Slashdot Mirror
MAPS and Experian Settle Lawsuit
dbrower writes: "Experian is trumpeting a settlement with MAPS here, where MAPS agreed not to blackhole them without a court order, and agreed that Experian didn't need to do opt-in. Looks like a loss to me."
← Back to Stories (view on slashdot.org)
Let there be no question about it. This is a victory for spammers. I hope MAPS elects to keep a list of companies which they are unable to block through their service. Then I could grok the list and be happy once again.
--CTH
--Got Lists? | Top 95 Star Wars Line
...And spamming is the worst type of pollution; they make you pay for the sludge with your connectivity, time, and frustration.
It would be interesting to know why MAPS decided to cave in. Perhaps a Slashdot interview is in order?
I'd like to see MAPS publish a list of IPs it's forbidden to add to its main blocklist, so that we could manually add them to our MAPS config.
Schwab
Editor, A1-AAA AmeriCaptions
Do not misunderstand, I am no sympathizer of the spammers. I do not think what they do warrants first ammendmend protection. However, I do not think that MAPS arbitrarily black holing companies who it cannot strong arm with threats really deserves our respect anymore.
A good idea gone awry.
Cheers,
- RLJ
They said that they don't have to use a double opt-in. In other words, no confirmation step of the opt-in.
MAPS only maintains a database that provides information to others, who seek that information.
That database expresses an opinion: in the opinion of MAPS, the networks listed in the database are suspected of passing through or generating spam.
Shouldn't this be protected by the First Amendment?
Making this settlement goes against all their principles, so Experian must have made them afraid for their very existence with this.
As noted, unless the agreement is very broad, they can certainly name on their web site the companies they have been compelled not to block, and people configuring their own mail filters could decide case by case whether to include them.
However, if they made an automated list, effectively an alternate blacklist, I could see a court saying they were violating the spirit of the agreement, unless they wrote it carefully to allow them to do this.
However, oddly enough, it could be to experian's detriment to have it happen manually. If site admins manually put in blocking for their domains, it will be almost impossible for them to get that blocking removed except over a very long period of time, since each admin would have to manually reconfig.
Of course, they could change the IP address and domain they send mail from to get around that. Somebody (not MAPS) could provide a service that simply lists mail sending IP addresses used by experian, no other comment made.
Has it been over a year since you last donated to the Electronic Frontier Foundation
Think about what happens if someone else subscribes you to a mailing list with a high volume. Single opt-in means your mailbox starts getting filled up with mail without giving you any chance to avoid it. Do you really want to enable people to kill your e-mail easily by just signing you up for a few dozen multi-megabyte-per-day single-opt-in mailing lists?
Did I miss something? Isn't it a federal crime (aka terrorist act) to send unsolicited email? Or was that just a proposal... So hard to tell the facts from rumours these days...
Either way, I don't see why these spammer lists can't be made public... I wouldn't mind taking the law into my own hands and sentencing these spamming bastards...
---
Programming is like sex... Make one mistake and support it the rest of your life.
"In addition, neither Experian eMarketing nor its clients will be required to employ the practice of double opt-in (process by which a consumer must reaffirm their permission before they are added to an e-mail list) demanded by MAPS in November 2000." This is just amazing. They shut down napster while they still allow Experian to continue SPAMing. Is this really the internet we all want??? Will this be the kind of legislation we will be seing over the net??
Well, experian.com just made it in to my access.db, along with everyone else who's sued maps in the past. Do they have any mail servers outside that domain, anyone know?
Here's a list of some other companies not understanding what MAPS is and trying to stop them with bogus lawsuits. I hope they don't accidently wind up in your access.db (or whatever your MTA uses).
yesmail.com
harrisinteractive.com
blackice.com
media3.com
247media.com
experian.com
exactis.com
liveprayer.com <--- accused MAPS of being an agent of Satan
To block these in sendmail, use the 550 5.7.1 error code in your access.db file, like so:
yesmail.com <tab> 550 5.7.1 Spammer suing MAPS.
If I don't sign up for a mailing list, I should not suffer hundreds and hundreds of spam from it.
If I signed you up to 100 such mailing lists, would you rather get 100 verification mails that you could just delete, or 10,000 mails from the mailing lists that you'd have to unsubscribe from manually?
The idea of double opt-in isn't designed to make people's lives inconvenient - all it needs is a quick reply. It's pretty easy, I do it all the time. You can even do it from a different e-mail address. However, it does protect those who suffer from massive mailbombing.
Do you really want to enable people to kill your e-mail easily by just signing you up for a few dozen multi-megabyte-per-day single-opt-in mailing lists?
Fine, if these theoretical multi-megabyte-per-day mailing lists are being abused in that way, then they can choose to be a double opt-in. But insisting that every mailing list in the world be a double opt-in or they get blacklisted is radical and absurd. That's when I start yelling "Whoa!!!!" and saying the "freedom fighters" have started looking like the "oppressors".
