of self-expression. Don't censor me!
If I kidnap you, handcuff you to a chair, and force you to listen to a reading of my paper on The Antidisestablishentarianist Movment as a Metaphor for the Homoousian/Homooiusian Semiotic Dichotomy, you have no recourse! That would be censorship!
__
Surprising that this one made it through the lameness filter...
Maybe if you found out why they acted, you might actually support them - they were blacklisted due to business disputes that had nothing to do with spam. Thats why ORBS was brought down - one dickhead using it as his dispute resolution mechanism,
But the various ORBS blacklists are raising the vocal ire of opponents such as Electronic Frontiers Foundation co-founder John Gilmore. Gilmore believes ORBS and its derivatives take a heavy-handed, meat cleaver approach to a problem that should be handled with a scalpel. [...] At present, Gilmore's attorneys are negotiating with his own Web-hosting company Verio, which has threatened to terminate Gilmore's website for refusing to close his open mail relay. [...] Gilmore believes spammers have a right to peddle their messages, and mail server operators have a right to forward mail if they want to. For Gilmore, spam blocking should occur at the recipient level, not at the level of self-appointed upstream censors. "
*sigh*
which is why I believe is licensing spam so that you, me, and the ISPs can bill the spammers, and we can send the FBI, the IRS, and other appropriate authorities after them.
This is the source of income that the government has been looking for.
A Spam Tax.
Check out the Vinny the Vampire comic strip
"It is a greater offense to steal men's labor, than their clothes"
I wonder if he'll get added to spam lists now, like I do every time I post a story critical of anti-spam activists. Yeah, subscribe me and Rob to more mailing lists under the handle "Spamlover." That's real mature.
One thing that quick wit will guarantee: you will now be subscribed to 100 times the lists you were previously... there are some trolls who wouldnt have thought of it... and all the rest now know it bothers you.... real smart jamie.
What is the difference if I block the spam myself, or we as a community decide to let a central group of people make up the list? Does it suddenly become bad because the people in question have decided to unite their decision making about who to block instead of individually each deciding on their own, inefficiently repeating the same steps of those decisions over and over for each person who considers the spam? I don't have time to track who is all doing spamming and when they have decided to stop. Maybe I have decided that one mailing from hoochie@yowzabeaver.com was enough and I never want to hear from them again, even if they switch from selling porn videos to marketing fruit juices. We delegate this sort of decision making all the time, and I don't think that being aware of spamming plus letting people dedicated to stopping the spam decide who gets blocked is tantamount to censorship of some sort of nazi networking.
We basically have ORBS and MAPS as a solution that lets the bad apples get blocked and if some good apples are getting caught in that same web, then maybe they should reconsider their tactics. I don't feel that I have to go and reorganize my way of communicating through email because a bunch of advertisers can't keep the hell away from my email address. They have freedom of speech by use of their web sites, but they do not have the right to come into my living room and shout it at me, so they should not be doing this to me, either.
How many times a day do I have to receive mailings about a new money making scheme that obviously doesn't work, penis enlargements, some dim bulb selling toner cartridges, or some completely unrealistic diet program before I'm allowed to keep them from flooding my mailbox every day. Is there anyone actually out there that looks forward to dozens of those mailings filling their mailbox?
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
As the answer always is, to this question, "The difference is that I did not go out seeking this information and I had to pay to receive it."
If someone hosts a website and I visit it, I made a choice. No Problem. If I sign up to get the weekly best buys from AutoShack.com, that's fine too. If I started getting a monthly bill from the USPS at a charge of $.01 for every "Resident" or "Postal Customer" envelope I receive, I'd be outraged. Wouldn't you?
My personal opinion is that I have the right to filter my own mail, wether it is server or recipient based (I do both). I have an *obligation* to read the terms of service for any ISP I am interested in using, and if they subscribe to ORBS or MAPS, or if they don't allow open relays, I should either accept that, or keep looking for an ISP. If there were enough people upset about the TOS of available IPSs, then new ISPs would appear to fill that gap.
