Osirusoft Blacklists The World

ariehk writes "As of today, Osirusoft, distributer of the SPEWS and open relay blocklists, among others, is no longer operational. Servers using these lists (including the FTC) are currently rejecting ALL email. This shutdown seems to be in response to a several-week-long DDoS attack on Osirusoft, SPEWS and others, resulting in both sites being down. This has caused much discussion on n.a.n-a.e, including the suggestion that the attack is somehow related to the SoBig worm. The spammers must be hurting if they can devote these kinds of resources to attacking blocklists." Read on below a related submission.

NSXDavid writes "Earlier today our site mysteriously ended up on Joe Jared's Osirusoft SPAM blacklist which is used by lots of antispam software (like SpamAssassin and sendmail). Since he is currently under a serious DDoS attack, there was no way to appeal this decision. We contacted Mr. Jared by phone who informed us that 'everyone needs to stop using Osirusoft and that he's going to be shutting the service down.' Then he says he's going to blacklist 'the world' (aka, ban *.*.*.*) to get his point across. Later on this evening, he apparently went ahead and did just that. Succumbing to lawsuits and DDoS, a once great blacklist is dead. SpamAssassin is removing it from their config in the next release (rc3) and email admins around the globe are reconfiguring their mail servers."

Blacklists and reality

[Dancin_Santa]

It may take a little more work, but the only solution to spam is the whitelist.

Re:Blacklists and reality

[WolfWithoutAClause]

What happens when the spammers start using worms and viruses to create open relays on people you trust?

Re:Blacklists and reality

[Zeinfeld]

Will yahoo and hotmail be on that whitelist? Most of the spam I get comes from those domains, or at least it is spoofed to appear its from there.

The vast majority of spam is sent with some form of false address. Developing a way to be able to trust the origin of email is the way to end the spam crisis.

This type of action does not surprise me. SPEWS and the other blacklists are poor solutions to spam because they are in effect private censorship with no accountability. They are also single points of failure for the Internet as today's episode proves.

The backwash caused by this event was huge. It wasn't just spews and spews users who were affected, the load on the backbones was causing severaql nets to brown-out repeatedly.

It is just as well that we did not have as many idiotic 'hack-back' schemes in operation as some have been calling for.

Re:Blacklists and reality

Personal level for personal contacts. e.g. friend@ISP.com, buddy@webmail.com

Server level for business contacts. e.g. client@companyA.com, consultant@companyB.com

It should be easy enough to whitelist all of your friends. Phone contacts are very easy to perform for business.

Re:Blacklists and reality

[Pig+Hogger]

Whitelists are unworkable. How do you reach someone for the first time?

Re:Blacklists and reality

[lpontiac]

Developing a way to be able to trust the origin of email is the way to end the spam crisis.

PGP and S/MIME allow you to trust the origin of email. Both have been around for years

Re:Blacklists and reality

[JoeBuck]

Yes, let's kick blind people off the net! If they can't parse your machine-unreadable image, screw them. Right?

Me, I do pretty well with Bayesian spam filters.

Re:Blacklists and reality

[CoolVibe]

You probably don't have much of an online presence then and aren't on mailinglists that get archived publicly.

You could say I shouldn't enlist on such things, but development on open source stuff pretty much demands that you give your mail address to the general public in order to receive patches and whatnot.

So, we have to live with the spam, or try really hard to blokc it. Losing this dns based blacklist is a shame. And I think blacklisting the world is just an antisocial thing to do. He could have just shut down the DNS server and have stuff time out or fail (NXDOMAIN). If he just killed his nameserver, we wouldn't have this problem with mail being rejected.

Re:Blacklists and reality

[magores]

This is fine for person to person, but what about person to business?

Let's pretend I'm a business. I WANT you to send me an email.

I WANT emails from every single person in the world that isn't a customer yet.

I NEED to accept every email on the chance that one of them might be a sale. (Yep. This means I need to look at the ones that include *details* in the subject.)