Sometimes it's best to just let stupid people be stupid.
Still, it sets another precident: sue MAPS and they'll probably cave. Now, we should all sue and kill them once and for all, one out-of-court settlement at a time.
Damn vigalanties should be strung up on the closest tree (what's good for the goose and all that).
If all this should have a reason, we would be the last to know.
sick se7en(http://www.attrition.org/errata/www/sev.001. html)
on Experian. I'm sure it's yet another cause he might add to his list of pathetic attempts at publicity. mooo.
-- http://www.criticalassets.com
When I read this story, I was floored by the pandering to the behemoth that is Experian. For those who don't know, they're the company that takes about one minute to damage your credit for the next seven years due to a complaint, but several months or years to get the complaint reversed when it was mistakenly done. Obviously they are business and not consumer oriented. I didn't know they were in the e-mail business, but I wouldn't be surprised if they're not correlating their credit info databases versus e-mail to provide us such wonderful services as 27% APR credit cards and the like.
t egory=o. Voice your displeasure over this travesty of justice and continued trampling of consumer rights!
How to deal with this? I will be calling them at 1 888 EXPERIAN (1 888 397 3742). I also found a response form at http://www.experian.com/cgi-bin/mail_page/form?ca
In the spirit of Karma Whoring :-)
Here's some history on this case. It features articles from various stages in the case. Has anyone found the text of the complaint or injunction? still looking...
--CTH
--Got Lists? | Top 95 Star Wars Line
I believe what they call "double opt-in", is this:
You punch in an email address at the webform.
Their system sends a confirmation email, with a token of some sort, to that address.
You reply, with said token, and the address is confirmed and added to the list.
It's not that hard, and it also allows you to get your ass off a list even if you don't send from that address any more - if you get the emails forwarded, it's all good.
Now, if MAPS was demanding something more (and I half expect they may have, it seems to me they've been constantly increasing their requirements), that's unreasonable. But simply verifying that the stated account really wants on the list isn't a huge deal, nor is it hard for the user - AND it pays off for the sending servers, as they spend less time spinning their wheels on bogus/broken addresses.
Experian is a company that sells crack by spamming millions of schoolchildren. MAPS (the Multidisciplinary Association for Psychedelic Studies) has refused to provide their drug-friendly mailing lists because they insist that crack is not a psychedelic drug. However, Experian threatened to take them to court with the argument that if they can include marijuana under their umbrella, then the definition is broad enough to include crack.
Wisely recognizing that both sides are better off not attracting the attention of the courts, MAPS has apparently backed down.
A loss indeed. You can expect many of your peaceful local potheads to become violent criminal crackheads any day now.
I hope this clears up any misconceptions you may have had from the shamefully vague top-level story. I'm a little fuzzy on some of the details myself, but as usual, trying a few likely domain names gave me access to the essentials.
What government abdicated and left MAPS in charge? They're just a bunch of vigilanties and they will be run out of town just like the vigilanties of the Wild West. Hell, even those vigilanties could only spread their disease so far; MAPS tries to be global in scope. Hopefully we can get them labled the terrorists they are and get the FBI after them, too.
If all this should have a reason, we would be the last to know.
MAPS provides a list of known spammers. so what? simply listing a company doesn't affect that company at all.
it's only when mail server admins incorporate the MAPS list as a spam list does action actually take place. shouldn't a company have to sue that particular admin?
it's the admin that actually did the damage, not a simple list somewhere...
i can put up a list of corporation names on my website on my own webserver and make it publically accessible. if one of the companies tells me to delist them, i can't say no??
The realistic problem is that if spammers could claim legitimacy by being single opt-in, they'd just claim they got your address when you (or someone else) requested you be added. What, you want to be removed from their list? Sure no problem... *wink* *wink*
Double opt-in is the only method that lets YOU as the user have a real way of saying yes or no and holding onto your own email address. Honestly, meaningful opt-in doesn't even start before double opt-in. And single opt-in can be WORSE than opt-out because of the pretended compliance scenario cited in the first paragraph.
If all this should have a reason, we would be the last to know.
We need a decentralized, "P2P" MAPS so that there isn't anyone to sue.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
"We are very pleased with the settlement agreement and believe it reflects the validation of Experian's e-mail marketing standards and that we remain at the forefront of consumer privacy and protection,'' said Tom Detmer president and general manager of Experian eMarketing Services. ``This settlement confirms that the privacy practices we have in place are responsible, accountable and in the best interests of the public and the marketplace. We will continue to offer the double opt-in solution for those clients who determine it is the right permissioning practice for their business."
well, since we will only be seeing more cases like this in the future as these spam-whores use the courts as a shield to protect themselves from MAPS and other public-service mail filtering tools, what are we going to do from here?
