Slashdot Mirror
Open Relays, Free Speech, and Virus Propagation
sirsnork writes: "There is a story about John Gilmore running an open relay that is being used by a virus to propagate running over at Newsbytes. His defence? He wants his friends to be able to send email through his server from whereever they are. You'd think he'd know better." Gilmore has been skirmishing with Verio for some time over his open mail relay. Is it a good thing because it promotes the free flow of information? Is it bad for promoting the free flow of spam? Do the ethics change because someone writes a virus that uses the server to propagate? Interesting questions.
I'll add his domain to my blacklist.
I suppose he leaves his front door unlocked too so his friends can watch cable whenever they like?
This guy is a jackass. There are a number of ways to allow his friends to send mail without running an open relay.
If he wants his friends to use the server from anywhere, why not use an authentication scheme like SMTP AUTH or POP-before-SMTP?
Gilmore should know better. Verio's being majorly blocked by this person, and when Verio gets a clue, they may get their laywers in on the game and sue him.
He should at least know how to lock the server down to use SMTP Authorization. Even better, if he wants his friends to communicate freely, he should give them Unix shell access. Open relays being free speech? YEAH RIGHT! There's no goverment there, so the First Admendment does not apply! (If you think otherwize, REREAD your Admendments.)
--
# Canmephians for a better Linux Kernel
$Stalag99{"URL"}="http://stalag99.net";
Is it a good thing because it promotes the free flow of information?
Information wants to be free, but my mail client does not want to be chock-full of herbal pot alternative spam.
If this were still the 'net of the pre-WWW days, I would see the point of running an open relay for friends. It's not, though. The vultures are here. And they really want to sell penis enlargers.
--saint
If you want people to use you as a relay from where ever you are, use smtp authentication. it doesn't have to be a real account, and using things like cram-md5 the password isn't set in the clear (or one can use smtp-tls, but that's less supported)
I do this with evolution, I know outlook and netscape support it.
My boss doesn't want to change his SMTP server every time he is connected to a different network (about 5 times per day) nor does he want to have to worry about having 5 different connections set up (one for each network even though he is using the same e-mail address for all of them) and he travels out of state and out of country a lot, which adds yet another set of random SMTP servers he would have to deal with.
My problem is that SMTP has no authentication that I can find that would allow me to let him use our SMTP server from wherever he was, so I found a list of open relays and changed his SMTP server to use that. I wish there were a better technical solution, but I haven't been able to find one so far... If anyone has a suggestion I'd be happy to hear it, but until then Open Relays have a place in the world in my opinion.
Kintanon
Check out JoshJitsu.info for Brazilian Ji
my school (wm.edu) had the same problem. aol (and some other isp's) blacklisted us last year for running an open relay. now, we switched over to secure login and everything is great! why doesn't he just use secure login? or what about running a secure proxy or even just let them use webmail?
If it wasn't for the virus propagation tool known as Outlook this virus and its ilk wouldn't even :)
exist. Sure this guys being an idiot but we should focus on the REAL source of this sort of
these viruses, ie the idiot marketdroids at MS who thought being able to run executables in email
would be "kool".
I'll admit though its hard to even blame MS for non viral spam
someone would use a little common sense. Perhaps his "friends" need to do what the rest of the world does and get a shell account or a webmail account. If the janitor of a school left the door unlocked so that his wife could come in after hours and drop off his dinner and a bunch of kids came in through the unlocked door and trashed the place, the kids would be at fault, but the janitor would be guilty of neglegence. If the janitor didn't lose his job, he probably would be smart enough to leave the door locked in the future.
If it ain't a Model M, it's a piece of crap.
open relays are bad.. Plain and simple.. this guy is just as bad as the people who spread the viruses and send spam.. It's kinda of like people who helped the nazi's but said hay i'm not a nazi so it's ok..
I have a feeling 300,000 slashdot readers will take care of Verio's traffic problem real quick.
bash-2.05$ telnet toad.com 25
Trying 140.174.2.1...
Connected to toad.com.
Escape character is '^]'.
220 toad.com ESMTP Sendmail 8.7.5/8.7.3; Thu, 7 Mar 2002 09:11:09 -0800 (PST)
helo toad.com
250 toad.com Hello [12.32.42.180], pleased to meet you
mail from:<asdfasdf@asdfasdf.com>
250 <asdfasdf@asdfasdf.com>... Sender ok
rcpt to:<dick@dick.com>
250 Recipient ok
data
354 Enter mail, end with "." on a line by itself
.
250 JAA03142 Message accepted for delivery
John Gilmore assertion that he wants his freinds to be able to send through the server are invalid, as he could always allow authenticated relaying instead of open relaying. This would allow authorized users to relay from anywhere without allowing abuse of the system.
Of course, everyone knows that this isn't the reason for his running of the relay - it's simply an issue of free speech, as I understand.
--
Beauty is in the eye of the beholder... Oh, no. It's just an eyelash.
Having an open relay isn't intrinisically bad. 20 years ago it was common. What makes it bad today is Microsoft and it's lack of security, and the burgeoning of spam. If Microsoft products weren't so susceptible to worms and virii half the problem would be taken care of. Then work on shutting down the spammers. But the real fault should be placed a lack of OS security and spammers
I wonder how long it will take him to get a clue when his domain gets on all the major blacklists now it's well known. His view of the internet is going to get very small very fast. He needn't worry about being DOS'ed by angry netizens. Most of their packets will no longer be able to get through soon.
The truth shall set you free!
I don't care who he is, but this is just wrong. If he insists on leaving it open for the world to access, then perhaps Verio should charge him for this excessive use of bandwidth.
Gilmore does nothing wrong himself, I think. Blame the people who send spam first - it's his choice how he wants to use his bandwidth. On the other hand he would certainly do a big favor to the community by using one of the many ways (SMTP auth, for example) of closing down his relay to spam without having to close the relay for friends.
Your personal freedom ends where you harm another person's freedom by living it.
Verio has every right not to sell Internet service to people who want to use it to run open mail relays. John Gilmore has no right to demand Internet service form Verio.
MAPS, ORDB, ORBZ, and the other blackhole lists have every right to tell me that John Gilmore is running an open relay. John Gilmore has no right to gag the blackhole lists' truthful speech about him.
I have every right to refuse to accept email from John Gilmore's open relay. I may do this on my own information, or on the advice of a blackhole list. John Gilmore has no right to force me to allow him or his traffic on my property.
So everyone's right, as long as everyone stays within their rights.
It really is.
It's also your right as an end user or mail server administrator to block traffic from his server / network.
A common carrier, however, does not have the right to block his traffic because they want to stop spam.
This is really clear-cut.
Because it highlights the failing of the whole existing mail trasfer system. Currently, free speech and spam reduction are in some ways diametrically opposed aims.
Not that I know what would be better, but it's about time there was a rethink.
I've argued with John about this.
On the one hand, I believe he's saying that the ISP should not make the choice for its customers as to what mail it accepts and what mail it doesn't accept. I have to agree with this, it's a slippery slope and easily abused. However I believe a lot of customers are happy to have their ISP try to reduce the amount of spam they receive.
Also, I believe John's attitude is that any spam-prevention mechanisms should not block valid mail from getting through. I have to agree with this.
And, having been (incorrectly) attacked by anti-spammers a few times I have to say that often the anti-spammers are worse than the spammers.
On the other hand, I think John's insistence on running open relays is just plain a bad idea, and that using technological means such as SMTP Authentication could completely remove the need for having open relays.
That means that he would have to be paying out large amounts of money to anyone who is a victim of spam through his server.
It is interesting to know that a while back, Verio was scraping the register.com database to spam people who had registered with register.com
Fight Spammers!
People are missing the point. The fact there are other ways to authenticate SMTP is moot. The question is whether or not free speech and expression can be limited because of inconveniences it causes. For example, in the US you cannot yell, 'Fire' in a crowded movie theater - it has been decided by the court system that the public interests outweigh the individual right.
So does the same thing apply here?
Analogy: I build a subway, and charge no admission. Penniless vagrants board the subway and ride to Wealthyville and rob a house. Am I to blame because had I charged a subway fare they would not have been able to get to Wealthyville?
Comes down to his Terms of Service with Verio. If he agreed not to run an oen relay, then he shouldn't. If Verio did not prohibit it, then he can. In general, long term Bad Things(c) happen when practicality trumps freedom.
This is a perfect example of why ethical issues like freedom of speech, fair use, and the right to carry a gun are not as cut and dried as we would like them to be.
It all boils down to this: While 99% of any given set of a population may be honest, ethical or safe, there is always that 1% that will take advantage of that very fact. In this case, Gilmore wants the freedom to do what he wishes with his mail server, and though most people respect that, a malious few have used that trust to damage others.
You can extend this to any argument: While most of us respect fair-use laws, there are those that take advantage of those laws and pirate music and movies. While most people with concealed gun permits have honorable intentions, there is always a small contingent that does not.
I always say, you have the right to [ speak freely, copy music, carry a gun ] until it infringes on my rights. The problem is, determining who's rights are being infringed on.
This episode is a great reminder that the issue is much more complicated that most people are willing to admit.
Do you have Linux and a DotPal? Click here now!
if he'd used his brain for 10 seconds then a websearcher for maybe 20 he would have found the solution before all this shit.
./configure that is talked about in the README to set this up, theres a really handy popauthd.pl script for sendmail to do this...I'm sure exim/postfix can both do this aswell.
I found this out from scratch a few years back so surely he could have worked out that it's possible to validate users from the pop daemon then use that to give them relay permission to use the smtp server.
FFS half the smtp servers you get these days have pop-auth built in to them, qmail/vpopmail just needs an extra option to
the best bit was the title: "Verio is censoring John Gilmore's email under pressure from anti-spammers".
Wheres my fucking clue-by-four. *SLAP*
Theres one born every minute.
pkm
My ISP (Verio, it turns out) lets me send email via my own domain, from any IP address. I just need to get email first, so the server knows I'm a legitimate user. This rule makes sense for spam prevention - and it also means that I don't need to change smtp settings when switching from DSL to dial-up to private network behind a firewall. If your ISP doesn't do this, it should.
sulli
RTFJ.
blah:~$ telnet toad.com 255 0-VERB
Trying 140.174.2.1...
Connected to toad.com.
Escape character is '^]'.
EHLO hehehe
220 toad.com ESMTP Sendmail 8.7.5/8.7.3; Thu, 7 Mar 2002 09:18:22 -0800 (PST)
250-toad.com Hello blah.blah.foo [1.2.3.4], pleased to meet you
250-EXPN
250-8BITMIME
250-SIZE
250-DSN
2
250-ONEX
250 HELP
MAIL FROM: blah@blah.foo
RC250 blah@blah.foo... Sender ok
RCPT TO: blah@blah.foo
250 Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
hahahaha..
.
250 JAA03950 Message accepted for delivery
At least it's well known so it's easy to add to the spam blockers. Hope he didn't have anything he wanted to send me in an email.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
Even free speech under the Constitution is restricted under specific, remarkably stupid applications. These would include:
--Standing up in a crowd with the intent to incite a riot
I would think that his free speech notion is invalid because it endangers an actual process with possibility of harm. In this case:
--Internet mail servers
--Operating systems (Windows primarily--hah!)