Whitelist doesn't work here.

I do NOT want a phone call from you as first contact. A one minute email response is now a 40 minute phone call explaining that "Yes you must turn on your computer first if you want to actually use it"

White-list is unworkable for business, because everything must be "whited" by default.

Challenge-Response is unworkable because I/we (as a small to mid business) simply could not keep up with that. Sure. One of the real programmers we have (i'm not one of them) could come up with an auto-bot to respond to challenge-response, but then we end up back where we started, don't we?

I don't have the answers. But I do know what the answers aren't. And Whitelist/Challenge-Repsonse aren't it

Just my 3 cents worth of rant for today.

Re:Blacklists and reality

[zangdesign]

I'm not sure it can be correctly called censorship - that requires a governmental entity. While I certainly do not agree with the ultra-aggressive attitude of SPEW and Osirusoft, to call what they did censorship nominates them to a category of governorship to which they were not elected.

It was a private list, maintained by a private entity who released this information to the world. Nowhere does the government enter into it.

I really hate starting this debate up again, but we need to be clear on what is censorship and what is not. If I restrict people from voicing their opinion on my network, that is not censorship. It is only censorship when the government does. I think the theory is that a government is supposed to represent all of the people, so therefore all of the people are supposed to have an equal voice (yeah, there's theory and reality and never the twain, yada yada). But a private entity is allowed to restrict content whenever and wherever they choose within that entity.

Re:Blacklists and reality

Yep, or at least let us make a choice instead of regulating it

Hey, you have to wonder which is more important - blocking spam, of the few non sighted people who get blocked - Which is the greater good?

Re:Blacklists and reality

[Zan+Zu+from+Eridu]

I'm not sure it can be correctly called censorship - that requires a governmental entity.

Censorship is the act of censoring, which is defined as surpressing or deleting anything objectionable. It's mostly done by governments, but that's not a requirement. (Religious organisations often censor their own holy texts.)

As such, any entity or organisation relaying information between the producers and consumers of that information has the capability of censoring this information.

If an ISP blocks or alters emails (to remove virusses), it is censoring email. This censoring is done with the consent of the recipients; the recipients can move to an other ISP if they don't like the censorship policy. This is the big difference with government censorship: you have a choice of getting your information from somewhere else.

In the workplace, an employee is in agreement with his employer to only recieve emails relevant to his job, so there is an issue of consent also. If the employee doesn't like it, he's got the choice of quitting his job.

So it's definitely censorship, but it's on a voluntary basis.

Re:Blacklists and reality

But letting AOL users[1] loose in the world of PGP would be, if anything, worse. Using something like PGP to "trust" things[2] without taking the time to understand how a web of trust should work is worse than not using it at all; it leads to a false sense of trust and security.

[1] Sorry, not all AOL users are like that, but YKWIM.
[2] The things are also people.

Well, fine, but...

[Pig+Hogger]

Well, this is fine, but why doesn't Joe Jared tels us HIMSELF to stop using his lists???

The non-communication only breeds rumours.

Sweet, Sweet Justice.

[eyez]

This isn't any different from any time spews blacklists anybody; They've never claimed to not blacklist legitimate people. And, it's impossible to contact spews to get yourself removed if unfairly blacklisted. Everyone in the world, who has been blacklisted unfairly by spews is now celebrating. Hopefully now, people using spews will realize that spews really is a poor solution to the problem, that causes more harm than it prevents.

Re:Sweet, Sweet Justice.

[paitre]

Collateral damage, as much as I detest it and is why I do all blocks locally as opposed to using a "published" DNSBL, -works-.
If an ISP has 5000 customers and 3/4 of them are unable to email family at AOL or Yahoo because they're being blocked due to ISP having a spammer or two, the spammers tend to get dropped.
There are exceptions to this, but by and large, collateral damage works.

And like I said, I think it's piss poor policy.

Re:Sweet, Sweet Justice.