I for one would be quite interested in finding a listing of companies that have fought these charges in court and through miss-representing their datum and hiring bigger and better lawyer-weasels, have made themselves immune from public ban lists. Does anyone know of any existing services like this? I for one would be glad just to have a plain html listing of folks like Experian who have won in the courts to keep them selves off of RBLs and the like. I'd be even more keen on a nice XML page that I can parse with a quick script and have update my mail-server's ban lists. anyone want to make me a very happy admin? c'mon, please?
"If I wanted your input on my pet project, I'd stick my hand up your ass and use you like a sock-puppet." - Muse
what? do you have any idea what you're talking about? obviously not.
look, MAPS by itself affects no one. It's the ADMINS that make MAPS work. an ADMIN must implement the blackhole list via DNS or sendmail for anything to happen.
don't you think that ADMINS know what's best for the network they control? you obviously know nothing about system administration, go crawl into a hole.
I use
- relays.ordb.org
- or.orbl.org
- inputs.orbz.org
- outputs.orbz.org
- spews.relays.osirusoft.com
to keep my inbox clean.Winning one battle doesn't win the war!
MAPS is not in charge, MAPS only publishes an opinion.
System administrators who agree with MAPS opinion are the only ones actually in control. They have to consciously choose to make their systems agree with MAPS opinion for the blackholing to work.
It is the case that a system may drop anything they haven't agreed to transmit. How they go about making the decision on what they will and will not transmit is entirely up to them and the terms of the contracts they have with other people.
What gives you the right to tell a sysadmin what they can and cannot block?
Realities just a bunch of bits.
why go anonymous rick the red?
an admin can do whatever they want to their own network segment.
i'm the admin for a company. if my boss thinks people are spending their time shopping on ebay while at work, i can block ebay.
by your argument, ebay should be able to sue my company. uh, ya. ok. whatever.
Reverend Keller of liveprayer.com is another enemy of our friends at MAPS. Apparently, you could sign anybody up to be on their e-mail list.
Donation address of liveprayer.com:
6660 46th AVE North
St.Petersburg, Florida 33709
For fun, read the letter he posted to brag about suckering a young girl out of her babysitting money, and getting her to work her family and friends for him. THIS is social engineering.
********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.
What gives you the right to tell a sysadmin what they can and cannot block?
Because ISPs are lazy like everyone else. They will just trust that MAPS has not become corrupt.
Put it this way: do you think Experian should be able to publish anything they want about a person regardless of accuracy? After all, banks have the choice whether to use Experian or not.
This is actually pretty real world, because all three credit agencies suck when it comes to accuracy (which is not surprising when you have 150 million records). That's why they need government regulation because of the power they hold.
Believe me, I am very anti-government regulation, but blacklists of any kind are very apt to be abusive.
Sometimes it's best to just let stupid people be stupid.
From your mailbox's point of view, there is no difference between getting subscribed to a single 1000 message a day list or 100 lists that are only 10 messages a day.
But these people understand the concept of a "web page". If, instead, something like MAPS were based on a list of domain names found on web pages, I think people would have a much harder time "shutting it down". After all, it would be human readable speech, and if people mine that data for their E-mail programs, well, so be it.
MAPS' tactics appear no better than those sending the spam - All kinds of innocent sites have fallen off the internet for daring to be on the same IP block as somebody who sent spam.
Requiring a double opt in for mailing lists isn't exactly spam related now is it ? the subscription policy for an email list should be a matter for it's owner not for some third party to decide.
let me rephrase that:
if ebay.com is sending so much mail to our employees that our employees are spending all day reading it, i'll block any incoming email from ebay. simple enough.
does that work for you?
Don't get me wrong, I'm no fan of SPAM, but given that MAPS and services like it, automatically blackhole email from dynamically served DNS entries, I am quite happy to see them sued, sued into oblivion even. MAPS decreases freedom on the net. I have a DSL connection through a local carrier who shall remain nameless. I run a web server on my connection, largely for family and friends. If I get a business connection where I can get a properly registered DNS entry, I have to pay twice as much for half the bandwidth. So I use dynamic DNS services. Thanks to MAPS its about impossible for me to send email directly from my server. Instead I am forced to use the email account of my service provider. (Ironically, I can send email from SPAM ridden web mail services any time I want.) I resent MAPS's heavy handed self righteous policing of the net, even more than I resent the bandwidth wasting spammers. I would rather delete some extra #$%^ and have freedom, than have somebody tell me what I can and can't do.
If I sign up for a mailing list, I should NOT have a bunch of nannys insisting that companies waste my time with another verification step.
... more likely, they can just add 1000's of known e-mails to the sign-up list.
Thus, "double-opt-in" is really just "single-opt-in". They've spun the words to mean something that they don't.
These are the only steps which prevent spammers from mass-subscribing you to a mailing list that you don't want to be a part of. Think of it this way. I have a product. I pay a marketing firm $1.00 for every person whom the marketing firm gets on the mailing list. They can do this *legitamately* and actually convince people to sign themselves up... or
The crossed off names are people who have been murdered since the list went up. Greyed out means they were only wounded.