--Our common fscking sensibilities
Vos teneo officium eram periculosus ut vos recipero is.
Apparently, you aren't using Sendmail, or don't know anything about SMTP AUTH.
What to do about it
Write, email, fax, or phone to Darren Grabowski of "Verio Security". Tell him that punishing innocents if you can't find the guilty is not the right way to run a network. Please send me a copy at , and also send a copy to EFF at .
So should I use my real email address...no I think I'll use bill@microsoft.com and relay 100000 copies through your open mailserver. Cool huh!
then use of email through his gateway is free expression. however, people blacklisting his box is also free expression.
additionally, i gather he has an account with verio, which has certain provisions you must agree with to have an account, one of which i imagine compells him to avoid running an open relay. If he has a problem with these provisions, he needs to find a new provider, and if he can't find a provider w/out those provisions, he needs to suck it up and realize that in the civilized world, open relays are bad.
Yelling anything during a movie is expression, but unless you're at Rocky Horror, it just isn't appropriate, and could get you kicked out of the theatre. If you take passing spam as yelling, and the internet as the theatre, it makes a decent analogy.
Need a Catering Connection
He does have a point. I run a free webhosting company and have had my service (along with my 100,000 users) cut off by AT&T because one of my users spamvertised his URL. He didn't use my mail server, he just used my service to create an otherwise legitamate site. After arguing with the AT&T legal department, I got them to reinstate my service. Does anyone have advice on how I can protect myself from this?
Is that too much of him to ask of his users? Or is he just unaware of how and what to do?
Clue me in, folks.
--SC
You read fiction? I write it! Lemme know what you th
John,
I've got this to say to you:
It's nice that you want the internet to be totally free, but what good is a free internet that's not usable because of stupid pricks trying to sell anything to every second dumbass out there.
If you can't setup your server to authenticate your friends, then ask somebody for help. Or you could setup accounts for them, so that they can log in remotely and use pine or elm or yadda yadda yadda.
If your friends are to dumb to remember passwords, then maybe they're to dumb to use e-mail. You should give them pre-adressed and stamped enveloppes so that they can communicate with other people whilst on their trip.
Or maybe they'd get confused trying to figure out what stamps to use in which country!
Open mail relays are not free speech! I hope you get shut down real soon.
alt.binaries.erotica.hamster.ducktape
Everybody's pissed that this guy is somehow contributing to spam, but the reality is that all this guy's providing is a tool - an email server. What people do with the server is up to them. It's the same as all these P2P networks like Napster and Gnutella. It's a tool. It doesn't mean that if you use it you're necessarily using it to steal music. Everybody's quick to defend the P2P networks but quick to condemn this guy. What if P2P networks became sources of worms and spam? Then will we side with the RIAA to shut them down?
[feeds trolls]
usually you have to buy the weapon unloaded and then buy bullets and then load the weapon
Need a Catering Connection
Yeah, I guess having his friends and server use some form of SMTP authentication from anywhere would be too hard. What a dipshit.
Berto
The gentleman in question has a home page here He also has an e-mail address of gnu@toad.com and gnu@eff.org so you can e-mail him here and here
May I suggest instead of bitching on slashdot you take a second and send an e-mail to the John and let him know how you feel. Practice your first amendment rights. Visit his web page as well. Perhaps the "slashdot affect" can do some good. Take a second and stop being so apathetic and send John Gilmore an e-mail.
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
He should just hack his relay so that it's extreeeemly slow; nobody will much care if they're using it on the road, but this will make it next to useless for spammers.
There is a fine line between exercising your rihts and being an asshole; right now he's straddling it.
This is a hard problem, but it's not about censorship. Censorship is what *governments* do when they are either trying to shut down political debate (a.k.a. totalitarianism) or subject minorities to the cultural values of the majority (repression),or both. Verio is not the government nor should it be treated like one, lest we get into a whole bunch of real censorship problems (like forced use of porn/content filters by ISPs).
This problem is about messed-up technology (as others have pointed out) and the difficulty of dealing with anti-social behavior (from spammers, not Gilmore). Since it appears that John can close his relay without interrupting his traveling friends, I hope he will do so. This is about cooperating with the relatively harmless means that the community has evolved (without recourse to legal repression) to help curb spam.
Frater wrote:
Verio has every right not to sell Internet service to people who want to use it to run open mail relays.
No, actually, Verio doesn't. It's bound by the terms under which it (indirectly) acquired The Little Garden (tlg.net), which very clearly specified that there was to be no blocking of service on grounds of content.
Remember this, if you're ever tempted to business with Verio: It breaks its commitments. Accordingly, you can't believe a word it says.
I work for a company that provides a web based application to our clients. Increasingly I'm having to answer questions as to why some guys browser has nothing in it when he goes to the url that we provided them to access this web-based app. So far it has been because of their proxy servers restricting them. It looks like even though the internet is all inter-connected there are lots and lots of checkpoints that restricts movement. I'm sure Berlin-wall had roads connecting either sides. Except most people couldn't use those roads. Now our company wants to somehow restrict access to even the general/informational/marketing company web-site based on IP addresses or some such. I found that so against the 'internet' idealogy that I voluenteered (sp?) myself out of that project. I mean, we do have passwords to protect client data and what not but why restrict information that you would otherwise put on a newspaper-ad?
On the flip side, our clients usually have proxy servers and what not and at the beginning of these projects I usually have to talk to their sys-admins and ask them to open-up our web-site to their users. When everyone and their brother installs proxy-servers and firewalls the only thing we'll be sharing is the connection. What will we use that connection for? I mean, large companies already restrict your access to the local lan only + a few other 'approved' sites. So you can't do jack with the connection at work. You come home, and well your ISP thought it would protect you from the monstrosities on the internet too and has now created this little sandbox that you can access.
The internet is going down the drain. It came too quick too soon with no good business model that people could think of. Now everyone is trying to 'restrict' access and hope to make money by doing that since that's the only business model we know of. In the meantime, restricting access is killing the internet. At least the idealogy of sharing information. Pretty soon we're going to have all these nodes refusing access to each other.
My provider allows anyone to use SMTP, provided that they have first made a successful POP connection. Once the POP connection is made and the user authenticated, then their IP address is added to the relay, for a period of time (a few hours, I think).
Why doesn't Gilmore implement something like this? Then his friends could still use his relay from anywhere in the world, but spammers wouldn't be able to.
I'm inclined to agree with the comment in the article at Gilmore is "being a stubborn old fool for leaving his mail systems as open relays"
HH
I think he's a senile fart who gets his kicks "fighting the man" and the "system". His rather juvenile view of the legalities of drug possession, sale and abuse (see his homepage) only serve to demonstrate that he's a sod. ;)
I need to be able to send/receive email while I travel. So what did I do to allow this?
Simple. I turned on SMTP AUTH.
It was hard. I was using an Exchange server. I had to click two checkboxes. One on the Exchange Admin tool and one in Outlook Express.
As a rock-in-roll Physicist once said, No matter where you go, there you are.
This kind of question is coming up more and more these days. Is anti-piracy a good thing? Is anti-spam a good thing? Or is pro-freedom and pro-communication more important?
:) should consider that more carefully when acting on, and reacting to, the actions of others.
Ask yourself this - Why do *I* use the Internet? Why do *I* use computers at all? Is it really to altrustically promote communication and the exchange of ideas, or are those simply side effects of wanting to make your life easier? Personally, I feel that well over 90% of the internet-using world tends toward the latter, and perhaps those people responsible for making the internet work (you know, us
So is John Gilmore trying to promote communication? Maybe. Is he trying to make his life easier? I certainly don't know. But maybe those who do can take that into consideration before labelling him as Part Of The Problem or Part Of The Solution.
(Oh, and in case it wasn't clear - I don't have an actual opinion on the Gilmore issue, I just wanted to respond to the editorial musings accompanying it.)
Unless, of course, scissors can't cut rock...
It would be easier for his friends to use web based email instead. He could install SquirrelMail with SSL authentication instead, for example. His friends would be happier, and he wouldn't be causing a problem for others. He also wouldn't be running his mail server and bandwidth flat out processing spam. No infringment on his rights, and he's not being used as the tool to infinge on the rights of others. Win-win.
Can You Say Linux? I Knew That You Could.
Your need for information, your threshold for pain and the signal to noise ratio. Unfortunately an open relay today has a very poor signal to noise ratio. Yes, I am in favor of free and open communication but this is like using a bull horn to call my neighbor. It might work but it causes too much pain for anyone else - and there are better alternatives.
The guy should know better (smtp auth, pop-before-smtp).
The guy seems as fanatic and rooted firmly outside of reality as RMS. I wonder if all bearded men over fifty that are into free software will eventually develop this mental illness...
He can do whatever he likes with his machines and I can do whatever I likes with mine. So, if he leaves his wide open, he shouldn't be surprised if he finds that I've added a REJECT next to his host on mine--if he doesn't get added to an RBL first.
Is Gilmore now in the Korean middle school business?
This page accidentally left blank
This guy is probably a woman... just a woman could be that ingenuous...
Or maybe he is a Microsoft Certified...
There are mail systems that can open up a relay for a specific IP after a successful POP login from said machine. It stays open for a little while, and then closes.
A quick Google search for "pop temporary relay" finds us this page which will make sendmail work this way.
Problem solved? I doubt it.
A herd of anonymous cowards and email harvesters whooshing to the open relay...
It's 10 PM. Do you know if you're un-American?
ISPs are out there to make a living, like the rest of us. The reality is that spammers are people who don't care about inflicting what we call a "negative externality" on everybody else. That means they are inflicting a cost on those who have to read through spam, or figure out how to block/filter it, and the ISPs who have to carry large volumes of unsolicited commercial email. While ORBZ, MAPS, etc. may be annoying, these organizations do serve a function. Gilmore is free to run his open relay on his T1, but it's akin to parking your Ferrari in the middle of Harlem, with the keys in the car, and the driver's side door open. Technically, you may not be legally responsible, but ethically, if somebody walks into that car and goes joy riding and gets into a crash killing/maiming others, well, what the hell did you expect?
Society does get to set rules about permissible behavior, and we do get to enforce them by exclusion. Hell, if 40% of ISPs (by volume, or by number, I don't know) use MAPS, ORBZ, by their own choice it's probably for a reason. And frankly, I'd rather use an ISP that does, because I don't want to be on the receiving end of any more spam than I already get.
Gilmore may be right that RBLs are not the correct long term solution. I've heard it said before, so I won't take credit for it - the correct solution is a change in Internet standards - make it more "costly" in some way (bandwidth or other) to send bulk emails. This would bring the economic cost back to the spammer and remove or reduce the negative externality. Make it so it doesn't pay to spam. And no, I don't have the solution to this problem, but I could imagine alternatives to SMTP/mail routing procedures that address the problem. Of course somebody might argue that this just reduces the utility of email. Ah well. Until then, for god sakes, close your open relays.
If he really wanted to let his friends use his mail, he'd setup SSH instead of an open relay, so they could SSH into his boxen, then mail from there.
Security is a 'good thing'. We don't need more virii being propagated, thanks.
Jake
Dating: while( 1 ){ call_girl(); get_rejected(); drink_40(); } return 0;
If you want friends to be able to send mail from wherever, how about giving them an IMAP account on the server and setting up a webmail interface?