[gid]

spews listens to usenet for unblock requests, my work's class c was black listed when we got it. I had to post to usenet, eventually I got a response and was unblocked, but ya, it's kind of a pain. I think spam assassin/filtering is a much better method, but I suppose a dual pronged attack is better, SA can use blacklists to rate email as well I think....

Re:Sweet, Sweet Justice.

[eyez]

[i]If an ISP has 5000 customers and 3/4 of them are unable to email family at AOL or Yahoo because they're being blocked due to ISP having a spammer or two, the spammers tend to get dropped.[/i]

Yes, this is indeed a poor policy. SPEWS exists so that the people who are violently against spam can pass the burden of fighting it onto the innocents who aren't as bothered by it.

Re:Sweet, Sweet Justice.

[Daniel_Staal]

No, it is different. This one is shutting down, and this is how the operator is making sure that everyone knows it is no longer functional.

It is a public service, of sorts. He is guaranteeing that no one is using the blacklist. That way it can't be misused by someone hijacking it, or just left in place by someone who doesn't care. It is shut down. And everyone will know it.

Re:Sweet, Sweet Justice.

[Mr+Bill]

And how is this a responsible way of alerting people they should stop using the blacklist???? Anyone using there blacklist will automatically start bouncing all incoming mail based on the fact that every mail server is listed in the blacklist...

This means even more legitimate mail is being bounced or dropped than normally is by mail servers stupid enough to use SPEWS. SPEWS sucks and needs to disappear.

Although I don't agree with the tactics of a DDos, I am happy they are getting a taste of their own medicine.

SPEWS is all about getting other people to fight their battles for them. The are a bunch of fanatics that don't care who they stomp on and anyone who trusts their services should have their head examined.

Good riddance...

Re:Sweet, Sweet Justice.

[Skapare]

Spews was an excellent solution. It wasn't perfect and a few mistakes were made. The fact that the real operators had to remain secret due to all the lawsuit threats did make it difficult to provide feedback to make corrections. I predict SPEWS will be back, but in a different form, possibly as a distributed file of sites to block ... which will make it even harder to get removed since it will then not be operating as a live database.

Much of the problem was because a lot of people didn't understand that the purpose of SPEWS went beyond just blocking spammers (which will not accomplish stopping spam), but actually blocking the ISPs that allow spammers to continue to operate and continue steal resources from networks and mail servers. This was in effect a boycott of that ISP, and it was intended to drive customers from that ISP to other ISPs that do not harbor spammers. In many ways it was working because it clearly got a lot of spammers upset, and a lot of ISPs upset as well. I even believe it is possible that the DDoS attack on OSIRUSOFT was caused by many of these ISPs.

My question to you is, did you understand that SPEWS was blocking whole ISPs, not just spammers? You don't have to agree with that method or principle ... just understand that others do think it is right, and understand why they do.

Re:Sweet, Sweet Justice.

[Mr+Bill]

Here again is another move that shows how responsible these idiots really are. To notify people to stop using their blacklist, they decide to blacklist the world. What a brilliant idea. After all email isn't really that important.

Email used to be one of the most reliable means of communicating on the net. You were always guaranteed that your message would either arrive, or you would hear about it (bounce). But with all of the email worms Microsoft has written (you have to admit these email worms/viruses practically write themselves), and the idiotic attempts at stopping the SPAM problem, email is becoming practically useless. mail admins are using blacklists and just dropping mail, which is effectively breaking the mail system. SPAMers may be the cause, but what is the point in destroying email all together. I would rather receive 100 SPAMs a day that loose one legitimate email that was intended for me. Sort of the same reason I am against the death penalty.

As blacklists go, SPEWS is the worst of them. They block entire netblocks so that innocent bystanders will fight their fight for them. If my IP gets blocked even though I haven't sent any SPAM, I am expected to bitch to my ISP and/or move to another ISP, and then maybe in a couple of months my IP might get removed from the list.

