Slashdot Mirror

← Back to Stories (view on slashdot.org)

MAPS vs. Gordon Feyck: Who Owns the DUL?

Posted by jamie on from the dul-story dept.

etrnl writes "The spam-l mailing list has an interesting post from Nick Nicholas about a recent lawsuit between MAPS, LLC. and Gordon Fecyk, who had arranged with Paul Vixie to host the DUL with MAPS in 1998. Even more interesting is that Nick was the Executive Director of MAPS who hired Gordon at MAPS in 1999. Notable quote from Nick: 'I find it extremely ironic that an organization which is currently soliciting donations to its own legal defense fund would now be using its limited resources to pursue litigation against a former employee.'" MAPS wants a temporary restraining order on two separate copyright claims: first, that Feyck can't use the DUL database, and second, that he can't run a too-similar website (now down). The bone of contention is that Feyck claims he bought back the DUL from MAPS, and MAPS disagrees. Incidentally, the DUL is currently stopping CmdrTaco from directly emailing one of the Slash coders.

17 of 211 comments (clear)

  1. Re:Acronyms Abound by Anonymous Coward · · Score: 3, Informative

    Yes, in reputable news sources, acronyms are explained the first time they appear in a story. HTML even has an tag which lets you explain it with a mouseover.

  2. Re:Acronyms Abound by MiTEG · · Score: 5, Informative
    MAPS (Mail Abuse Prevention System LLC) is a not-for-profit California organization whose mission is to defend the Internet's e-mail system from abuse by spammers. Their principal means of accomplishing this mission is by educating and encouraging ISP's to enforce strong terms and conditions prohibiting their customers from engaging in abusive e-mail practices.

    DUL (Dial-up User List) is not a blacklist, though it is often mistaken for such. The DUL is a listing of dynamic ISPs that is used as a filter by subscriber ISPs to prevent direct e-mail from those addresses.

    --
    The future isn't what it used to be.
  3. Re:Acronyms Abound by Anonymous Coward · · Score: 2, Informative
    But what is the DUL. And for that matter, what is MAPS- what do they do?

    Did you try clicking the link on "MAPS, LLC"? It's in the story. The linked page also has a link to the DUL.

    MAPS = Mail Abuse Prevention System

    DUL = Dial-up User List

  4. Re:who cares by Jon_Katz+(Paranoid+F · · Score: 2, Informative

    Maps is used by over 5000 mail servers and ISPs worldwide.

  5. SPAM-L mailing list info, FAQ and archives by Seth+Finkelstein · · Score: 3, Informative
    Information about the SPAM-L list can be found at:

    http://www.claws-and-paws.com/spam-l/

    Search and archives are at:

    http://peach.ease.lsoft.com/archives/spam-l.html

    But you have to be a subscriber to use the above.

    Sig: What Happened To The Censorware Project (censorware.org)

  6. Interested in MAPS? Also Check out DCC... by jwiegley · · Score: 5, Informative
    I've used the MAPS tools in the past to check that my mail servers are properly configured to reject relays. But for actually stopping the 20-30 spam articles I get per day nothing has worked. (We all know what those dreaded "unsubscribe" "features" really do. don't we?)

    That is nothing worked until a few days ago. I recommend anybody that has spam problems, can run procmail or is in charge of a mail server running sendmail check out the "Distributed Checksum Clearinghouse" (DCC) at http://www.rhyolite.com/anti-spam/dcc/

    It took me some time to get the dcc sendmail milter dccm working correctly but, since I did, this has become my new best friend. Its catching 100% of spam targeted at me and rejecting it.

    From what I know about MAPS I think its a needed service to keep ISPs in check. But it seems targeted at attacking the delivers of spam and doesn't seem to provide much to directly protect the recipients of spam mail. DCC is the only solution I've found that accurately prevents spam mail from even being delivered to myself or users. I think this is necessary because if nobody actually receives spam the spammers will starve.

    So If you're like me and think spam is a rashy plague that you can't get rid of their is a cream available and it is named DCC. Check it out.

    --
    I will never live for sake of another man, nor ask another man to live for mine.
    1. Re:Interested in MAPS? Also Check out DCC... by mjh · · Score: 3, Informative
      Also checkout spamassassin. It scans all emails and applies heuristics to the email to decide whether or not it thinks it's a spam. Each heuristic has a score. By default, any total score above 5 marks the email as a spam.

      But here's the cool part. Spamassassin doesn't do anything with it. It simply marks it as a spam. Then you can use something like procmail to decide what to do with it. Me, personally, I store it into a folder called SPAM. I then configure my imap server (courier imapd) to treat that mailbox as a trashcan, and automatically delete anything in it older than 14 days.

      This allows me to check if there are any stragglers that get through, but also allows me to forget about it for a couple of weeks at a time. Spamassassin has been tuned to avoid false positives. I've been using spamassassin for months. During that time, I've not had a single email that was not a spam get marked as a spam. I've had emails that were spams get marked as non-spam (false negative). Which, if there's going to be an error, that's the kind I want. I'd hate to call a real email spam, have it sent to my SPAM mailbox and automatically deleted before I read it. The good news is that not a single false positive has occurred, although a few false negatives have occurred.

      So I've started using another tool to help deal with spam. It's called TMDA. It's somewhat more complex to setup and use than spamassissin. But a brief description is that it acts like an email firewall. Outgoing messages can be replied to, but incoming messages require that a person prove that they are a person. After which they'll be allowed unrestricted access to send me email.

      TMDA is much more exact than spamassassin, which is mostly complicated guessing. It successfully blocks every spam that spamassassin lets through. However, TMDA is also much more complex from an end user perspective. So it might not be for everyone. For example, I only use spamassassin on my wife's account - not TMDA because she's made it clear to me that she doesn't want to learn how to use it. I personally use both of them at the same time, and I've been 100% spam free for months. I used to get 20-30/day.