This will allow "free flow" of information without "free flow" of spam and virii.
---
Open Source Shirts
It's both irresponsible and uneducated. If he wants people to be able to get to the server from anywher, that's fine. leave off the IP filtering. But turn on Authentication for all uses of the mail server. DUH.
People see the world as they are, not as it is.
...and as soon as his stuff starts connecting to mine, expect to be well & truly blacklisted as well.
As for ethics:
if you run a mail relay you can do so for a few IP#s and domains,for all IPs and domains, or just for your own local stuff that you own. Accordingly you get varying potential for valid use or misuse.
Amongst these options tailoring his relay to just those IP#s and/or domains for which his "friends" want to relay, no more no less, would've resulted in an optimum amount of relaying, no more no less.
Hence he is not doing the best he could.
Not to mention, whatever happened to SMTPAUTH? Why doesn't he at least have the common courtesy to run an SSL-wrapped authenticating SMTP server if he wants to provide a relay?
The FSF have a similar attitude to relays - all this cuddly "free speech" stuff really strikes me as so much horse-excrement when it's *me* that has to process the spam - and yes, I've seen stuff relayed through the fsf's open relay before now. I would've thought that such an organisation would have far more sense of the *responsibility* that goes with Free Speech than to abuse it in such an unthinking childish manner.
~Tim
--
Rushing on down to the circle of the turn
I vaguely remember that at one point, Richard Stallman didn't want to use any Unix machine that didn't support guest accounts (user: "guest"; password: ""), because he thought that was a violation of freedom. For a while, that meant he didn't use any system hooked up to the Internet.
It's not that he didn't understand the security implications; it's that he thought they were less important than what he considered the moral implications.
Can anyone back this up?
Stupid job ads, weird spam, occasional insight at
The following text of the e-mail that I sent
To: gnu@toad.org
Cc: gnu@eff.org, drg@verio.net
Subject: RE: Your fight with Verio
Dear Sir,
I find myself in an unusual position, agreeing with Verio. They (Verio) isn't trying to censor your mail, it is trying to prevent your mail server from being used by people to spread SPAM, viruses and other vermin of the e-mail world. It has nothing to do with trying to censor your free speech, or your opinions.
Allow me to provide a parallel this for you. Say you maintain a building on public property with a printing press. You leave the building unlocked so that your neighbor can use it as well. You do this because making a key for your friend is "just too much trouble". The building starts being used by violent gangs and an anarchist who builds his bombs there. The public ask you nicely to lock the building so that this activity will stop. You refuse saying that they are trying to censor you because you have a printing press in the building. That is patently untrue you are in affect aiding and abetting criminals by your negligence.
As an administrator that has to defend against SPAM attacks, sometimes coming by the hundreds and thousands for small domain that has at most 10 mailboxes I have no sympathy for you. This is not about free speech, this is about theft, denial of service and common sense.
aaron@NoitalianSpam-carsPlease.com
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
What makes it bad today is Microsoft and it's lack of security, and the burgeoning of spam.
OK, while I loathe MS, and will dis them every chance I get, I gotta say that they're not at fault here.
Spam is the only reason that open relays are bad. MS's security isn't. Worms or virii, while disturbingly common in MS-land, have no bearing on open SMTP servers at all - they use the victim's SMTP server to spread.
Very easy. We must have licensing to allow anyone who wants to do such a thing. That license should cost, oh, $5000 per year. Then we need to make sure that the person holding the license also has _insurance_ from an approved underwriter to cover these kinds of things. Yup, we need to tighten this internet thing up so this kind of crap can't happen!
I worked for Verio As a TS Rep for about 1 yr as a Telephone rep for both the Shared Web Hosting platform, but Primarily to support the FreeBSD Based Best Internet Communications Shell server platform. Best was a fairly large ISP/Web Host that conducted business in the bay area before Verio Bought them out. The Best SMTP was listed on both MAPS and ORBS as an "open relay" (it wasn't open, but there was an exploit loophole that couldn't be closed, for reasons that would take too long to explain here.). the Best SA worked with MAPS to take care of that issue, but ORBS, as everyone probably knows, is full of self righteous crackheads that wouldn't even return the SA's calls Verio didn't give a flying crap about that either. As far as it was concerned, the Best Inc server farm was a bastard child that it didn't pay attention to, and just wanted it to go away for good (they closed the doors early this year, anyone wanting to maintain a shell account had to move to the massively overpriced iserver service. In so far as internal support went, it was unheard of. If a customer didn't complain, then a problem didn't exist. But the second some outside force opened it's yap, the President's office would jump to attention and start cracking the whips. Let's be realistic, this dude is running a private STMP, ok, he's got that right, but running it as an open relay is just stupid. Hell, it's his bandwidth bill right? He wants to be a tunnel for crap mail, let him foot the bill for it. a quick examination of the header will reveal him as the culprit. Of course he could simply enable an SMTP auth requirement to restrict access to only the users of his choice....
It is interseting the everyone feels that Gilmore has the obligation to close his relay..
While security wise this is a nice thing to do, he is by no means obligated to do so. The only obligation he has is to live up to the terms of service and acceptable use policies of Verio. The acceptable use policy (http://www.verio.com/company/policies/aup.cfm) does specifically state that running an open relay is prohibited.
But besides the load on the network(s) and various servers, what is the real problem?
Most if not all email programs have the ability to filter email. And most sysadmins maintain a "blacklist" of domains that they routinely block at the gateway.
This is the same problem that Windows users face when confronted with a security hole in MS Outlook or Windows. Is it Microsoft's responsibility that damage has ocurred on a company's network because Outlook has a hole? What if the patch was made available and the user/techie failed to apply it? Is it still Microsoft's problem?
Some posters have said that having an open relay offends the "community sensibility." Well so does not bathing regularly, but it's not against the law. And most places won't deny you service on this fact alone.
Just my 2 coppers.
Sorry, but I just don't buy that the villain here is Gilmore or Verio.
This is a war between spammers and the spam vigilantes. The spammers want to send their spam, and vigilantes want them not to send their spam. And like all wars, the people hurt the
most aren't the combatants, but the poor sods caught in the crossfire.
Standard vigilante tactics are to threaten people for running open relays, because it makes it easier for the spammers to send spam. Since that doesn't always work, they turn to threatening the people who host the people who run the open relays. Verio isn't a third party - it's a fourth party in this dispute.
Even if I thought the ends justify the means, I don't believe closing open relays would achieve the vigilante's ends. Before we force Verio to force others to close their open relays, How about some evidence that closing open relays helps stop spam. ORBs has been around for a long time, but I still get spam.
-- Spam Wolf, the best spam blocking vaporware yet!
What are the IPs in the worm's database? It'd be a good idea to ban the whole list.
More like leaving your pharmaceutical factory unlocked and unprotected, for any criminal in the world to use, on the ground that your friends leave the medicines too. That is, it doesn't just hurt you: it hurts others.
and waited a bit for them to have their effect, I'd like to make a couple points.
One, John Gilmore is not some dipshit with DSL. Take a look at <a href="http://www.toad.com/gnu/">his webpage</a>. He is one of the founding members of the EFF. He knows what he's doing-- technically, morally, and legally.
Two, he's not sending spam. He's not enabling it, or allowing it. This "virus" doesn't exploit his computers, it exploits other dipshits, and then sends mail through his relay. But Spammers could send their mail through any other open mail relay (there are plenty0) -- but plenty don't. There are other ways to send spam. The virus could be written to use any open relay, why does it target his?
Maybe his definition of "friends" include people he wouldn't necessarily trust with personal accounts on his service. Maybe they include people he hasn't met personally. Would you deny strong encryption to people in countries whose government would supress their opinions, if expressed openly? No, but you would deny them the ability to send email?
This is a ridiculous scenario. No one in China or Iraq is going to use John Gilmore's mail server. But he's making a point. And the point isn't just about radicals in bad bad countries. Wouldn't it be nice if there were phones on every block and they were free to use? If everyone who could chipped in a little, the cost of sending email would drop sufficiently. Not to mention the increase in efficiency. Why should the email I send to my neighbor have to go to MAE-WEST and back? Do I really want every piece of mail I send to be routed through Verio or UUNet once they've got carnivores in place. The FBI can't put one in every geek's basement, but they can place them at strategic upstream locations and catch a huge majority the way we're currently set up.
The problem is spam, not open relays. Don't ban guns, or cars, or forks because people may do bad things. Spam will still come, in larger amounts than ever, even if all open relays are closed.
You wouldn't accept a company that has multiple expliots in their product to just advice all their customers to just disable the service that has the most frequently used exploit. Should we ban all webservers because Code Red took advantage of a vulnerability in IIS? Browsers because of bubble boy (an Active X exploit)?
This is a flawed analogy because there are other products that do not suffer from these exploits, and because these were coding flaws by one company. But other implementations could potentially be dangerous. Netscapes brown alert?
What about porn -- should we let net filters block anything that may be considered inappropriate for children?
Let's treat the problem, not one of the symptoms. Open relays enable spam. So does DSL. So does weak passwords. So does Hotmail. Is there any question where more spam comes from, toad.com or hotmail.com?
Wouldn't it be nice to live in a would where spam is not sent? You won't get there by ignoring the problem. Blackhole lists are like burying your head in the sand. They don't even save much on bandwidth. And they're getting further behind in the battle against spammers.
Alright people you are all such hypocrites, you call for free speech, you want your free software. But you slam someone who just wants to run an open relay, just because people use it illegally without his consent, you slam him. Me, i run an open relay on my home server because I never know where i will be when i want to send an email, does that make me a bad person that I help the spammers send you guys spam? Maybe so but that is what junk mail fiters are for, thats why 90% of the email i receive daily is automatically deleted. You call for free speech but you slam people who encourage it.
I think Verio has a case that Herr Gilmore's server is a nuisance. By definition a nuisance is ".... is something that annoys -- a wearing on the nerves by a persistent unpleasantness. It can evoke anger and interfere with comfort and peace of mind." A server used to spread virii and SPAM would certainly meet that definition.
/.er's find a fit for this example? Is it a good option?
In several legal texts I see the following when reffering to nuisances and grounds for legal action
Nuisance
attractive nuisance
forseeability of danger
negligence
liability
I would think that this server can be shown to fit almost all of the above terms. Does anyone know if civil suits can be used to help stop SPAM? Is there a lawyer willing to take up the cause?
. Can
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
Is this still an issue?
---
host -t mx toad.com
toad.com mail is handled (pri=100) by old.toad.com
toad.com mail is handled (pri=200) by ecotone.toad.com
nc -v -v old.toad.com 25
DNS fwd/rev mismatch: old.toad.com != toad.com
old.toad.com [140.174.2.1] 25 (smtp) : Connection refused
sent 0, rcvd 0
nc -v -v ecotone.toad.com 25
ecotone.toad.com [216.240.42.33] 25 (smtp) open
220 ecotone.toad.com ESMTP Sendmail 8.8.7/8.8.7; Thu, 7 Mar 2002 10:09:26 -0800
HELO test
250 ecotone.toad.com Hello xx-myhostname-xx [xx-myipaddress-xx], pleased to meet you
MAIL FROM:test@test.com
250 test@test.com... Sender ok
RCPT TO:test@test.org
551 test@test.org... we do not relay
quit
221 ecotone.toad.com closing connection
sent 61, rcvd 283
---
So, is the relay closed?