********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.
A non US company to start making a blackhole list.
If you were in a country that wasnt under direct US control you could basically have the entire staff moon a camera and respont to expierian's lawyers with the photo.
anyone in the former USSR care to start a global business?
Do not look at laser with remaining good eye.
"Do you really want to enable people to kill your e-mail easily by just signing you up for a few dozen multi-megabyte-per-day single-opt-in mailing lists?"
For a minute, I thought you were talking about Hotmail.
All credit reporting companies are corrupt. at a last report I read was that the credit reporting agencies accuracy was 48% and there was a 63% chance that your credit report had 2 or more errors and a 48% chance of serious errors.
What moron at a bank would trust a data source as reliable as a pathological liar? yet it's done every day.
Add to this thet they love spamming and you see the credibility and quality of companies like experian. (Oh and the fact that anyone with about $500.00 can have their credit report legally wiped (for the most part) really adds to the trustworthyness.)
Do not look at laser with remaining good eye.
Translation:
and from the rest of the article:
As far as I read this, it seems that Experian is saying that it is illegal to even provide the option of opting out.
"This is a Hollywood movie: when it comes to the Laws of Physics, they're lucky if they get Gravity!" --- my wife
Some times blackholing can indeed be inappropriate. Above.net (which may be owned by MAPS, I don't remember and don't quote me on that) blackholed sites like macromedia.com and ORBS.
In addition to all the random female-depicting porn you're familiar with, I get aluminum market newsletters, British SMS-music-info-service announcements, and some very tasteful Swedish news mailings. Oh, and for a while nop@nop.com was listed as the contact address for a gay personals service ad in Portugal. The letters I got were very sweet, but my wife still thought it was funny...
My favorite is when people buy unlock codes for commercial software, giving my email address. I've got a whole folder full of registration codes that I didn't pay for and will never use....
Oh right, back to opt-in. So here's what's going on.
- When spammers say "opt-in" they mean that at least somebody typed an email address into a web page somewhere.
- When spammers say "double opt-in" they mean the horrible, onerous, business-destroying requirement to confirm that the person receiving mail at an email address wants to receive their mail. Anti-spammers prefer to call this "verified opt-in", and I like that term better, but it doesn't matter what you call it.
So when somebody types nop@nop.com into the signup for Goatmail (intentionally goating me or not), a verified opt-in system sends nop@nop.com a message saying "hi! hit reply to this message to confirm and enter the wonderful world of goats!" With non-opt-in systems, I'm in Goatland without any further delay. Sort of like when my "friends" sent all the "I'm interested!" postal reply cards to the Navy recruiters AND the dental post-doc programs with my address on them. Took years to get rid of them.But I digress again. Here's the summary:
- Unverified opt-in means someone wishes for an email address to receive spam.
- Verified opt-in means the recipient of mail sent to an address wants spam.
That clear things up?Just block experian.com and the entire class B 167.107.0.0/16 network. That's what I did.
*plonk*
If all this should have a reason, we would be the last to know.
If all this should have a reason, we would be the last to know.
The term entered debate when Congress invited representatives of the DMA and MAPS to address a panel. It's been relentlessly pushed by the PR flacks and looks like it might be taking hold in the technical world as cybersquatting did. (Another spin term foisted into use by relentless marketing from the IP lobby.)
The spinless and more acurate term is "opt in with confirmation." It doesn't include the false and spin-driven connotation that people have to sign up twice and it accurately describes what MAPS considers ideal.
The DMA doesn't like "opt in with confirmation" because it polls much more favorably than "double opt-in" and they'd rather people used terms that favored their side of the debate.
http://www.mail-abuse.com/pressreleases/2001-10-03 .html
Yet another misleading /. headline blurb it would seem.. Big surprise.
Oh, and of course we should believe everything contained in contradicting press releases. Sic.
Poof.
I think this reselling of names can be worse than no double opt-in. I know the big companies won't allow this (by buying politicians and lobbyists) on the grounds that thair ill-gotten lists are thair property and can do with it what they wish. I know it would be hard to keep a list of the companies that do this, but I think MAPS should consider upgrading thair service to include several lists that offer variable amounts of protection to ISP admins. Like one list with KNOWN spamers, one with ALLEGED smamers, one with PROVED non-spamers, and one that would be managed by users, kind of like how moderation and meta-moderation works here on
This sounds like the kind of case EFF would get involved in. Anyone know what their stance is?
OK, maybe some of the libertarians out there will tell me "well, they had it coming, didn't they? They shouldn't be running open relay mail servers." However, history has shown that there have been many cases of the controllers of MAPS cutting off providers for their own political ends as well as merely cutting off the wrong people in cases of mistaken identity. Make no mistake about it, folks. MAPS is censorware.
It really comes down to a balancing act that everyone must consider: Am I going to put up with possibly getting cut off from the rest of the world just to avoid the occasional annoying advertisment? I would tend to answer no, but apparently convenience is more important to many "libertarians" out there than freedom.
