EFF speaks out against MAPS

Control-Z has brought our attention to the latest EFF newsletter which speaks out against MAPS ^? and ineffective spam legislation. According to the EFF: "The rights of users to send and receive email must not be compromised for quick and dirty ways to limit unsolicited bulk email. Neither misguided and ignorant legislation, nor collusive, high pressure protection schemes, have a legitimate function or place in our online future " The EFF is reminding us that freedom isn't always easy. I feel much worse for those who haven't figured out procmail yet though.

Procmail

[Kozz]

For the uninitiated, procmail is a fantastic tool. To learn more about it, check this link for how-tos, documentation, tutorials, and other spam-fighting tools.

Re:Procmail

From the Procmail FAQ:

Q: I want to use Procmail for spam filtering. A: Good luck. Have fun. Have you considered the following? It's really kind of late to stop the spam when it's already on your mail server. Better solutions would involve your mail administrator and IP-level blocks against spam sites (RBL et al.) as well as probably additional server-level filtering. Don't reinvent the wheel. There are good recipe packages out there which you cannot duplicate without serious effort. And it'd be a waste of time anyway. You'll find links to many Procmail spam filtering packages on the links page. Procmail is excellent for fine-tuning and for sorting already identified spam to a separate folder (some sites will just tag suspect messages, but still let them through) but on today's Internet, proper antispam measures belong in the mail server layer (if not in the political layer).

Basically it says Procmail shouldn't be used for this and to use RBL.

How to stop spam :

[Gaijin42]

I highly reccommend all people go out and use sneakemail link.

This is a great utility for stopping spam while not interfereing with your normal email.

It gives you unlimited disposable email addresses to give out whenever you need an email for a website.

If you dont want email from that address anymore, you can turn it off.

On the other hand : Spam is meant to market a good or service. Therefore there must be some way to get in contact with the spammer, otherwise their spam would be ineffective. a task force needs to be created which smacks spammers upside the head with fines, or just plain shuts them down.

Spam should be legal, as long as they include a valid return addy, and have a way to remove people (for real)

Re:How to stop spam :

[mmontour]

Another good service is, of course, spamcop.net.

There's a free tool to de-obfuscate the headers of Spam and send complaint letters to the appropriate abuse departments. They also have a paid filtering service that will hold any possible spam messages until you manually approve the sender (or report it as spam). Money well spent, IMHO.

Spam should be legal, as long as they include a valid return addy, and have a way to remove people (for real)

As for the valid return address, I would say this is necessary (but not sufficient) for a Spam to be "legal" in any sense (along with "ADV:" in the subject line, other standard headers to identify it as spam, and a notification of how they got my email address so that I can badger / LART the upstream company to stop selling my info).

However, the "remove" method doesn't really work because these addresses are often just a way to verify that your address is still "live". One way to test this is to send a removal request using a newly-created address, then wait to start receiving spam on that address.

The only way for "opt-out" to actually work is to have a higher-level, trusted agency maintain the opt-out list (similar to "do-not-call" lists that exist for telemarketing agencies). However, given the nature of the Internet, it's hard to say what agencies should have jurisdiction here.

Of course, the best way to deal with spammers involves a jar of honey and an anthill...

MAPS & ORBS aren't that painful

[fetta]

A few years ago, I came onboard at a small company just in time for their mail server (Exchange 5.0) to get blacklisted (by ORBS, I think). It sucked at the time, but if we hadn't gotten blacklisted the open relay would have remained open for a long time (the problem prompted our move to qmail). Once I closed the open relay and informed ORBS, we were quickly removed from the list.

In theory, I have no problem with the concept of these blacklists. The use of them is voluntary. From what I've heard, there may need to be some serious discussions about how they gather their data and their procedures for getting off their blacklists, but the concept seems to be both effective and practical. Also, mail providers should be up front about their use of these lists so that users can choose to use an "unprotected" mail server if they choose.

Re:MAPS?

[igjeff]

Not true...it is not difficult for an ISP to set up the use of things like MAPS RBL on a user by user basis.

Jeff

Blacklist implementation voluntary, too

[Erasmus+Darwin]

An issue the article fails to address is that the provider subscribing to a given blacklist may choose how to handle that information. Automatically rejecting emails is only one choice (and happens to be what we use where I work). Another option is to merely flag messages from blacklisted addresses, so that they can wind up in a lower priority "junk mail" folder that is still manually reviewed. Yet another option, the worst of the bunch and also the only one mentioned in the article, is for a server to silently discard all blocked mail with no error being returned.