Helevius
Gilmore is a true Internet pioneer and activist, a dedicated supporter of free speech. A short list of his accomplishments is available here, including being one of the first employees at Sun and helping found the EFF. In addition he was an early activist in getting the Usenet alt. groups going as an alternative to the rest of the hierarchy where tight controls were in place. He has been active in supporting free access to cryptography, helping found the Cypherpunks and participating in a number of law suits and FOIA actions to get the government to reduce restrictions on crypto. He has funded the FreeSwan effort to build transparent point to point crypto into the Linux kernel.
He also founded Cygnus Support, probably the first company to prove that you could make money off of open source software. The company was sold to Red Hat in 1999 for $674 million.
John Gilmore was fighting for free speech and the right to communicate before most of us had ever heard of the Internet. If his actions seem out of step with an increasingly paranoid and closed Internet community, I suggest that we not be so quick to assume that everyone else is right and Gilmore is wrong. History has shown him to be a far sighted thinker who has been on the right side of virtually every issue.
Oh my, oh my. I thought they only came from Asia. Oh well, time to block all emails from America...
dominionrd.blogspot.com - Restaurants on
Frankly it doesn't matter who you are, it's all about responsibility. If you don't have it, then you shouldn't be responsible for anything, except your actions (in a court of law).
I admit that there are privacy issues that aren't resolved by the above. If you want a privacy protected, anonymous system then it needs to be better planned out to protect against abuse. Maybe this guy, with his influence, could get something going.
His machine is being used by a (windows) virus to spread it self. This sounds to me like a noble deed this man is doing.
...
Keep up the great work
Nobody is obligated to provide this guy with internet service. And those who do provide it are entitled to limit the terms in any way they please.
Having been in the ISP business and the hosting business for quite some time, I can attest to the fact that it's wise to take a very strict approach to spam/spammers. If Verio doesn't cut this guy off, the black hole lists may decide that entire blocks of their IP's should be listed. How would you respond to being blacklisted because your "IP neighbor" thinks he should be allowed to maintain an open relay simply for the sake of the convenience. Verio would loose customers if they didn't act.
According to Verio's AUP (last modified March 9, 2000):
Spamming -- Sending unsolicited bulk and/or commercial messages over the Internet (known as "spamming"). It is not only harmful because of its negative impact on consumer attitudes toward NTT/VERIO, but also because it can overload NTT/VERIO's network and disrupt service to NTT/VERIO subscribers. Also, maintaining an open SMTP relay is prohibited. When a complaint is received, NTT/VERIO has the discretion to determine from all of the evidence whether the email recipients were from an "opt-in" email list.
There's no law in any country in the world that would hold an owner of an open relay liable for the spam sent through it.
The situation is even more complex, when you consider that his open relay appears to be only used to relay spam to Italian Internet users.
What needs to happen is that some script kiddie needs to initiate a DDOS attack using toad.com shutting down a few high volume online stores, like Amazon or eBay. John Gilmore can not possibly claim ignorance, when Amazon and eBay will sue him for damages.
Of course they won't sue anybody, because they'd rather pass on the costs to their users as part of the operating costs of an Internet business. That's the typical response from credit card companies, Internet businesses, ISPs and the law enforcement agencies regarding online security issues.
In Soviet Russia, I ruled you
All this blacklisting going on today is useless in my opinion. So an open relay gets blacklisted, whoopee, the spammer just moves to a new one.. They are very good about finding and utilizing open relays. It's annoying and time consuming to try to stop them and the spam they send.. We try to do as much as we can, but the spam is still getting through.. I have not yet found a 100% guarenteed way of stopping spam without limiting the capabilities of our honest clients. Maybe I am missing something, I am, after all, still in newbie land.
It would appear that gilmore's domain, toad.com (whois -h whois.geektools.com toad.com) is listed by a number of the DNSbls (see: http://relays.osirusoft.com/cgi-bin/rbcheck.cgi ).
& as_ugroup=news.admin.net-abuse.*&hl=en ).
Personally, I think this is a good, if not great, idea. Open relays suck. They are the "attractive nusiance" of the internet.
This is not a free speach issue. This is a good net citizenship issue. Plainly, Gilmore is being a bad net citizen and is being shuned by a number of other net citizens. Gilmore's right to "free speach" ends at the entry to my mail server. My property, my rules.
I suppose it is no coincidence that he chose Verio as a hosting company. Verio are reputed to be very spam-friendly (see: http://groups.google.com/groups?as_q=verio%20spam
Verio's netblock 140.174.0.0/16 is already shunned by many MTAs, including mine, for its spam support. I encourage you to do the same.
After some interaction among me, Verio, and lawyers from Stanford Law School's Internet and Society law clinic, Verio agreed to not immediately terminate my service if I modified my mailer software to avoid forwarding large quantities of email from single addresses over short periods of time.
Seems rather generous of Verio to me, it is after all their equipment to control the way that they want.
You are receiving this message because your browser supports Slashdot Sigs and you have Slashdot Sigs enabled.
I wonder if John Gilmore administrates his mail server and reads Postmaster mails on his own. If he did, he would spend the whole day on cleaning it up.
A bit more than a year ago I worked at a company which was running an open relay to allow their customers sending mails through it. It has been blacklisted everywhere, no one has ever read Postmaster, they just reinstalled the mail server (out-of-the-box system, which they are developing) or removed the entire mail spool if it got too bad.
Yet they had of course plenty of problems with sending their own mail - so had their customers who used the relay, too. Being blacklisted on RSS, ORBS and dozens of other DNS-based lists causes quite some mails to be rejected - the percentage is certainly too high to ignore.
To make it short, it took several weeks to persuade each customer to change his mail server's configuration into using the ISP's mail relay instead of ours. Meanwhile the company moved its former 64k Internet connection to a 2Mbit/s line, which made relayed spam spread as fire.
Within the few weeks between the new line went up and we were finally able to replace the old mail server with a new system running Postfix, the mail relay was almost unusable for us - it took about a minute to even have a TCP connection of any type accepted, the system load was always between 10 and 20, and the ISP bill was _really_ high.
After putting Postfix into work, it was my job to keep the mail system running. As it ran on the same IP address as the old server, the spammers didn't stop trying to relay their trash through it. AFAICT almost no spam flood mailer checks SMTP return codes, and if it does, it tries to connect to the secondary MX. As a consequence the syslog has been filled with thousands of "Relaying denied" messages, SMTP sessions have been kept up for hours, and as they discovered after some time that this relay has been closed, they scanned our networks for some more open SMTP servers - not only - they scanned almost everything, so as if they can't relay spam through us, they at least want to look for an open FTP or HTTP server to share pr0n and w4r3z. It didn't take them too long to find an open proxy, and they caused 80 GB (the ISP bill was 6000 € that month) of bandwidth until we discovered it. They found an open FTP server, too, and uploaded about 5 GB of m0v13z until the partition went full what made us notice it.
What is more, the mail server has been fixed, but the IP address has still been blacklisted. After two weeks of notifying blacklist operators and having our mail server tested as secure, it has been unlisted from most services. Spam continued, of course, Postmaster notifications due to recipients who blacklisted our mail server manually continued to occur, and some customers who forgot to change their mail relay or were unable to do so (it's an easily-installable out-of-the-box system which they bought from us, so they just lacked basic knowledge to run a mail server). It has been a mess even months after we closed the mail relay.
So my advice for John Gilmore and anyone else who operates an open relay, intentionally or not: Close it! You are having the worst problems of all involved parties! If possible, move to a different IP network or you won't get any rest in the near future.
OKay. now, why do I argue that Gilmore is right? Well its quite simple. You see, if we want to get rid of the chickenboners, we have to:
a) Get rid of all open relays (impossible!)
b) Get rid of all socksproxys (Do we want to get rid of this great way of staying anonymous?)
c) Get rid of all open squid-servers (Do we want to get rid of this great way of staying semi-anonymous?)
d) Get rid of all other ways you can use/abuse all sorts of relays.
The problem is that the fight against spam hurts not only email administrators anymore, but hostmasters, webmasters, people that want to run anonymous proxies of any sort, and so forth. If one wins the fight against anonymous relaying, one removes the option of staying completely (or semi-completely) anonymous in many cases.
Do you think the "antispammers" like anonymous remailers? Nope, not unless you're the customer of one, or that there are ways they may limit/stop the spamflow.
I hate the spam as much as anyone, but I really don't think the solution is to block every possibility of staying anonymous. The solution is to rewrite the fucking mail protocol, not to let _everything_ suffer because of spam beeing intolerable.
end of rant.
"Rune Kristian Viken" - http://www.nwo.no - arca
Email has an inherent security flaw that we would never accept in any other standard... we essentially give everyone in the world write access to our Inbox.
We need to make a new standard, that makes it impossible for someone to send you a message without some sort of cryptographic authentication. Perhaps with third party servers that can authenticate "yes, this is a real person", plus any automated service that you gave a PGP signed certificate.
Forever and ever, world without Spam. Amen.
monkeys.
How can a libertarian cry "censorship!" when it's a private corporation making rules about its own terms of service? If he doesn't like it, he can find another ISP.
Anyone who loves or hates any language, platform, or manufacturer, doesn't know what they're talking about.
If he wants his friends to be able to use his mail server, his responsibility is to set up some kind of authentication and account management. Simple as that.
If I were his ISP I would cut off all access until he proved to me that he had secured this hole. After all, it's his machine, but it's his ISP's network.
Somebody please moderate the parent up. John Romkey is one of the co-founders of TLG, from whom John Gilmore purchased his T-1 from. TLG ended up getting bought by Verio.
-russ
Don't piss off The Angry Economist
The way RBL works is that your INCOMING mail is blacklisted. When a machine makes a connection to your ISP's SMTP port it checks it against the RBL. If that machine is NOT in the RBL then the machine continues with the trasaction. The SMTP server does not perform this same lookup when DELIVERING mail.
If and ISP blackholed his IP then you would have a problem. Verio apparently had filtered port 25 (they later took it off), which would prevent e-mail from getting to him. This is why I sent my mail to both his publically listed addresses. EFF.org isn't in any RBL that I know of (except china's)
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
a design do you think it is, that requires proper configuration of all the various systems involved
to avoid collapse?
as an aside i think john is trying to make a point,
not just about retaining his ability to do whatever
he wants with his internet connection, but a more
subtle one about privacy.
who is it that gets to decide how information
flows, how it must be addressed and delivered?
i dont remember voting for them
Recently I've been reading about how an amateur radio based network involving wireless packet data fell apart because a few stations did not organize in the same way as the rest of the network. This isn't the sole reason it fell apart, much of its demise seems to be from apathy.
Understand that amateur radio in the US and in most countries, consists of free (as in beer) but regulated swaths of the electromagnetic spectrum. This spectrum is shared by all amateur radio operators to communicate on using voice, morse code, video, data or some combination. Not unlike the Internet collective of networks, it is a shared resource of interconnected points.