Is your company running tools written by ma
I think such "deplorable" actions are usually called "collective action" and "grass roots organisation".
There's a list further down in this discussion of the domains I'll be putting in my permanent deny list.
Has anyone stopped to read MAPS' press release? Here's an clip:
"Experian has committed to requiring their clients to provide them with lists which contain only those email addresses for which they have obtained the addressee's permission to send them email."
It appears that MAPS hasn't comprimised its values, it's just made them a little more reasonable. So what's the big deal?
Holy propaganda batman!
-Geoff
If the whitelist became popular enough, you could get people to pay for having their IPs listed. Say $1.00 for each IP address, perhaps with discounts for quantity. The fee would be dirt cheap compared to the cost of operating an email server, so I don't think anyone could complain. And since it's a real transaction, you can have an extremely strong contract that they can't sue you about. Literally can't sue: you could make their sole recourse be arbitration with an arbitrator and in a jurisdiction of your choice.
-- ;-)
Kuro5hin.org: where the good times never end.
No contact email address is given. Hmm. Maybe because they don't want to get signed up for all those single opt-in lists?
My ISP does not use MAPS and guess what? I am not flooded with spam. Not one bit. You do not need MAPS to avoid spam.
/. 4 months later, if you're not drowning in spam, then I'll apologize.
Oh really? I double-dog-dare you to go online, in chatrooms, read certain webpages and enter certain data, and have your email address unobscured on major websites like
Put another way, there are three explanations for your not getting spam without MAPS: Maybe they're just not spamming you. Maybe your ISP is using a non-MAPS blackhole list (gasb! they exist). Or MAYBE the spammers just ain't NOTICED you yet, monkey-boy. New ISP means new email address, duhh.
-Kasreyn
Kasreyn: Cheerfully playing the part of Devil's Advocate to hairtrigger
This is similar to the way google handles copywrite violations--ask and they will remove copywrited material from their cite.
Of course, many people will want to refuse mail from those who have opt'd out. But that is their choice for which the RBL isn't responsable.
The principle here is from economics--there is not need to require information to be public. Simply having the lack of information being public is good enough. Anyone who doesn't want to have their information public is considered to have something to hide.
MAPS is a dirty job, but someone has to do it.
Spamming (and harbouring spammers by not standing behind your TOS agreement) is just a dirty job.
If this is the kind of "settlement" they reached, then they're spammers. Period. I'll be placing Experian's ENTIRE IP range into my domain's 'Deny' list immediately, and they can rot in there for all I care.
I would imagine that many other SysAdmins, once this news breaks on news.admin.net-abuse.email, will do so as well. I think Experian may well wish, later on, that they had never bullied out this kind of deal. They're going to find it a heck of a lot harder to get out of several thousand local blacklists than they ever would to get out of one.
Experian, you're a bunch of spamming jerks.
Bruce Lane, KC7GR,
Blue Feather Technologies
One thought. Now that MAPS is charging for access to their service, can someone paying for their services consider there to be a contract between MAPS and them wherein MAPS agrees to provide a list of IP addresses that meet it's definition of 'spammer'? If so, and Company A goes to court and prevents MAPS from listing their IP addresses even though they meet MAPS' definition, can RBL subscribers sue Company A for damages due to Company A's interference in MAPS' performance of it's duties under it's contract with them?
"If I sign up for a mailing list, I should NOT have a bunch of nannys insisting that companies waste my time with another verification step.
/. but this is pathetic.
I appreciate that they are pushing for opt-in standards, but there is a very fine line between looking out for the rights of consumers and looking to "protect" consumers from themselves.
Which do I hate more: people who want to exploit me, or people who want to coddle and protect me, whether I want it or not? Tough choice.
I think I hate the coddlers more. I can always protect myself against exploitation, but I can't always get away from the nannys."
You know it is pretty sad when a well written intelligent dissenting opinion is marked as a troll. I personally don't agree with Reality Master 101 but his opinion is valid, and his piece is on topic, and did not deserve a troll. Moderation was never a strong suit on
errr....umm...*whooosh* *whoosh* Is this thing on ?
Anyone want to comment on how it is possible to win a suit that involves a group that decides that they dont want mail from spam companies and through technology put's in place safegards that prevents this ?
I dont know about everyone else but I think its completly rediculious to think that you could get sued for blocking spam on your own computer.
I really think no person or court has a right to tell a person or a group what they can and cannot do with regards to blocking any mail they deemed nessassary.
I'll tell you one more thing that's very simple. Experian has earned a very simple and very permanent REJECT entry in my Sendmail access lists. Simple.
I plan on blocking that hole IP range on my network.
I don't want to waste my energy retyping what I put into a previous post so I'm going to provide the link to it so you can go read it. In short I believe MAPS is well within their right to publish their opinion. It is well within my right to take their opinion for gospel. We are all entitled to our opinion.