Reminds me of the way things work in the middle east. Pick either side, and they are using the same tactics. The Palestinians are blowing up civilians in the hope that the civilians left alive will do something about their problems. And the Israelli government is firing missiles into crowded cities to kill some suspected criminals and anyone else who happens to be within 100 meters of these guys...

Guerilla tactics like SPEWS employ won't work in the long run, and I am happy that SPEWS is getting hit hard.

SPEWS is claiming that the SPAMers are hitting them with this DDos, but I wouldn't be surpirsed if it was some disgruntled and innocent bystanders who were hit by the SPEWS "Collateral Damage" misile.

Re:Sweet, Sweet Justice.

[eyez]

No, SPEWS exists so that the people who are violently against spam can pass the burden of fighting it onto the people who are responsible for causing it, i.e. spam-friendly ISPs.

The fact that "innocents" are caught up in the block is unfortunate, but unavoidable from a practical standpoint. SPEWS doesn't list netblocks because they have a spammer or two present.

Idiotic rambling like this is exactly why spews was accepted at all in the first place.

When you post on NANAE and say "Help, i've been blacklisted but my company has nothing to do with spam!", Everyone replies with "Sorry, SPEWS is run by mighty space robots from the future who have travelled back in time to stop it SPAM from destroying the world. Unfortunately, we have no way of contacting them. Your only hope is to talk your isp into kicking off their spammer clients, or change isp's. Maybe the robots will unblacklist you then."

SPEWS doesn't consider the innocents being caught up as unfortunate, they consider them the target. The collateral damage is where they're trying to affect the internet.

If it was about blocking spam and ISP's they'd strategically blacklist ISP-critical machines and the spammers. There's no reason to blacklist the innocents. ISP's won't listen to them about not hosting spammers, and have you tried to find good decent hosting that doesn't rip you off? Especially if you're a larger site.

The "Collateral Damage" is the main damage spews hopes to cause, to try to get innocent people to fight their battles for them.

Re:Sweet, Sweet Justice.

[Mr+Bill]

Blacklisting at the mail server doesn't help the end user - their legitimate emails have already been dropped.

I love these people who assume that the problem can be solved if all ISPs just used blacklists like SPEWS.

Re:Sweet, Sweet Justice.

[eyez]

HUNDREDS OF THOUSANDS of spam emails, OVER AND OVEr.. consumes bandwidth, cleanup AND has been known to knock machines off line from the sheer amount of crap.

You try running a mail server, even at a small ISP, and see how much crap you have to deal with.

I've done it. My point is that while blacklisting can have it's uses, there's two big problems with spews:

a) They blacklist people specifically to cause harm.
b) USING ANY BLACKLIST AS A CATCHALL IS STUPID. Nobody should be doing this, and anybody who is should be fired for incompetence. It takes more than 'Some group of people who have nothing to do with us have decided that there's a small chance that this could be spam' to efficiently block spam.

SpamAssassin seems to have this down; give everything a score, and if it has a high enough score, then you can block it. But trusting a single source whose purpose is to hurt spam rather than to efficiently block it and only it, and using that as a sole source, like so so so so so many people do, is just plain fucking idiotic.

Re:Sweet, Sweet Justice.

[Dimensio]

SPEWS exists so that the people who are violently against spam can pass the burden of fighting it onto the innocents who aren't as bothered by it.

SPEWS exists so that admins who don't want e-mail from crime-ridden ISPs can reject it as they see fit.

SPEWS does not force anyone to use their lists for filtering. If you don't like SPEWS, don't use it to filter your mail.

Re:Sweet, Sweet Justice.

[eaolson]

You know, when you put it that way, SPEWS are terrorists. Hurting innocents in an attempt to force a party only vaguely connected to the victims to accede to their wishes? What's the difference?

Because terrorists don't "hurt innocents," they engender fear and terror. They blow up bombs in crowded areas. They send horrible, infectious diseases through the mail. In one, your email doesn't get read. In the other, men, women, and children generally die agonizing deaths.