The network in question used a specific frequency to communicate inbetween BBS nodes, and another frequency to communicate between BBSes and end-users. A loosely organized group provided a set of working rules to ensure the network could function efficiently. If BBS to BBS traffic and end-user traffic were shared on the same frequency, the network would bog down in short order (packet switched radio is slow at 1200-9600 bps plus overhead). Splitting the types of traffic up helped to ensure things kept moving.
For whatever reason, a few nodes decided to pass BBS to BBS traffic on the end-user frequency. The constant chatter between these unruly BBSes made it very difficult for end-users to operate making the network nearly unusable. No one was really in the wrong from a legal or regulatory stance, but they were obviously disrupting the function of a "system" and causing headaches for other users of the shared medium.
In US HAM radio, the FCC leaves problems in the hands of the amateurs to sort out. First come, first serve on the frequency. It is illegal to wilfully interfere with stations who are carrying on an active conversation. Written early under the assumption that two people could not possibly talk all day and all night long, the regulation did not account for repeaters. Repeaters are always-on radios mounted in geographically advantageous places to amplify weak radio signals extending their range. Who "owns" the frequency occupied by a repeater? No one. The FCC left it to Hams to coordinate the frequency assignments for a repeater. There is language in the regulations affording precedence when interference occurs with a repeater involving the Ham-run coordination. The problem was handled in the community and repeaters thrive today.
But back to the packet network - while HAMs have shown to be very cooperative folks (albeit ornery) with repeaters, this cooperation did not extend to the packet network. I'm told some terrific arguments used to break out at the meetings of the network group. Compromise, it seemed, was not an option.
Finally, rather than improve the software and hardware to deal with interference, things died down. The network still exists as only a shadow of its former glory - and without advancement.
The Internet infrastructure consists of privately owned equipment, and each owner can choose whether or not they'll cope with something they don't like. But the collective "Internet" that exists only when these networks work together is much like that shared spectrum HAMs use. It only works when the people who own the infrastructure agree to equal access for all traffic and issues should be settled in accordance with the understanding that the Internet is a commons. Anything less is not the "Internet."
Moral Beating:
If you don't like SPAM, then adjust your receiver to ignore it. The end-2-end principle should apply. Only the edge device should carry the ability to decide if information is of value or not. IF the SMTP protocol is too open for your tastes, then revise it to become more intelligent.
There is nothing wrong with subscribing to blacklists for your own mailbox, but to do so in a manner that blocks mail for those who have no choice in the matter violates the spirit of the end-2-end concept and the spirit of freedom that many in the earlier days of the Internet thought could change society for the better.
Quit bitching, apply your filters and focus on things that really matter.
-b-
"The problem is spam, not open relays. Don't ban guns, or cars, or forks because people may do bad things. Spam will still come, in larger amount than ever, even if all open relays are closed."
The reason open relays are used is because spammers frequently get blocked. I do that myself. I want to have the choice to block spammers. I also *don't* want to have to add Mr. Gilmore to my list of spam servers, since he has legitimate users.
That's why I urge him to close down his relay, or require authentication.
I fail to see your point about mail having to go through the large ISPs. My mail goes straight from my machine to whomeever I am trying to deliver it to. Yes, those packets pass through the large ISPs, but then, so do Mr. Gilmore's (and frequently my traffic is encrypted anyway, so good luck to them)
If you want privacy, use PGP.
And I fail to see a phone on every corner as helpful. It would force me to unlist my cell and block all public phones so I wouldn't get called 3000 times a day.
I'm all for anonymizers, encryption, and internet privacy, but let's all use a little common sense so I don't have to block the interesting things Mr. Gilmore might have to say due to his offers of penis enlargement.
-- perl -e'print pack"H*","6e656d6f406d38792e6f7267"'
I think it's rather clear that Gilmore isn't really running an open relay because he truly has concerns that some of his "friends" (who he doesn't trust enough to give accounts to on his system) might not be able to send out email.
He's merely trying to start trouble, for the sake of raising awareness that open-relay blocking won't eliminate spam.
I say fine, point taken - but you're still not part of the solution. Instead of bickering with an ISP over their rights to kick you off for breaking your terms of service agreement, why not help develop new tools to better filter out spam? That would do everyone much more good!
From: Michael Merritt
/. "junk filter")
To: drg@verio.net
Cc: gnu@toad.com
Date: Thu, 7 Mar 2002 12:47:17 -0600
Mr. Darren Grabowski
Verio Security
Mr. Grabowski,
I write to you in response to the web page located at
http://www.toad.com/gnu/verio-censorship.html
I encourage you to continue your actions against Mr. Gilmore in response to
his refusal to comply with the terms of your company's AUP.
Let me state that I firmly uphold Mr. Gilmore's RIGHTS to run an open mail
relay as "free speech". Yet, I also firmly uphold your company's ("Verio")
RIGHTS to deny him service if he does not adhere to the terms of the service
contract which you offer him. Mr. Gilmore's continual payment of the service
charge for his T1 connection is acceptance of the terms of Verio's service
contract.
Furthermore, I firmly support the RIGHTS of Internet users, system and
network administrators, and blacklists to REFUSE to accept mail from Mr.
Gilmore's server/connection/domain.
I am exercising my RIGHTS to freedom of speech and expression in this
message, as any American citizen is permitted. I also respect the fact that
you have a RIGHT to disregard, ignore, or otherwise disagree with my views,
beliefs, and practices.
If Mr. Gilmore is truly concerned about everyone having the freedom to
exercise their RIGHTS, he will accept the fact that Verio has the RIGHT to
deny him a connection, and he has the RIGHT to seek a connection to the
Internet elsewhere. I do not find a law or governing statute anywhere that
declares every free man has a RIGHT to access the Internet.
Thank you for your time and consideration of this matter,
--
Michael Merritt
SPAM filtering by SubLimeMail -- http://www.sublimemail.com/
(remainder of signature snipped for
Come on people! John Gilmore is going on and on about his freedom of speech and how he is running a mail relay for his friends.
He is lying.
If he really wanted to run a mail relay for his friends you could authenicate them on a properly administered CLOSED mail relay. Here are a few ways to do this:
POP before SMTP authentication
SMTP authentication
SSH accounts for his friends
Webmail accounts
And John Gilmore certainly knows these and other methods of properly administering his mail server.
I doubt he is running a spam relay for profit, I think he is just trying to stubbornly make some minor point of personal philosophy, and hiding it with his words.
- For the complete works of Shakespeare: cat
Spammers cause spam.
:)
Sounds like a statement I very much believe in about guns. Yet for some reason I feel it isn't quite as simple. I liken the scenario (closing a relay) to putting a lock on a gun to prevent a child from getting their little hands on it and shooting someone/themselves. So too is closing a relay.
But then again the difference is that an open relay does have legitimate non-spamming uses. Again sorta sounds like an argument often made for mp3, napster etc. Things which I also feel should not be shut down.
I don't think there is a 100% correct answer but I will defend my position that open relays should be closed by saying: closing open relays has the potential to signifigantly prevent bad things from happening (spam and virii) while ultimatly not preventing much of anything legitamate from being done. Much like a lock on the aforementioned gun doesn't prevent you from hunting or self-defense. so IMO relays should be closed. Of course we all know what my opinion is worth
If you can't be good, be good at it!
ITS CALLED SMTP AUTH, why doesnt he use it? What a goof.
thanks, that made my afternoon
Hell, -I- could censor -you- given enough money and possibly a gun to your head. And I'm just an underpaid private citizen with credit card debt. Quit trying to confuse the issue.
Don't ban guns, or cars, or forks because people may do bad things.
I agree with the sentiment, but it totally misses the point in this case. If SMTP servers are like guns then authentication is like trigger locks.
Suppose I left a gun in an unlocked shed "so my friends can use it". If kids were stopping by and firing bullets around the neighborhood, my neighbors might be pretty upset. If I self-righteously protested that neither I nor any of my friends had fired those bullets, they probably wouldn't be mollified. If I refused to lock up the gun, they might go to my landlord and try to get me evicted.
According to the article, Gilmore is a libertarian. So he should applaud people finding private solutions to the problem his open relay is creating.
I think we discussed this enough in the prior story Are SPAM Blacklists Unreasonable?
But, some information just bears repeating. First, there is a very good test system put in place by The Open Relay Database. Anyone running a mail server on their system should use this service (I do).
There is also a very good site that runs down how to close holes in different servers at mail-abuse.org.
Regardless of why this system is being exploited, it is certainly the system administrators fault...
If the government makes a rule, they threaten you with force.
If people decide to block you, they just stop listening to you.
The first is quite a dubious activity. Sometimes necessary (almost certainly), but always deserving of a great deal of hesitation.
The second is the individual decision of people. And if people are too draconian, then they will start being ignored. But if they decide that you aren't worth listening to, then it is their clear right not to listen.
That said, blocking lists is certainly a tremendous bother at times. "(Mail relay prevented by default)" can severly reduce the value of a mailing list, as well as enhancing it. It blocks spam from a site, and also blocks all other communications from those using the same ISP. But it's their right.
.
I think we've pushed this "anyone can grow up to be president" thing too far.
You raise an interesting question. Does this harm the (presumably) good name of the EFF? Generally, the EFF is on the Side of Clue and Good Network Health as well as the side of Freedom.
I have seen comments on here about people not donating to the EFF so as not to support their somewhat weird spam statements.
These arguments seem air-tight unless Verio is a local monopoly. If it is, then perhaps they need to have two classes of membership, one of which is unfiltered.
I think we've pushed this "anyone can grow up to be president" thing too far.
I went and saw a talk this afternoon, given by John Peter Barlow (another co-found of EFF) at my school. Someone asked about this, and he had a very good response, one which makes me side with Gilmore on this:
The whole point of the internet is dumb network, smart nodes. If the end nodes aren't smart enough to deal with spam (99.9% is quite easy to identify) and viruses (hello MS, I'm talking to you), then that is the problem of the end nodes, not the network.
<possible flamebait>
If I take a bus to downtown and proceed to throw a brick through a store window, is that the fault of the city, for running the bus service? (I know this isn't a particularly good analogy, but it's the best I can come up with on short notice)
</possible flamebait>
Posting at +2 on purpose. Moderate as you like.
I wonder if anyone will mailbomb him using his mail server? I think that would be delicious irony to fill up his mailbox several times a day with junk. Just a thought.
Since its discovery around Valentine's Day, Yaha, also known as "Valscr," has wormed its way past Nimda, Hybris and Funlove to the number eight position on the current list of virus threats tracked by managed e-mail provider MessageLabs.
This almost sounds like a Casey Kasem American top 40 show... Wow great, now virus writers have a feedback mechanism to rate their performance and a target to shoot for: NUMBER 1 on the list.
CK: Now, here's VdUB with his latest hit, 'Don't open this fking Email!!!'. Tell us, VdUB, to what do you attribut your recent success as #1 email virus writer for 3 weeks in a row?
V: Well, I, uh, wud like to thank most of all, the Microsoft Outlook development team for making this all possible, special greetz to 4TerTz, and all the gang at the 7oyz2bad gang for the stealthSMTP script and killer relays...