DNS Blacklists aren't nearly abusive as my personal Sendmail access lists. Once a domains goes on it, there's no way off. I briefly investigate the spam. If an actual domain is associated with it, then that domain just earned a permanent REJECT entry. Simple really.
I think its important to point out that a for all the work that is involved in keeping this type of system up to date and running they should definatly get some type of compensation, you cant do this kind of work for free forever ? dont you think ?
That's an interesting idea. It actually sounds solid, too.
Yeah, you can dodge around him; after parting with 10 $ to make him go away.
Probably most worldwide internet users use a PPP connection and pay a per minute charge to be informed about herbal viagra, penis extension pills, or Britney Spears nudie pics.
You sir, have quite an egoistic me-me view on the subject.
No need to thank me...
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
Sever them from the net. Firewall their IPs, bounce their mail domains, manually, and never turn those firewallings back off.
MAPS: community-maintained, rates certain IP's as unlikely to observe netiquette.
Experian: community-maintained, rates certain individuals as unlikely to repay bills.
Snickersnee3: Build your own 3-watt Luxeon Star headlamp from scratch
Rick Moen has a standard message for those who would sue MAPS. You see, MAPS actually wins by losing.
Time to update those DNS records and MTA rulesets, people.
My own last message to Experian:
What part of "gestalt" don't you understand?
They don't arbitrarily blackhole any companies.
They do keep a list of servers whose administrators that does not want to cooperate in the fight against spam for whatever reason.
It is up to the mail server administrators to decide whether they want to accept mail from those servers. That is a perfectly fair and honorable thing to do.
Why excatly do you think I should be denied the choice to refuse to accept mail from people who will not help fight the one thing that have made mail nearly useless to me?
And why exactly do you think that giving me that choise is as morally questionable as trying to force me to accept and pay for junk I don't want?
From a political side, this would create a tremendous amount of mail that had to be separated when entering their e-mail system. More volume than anyone is willing to read IMHO. The chosen addressees could experience the thrill of receiving "spam volumes" of e-mail, with all of the mail being legitimate.
From a networking standpoint, make sure to include ALL the original content from their advertising, so that they can also experience the load on their networks that they can cause an ISP.
I don't see any reason why MAPS couldn't list the e-mails of 20 people in each organization who you could "e-mail for removal from the mailing list" for both the blacklisted spammers and spammers who cannot be blacklisted (Let's assume that Experion is just the first).
Just my two cents, smoyer
The network admins/owners have a right to decide what does and does not cross their network.
How is publishing a list of known spammers, which people either opt to use or opt to NOT use a crime?
Can this suck for Joe Random User? Yeah. But he's not the one who has to pay for every bit of bandwidth sucked down by various spamhaus.
And with umpty-bajillion ISPs on the planet, it's not like he doesn't have choices in avoiding MAPS.
Chas - The one, the only.
THANK GOD!!!
A local lender was offering this service, It is a national company that files request for removal on every item on your credit report Expierian cannot reposond with a yes or no within the alotted 30 days so therefore they haveto remove the mark on the credit report, at the same time this company submits positive credit reporting under one of the hundred DBA's the company holds.
It's leagal, and it takes advantage of expierian's inefficency along with the built in inefficency of the other 2 credit reporters.
BTW: your credit report can vary wildly between all 3 reporting agencies. someone with bad credit on one can get a loan by shopping with some social engineering to find a lender that uses a different reporting agency.
I had a friend that had horrible credit get his cleaned to almost pristine within 6 months. In 12 months he was getting offers for platinum cards because of the guarenteed positive reporting from the companies he hired.
Do not look at laser with remaining good eye.
Consider this:
- The recipient has to pay for all the email he recieves, irregardles of whether he wanted it or not.
- The webmaster has to pay for all the page views he gets, irregardless of whether he wanted them or not.
Shouldn't it work the opposite way? Can't we come up with a new system/protocol that does so?
Or... swap the two existing systems? HTML emails are already a minor curse; perhaps we can somehow wrest a beneficial effect from it? And it shouldn't be too hard to develop an app that can use webspace as a means to communicate simple text messages to intended recipients only.
Okay, I'm rambling a bit, and I don't profess to be an expert on these subjects, and perhaps people are already too entrenched in how things are currently done, but geez, there's gotta be a better way to do all of this than the headache we have right now.
Since the article body only referenced the Experian press release, I thought a few people might be interested in the press release from the other side. It reads a little differently, but the gist appears to be the same; opt-in is not required.
That being said, since they went commercial, their value to the community as a whole has been significantly lower. I would recommend people use alternative listings at this point.
-Ed Felix qui potuit rerum cognoscere causas.
I don't think that anyone has the right to tell a business how to run things. Granted, if the business is sending outright SPAM (truly unsolicited e-mail where they purchased a list, or gone out and grabbed a bunch of e-mail addresses with web/nntp crawlers), then they should be criticized and/or punished accordingly.