All I wanted was a rock to wind a piece of string around, and I ended up with the biggest ball of twine in Minnesota
This makes good sense, and it holds some value, but one of the problems it doesn't answer is the cost of the spam. Having a user level filter means that your mail server has to accept every spam message in its entirity and store it until you get around to retrieving it (which is where most personal mail filters get applied. There are also server side filters, I know, but they aren't as common, and a lot of them, you don't have control over). This costs your ISP / Mail Server bandwidth and storage, both of which cost money. With MAPS and ORBS type solutions, the mail is actually rejected rather than discarded. The mail server that tried to send the mail receives a detailed message about what happened and what to do about it. This message also makes its way back to the originator.
:/
Now in most cases, if they relay was unintintional, either the admin of that mail server will receive the notification and correct it, or the originator of the message (if it was legitimate) will notify them and ask them to do something about it. You would be suprized at the number of mail servers that are hijacked to deliver spam mail because they weren't configured properly.
All I wanted was a rock to wind a piece of string around, and I ended up with the biggest ball of twine in Minnesota
That too is spam. I add the sender to my filters (for whaterver good that really does), and send a report to spamcop. Spam is spam. I don't like any of it.
Tom.
Oh arse
Postal solicitations have at least same cost that spam has for me as a mail user. First of all, bulk mailing rates are lower than first class rates, but why don't they charge bulk mailers the first class rate and ensure a lower first class rate for everybody? You see, bulk mail discounts result in higher first class rates, which affects me every time I want to send a letter since I do not use bulk mail. Certainly open relays do not increase the rate I pay my ISP for email services any more than bulk mail rates increase first class rates for regular mail.
Then there is the question of dealing with the solicitations. Dealing with SPAM is very simple, I download it as part of my normal email (I don't believe that this is a significant incremental expense to me-- not even your example of 1 cent). I hit the "d" key or click the little icon with the page with a red X on it. Flush. In real life I have to make sure the mail doesn't contain something sensitive-- if it does I must destroy the physical artifact before disposal. Which brings up disposal: am I supposed to recycle that? Can I recycle it? Do I not pay quite a sum each month to the municipality where I live for trash removal and recycling serivces? I suppose I should make it clear that I am not interested in any offer and mail it back to the sender in the provided envelope so that they can dispose of it. This is a time consuming process, my time is valuable. I've got Natalie Portman pics to download from alt.binaries and Hot Grits that are getting cold.
Personally, it is my opinion that with a decent kill-file and a decent filter, SPAM on the internet is a non-problem-- and even without these it is far less inconvenient than real world solicitations. And we haven't even touched the "free" neighborhood newspapers or the little rolled up Xeroxes rubberbanded to the doorknob that end up all over the yard, forcing me to collect the trash that advertisers have deposited on my property.
I do not have a signature
Yes every individual has th eright to say what they want, free speech etc.... But no one has a right to FORCE me to listen or a right to make me use my resources to pay attention. I have a right not to listen and installing spam filters on my e-mail account is one way of saying "I'm not listening". By your argument its immoral when I don't pickup the phone when the caller ID is blocked/unavailable b/c its a telemarketer. I am obviously violating their right to free speech by not listening to whatever ad they are pushing on me. Or when I throw away my daily dozen credit card offers unopened, I should open them and read them carefully so as not to violate Citibank's free speech.
No, I'm not joking, and yes, I agree that spam is not as serious as rape or murder.
But if everyone knew who these guys were, instead of them hiding behind a bogus return address, we'd be able to "convince" them to stop, I'm sure of it.
Ah - I see. Then it would work pretty much the way I usually use my mail, giving out one (free) address for online stuff, another for friends and family, etc., and filtering on which account it came from.
I have to admit, spam isn't a huge problem for me (almost all my mail is stuff I expect, and I don't mind downloading junk on my cable modem), but I can't understand how I ever survived without some kind of program to sort through the mail.