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Kevin Mitnick, the guy who spent several years in jail for hacking, actually hacked several of John Gilmore's computers. I wonder how he did it? ;)
John Gilmore's a nice guy, but he's a wealthy eccentric who doesn't take advice from others. He's a lot like Bill Gates, except he's a hippie GNU/Linux nut. He was one of the first employees at Sun Microsystems.
You can read all about his Libertarian attitude and lifestyle in the book Takedown.
If Gilmore is responsible for the spam sent through his open relay, then MAPS and Spews and Osirisoft and all the other DNSBL will be responsible when China begins imprisoning admins for leaving relays open.
The argument against Gilmore seems to be that when you know your actions will enable or make possible actions taken by others, and you take that action anyway, you are responsible for the actions of those other parties.
If that is so, then all ther DNSBL operators will be responsible if China starts locking up admins who neglect to close their relays. It is as simple as that. One follows from the other.
I am with Gilmore - spam is the problem, not open relays.
Now here comes the flames...
Edith Keeler Must Die
If you want to apply the usual ethics about freedom of speech, you ought to require him to use some form of authentication for his friends, to ensure that their speech is accessable (since he won't be blacklisted) and free of excessive noise (spam, viruses). VPN tunneling, IMAP, shell accounts, webmail, authenticated POP, and POP over SSH come to mind.
Of course, I'm assuming that spam and viruses are not valuable examples of free speech in action, a view that may be difficult to justify. I consider them to not be speech for the same reason that I don't think the signals generated by a garage door opener are speech--they are signals, possibly meaningful in some context, whose intended purpose as used is to cause some event to occur. The spammer says, "I push this button, and our monthly page views go up!"; the virus distributor says, "I push this button, and 3y3 0wnz j00!"; I say, "I push this button, and my garage opens!" In none of these cases is the button pusher trying to convey any information to another person. If the signal (virus, merchandise, scam) is itself an object of conversation, I can see it being speech, but that context isn't relevant to open mail relays.
Isn't it obvious that the reason he wants to keep his relay open is so that his cypherpunk friends can send less-traceable e-mails? A noble goal, even though it has unfortunate side-effects regarding spam and this new virus.
/., surely the hypocrites here can retract their heads from their asses long enough to see the adantages of a static open relay for helping to safeguard the privacy of e-mails. Does it have unwanted side effects? Yeah. Freedom always does.
In this day and age of government snooping, Carnivore, shutting down anti-globalization websites, justifying mass surveillance of all citizens under the rubric of anti-terrorism, and the other atrocities reported every damn day on
Look, let's be frank here: spammers will always find open relays in Asia. Always. China's recent baby steps forward notwithstanding, you know that this is true. This is part of the spammer's job. If spammers couldn't find open relays, they'd just purchase ISP accounts, start flooding out of their own servers, and move on when they get cut off. They sometimes do it now, even though open relays aren't hard to find.
Toad, on the other hand, is just a way for the privacy conscious to have a little conrol over how their e-mail gets routed without having to work like a spammer to keep up-to-date lists of Asian relays. It's just an added layer of obfuscation. Shutting it down won't curb spam or viruses, it'll just take away a privacy tool.
Chasing Amy
(We all chase Amy...)
"The more corrupt the state, the more numerous the laws"-Tacitus
You miss an important point. He provides a tool to facilitate anonymous posting.
- Spammers can misuse this to send spam.
- Whistleblowers and humans rights activists and oppressed people can use this to pass out information without getting shot or identified. There are parts of the world where complaining about your situation is a capital offence. Even is the "free" world, complaining about mistakes in a company can cost a job and your livelihood. (It is not "his friends" that he provides this facility for - so a large number of other people have also missed the point.)
Napster/Gnutella provide a tool to facilitate copying files.
- Some people can misuse them to bypass copyright restrictions.
- Other people can use them to copy files for legitimate purposes.
How is a general purpose tool that can allow publishing information about attrocities less worthy of your acceptance than a general purpose tool for file copying?
You guys are having a feeding frenzy against a person who has done more for open source and online rights than many. I would think that he is at least owed enough respect to start an online dialog giving a chance for response to balance the mud-slinging. This sort of one-sided attack does not belong here and I am utterly disgusted to see it.
use SMTP auth, or pop before SMTP.
Open relays are no longer acceptable, because it enables spammers to abuse your connection to make money.
And everyone else has to pay for it....
I've seen various postings debating rights -- whether Gilmore has the right to demand service from Verio, whether he has the right to keep his relays open, &c. This is a red herring. It all boils down to his incompetence as an administrator. Anyone worth his salt knows that there are far easier, more expedient and more secure ways to accomplish his goal than keeping SMTP relays open. For God's sake, John! Create some frigging accounts and force your buddies to log in! Or set up VPN access!
Gilmore, a life member of the Libertarian party, has accused Verio of censorship and said he configured the mail server to accept and forward e-mail from anyone in part so that friends could use it while traveling around the world.
Gilmore isn't as much of a Libertarian as he thinks. After all, Verio owns the network, a good Libertarian would say that they have the right to refuse service from anyone, and that it's not censorship since they are a private entity. Sounds to me like Gilmore is trying to "coerce" Verio into providing him service. Not very Libertarian at all.
The next moderator that comes through (and isn't an asshole) ought to mod this up.
(Regardless of whether it's right or accurate, it's still "+1 Interesting")
Are we talking about the "third-party relay"
and not any "open relay" ?
see http://mail-abuse.org/rbl/relay.html for details
To: drg@NOSPAMverio.net
2 13&mode=nested&tid=153), here are my thoughts.
n c/data/w32.yaha@mm.html) This in and of itself should be grounds for immediate termination of Gilmore's T1, or at least an ACL entry on your router serving his connection to block all outbound port 25 traffic, until he straightens this mess out by implementing some sort of security on his relay. I understand this is already the case. If not, perhaps it should be?
Cc: gnu@NOSPAMtoad.com, gnu@NOSPAMeff.org, nospam@NOSPAMeff.org
Darren:
Further to my phone call of a few minutes ago, here's a followup email of which I'm also sending copies to John Gilmore and the EFF.
Having just learned of this whole saga (http://slashdot.org/article.pl?sid=02/03/07/1623
I find Mr. Gilmore's behaviour and attitude absolutely abhorrent. He apparently thinks that he has the moral right to run an open relay, and that noone should stop him.
Has he never heard of SMTP authentication (http://www.imc.org/rfc2554)? This would allow his mail server to accept socket connections from anyone, yet only allow his authorized users to send mail through his relay. Most modern MUAs support this.
Now, supposedly, a virus is (or has been) using his relay to propagate. (http://securityresponse.symantec.com/avcenter/ve
If this were 1992, one could see how beneficial an open relay might be on the Internet. Unfortunately, this is no longer the case under any circumstances.
Being a paying member of the EFF ([My EFF-registered email address went here]), I am sincerely disappointed that the EFF is taking such an anti-Internet stance as to support the maintenance of an open relay which has, without any doubt, been abused in the past (and will no doubt continue to be). This makes me sincerely rethink my desire to continue to be a paying member, as well as my advice to friends and relatives to make donations to the EFF in lieu of giving me gifts at the holidays.
I find it amusing that Mr. Gilmore himself asks (http://www.toad.com/gnu/verio-censorship.html) for a copy of any correspondence regarding this matter be sent to nospam@eff.org -- how ironic.
Thanks in advance for helping to keep the Internet free from spam and virii, Darren. Knowledgeable Internet users everywhere thank you.
[My sig went here.]
There have been a number of times when I could have done with an open relay. Times when POP was ok on an account but SMTP had problems. I think having well publicised open relays is good for the community... if we can keep bulk emails off.
Hence restricting volume, as suggested above, is a good idea. If he isn't just too lazy to do POP before SMTP authenticate and it's a freedom of speech thing then he should hack the relay to allow 100 emails/day from one IP. That's an awful lot of speech to have free and should help those being held hostage by their email providers problems whilst stopping spam.
Phillip.
Property for sale in Nice, France
"I can't give you a brain, so I'll give you a diploma" - The Great Oz (blatently stolen sig)
Well if he wasn't such a paranoid fuck it wouldn't be a problem. I'm well aware of Carnivore and all that crap but since I'm not breaking the fucking law I don't have much of a problem with it.
Sometimes people have such a inflated sense of self worth that they consider themselves worthy of government attention when the government doesn't have a reason to be paying your boring ass any mind to begin with.
Oh well to each his or her paranoid own.
Mac OS X and Windows XP working side by side to fight back the night.
I've posted numerous times here about Gilmore's open relay. Each time I think it will be the last time this silly topic arises, and each time I'm wrong. Here I am posting again.
Many others here have reiterated the things I've been saying all along, that there's no excuse for his open relay and that there are numerous solutions he could easily employ to stop spammers from using his mail server, so I won't belabor those points.
There is one point that still needs to be made, though. Despite his past record as champion of the Internet oppressed, John Gilmore is a danger to the rights of anyone who gets in his way, be they oppressed or oppressor. He is *filthy* rich from his days at Sun (and perhaps other things), and is apparently willing to throw his weight around with no regard for legal costs if he feels like making some sort of point. The problem is, he's a cantankerous, arrogant person with often strange views on right and wrong. There is a seeming randomness to the causes he takes on these days, and in cases like this, where the entity he opposes is clearly in the right, he does nothing but hurt the Internet community at large. Not only is his relay a spam engine, causing immediate but somewhat localized harm, his fight with Verio threatens to undermine an ISPs ability to enforce reasonable acceptable use policies. This latter point has broad implications for the entire Internet.
I see him as a sort of "legal terrorist". His cause is on the side of a very small faction (spammers, lazy admins, and himself - though he might also fall into one of the preceding categories), he has an undue amount of firepower (vast quantities of money to pay lawyers) and has a fanatic will to use that firepower. He is known for taking on causes, sometimes without due research, simply because it offends his often skewed viewpoint. And with the EFF behind him, with its history of legal success against the toughest of opponents, most people quail when confronted with his opposition. Spammers generally do not have the werewithal or the reputation to stand against an ISP who shuts them down. Gilmore has indirectly taken on their cause, and because of the size of his guns, might actually help them in ways they could never help themselves.
I have had dealings with Mr. Gilmore in the past, and feel obliged to say that, in my opinion, he was arrogant, uninformed and misguided. He is the quintessential kneejerk activist. He has done good things for Internet freedom, but his obtuse actions in recent history seem to say that it's time for this horse to be put out to pasture. Mr. Gilmore, I think it's time to pack your bags and move to a beach in Bermuda and enjoy your piles of money. Or perhaps feelings of guilt at being uncommonly rich are what drives you to do these things?
How this got a 5 is beyond me. You make his point about outlawing cars far better than he did.
Sendmail isn't spamware. Open relays aren't spamware. They have legitimate purposes far and above any illegal or unethical uses. It was around with open relays long before people realized they could abuse them.
Open relays like this could be maintained better, but it isn't the operators obligation to jump through hoops, especially when he has a explicit, legitimate reason for wanting to run it that way. He isn't breaking any laws or ethics. There may be better ways to run it, but all of them remove the anonymity that he is pulling for.
I have had this argument before, but if you remove the ability to be anonymous, you have removed free speech. YOU should read the first ammendmant, and all subsequent court rulings. If he is interested in free speech because of the anonymity of the open remailers, than more power to him.
