Slashdot Mirror
The Spam Problem: Moving Beyond RBLs
whirlycott writes "I just published a paper called The Spam Problem: Moving Beyond RBLs on my site. I comprehensively describe RBLs and list eight specific problems with them. I also get into ideas that next generation antispam system creators should read. I hope that this will be useful to anybody who is attending the Spam Conference at MIT on Jan 17th."
Why do you feel he has to come up for a reason why privately owned servers have to accept mail from any particular person or group if they don't want to? What kind of stupid, inane, black and white, world do you live in?
He's pointing out that current blacklisting systems are stupid. He's pointing out that the people who run the blacklisting systems are generally unaccountable (most lists are secret), that they do impose arbitrary blacklist entries against groups they disagree with, well outside of their advertised remits (such as MAPS blocking an ISP that had a handful of customers that sell spamming software), that ordinary bystanders are frequently the victims of over zealous blocking and that, per se, anyone relying on a third-party RBL based solution is making a huge mistake.
This isn't about forcing anyone to do anything. It's about making people aware that if they chose certain solutions, what the consequences of those solutions are, and that there are other methods that are more sensible and affective.
I've been blocked by the stupid effing incompetent and irrelevent DUL (designed so anyone with more than one ISP account can't send email without an enormous amount of hassle every time they log into the other account: they can't use one SMTP server, because open relays are pretty close to non-existant, and can't send email themselves, because of the entirely irrelevent DUL which could be replaced by an obvious redirect of port 25 by the ISPs that publish on those lists anyway) I have to be careful which DSL provider to go with because many block incoming SMTP connections which means I can't do my own spam management with them, but if I look at my Yahoo Mail account - or any account I've actually used that I can't self-manage, the account is so swamped with spam I can barely find the stuff that really is sent to me, regardless of how good the spam filters are that are provided.
The current situation is stupid. I can manage spam myself (which I am fairly successful at, but only if I have an ISP that lets me do so), I can have an ISP do it, in which case legit email is blocked and illegitimate email still swamps my mailbox, or I can subscribe to a service run by unaccountable activists who frequently abuse that position of trust.
Do I need to come up with an argument that people should be forced to receive email, or even suggest I'd agree with such a mandate (I don't), for you to understand my problems with current filtering systems, and my belief, in general, that those responsible for the Internet email infrastructure are a bunch of mindless jerks who'll be second against the wall when the revolution comes?
You are not alone. This is not normal. None of this is normal.
All the discussions I have had on this subject suggest to me that the people in favour of this sort of solution really aren't worried about preserving other people's rights at all.
And what rights are those?
Sorry to bust your bubble, but nobody has a right to connect to my mailserver. Not even my customers. In their case, I have a contractual obligation to them to provide the service, but it's still not a right.
I use DNS Blacklists, both public, and my own private list. On the very few occasions (two in three years) that it has impacted my clients, I have whitelisted certain addresses. These lists don't stop everything, buy they do bring the spam load down to manageable proportions.
There's only one standard list I absolutely refuse to use, and that's SpamCop's DNSBL. His methodology is so fundamentally flawed it should be a case-study in stupidity.