I hate it when people use the word "terrorist" to describe something that is totally unrelated. It belittles the word, and cheapens it. Much like "Nazi" was before 9/11.

Re:Sweet, Sweet Justice.

[Hurga]

SPEWS doesn't consider the innocents being caught up as unfortunate, they consider them the target.

Your "innocent bystanders" aren't innocent, they're giving their money to a spamming ISP. Which means, they're contributing to the problem that there are irresponsible ISPs who send out spam.

Hurga

Re:Sweet, Sweet Justice.

[Zeinfeld]

You know, when you put it that way, SPEWS are terrorists. Hurting innocents in an attempt to force a party only vaguely connected to the victims to accede to their wishes? What's the difference?

They have not killed anyone or attempted to kill anyone (yet).

The basic mindset is very similar, you will comply with our demands or else we will hurt you, you will force others to comply with our demands or else we will hurt you.

Very few ISPs take any notice of SPEWS, at this point they are irrelevant because they are completely indiscriminate. Any ISP who uses SPEWS as a blacklist is guilty of negligence in my view. I would not switch ISPs because an ISP was listed in SPEWS but if they filtered my mail using SPEWS I would drop them immediately.

There is no point in responding to SPEWS demands for the simple reason they will not bother to respond to you.

Re:Sweet, Sweet Justice.

[sudleyplace]

I never could understand the basis for SPEWS blocking innocent domain holders who happen to have an IP address NEAR a spammer's IP address.

By using this type of guerilla warfare, blacklisters delude themselves with the fervent hope that innocent civilians such as ourselves will enter the war on their side in order to punish the offending ISPs.

Why they think that by screwing us, we would ever be inclined to help their cause defies understanding.

Well,

[Sebby]

I never found osirusoft to be too reliable, or accurate in the past (it usually had sites listed as 'spammers' that weren't while all other services didn't list those sites, and there didn't seem to be any appeals process to their own list), so I'm tempted to say 'good riddence', but obviously putting it (and others) out of commission is not a good thing.

Garbage

[josh+crawley]

I'm sorry, but this guy is a true blue asshole. My condolences for being DDoSed, but by banning "the world" to try to tell people to stop using his service ASAP, plenty of legitimate non-spam email got blocked, meaning that people may have to resend, and in some cases may not even know their email was missed. That's worse than spamming, people.

Oh, I forgot, the standard propaganda line from these SPEWS.ORG type anti-spam fundamentalists is "we didn't block your email, the ISP using our service did, blame them."

Re:Garbage

[josh+crawley]

What the Fsck is he supposed to do, drop it silently and then continue to get hammered by 100,000 queries an hour?

If that's his concern, unplug the fucking wire. Change DNS resolution for relays.osirusoft.com to a blackhole address. Change the IP.

Personally Call each and every ISP that uses his lists? Remember, he can't use the net to do this, because some dipwad jerk is DDoS'ing the crap out of him and other anti-spam sites.

Obviously, the box in question is able to return DNS query responses, so it's not DoSed off the wire. Since the blocklist is typically queried by SMTP servers, by logging the IP addresses which query, he has an instant list of all the SMTP servers of people who use the service. He can then reverse-lookup these, and send an email to postmaster@whatever, CC:ed to root and whomever else. He can use a separate machine and IP to do so so this traffic is not affected by the DoS.

There, that's a responsible way of dealing with the problem, and if you'd like I can write a script to do it automatically. The way in which he dealt with this is not responsible, given that he chose to run a blacklist service which he knew was being used by administrators to block email. He was well aware that by doing this, he would affect innocent people.

Then again, to the spews.org crowd, anyone who doesn't devote their life to their single minded pursuit of purifying all email traffic is a guilty party.

Oh, I forgot, the standard line from these spews.org haters is "I don't care if my ISP is letting spammers hijack relays and fuck up the net, I Want my EMAIL WHAWHAWHAWHA"

This is precisely what we recite at the beginning of every regional meeting of The Spews.org Haters Association; how did you find out?