On the other hand, and to bring back up the analogy of cars, if a man steals my car, and uses it in the commision of a crime, I am not responsible. If I lend it to him, and he uses it to commit a crime without my knowledge, then I may be civily liable. If he uses it with my fore or aft knowldge to commit a crime (and I say nothing in terms of aft knowledge), I am criminally responsible.
The Internet used to be about openness and trust. Back before Canter & Siegel; the "Green Card Lawyers", back before the Net was opened-up for the Dot Com's and commercial postings.
Back then, having an open relay was no big deal (it was even expected) because we were all friends working for the betterment of the Net, and each other. There was no "cut off their air" because the Internet was a cooperative; their air was our air. A network gains strength as a whole whenever any part of it is strengthened.
That was the Internet that Gillmore grew-up on (and helped found). Perhaps you can't remember, or perhaps you were just too young to remember what it was like back then.
That was back before the Fall of '93.
First it was spamming shutting down USENET groups, which begot CancelMoose.
Next we started seeing email SPAM, which begot procmail and it's necessary filters.
Then port 25 was blocked, and peer-to-peer email was to be nevermore.
Now we're starting to reap what we have sown.
The Internet will soon be owned by one or maybe two large network providers (AOL/Time Warner and/or MSN) and every packet you send will travel only with their permission; through paid transport or non at all. Intelligent routers will give these network providers the ability to block (or charge for) any activity they think they can make a buck off of.
And once there's a single majority player, it's all over. Internetworking always benefits the smaller organization more than the larger one (because it gains access to more resources in the bargain) but only benefits both sides until one gains a majority (at which point providing network access for your competitor cost more incrementally than providing the resource yourself).
We have lost the Internet to those who would claim it as their own and carve it up over those who come in good faith and trust to build and to share.
Think about those whom you loath the most, and what characterizes them all. We hate airline shoe bombers because they exploit the trust inherent in our air travel system to harm us where we are vulnerable. As a result, we must all remove our nail clippers when we fly.
We hate the RIAA and the MPAA because their actions to shutdown legitimate sharing of copyright materials. Their actions are a response not to the person who wants to rip the CD for their car, but to those who abuse the trust by ripping a track and making it available to all comers over the internet. And we (most of us here, anyway) hate them because of the price we must now pay as a result. We may find ourselves losing Fair Use forever because of the actions of a few individuals who's use was anything but fair.
We rant for columns on end about Microsoft's abuses of the market; and what we complain about is the abuse of trust we have placed with them. Then we complain about the latest Microsoft security vulnerability, and again it's about trust misplaced.
We complain about spyware, about online privacy, about the rights we've lost, about abuses of the GPL, and in each case it's the trust we've lost, and usually about how many Karma points we're going to grant to whichever post points this out in the funniest way.
So when Gillmore sticks his nose out and actually still trusts the community he helped to create, you shoot the messenger when you should be shooting the message.
It's not the open relay that's harming your computer; it's the virus, and the impure pond scum who wrote it!
You want the RIAA off your back? Give them a reason to trust you.
You want Microsoft to change their ways? Stop paying them for the trust they've stolen from you.
You want to keep spammers from sending UCE to you? Spread the word that spammers lie.
And if you want a free (speech) Internet where ideas are judged by their merits, rather than by the forum where they are delivered? Speak up and be heard.
Or don't. This Internet is already lost. Trust takes decades to build and seconds to destroy, and all of it which was once here is now gone for good.
You want to know what built the free software community? Trust is the operating system of the free software movement. Destroy that trust and free software will not survive. That's one reason why it's so important to assign your copyrights to the FSF (so they can defend them) and to contribute to the EFF (who understand all this stuff).
The thing about things we don't know is we often don't know we don't know them.
One of 25. Which are
203.92.100.186. 72.36.421 09.222
200.253.229.66
1 40.174.2.1
c /data/w32.yaha@mm.html
210.242.232.25
61.129.53.82
205.200.155.2
211.21.47.218
211.97.214.53
200
210.101.186.3
210.12.164.230
202.108.
195.22.21.14
61.78.199.6
211.99.206.199
216.244.152.250
211.219.246.25
211.154.129.31
202.102.200.103
210.176.173.60
202.53.64.195
202.104.108.226
and a few non-resolveable ones.
See http://securityresponse.symantec.com/avcenter/ven
Already submitted them to ordb.
two thumbs down to verio for caving in.
Xfce: Lighter than some, heavier than others. Just right.
John Gilmore is not just a clueless know-nothing who refuses to close his mail server out of ignorance.
Unfortunatly, you are correct. He is not doing this out of ignorance. He is doing this out of malice.
News for Nerds. Stuff that Matters? Like hell.
It looks like the majority of /.ers are siding with Verio on this one. I read Gilmore's web site and he has some interesting views on a lot of things. His opinons on SMTP blacklisting and list operators control over ISP's is a very good read. I think Gilmore makes some valid points and raises some valid concerns. For example, The current list of anti-spam restrictions is not written down anywhere that I could find; you only find out when a blacklist notice appears in your inbox, telling you that you are going to be thrown off the Internet unless you immediately change. Next week they could demand that any ISP which is also a phone company must cut off phone service to alleged spammers; the following month demand that every ISP turn over credit card and/or customer address information on demand. (Some people claim that thir "fee" for reading a spam is $50 or $500; I'm sure they would like to immediately charge somebody's credit card for it,and let the details and legalities sort themselves out later).
One thing that is being missed is he was once the co-founder of this ISP which over time and various mergers is now Verio. When he founded his ISP their policy was to give the subscribers the ability to do what they wanted. My ISP has changed hands several times in the last three years. With each change of hands there is a new TOS agreement. What is acceptable use today might not be acceptable use by the owners of tomorrow. As it stands my service is getting cut down one port at a time. Rather than educate its customers about viruses and exploits my ISP would rather just block the ports that are exploited. In their mind as long as they provide a portal web site to thier subscribers they are providing service.
I'm glad there are people like Gilmore who have the resources to challenge ISP's. Who else is there who stand up for the rights of the customers? Surely its not our government who passes laws like the DMCA which strips away our privacy when it comes to the internet. Today Gilmore's battle is with SMTP relays and blacklist operators. Tomorrow it might very well be the RIAA and ISP's blocking ports of known P2P clients.
Call the guy crazy if you want but I think his fight is a good one. Its about freedom, something which is slowly dying on the internet.
'Same speed C but faster'
His right to free speech on the Internet ends at my inbox. Period.
If spam was only an occasional annoyance then I would agree with Gilmore that it is not worth "limiting free speech" to reduce. But spam has gotten to the point where it is itself a significant barrier to, if not free speech, let's say free communication.
>> Shutting it down won't curb spam or viruses, it'll just take away a privacy tool.
So bad seed ISPs in Asia are a problem so bad that we want to block all of Asia, while an open relay closer to home is a privacy tool??
The classic example is to ask what you think of the ethics of throwing an old woman to the ground and beating on her. I'm sure that most people would agree that it is wrong. But add the additional data that she was on fire and you were beating out the flaims, and the whole picture changes.
Gillmore whines Any measure for stopping spam should have as its first goal "Allow and assist every non-spam message to reach its ecipients." That is bogus, as I'm sure he knows. The first goal should be to use all available ethical and legal means to impede and penalize those who spam or support spam. Gilmore's open realy is one of the legitimate targets. Gilmore can set his own goals, but for him to presume to tell us what our goals should be is chutzpah, and, IMHO, ample reason to add him to private deny lists.
Gilmore, throughout his diatribe, ignores the first principle of the anti-spam community: It's not about content. Nobody is searching his messages for naughty words or non-PC text. Rather, they are processing whatever messages he choses to send from IP blocks that they are willing to accept traffic from.
My ISP blocks traffic from certain addresses. Are they censoring my correspondents? No. Are they interfering with my personal liberty? No: in fact, they are enhancing it: I dropped my previous provider because they were not willing to impliment blocking, for technical rather than ideological reasons.
To John's credit he acknowledges this problem with spam and also proposes a solution Grokmail. It looks like it will be an email reader that will use an intelligent agent to filter your mail. But as I see it his solution fails in two ways.
1) It is not yet a reality.
2) it doesn't address the burden on the network of masses of unsolicited mail. His solution will actually make this much, much, WORSE. If his system works and everyone uses it. Then it makes the most sense to send your commercial email to (quite literally) everyone! Those that don't want it won't even see it (though it will have been sent to them), those that do will. Win/win for everyone right? You don't see unwanted spam though occasionally you will get an unsolicited commercial email that actually interests you (hey, it could happen). The spammer gets his message in front of every single interested potential customer in the whole freakin' world! Yay!! But behind the scenes the network is transmitting EVERY SINGLE commercial message to EVERY SINGLE user. Masses of useless data that will never even be seen - probably many orders of magnitude a greater volume of data than that which is actually going to be seen and used. Perhaps technology will make this a viable system (seems outrageously inefficient though)
Connected to 140.174.2.1.
e nd mail.html
Escape character is '^]'.
220 toad.com ESMTP Sendmail 8.7.5/8.7.3; Thu, 7 Mar 2002 14:40:04 -0800 (PST)
Sendmail 8.7.5 ? Forget open relay -- unless he's been patching this by hand,he's going to be rooted any minute !
http://www.netcraft.com/presentations/interop/s
On his web-site Mr Gilmore suggests contacting his provider (Verio) to let them know what you think. Sounds like a splendid idea to me. Here's the message that I sent (I don't believe in republishing other people's addresses, so I've anonymised them. The correct addresses are available from the toad.com URL linked below):
----
From: "Jeremy Howard" INVALID@fastmail.fm.INVALID
To: "Darren Grabowski" INVALID@verio.net.INVALID
Cc: "John Gilmore" INVALID@toad.com.INVALID,
"NOC Security" INVALID@noc.verio.net.INVALID,
" Vantive Updates" INVALID@vanwebserv.verio.net.INVALID
Subject: Comments on open relay at toad.com
Dear Darren,
John Gilmore suggests that people should contact you regarding the treatment of his open relay at toad.com:
http://www.toad.com/gnu/verio-censorship.html
I am a director of FastMail.FM, a popular email provider. I would like to applaud you for trying to help rid the Internet of open relays. We have
recently completed an analysis that suggested that for each 10,000 messages that arrives at our system from open relays, only one (on average) is valid email, while the remainder are unsolicated commercial email (UCE, or 'spam').
There is no valid reason to run an open relay SMTP server. There are many effective authentication mechanisms. For instance, at FastMail.FM we use SMTP AUTH, which our users have found to be a convenient and robust method for authenticating with our SMTP server. We also provide a web interface for sending email, which allows users without access to a client supporting SMTP AUTH (although most do) to compose messages, format text, spell check, maintain an address book, and so forth.
We block all messages from open relays, and we scan frequently used sending IP addresses for open relays automatically and send positive results to some DNSBLs such as ORDB.org. We would encourage you to do the same.
We have a very active user community that receives over a thousand posts a month by enthusiastic users. Every time open relay blocking has been discussed here by our users it has been overwhelmingly supported, as has the support of DNSBLs that list open relays.