However, if a company wants to use single opt-in, that's their right. If the company maintains subscription lists, IP addresses and/or message headers of the people that subscribed (as we do), to prove WHO subscribed an e-mail address, that should be enough.
There are these "watchdog" organizations out there that "police" SPAM. I have very low opinions about people who write a Perl script that reads in an e-mail header, pulls down all of the ISPs involved, and screams "This is SPAM" to abuse@blah.net and abuse@foo.com. That sawwed-off shot-gun approach is not only inaccurate, it wastes a lot of time for all parties involved if the "watchdog" organization isn't even really looking into things.
One service (SpamCop) constantly accuses our company of sending SPAM. We respond with the IP address or the person who subscribed them to our list, date/time stamp, and the URL of the page that states the conditions of the submission/subscription, but that doesn't matter to them. They just want us to adhere to their demands of double opt-in. Imagine that -- here they have the IP address of the actual perpetrator, date/time stamp -- that's plenty of evidence to find out who the real villian is.
Though I cannot speak about Experian and what they do, I can say that this is a small victory for legitmate businesses that run legitimate services and maintain legitimate mailing lists.
At this time, we're looking for other companies that maintain legitimate e-mail lists/services and have had issues with SpamCop. Specifically, if your company has suffered any downtime, loss of revenue, or any loss of service due to claims made by SpamCop that were false or inaccurate, please contact us via e-mail (neil@whatUseek.com)
I don't think Experian is the type to send those fly-by-night "Make Money Fast" or "Lose 4 pounds in 2 hours" e-mails. Experian has paying clients and has the right to send e-mail to people who have indicated interest. I'm sure the e-mails they send don't have forged headers like most spam.
I'm glad MAPS got shot down. First the people behind MAPS work to build the Internet (with things like BIND and sendmail), then they change their mind and punch it full of holes. Something needs to be done about spam, but MAPS isn't the right solution.
The issuance of a TRO should not be taken as meaning *anything*. TRO's are issued as an emergency measure to maintain the status quo, and are issued without hearing on the requestof one party. They don't have any finding on the issues; they are just meant to prevent permanent damage pending a hearing on a temporary injunction (which is still not a full ruling on the merits) pending the final outcome of litigation.
hawk, esq.
I suggest that MAPS provide an additional "map" of all the IPs used by parties that they've lost law suits with (or simply agreed not to list). The documentation for the map should include rules to explicitly allow mail from those networks, and discourage you from tampering with that ruleset.
It's the right thing to do...
-Scott Hutton
The main issue I have with MAPS is that they make no distinction between companies/sites that produce software used for mass-emailing (which could be spamming, but could also be used to send out messages to an opt-in list), companies/sites that sell lists of email addresses, and actual SPAM sources. Instead, they use a broad brush and declare "These are all spammers". If they offered different classifications (and it wouldn't be hard - different IP addresses for different categories of offense), and allowed individual server administrators to choose how large a brush they wanted to use against spam, then I'd have less of a problem with them tracking also companies that produce bulk email software, since those companies would be blocked only by the system administrators that explicitly wished those sources to be blocked.
The whole MAPS vs ORBS thing has also made me conclude that both sides in that debate are not worthy of my support.
How about measuring the effect of this?
Tracert or some other time measurement, and establish a baseline. Over the next week or so see what kind of increase there is. (This kind of networking problem is not my strong spot, so I hope someone can follow up on this)
Thanks
The first thing we do, let's kill all the lawyers. Shakespeare, Henry VI, Part 2, Act 4, Scene 2
Is a nuremburg files for spammers. I bet that would be a popular site.
Too bad the actual killing part is illegal.
"The only reason some people are alive is because its illegal to kill them."
(Heinlein? - sounds like a Lazarus Long witicism)
The first thing we do, let's kill all the lawyers. Shakespeare, Henry VI, Part 2, Act 4, Scene 2
I'm not the hypocrite. Let SpamCop run their business -- I'm just looking for other businesses who have fallen victim to half-done investigative work as to who is really responsible for the subscription.
a ddress" people are abusing our service. Nearly ALL of our complaints are from people who have gone to our service, signed up, received a newsletter (because it is clearly stated in our terms that if you do sign up or use our service, you are subscribing to our newsletter) and then complain about it later.
This is not a gun, and we are not killing people. But indeed, if someone took my gun (for which I am a legal gun owner), and illegally used it to hurt someone, no, I am not responsible -- the trigger-puller is responsible. I'm assuming you'd just go ahead and sue the gun manufacturer as well? It is the abuser that should be punished because, you see, all of our terms are clearly stated on our web site.
Listen, not many third-party "I-want-to-use-this-service-to-abuse-some-e-mail-
We have the IP addresses and date/time stamps to prove it.