I find it surprising that we still haven't found an ideal solution to spam.
To me, an ideal solution would identify mass-mailings with 100% accuracy, identify offenders with 100% accuracy, and auto-notify their providers, all without me ever laying eyes on it.
The closest thing right now is SpamCop, which I think is great.
...choice. I can choose to use ORBS [in a way, I do, since I use SpamCop], or I can choose not to use it. Using ORBS will block mail, some legitimate, from reaching me. But hey, that's my choice.
While the Internet is open [for the most part] territory, each of the ISP's are private entities and, if they so choose, can choose to use ORBS [or similar] to protect their customers from spam. Some will like it, some won't. The spam policy is one of the things I research about an ISP before I use them--and when they make changes in that policy, I sort through them. I have left an ISP because of a spam policy, and I won't hesitate to do so again.
If you don't like that Earthlink is using ORBS and its child processes, don't use Earthlink. It's as simple as that.
-- Geof F. Morris
I would be very interested in a black list of companies or persons who have resorted to litigation to get off of the various dynamic blacklists. Ideally, the criteria for getting on the list should simply be
- They were at one time listed by ORB*, RBL, or a similar service.
- They used lawyers and courts to be removed from that list.
The criteria to get off the list should be"To blow recursion, you must first blow recus
I've tried doing the recipient filtering thing. In fact, I've been doing it for a long time now, using the NAGS filter (www.nags.org, no longer maintained but still available for download last I looked).
Trouble is, the spammers keep changing emails so often, it's virtually impossible for an individual to keep an up-to-date filter list.
I did finally hit upon a solution that works for me, although most people couldn't use it, and I'm sure Gilmore and others like him would hate the notion: I added the regular expression, .* , to the beginning of the spam_sites file (the NAGS filter's bad list). This effectively means that ALL incoming mail is assumed to be spam unless I have specifically added the sender to the from_exceptions (good list) file.
I'm sure it becomes quickly obvious why most people wouldn't want to use a "deny from all, allow only from known good" email policy, but it works pretty well for me...
Where is the wisdom we have lost in knowledge?
Where is the wisdom we have lost in knowledge?
Where is the knowledge we have lost in information?
The register has an article that sheds some light on the cases that drove ORBS down:
http://www.theregister.co.uk/content/6/19460.html
it in turn points to:
news://ws.admin.net-abuse.email
I'm sick of seeing this argument:
It's okay if you filter your own mail, but it's not okay for an ISP to filter mail for their users
What kind of BS is that? It's called giving a proxy vote to your ISP because you trust that they'll do the right thing. It's impractical that every internet user will be able to individually filter his or her own email. My mom, for example, had no possible way to take advantage of ORBS by herself - so she went to an ISP that offered spam filtering to do it for her.
On top of the technical need of someone to do the filtering for you, there's also the power that you give to anti-spammers... BY CHOICE. I want my ISP to unite the voices of its customers who are just sick of spam. I want my ISP to tell spammers to go to hell - because only by combining our voices under the umbrella of a representative can our shouts be heard by spammers and lawmakers alike.
Why are you letting these clowns ruin our country?
In my view, simple laws making it manditory to mark "Unsolicited Commercial Email" as such in a standard fasion would be sufficient.
MadCow.
I used to have a sig, but I set it free and it never came back.
Actually, no.
;) is a horrendous crime. Normally you would expect them to protest McDonald's, Burger King, etc. Some people would notice, some might even care, most wouldn't. How much more effective would they be if they could have people stationed in the lobbies of major apartment buildings and business complexes that would reject all packages and products from a town that happened to have a McDonalds? "Sorry Mam, we have determined that New York City is friendly toward businesses that are cruel to animals. Until New York gets rid of all of it's McDonald's restaurants we can't allow any packages or products from there on the premises. You want to receive your letters, clothes, products from people in New York City? As soon as we can confirm that there are no more McDonald's restaurants in business in New York City we'll be happy to let mail from there through. Thanks for subscribing to our service. "
It was applied at the ISP level. There wasn't really a choice at the individual level. Not that I'm in favor of SPAM, but we shouldn't sacrifice our freedoms in the hope of cutting down on it.