      $.02

      --
      Key to financial independence: Spend less than you earn. Save and invest the difference. Do it for a long time.
    2. Re:Interested in MAPS? Also Check out DCC... by Skapare · · Score: 3, Informative

      I want to keep spam from even so much as entering my server. How can DCC help in that case? I don't see how, being as I don't have the content to check against DCC with. Now if this check can be done during the SMTP delivery of the content, and be used to force a failure of delivery, well maybe that would work. Is this doable? Last time I looked at the DCC site, it wasn't even close to this.

      --
      now we need to go OSS in diesel cars
  7. Re:Speaking of antispam.. by ShaunC · · Score: 3, Informative

    Are you talking about RACSA? This RACSA? The RACSA that brings up more than 13,000 various spam sightings, complaints, and abuse reports in a Google search? Considering that most internet users have little clue on what to do with spam, and the percentage of clued folks actually posting to the news.admin.net-abuse* groups is extremely small, 13,000 is a big number.

    Do you recognize the name Ralsky? There's less than 6000 Google hits for him. 13,000 is a big number.

    RACSA has a spam problem. They need to fix it. Until they do, they're going to be running what amounts to a big LAN.

    Shaun

    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
  8. Re:Acronyms Abound by Jade+E.+2 · · Score: 5, Informative
    The DUL is not a blacklist in the sense that all mail from the listed IPs is refused. The DUL is used to refuse direct mail from those IPs, but mail relayed through another server is allowed. This prevents someone on a dynamic IP from spamming by directly connecting to the SMTP server of each target address, instead of sending all the mail through an open relay. Legitimate customers simply need to use their ISP's (or a 3rd party) SMTP relay (which presumably has message speed limits on it) to send mail, and it will go through.

    Yes, this prevents someone from running their own SMTP relay on a dynamic IP, but it's the only effective way of preventing such direct-to-target-server spam from going through.

  9. Re:The post? by tbetz · · Score: 2, Informative

    There is a SPAM-L web archive, but it's only available to registered SPAM-L members. The identical message was posted to news.admin.net-abuse.email, and is available to all.

  10. Re:Acronyms Abound by TekPolitik · · Score: 3, Informative

    It's also worth noting that the DUL is the most valuable part of the MAPS services in that it blocks more spam than the other parts. Without it, MAPS will almost certainly lose customers.

  11. Re:Acronyms Abound by Anonymous Coward · · Score: 1, Informative

    This is wrong: MAPS is a limited liability company (LLC).

    It is not a not-for-profit. The two are mututally exclusive under California law.

  12. Re:Speaking of antispam.. by blowdart · · Score: 3, Informative

    c) There is no direct way to be removed from SPEWS.

    Bullshit. Or are all those SPEWS: messages in news:news.admin.net-abuse.email figments of my imagination?

    From the spews faq

    Q41: How does one contact SPEWS?
    A41: One does not. SPEWS does not receive email - it's just an automated system and website, SPEWS and other blocklist issues can be discussed in the public forums mentioned above. The newsgroup news.admin.net-abuse.email (NANAE) is a good choice, and Google makes it quite easy to post messages there via the Web as M@ilGate does via email. Note that posting messages in these newsgroups & lists will not have any effect on SPEWS listings, only the discontinuation of spam and/or spam support will. Be aware that posting ones email address to any publicly viewable forum or website makes it instantly available to spammers. If you're concerned about getting spammed, change or "mung" the email address you use to post with.

    So sort your spam problem, then post in nane once its sorted. Until then, don't expect a lot of us to accept your crap.

  13. Re:Acronyms Abound by blowdart · · Score: 3, Informative

    It drops any connections from any IP address within the list. It doesn't check any headers, it just checks the IP address of the connecting machine.

    So, for example,

    a) if dialup user a sends through an smtp server on dialup user b's box, it gets rejected, as the smtp server is running on dialup space.

    b) if dialup user a sends directly to an smtp server using the DUL, it gets dropped again

    c) if ddialup user a sends to smtp server on dialup user B, which in turn forwards and relays properly through his ISPs SMTP server, it will get through, as the ISP SMTP server will not be in the DUL.

  14. Re:Speaking of antispam.. by mjh · · Score: 3, Informative
    I agree that you're in a difficult situation, but nothing else works.

    I disagree with this assessment. There are at least two other things that work, and IMHO work better. The first is spamassassin, and the second is TMDA. I use both of these in series. And I've not received a single spam in my inbox since January (when I started using them). I used to get 20-30 per day. Now I'm down to zero.

    I don't know how well SPEWS works. But I've used other RBL type systems and they always, at some point or another failed, and could sometimes fail big - where I suddenly start getting hundreds of spam from a non-listed IP. The two systems above can fail, but on a single instance, single email at a time. When they fail, they fail small.

    IMHO, SPEWS, RBL, and any other IP based list systems are antiquated technology in comparison to spamassassin and TMDA. But YMMV.

    $.02

    --
    Key to financial independence: Spend less than you earn. Save and invest the difference. Do it for a long time.
  15. Re:Rob should be using his ISP's SMTP server by frost22 · · Score: 3, Informative
    There is almost never a legitimate reason for dialup clients to be doing direct delivery of mail!
    Hogwash. My ISP places a number of restrictions on my use of his Mail Relay (among them encoding my customer number in the headers - say goodbye to pseudonymous mail - an upper limit of mails / day and stuff like that.) I don't like these restrictions. My ISP has a monopoly. No choice for me to get broadband from somehwere else.

    --
    ...and here I stand, with all my lore, poor fool, no wiser than before.