We encourage you to maintain your stance on closing open relays. Furthermore, I hope that Verio will consider taking a more pro-active stance against "spammers" in the future--there are still numerous known spammers operating through Verio's network despite repeated emails to your abuse desk informing of the problem.
Thanks for you time,
Jeremy Howard
Director
FastMail.FM
What the hell is wrong with you people? If you have a problem with receiving spam, fucking deal with it yourself. It's YOUR responsibility to read the mail you want and discard the mail you don't, not some ISP or government agency's. Do any of you even realize that all you are doing is contributing to the limitation of your own freedom, ability to use the internet the way you want, and privacy when using it?
Government regulation is certainly not the answer, nor is it legal (for the US government at least, read the Constitution)
Neither is ISP blacklisting or filtering a suitable solution. It denies the user (ie. the person who has the receiving email account) the ability to decide for himself what he wants to receive on the internet. An ISP should provide access to the internet - nothing more, nothing less. It's the user's responsibility to pay attention to what he wants and ignore or filter what he doesn't.
-
Also read http://www.toad.com/grokmail/antispam.html
We should all be supporting Gilmore for his firm commitment to a free internet, not denouncing him.
Doesn't anyone else find the irony in allowing open realy's yet at the same time advocating anti-spam software?
http://www.toad.com/grokmail/antispam.html
Come on bud! You can't have your cake and eat it too!
Maybe you are making the common mistake of assuming that the same people are involved in both arguments. Anyhow, I think the "go after the user" argument is idiotic. If you really think that copying music is wrong, then Napster, Gnutella, et al. are wrong and should be punished much more severely because they are industrial strength infringers. The attempt to ascribe non-infringing uses to these tools is utterly dishonest. We use them to transfer material that cannot safely be published on the web. So my position is:
All the people crying "go after the users" will be very unhappy if this is actually done.
Actually, some of us feel that the solution is to do away with anonymnity in the email domain. A weblog like this site can provide an anonymous forum if it so chooses, but what's the point in allowning anonymous email? Mail should be authenticated at all relay points on the way from source to destination. That will get rid of spam, and it won't interfere with communications.
There are hypothetical instances where this would be a problem. But there are hypothetical instances where anything can be a problem.
Look, whenver virus' or spam get propogated, its bad. No question about that. But that doesn't mean that the law should restrain ISP's or individuals with routing services. Remember the lesson Lawrence Lessig taught us -- the intelligence in a network should be at its ends (e2e) not within it. Networks where intelligence is within the network are static and can't evolve or adapt to new changes. This doesn't mean that ISP's shouldn't be allowed to filter out SPAM, use blacklists, filter virus', etc (so long as they're not filtering out things just b/c they don't agree w/ them). Indeed, the internet would be even slower if ISP's let every spam request go through. But ISP's shouldn't be forced to abide by certain standards. After all, we, the END user, have the ability to filter out that crap, and not even download it based on the header.
As for virus' propogation, its not the fault of an ISP or a router. Virus' only propogate becase people are stupid enough that they don't use virus checkers and that they open up obviously questionable "executables" or otherwise dangerous files. As a simple rule, any thing you get which isn't from someone you know, or isn't something you requested, is probably a virus, spam, hate-mail, political hogwash, some stupid chain letter which you really don't find interesting, or a combination of the above.
Lets not blame ISP's and because the "ends" are ****ing dumb sometimes.
That's like blaming Ford because they didn't include precautions in their car to prevent someone from crashing into a wall.
social sciences can never use experience to verify their statemen
Actually, I think everyone's wrong. Why does the only choice have to be totally open relays or blacklisted/blocked off?
One wonders why you couldn't have an SMTP server with some anti-spam restrictions like:
1) will only deliver to a limited number of recipients -- say 1-5
2) will not accept more than 1 message every 5 minutes from any given IP ("Slow Down, cowboy!")
3) uses some kind of authentication that changes in a way easy for humans to pick up on, hard for machines
... something like that. It doesn't seem to me that any of these would be too hard, given a couple of free afternoons and Net::SMTP from CPAN.
OK, I don't have anything specific in mind for #3, but 1-2 aren't rocket science and would make spamming hard.
Libertarianism is rich wolves and poor sheep playing gambler's ruin for dinner.
Hey, and I have the freedom to blacklist his sorry ass for having the open mail relay in the first place. After all, your entire argument is predicated on freedom, and that cuts both ways, Tonto.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
Or perhaps a bit more to the point, he could set up authentication for his friends. That's like making duplicate keys for your friends (where you are authorized to do so - not a "janitor" situation) while still keeping strangers out.
This won't give 100% accessibility, but it's a reasonable compromise. If he wants 100% accessibility, he should set up a web mail server interface, again with some form of authentication.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Hrrm .. While this is a nice story, your advice should be taken with a grain of salt.
/very/ bad sysadmining. There are very simple tools to check for this kind of thing, and there are very pretty graphs to be drawn for traffic. Just make a habit of it to look at it every now and then. I know I do, and I know I stopped quite somee **** from coming down on our network. It's really not that much work, and it's really not worth 6000 Euros. Ever.
...
A company that has a reasonably big pipe to the net and does not notice the simplest of errors until it really hurts (monetarily speaking) will have a lot of problems, anyway.
Seriously, an open Proxy ? And nobody noticed ? An open ftp server with no quotas ? And nobody noticed ? A filled pipe ? And nobody noticed ? If you ask me, that just speaks of
I have to shudder when thinking of how bad security will have to be if even such basic "exploits" worked so well for so long in your company
That said, yes, an open relay will cause you headaches. But I'm guessing Mr. Gilmore knows that. I don't respect him for this decision, though I do have respect for the man.
ttyl,
mxs
Their rights end where mine begin. When his open relay can be used to spam the shit out of my servers, my mailboxes and generally trample over my rights, he is just plain shit out of luck.
We could call it the Slashdot Twitch. That's when your knee starts jerking because you won't bother to look into the facts and context of a story before you leap to conclusions.
:) -- but really, John has done a terrific amount for the net and for our inherent right as human folks to communicate. And THAT is what the whole tussle with the Verio middle managers is all about.
If those of you afflicted with the Slashdot Twitch at the moment actually read what John Gilmore has said about this episode all along, perhaps you will be able to alleviate your symptoms before they make you look foolish.
Especially those of you who shot your mouths off, called him names and blackholed toad.com without a second thought.
The point John was making all along, for those too lazy to actually read what he wrote, is that braindead ISP policies that are designed to address issues in a technically deficient but corporately convenient way, that get in the way of people who know what they are doing, are irrational and to be resisted.
I've known John for a long time and I have my (friendly) disagreements with him -- "please would you support getting FreeS/WAN going on FreeBSD" was my last one he didn't go for
--------------
Bill Gates Is My Evil Twin.
A few simple rules would prevent this, like only allowing mail with a FROM: feild of a user or something, or as others do with allowing SMTP relaying after you've logged on with POP or IMAP.
Sure, his friends might be able to send mail from anywhere, but will they be able to send mail to anyone once his box gets blacklisted?
autopr0n is like, down and stuff.
A lot of you have been saying that Gilmore is just a customer of Vero and has to abide by their service agrements. That might not be the case. According to his website: The Little Garden (with John Romkey, David Henkel-Wallace, and Steve Crocker) A medium-sized Internet Service Provider in the San Francisco Bay Area. now merged into Verio. We mostly sold T1 and 56K Internet connections to businesses. We were distinguished from many other early commercial providers by our common-carrier attitude: "You are free to resell the service that we provide to you, and we will not censor it." This enabled a whole crop of smaller resellers in various locales to buy from us and offer other services to the public (like modem-based Internet connections).
So it isn't that Gilmore is "just a customer" but rather Gilmore started a company and vero merged with it. This would imply he had a bit more sway in the way things are operated.
autopr0n is like, down and stuff.
I don't like getting 100 pieces of spam per day telling me that they can increase the size of my penis by six inches...
;-)
I mean, how much bigger can it get?
The race isn't always to the swift... but that's the way to bet!
I was an eff member, but no more. You're money is going to pay for idiots like this. It's been said before, but this is not censorship, and casting it as such is damaging to folks truly fighting for free speech.
Cancel those memberships.
John Gilmore has every right to run an open mail relay.
Verio has every right not to sell Internet service to people who want to use it to run open mail relays.
John Gilmore has no right to demand Internet service form Verio.
>Isn't it obvious that the reason he wants to
>keep his relay open is so that his cypherpunk
>friends can send less-traceable e-mails? A noble >goal, even though it has unfortunate side->effects regarding spam and this new virus.
How is this relay sending less traceable e-mails? Has Gilmore re-written it so that the header information is always incorrect? Why can't his "cypherpunk" friends send their own untraceable e-mails by simply bounceing off one of the many open proxy servers? Why don't the spoof an IP to send an e-mail? Why don't they use an e-mail server in China? Why don't they use strong encryption like Gnupg so it doesn't matter if they are sniffed?
Gilmore is full of the brown stinky stuff, and your argument smells the same. Oh yeah, and it doesn't hold any water either. Come on, an open relay is a "privacy tool"? Please..... Your "layer of obfuscation" is nothing more than a layer of manure that has nothing to do with the "privacy consiousness" of anyone.
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
You're as bad as those you move against. Run for office man, you'll win.
There's a subtle irony to the fact that Gilmore's argument is the same as gnu.org applies to their mailing lists (http://www.gnu.org/prep/mailinglists.html#Spam) and yet the same condemnatory posters can't stop falling over themselves preaching the perfection of all things gnu.
Someone please mod this dumbass down to -1.
It *IS* bad for promoting the free flow of spam. It's extraordinary that the question's even being asked here on /.
I get anywhere up to 15 spams a day. Anything that increases that load is a Bad Thing in my book. Open relays are a Bad Thing. The netizen who runs one is doing the RL equivalent of shitting in the street, or perhaps a better description would be he's providing a toilet in the middle of the street for others to shit in.
Folks arguing about spamming are missing the point. John does think spam is a free speech issue, and was allowing spam to be relayed through his server. But that has not been the case for at least several months. John reconfigured his email server six months ago to make it almost useless to spammers. Yes, that was a result of threats from Verio, and yes, you can forward a small amount of email (anonymously), but you can't relay large amounts. That doesn't stop the server from being useful to lots of virus-infested hosts to forwrad small amounts of email (each). But I think you should think about whether that has any significant impact on the ability of this virus to propagate. Look for another follow-up on the impact this has on me.
Verio yanked John's internet connectivity about 11 am this morning, with 3 hours warning.
Unfortunately, that means they yanked my internet connectivity as well, because we share a T-1 connection. And that means that name service for the country of Eritrea is on shakier ground.
Had they given me more warning, I would have been able to arrange for alternate connectivity. As it is, it's going to be a rough couple of weeks.
Look it up if you want:
whois -h whois.networksolutions.com =er
I'm at 140.174.131.100; packets to which now stop at John's subnet.
There was nothing exigent about the alleged virus propagation that required this kind of response. I think Verio was just using this as an excuse to get John because they're pissed at him after trading legal threats about his relaying spam. (See my other posting if you want to argue about spam relay versus anonymous email; as of now John's computer is pretty much useless for the relay of spam.)
doh! i meant that before they yanked his connectivity his computer was pretty much useless for the relay of spam. but see my other article to discuss that.