If I had a hundred customers (just pulling a number out of thin air) and I personally didn't like SPAM and subscribed to ORBS then none of my clients could receive email from anyone on the list. It didn't matter if they were spammers or not. Unfortunately, in Gilmore's case it's a matter of him WANTING to run an open relay, but his provider NOT giving him the option. Perhaps, just a guess here, it's a form of blackmail. Either all of your users tow the line or we'll blacklist you. Not really a nice thing to do.
I've read something to the effect that this is like a boycott, nope. I boycott is when you and a group of like minded individuals stop frequenting a business to convince the business to change its practices. ORBS is like someone standing in the mail room of your apartment building, rejecting your mail if it happened to come from someone on their list. (i.e. the town of Spamonia has been determined to be very friendly to spammers, therefore Spamonia is placed on the ORBS. Now any mail from Spamonia is confiscated in the mailroom and marked return to sender. If your grandmother just happens to live in Spamonia, well you won't be getting any mail from her. But she's NOT a spammer you cry, to bad they tell you. In order to "encourage" Spamonia not to be so friendly to spammers we're not allowing you to receive any mail from your grandmother. If you don't like it, well you can change apartment buildings (ISP) or she can move out of Spamonia (ISP). Of course you can always "encourage" Spamonian officials to denounce their spam loving ways.)
If you as an individual, or business are interested, then your ISP could tell you about the ORBS and ask you if you want to be a part of it. Sort of like a mega ISP level mail filter. In that case though, it would loose much of its effect to terrorize. It would be more like a group of people boycotting and asking you if you would want to join them. Instead it's a small group of administrators "protecting" you from these bad evil spam friendly things.
Here's one final image to leave you with. Imagine that the ORBS people and the ISP's that subscribe to it were PETA (I'm not trying to single out PETA here, just using them as an example). They are against cruelty to animals, a group of them believes that eating meat or meat products (like SPAM
You mean you didn't subscribe to their service? Don't worry, the management did, and they didn't inform you. Well, it all for your own good. Must stop those evil cruel to animal corporations (or spammers.....)
Just my $0.02 (Canadian, before taxes)
The concept is simple enough. It's like being forced to pay to read mail you have no intrest in nor asked for. Most spam simply lacks a return address, most junk mail has a return address. That said spam universally lacks anything resembling useful information. Spam is just proof that we're not as litigious as we prehaps should be.
--Jimmy has fancy plans; and pants to match.
I've tried to block all spam using mail filters, and generally I find that some always gets through, and that the filters sometimes get it wrong. I also have to download my messages prior to filters being applied.
I would say that the upstream mail relays are the *best* place to put filters. They can see thousands of identical messages being sent to unnamed recipients and pull it is spam before it wastes resources at the next hops.
If only hotmail would look at the mail arriving and delete all the junk when it sees the same message reaching >10,000 users.
-- Mike
Fact is, this is a technical and financial problem, not a freedom-of-speech problem.
The technical problem is that there are open relays, but the freedom-of-speech issue is that this service allows administrators to determine -- blindly -- which email will reach a person, based on the possibility that it came from one of those relays. Spam annoys people and cuts bandwidth.
You are absolutely correct. However, so does the constant barrage of corny jokes from friends of mine. I'll take the responsibility, though, of determining which of it is annoying.
Granted, I only did this on rare occassions when the amount of spam from a particular company irritated me.
The last time was when I was investigating an application for our company. I visited their website and downloaded the trial version. When I filled the online form I used a "spam" address that I use specifically for occassions like this. However, when I contacted one of their sales people for an extension on the trial period, the guy added my name to a newsletter. Incensed, I wrote the guy and told him to remove me ASAP. When it became apparent that he was either unable or unwilling to remove me, I reversed the situation. I began forwarding all of my spam to him... all of it... from 3 accounts, including my "spam" account, averaging 200-300 emails a day.