Why are you so emotionally charged about this? I did not slam SpamCop -- after all, they're a for profit business, let them do what they want to do. However, their demands for us to go "double-opt-in" are none of his business, nor yours. As for us "not caring" or "US" being the real villain -- what's all that about?
You can't just bunch all business who broadcast e-mail together. We send out newsletters, usage statistics, and other subscription based e-mails with single-click opt-outs. We store IP addresses of the subscribers. You see, it was solicited, completely and entirely.
If I sent pizzas, magazines, taxis, and C.O.D. merchandise orders to your house -- are you telling me that you would start to bitch and moan about pizza joints, magazine distributors, taxi cab companies, and mail order merchandise houses? Is that who you'd go after? I think not. You'd go after the person who was sending all of these items to you. Now THAT is a far better analogy than a gun.
No, we are NOT harrassing people. What about false complaints, Mr. ISP? What about the people who DID sign up -- full proof of hostname/IP match? What do you say then? They have the right to send in some e-mail to a Perl-script-kiddie that yells "abuse@isp1.com" and "abuse@isp2.com", and waste OUR company resources?
You see -- you're grouping in legitmate businesses with casino-viagara-porn-weight-loss-spam-mailers. It's not the same, and your side's demands for double-opt in? Make a law, and we'll obey it. But for now, we're sticking to our "guns" -- and that is, find the real culprit who signed up this person.. because if that was their intent, JUST TO SIGN UP SOMEONE ELSE AND HARRASS SOMEONE ELSE, surely, there lies the possibility that they'll just do it again.
Heck, I'm also guessing that you're also the type to bitch and moan about receiving a confirmation e-mail that you didn't request, right?
Anyone published a list of their IPs on Slashdot yet?
- Michael T. Babcock (Yes, I blog)
There are always two sides to a PR war. I was wondering why the MAPS URL wasn't in the original article...
Free Software: Like love, it grows best when given away.
Time for revenge.
Write to them and demand that they stop selling your credit info. (If you do this for all 3 credit bureaus, your credit card offer snail spam will disappear within 3 months. I only get them from my mortgage company occasionaly)
I don't know if you can demand that they delete all info from their database on you or not. What happens if everyone here tells them:
"You are hereby expressly prohibited from maintaining/dispensing any information about me to anyone for any purpose. If you violate this demand, you agree to pay the sum of $1000.00 US per incident. This agreement is not negotiable."
I don't know if you can force them to delete you from the database, but you can force them to stop selling your name and info.
Lets find out...
The first thing we do, let's kill all the lawyers. Shakespeare, Henry VI, Part 2, Act 4, Scene 2
Mitchell continued "By reaching this settlement both sides avoid the very real risks associated with going to trial. Furthermore, neither side can take any action against the other without the permission of the Court, and there are substantial penalties provided for a breach of the agreement. And, of course, we are still free to choose to accept or reject email from them on our own personal networks."
They used to say they wanted to get sued, so they could establish precedent that MAPS activities are legal. But they keep settling. What gives? This is not how to establish precedent.
Edith Keeler Must Die
You don't get it. Why should that list use double opt-in? They're a list being run by someone like Experian who says "You did opt in. See, here's the request from you to be added.". You didn't send that request, but that's beside the point for them, they've got the request.
So the malicious person who decided to get you's happy, you're getting spammed. The list operator's happy, he's got a new target free and clear. The only one who suffers is you, as legitimate e-mail to you goes into the bit bucket because the lists have filled up your mailbox with mail you didn't ask to get.
This story makes me laugh, we have web and mail filters that block everything (well almost) with a 'this page is not suitable for' message, It's good to see experian (who also keep 'big brother' type database) getting blocked.
thank God the internet isn't a human right.
I get the whole domain forwared to except 2 addresses (My Parents), so I do get them. It's still only 20 a day or so
-- 73 de KG2V For the Children - RKBA! "You are what you do when it counts" - the Masso
If this is correct, MAPS is dead, effectively today. What this suit has proven that you can strongarm MAPS into submission by suing them. From now on that is exactly what every affected spammer will do.
MAPS's success has always rested on their perceived strength. Now, nobody will listen to them any more.
I don't care for those whiners that complain that one of their spam tolerating buddies got busted by MAPS. They can just get lost.
But nonetheless, MAPS decision to settle was wrong. Even if they were afraid to loose in court, they should have accepted it and gone under fighting, instead of submitting to the The Enemy.
Die, Spammer Die !
f.
Which would work, except despite the fact you get thousands of complaints, you never block the ones abusing your system. Now, if that's an invitation for me to come hax0r your servers and put the blocking code in for you, I'll accept. However, since you refuse to do it, you're the bad guy here. Putting a submit-form 'MAILBOM THIS ADDRESS' on the web and saying "Hey, it's not our fault! W.X.Y.Z submitted it!" means (da dum!) you're a twit.
BTW, thanks for pointing out the fact your company is a spamhaus, I'll be sure to add it to the block list for another 10000 customers. Enjoy!
--Dan