Re:EFF is misguided in this

[gorilla]

That's fine, but they are not saying that you are required to read all mail that comes into your server.

Yes they are. They're saying that all the filtering should happen at the end user end, when the spam has already cost money. To give a REAL example, I had someone sending mail to over 30,000 random names @domain in one night, all starting with the letter a, before I blocked them. These were names which had never existed in our system. If I adopted the EFF's position, then all of my users would have had a month of bad service, or I'd have to get a much bigger mail server.

ORBS is very nice...

[rmezzari]

I once had just started in this new company, and the mail server has an open relay. If the nice folks at ORBS didn't drop me a line, it probably would have remain open for a long time (more importnt things to check). And as soon as I corrected the problem (with a nice sendmail upgrade) they removed me from the list.
I must say I really like their way of work.

MAPS DUL

[Chase]

My step-mother called me frantically the other day because all email to her was being bounced. I did some checking and found that my subnet had been added the the MAPS Dial Up User List . The addition of DUL to the MAPS database means I am treated the same as a spammer even though I am not doing anything wrong.

I reconfigured exim to use my ISPs SMTP server as a smart host and all was well. Until I receive the following message which basically says that my server is an open relay.... Its not... Now my step-mother thinks I am a mail abuser... I can only guess what she think of that...

From: Abuse Investigation Team [mailto:abuse@adelphia.net]
Sent: Friday, October 05, 2001 1:59 PM
To: *
Subject: RE: email problems

Thank you for forwarding this information to us. However, the bounced
message you received indicates that the sender is being blocked due to the
originating IP address being listed in MAPS database. MAPS is a database of
domains and IP addresses that have been found to have either open mail relay
servers or are spam friendly. Adelphia, like many other ISPs, has
instituted MAPS as a means of filtering spam to lower the amount of
unsolicited email that reaches our customers.

Adelphia is unable to unblock the sender of the email. The domain
responsible for the IP address being blocked will need to follow the link in
the bounced message and take the appropriate steps as outlined by MAPS to
have their domain and/or IP address unblocked. For more information
regarding MAPS, please see their website at http://www.mail-abuse.org

Sincerely,

Abuse Investigation Team
Adelphia Communications
1-814-260-3961
abuse@adelphia.net
http://powerlink.adelphia.net/policies.html
http://powerlink.adelphia.net/policies/security_ fa q.html

Sender : *
Date : 10/5/2001 5:48 AM
---

because of MAPS my email began bouncing.

* *

-----Original Message-----
From: Mail Delivery System [mailto:Mailer-Daemon@chase.org]
Sent: Thursday, October 04, 2001 8:13 AM
To: *
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. The following address(es) failed:

*:
(generated from *):
SMTP error from remote mailer after MAIL FROM::
host mx5.dc2.adelphia.net [24.48.57.12]:
553 5.3.0 Open relay - see http://www.mail-abuse.org/

------ This is a copy of the message, including all the headers. ------

Return-path: *
Received: from smtprelay.abs.adelphia.net ([64.8.20.11]
helo=smtprelay3.abs.adelphia.net)
by loki with esmtp (Exim 3.12 #1 (Debian))
id 15p7NF-0001tp-00
for ; Thu, 04 Oct 2001 08:13:09 -0400
Received: from * ([*]) by
smtprelay3.abs.adelphia.net (Netscape Messaging Server 4.15)
with SMTP id GKOJBX02.Q4L for ; Thu, 4 Oct 2001
07:45:33 -0400
From: *
To: *
Subject: test
Date: Thu, 4 Oct 2001 07:44:08 -0400
Message-ID:
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Importance: Normal

test

* *
*

Email is uni/multi cast NOT broadcast

[nyjx]

Whilst I agree that many of the legislative approaches are overblown (and dangerous), expecting all users to block their own spam is (which is what the EFF is clearly advocating) is seriously unrealistic. How many people here have a hotmail, yahoo, lycos.. account - what would that account look like if those companies didn't block spam for you? I'm sure that the average user would see this as a service offered by the ISP. As long as he/she can receive mail from granny it's fine. Most average users just want "email", they don't want the hassle of configuring 1001 spam filters. It similar to virus protection - they will just install Dr. Solomons for SPAM - or use whatever comes in the next version of XP and have Bill limit who sends them email.

The free speech argument isn't invalid its just impractical for most end users. Secondly it is being applied in the following way by the EFF:

- "ANYBODY has the right to say anything to YOU"

and not in what most people consider free speech, which is:

- "ANYBODY has the right to say anything in a public forum."