Knowing he was a salesperson and maintaining an unchanging email address was vital, I wasn't surprised to be contacted within 2 days by their administrator. At which point, I informed him that until I received a formal, snail-mail (I loved that part) apology from the salesperson, that it would continue.
Then I added the administrator.
Knowing my mail was probably getting blocked, I used several accounts on several machines, rotating the names daily, and religiously adding a header explaining the situation. All in all, I was contacted by 5-6 people on my "important" email address and each time I added that name to my forwarding list (checking the company overview page and adding some execs probably didn't hurt, either). It took under a week and I received a fedex letter from that salesperson. I promptly stopped my forwarding and have yet to receive a single email from the company.
I know this isn't the ideal way to stop spam, as most spammers are near impossible to reach, but it worked for me. Getting a taste of their own medicine never hurts.
I can't speak for others, but I've seen quite a bit of junk email emanating from Xtra's address space, and to date they've never responded to any complaints I've submitted. I'm curious as to the experiences of others in re: span and Xtra.
Spammers live in vain.
Why is it that Jamie is so knee-jerk against those opposed to spam? Could it be Jamie's ties to Peacefire and Media3? Naah. Just a coincidence, I'm sure.
Spammers live in vain.
If I pay for it, it is spam.
If they pay for it, it is speech.
If it was unsolicited and forced in my mailbox it is spam.
If I get messages that in principle I agreed to receive, it is speech.
If the sender makes itself a nuisance, it is spam.
If the sender is respectful, it is speech.
If the cause is a worthy one that does not change anything.
If somebody goes to yell in front of your house at 3:00AM about human rights abuses in China, I guess you will not be sympatetic.
The problem with spam is the form not the contents.
Simple.
IANAL but write like a drunk one.
Spam is like someone spraypainting an advertisement on the side of your house, then sending you the bill for equipment and labour. Is that free speech? Or, for a more accurate analogy wrt ISPs, it's like spraypainting an unsolicited advertisement on the side of an apartment building and charging the landlord.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
So why are the free speech advocates so keen to oppose this particular form of free speech? Is the Right to Spam really so fundamental that it justifies suppression of the facts about how it is propogated?
Cheers.
The stock example given to us was the "copy of a photocopy" ... where eventually, the document would degrade into a cacophony
of white noise.
So the question du'jour is, does this princpal apply to ORBS listings ?
healyourchurchwebsite.com - WWJB?
Spam blocking using ORBS is typically done by the ISP for its entire site. There is no choice except moving to another ISP. Personally, I like the idea of blacklisting open relays.
Reboot macht Frei.
Why do Spammers have the right to fill my inbox with shit? At least my Postal mail doesn't come postage due.
Reboot macht Frei.
if someone made a mass mailing detailing human rights abuses in China, would you consider it spam?
Yeah, it'd be spam. Spam is defined by volume and its shotgun approach, not content.
Reboot macht Frei.
By posting to usenet. Ask a sysadmin sometime about getting Spam at addresses that have been dormant for years.
Reboot macht Frei.
now imagine a domain contact with a hotmail address. Now imagine hotmail's domain contact being a hotmail address.
Reboot macht Frei.
So is a Slashdot Moderation system. I wonder to you look at Slashdot at a -1 threshold? So do you "censor" those people?
The good stuff is still there: http://data1.orbs.org Shhh.
I had just become Sys-Admin, and so I poked around for a while before I discovered that ORBS blocked our mail server. I found the open relay, closed it, and reported it as such.
End of story. Things were fixed. Everyone could e-mail, and I had fixed a potential spam problem. ORBS simply helped the stress load on various mail servers around the world, and kept sys-admins on their toes. If you had an open relay, YOU DESERVED TO BE BLOCKED.
People need to learn from these things instead of suing the living crap out of each other.
Screw 3...
Even if you agree that spam is free speech, it's protected only from governmental restrictions, not private ones. If I, or my ISP, wants to stop your mail from coming through, absent any contractual agreements, they have every right to. If I don't want them to use a black-list, I can pick another ISP. Fee speech or not, private organizations and people have the right to decide what they want and don't want to hear, and how they deal with it. a couple of real-world examples: People often complain that spam is bad cause the reciepient, not the sender pays for it. That's fine, but I can pay someone to sort my mail after the postoffice delivers it. Does that impact the sender's rights - no - they got what they paid for - delivery. I got what I want - a private arrangement to get rid of junk mail. Who pays for mail or spam is irrelevent in this context - I still can sort it by any means I chose. And where the sorting occurs is irrelvent as well. My company regularly discards junk mail I (and others) get at work before forwarding it, saving them the cost of forwarding it. It's the same with spam - an upstream point (the ISP) doesn't forward mail based on a predetermined conditon (The OSRB instead of bulk rate/presorted mail stamp). Where I live, companies like to drop flyers at my mailbox, or soemtimes in a baggy tossed on my driveway. While they have a right to print them, once they leave them, they're guilty of littering, and the police will gladly tke complaints. Guess what - when enough peopl complain, and companies get fined, tehy stop dropping junk off in our neighborhood. DOes that infringe on their free speech rights - no, they still can stand on a streetcorner and pass out flyers, drive through with a sign; they just can't litter. Similarly, an ISP has a right to limit spammers ability to litter their servers - they are, afetr all private property.
I'm a consultant - I convert gibberish into cash-flow.
No it isn't. It's advertising.
what the hell is a 'junk character', anyway?
The main goal wasn't so much filtering spam as it was getting people to close their mail relays. If you had a mail server with an open relay, and knew that most of the mail from that server would never GET anywhere because of that, it'd be a pretty logical and obvious step to just turn relay-ing off.
Hence the name ORBS "Open Relay Behavior-Modification System". Modifying the behaviour of open relays by getting them to not BE open relays any more.
The filtering was a (nice) side-effect, or a means to get to the end.
what the hell is a 'junk character', anyway?
I think that it is a lot better and more effective to set up your own mail filters on your computer, as many of the messages come from the same areas or have very similar formats and phrases. Most are easy to filter out and the one or two that get through are easy to delete.
This is a better way than blocking entire servers, as someone from one of these servers may have a legit message to send you. If your friend's ISP is blacklisted, you wont get their messages and won't know why.
For Gilmore, spam blocking should occur at the recipient level, not at the level of self-appointed upstream censors.
Now, I could be wrong here, but wasn't ORBS something that you used if you wanted to, and didn't use if you didn't want to? Doesn't that mean it qualified as 'at the recipient level'? I mean, it's not like ORBS forces you to block traffic from these sites, but it's a good resource to use if you _want_ to.
Why can't people just select all and hit delete? If you have an e-mail account, spam is usually part of the deal. Plus, spam filters are not reliable. They let spam through and hold stuff that is supposed to go through. If there was a reliable spam filter, I'd be all for it, but since there isn't, use the delete key!
The Supreme Court has generally said "You can say whatever you want, but you're not always garunteed a listener, we can regulate that."
That being said, there are plenty of places that you can spam, and if people want to listen they can listen. I don't think its very hard to find a webpage that will make your penis larger or something like that.
The supreme court would most likely find a law that said "You must permit people to come into your house and speak to your children, whether you agree with them or not" to be completely unconstitutional. You have no garunteed right to an audience. However, if someone wishes to speak in a traditional public forum, like the sidewalk infront of a university, you're completely allowed.
This is why its not speech. You're forcing me to recieve your message at my expense. Similar to the example with the strangers speaking in your house. Any restrictions placed on it by government would be a "time, place, and manner restriction." You can spam all you like on the web, just not in people's mailboxes unless they ask to be spammed.
---