These are NOT the same thing. You get into the whole "I'm paying time and money becuase idiots keep sending me spam". Email is personal communication (uni or multi cast) it is not broadcast. If people wish to broadcast they should do so in public forums - er, like this one!

It's still an issue if an ISP blocks somebody you do want to hear from - but this is somewhat akin to the fact that millions of people around the world don't even have access to email, a telephone or even a decent postal service to even contact me in any way whatsoever.

Being black listed at least forces those areas that are to try and regulate their users. Of course Eventually this is likely to break down to requiring pretty intelligent software to determine what to block based on message content rather than sender behaviour - and even then people will still pay third parties (ISPs,M$) to perform this for them - how many pieces of software out there still use the default passwords...

Re:Some "ICQ" features ...

[GlassUser]

It seems like a really nice feature for an email client would be something like the ICQ feature that auto-ignores people that aren't on your list. Your email client could auto delete email from people that aren't in your address book.

I know I'm going to get modded down for this, but you can do that with a single rule in outlook. I doubt it would be hard for any decent mail reader to do.

John Gilmore (-1 Flamebait)

[Vainglorious+Coward]

I support the EFF (inc. with money) but I can't help suspect that John Gilmore's own personal desire to operate an open relay has significantly influenced the EFF into slamming MAPS and praising Brightmail. Has JG's machine just been added to MAPS or something?

I entirely agree that ISPs should not be filtering email without notice or consent and that "end-user" tools are the best solution, but I disagree vehemently that a spammer's right to "free speech" overrides my right to accept or deny data arriving at the edge of my network, for whatever reason I decide, including irrational reasons. I can and will use any tools at my disposal to control what enters (and leaves) my systems. The problem with end-user solutions that live in the mail client is that by the time spam is deleted, the resource cost has already occured. I much prefer to simply drop connections that I don't want; it still costs me a little bandwidth but I don't waste the disk space and processing cycles that I would if I accepted the spam.

Free speech for everyone is all very well, but the galling thing is that most spam is *deceptive*, using falsified return information or deliberately implicating other innocent third parties. I would settle for allowing all mail to come in iff I can puruse claims for fraud against those who won't play nice. Since this is unlikely to happen any time soon, I'll keep my blocking techniques, thank you very much, and I won't be shedding any tears over the "free speech" rights of spammers - I simply don't recognise any innate "right" to practice deception, especially when it's at my own expense.

Re:From a small isp perspective..

[Todd+Knarr]

SMTP AUTH maybe? Relaying allowed for authorized users, nobody else. End of open-relay problem.

Re:Out-of-hand solutions to an exaggerated problem

[Vainglorious+Coward]

I understand that any time I receive any piece of unsolicited email it is because *I* supplied my email address to the spammer
I'm sure there are hundreds of people who have their own stories to prove that the above statement is simply false. Many spam operations build lists of all potential [user]@domain.com addresses; addresses for which the spam doesn't bounce are then added to the "valid address" file (which is typically then sold on to others as being a list of "people who have indicated that they wish to receive email" about whatever they're selling). And this is the point really - this is not about "free speech" or the "rights" of spammers. It's about a bunch of shysters using deceptive business practices to try and turn a dollar, and doing it *at others' expense*.

Re:Choice Statistics

[Jay+L]

I don't have numbers, but here's some data:

- When I worked on the AOL mail system, any time I met someone new - whether socially, in business, at the gas station, whatever - the first and only question they'd ask was how to stop the spam.

- During periods where the spamblocks are less effective (because the spammers are ahead of the game), spam is by far THE NUMBER ONE COMPLAINT to Steve Case's mailbox and to Customer Service.

And this is *after* scores of millions of spams have already been blocked each day.

The strong libertarian/individualist/techie pull of Slashdot notwithstanding, the average American e-mail user just doesn't want their spam.

I agree wtih others who said that ISPs should publicize the existence of their spamblocks, and it must be part of the Terms of Service. But to say that even if users agree to filtering, it should be illegal? I don't get it.

Jay, the ex AOL mail guy

The Problem With Not Rejecting Spam

[cjs]

The problem with local filtering is that if you automatically put spam in /dev/null rather than your mailbox, and a legimate e-mail is misidentified as spam, it disappears and nobody knows about it. Whereas if you bounce it, at least the sender knows the message was never delivered.

You can put it in a separate folder and examine, of course, but then you have to look at the stuff, so you might as well put it in your regular inbox. And you still stand the chance of missing a legitimate e-mail that looks too much like a spam.

cjs