SPEWS was shit

It's nice that they tried to fight spam, but when your lists interfere with legitimate business, it's time to back down.
Assholes.

trusted signing of mail servers

[d00dman]

The coolest way we could stop spam from being distributed is to require mail servers to register with a trusted signer, and do the delivery over ssl. anyone distributing spam via a trusted mailhost would be promptly identified by their ssl signature, and anyone sending mail from an untrusted source could be rejected. there is already enough infrastructure in place for this to occur now. verisign and friends as trusted signers, and smtp-ssl. the only other thing required is the will to put it to work.

Re:blacklists -- bah!

[gorbachev]

If you learn anything by past occurances, all this means is that the next generation of blocklists will be even more BOFHish.

That has been a consistent development since MAPS RBL became d***less. Every single blocklist that followed another one that went down, was more strict than the one it replaced.

Whoever is doing the DDOSing the nameservers of SPEWS and osirusoft is pretty achieving nothing in the end.

NNTP

[poptones]

I can't resist pointing out that p2p would be an ideal carrier for such "blacklists." Of course, that means the only way anyone is going to make money from it is via donation... and probably not even then, if the lawyers have their way with the author.

I'm willing to bet the big news carriers would give an account to any legitimate operators of such a service. Sign every post from trusted list creators with a public key to ensure validity, and it would be nearly impossible to ddos the service.

Ooooh... what about making the list itself a p2p app? Perhaps this could be a great excuse to motivate some big corps to install some freenet nodes...

Re:perhaps this is a lesson that needed learned

[Todd+Knarr]

How about, instead of contacting your ISP to get you off the list, you contact them about not allowing spammers on their networks in the first place and/or terminating their accounts before the spammer lands the ISP and their customers on a blacklist?

Monopoly

[yerricde]

They want you to get flamed to death as further punishment.

"Switch ISPs." So if a major residential cable modem ISP's mail server gets blacklisted, then how is anybody in any of the towns serviced by that cable company supposed to send e-mail to users of ISPs that use SPEWS?

Re:perhaps this is a lesson that needed learned

[DevilM]

ISPs are in the business of transmitting data. When you start forcing them to inspect the data they transmit you are asking for a whole host of larger problems than SPAM.

SPAM is a tough problem, but that doesn't mean the solution is to blame or attach --which is what you are suggesting-- anyone.

Re:perhaps this is a lesson that needed learned

[Cogneato]

My point exactly. You hit me to get me to complain. Did you ever think that I don't want to take that active of a role in your war? Did you even bother to ask me if I wanted to participate? Are you, or anyone who uses the list offering to help me out with the costs of forcing me to be your soldier?

Here's the deal I am willing to make: if you are going to block an entire C block that I am part of, send me an email and let me know and then I will happily complain to my ISP until I am red in the face. I am willing to make that promise.

But... if you want to just slam me on a list without any regaurd for the costs it will incur for me, then don't expect me to be a happy little soldier. It's just not going to happen.

I get 90% spam, and I'm not sad to see them go

[MattW]

Although the vast majority is filtered, I get as many as 2000 spams per day, personally (the downside to having the same email for 8 years). And I am NOT sorry to see SPEWS go. There's no question SPEWS was effective at getting spammers kicked off their networks. Likewise, arresting everyone in a town every time a crime was committed would probably be effective at stopping crime. That doesn't mean it is a good idea. When a blackhole list has something like a 100:1 legit-mai:spam ratio for blocked messages, the ends no longer justifies the means, in my book. I've had more legitimate mail blocked to or from me or companies I've administered servers for by SPEWS than any other cause in the past few years.

Now, let's continue to turn our attention towards methods of stopping spam that don't involve dropping 100x as much legitimate mail.

waah! waah!

maybe you should have found out about it months ago when Jared announced the fact in various online forums -- forums that any responsible person calling themselves an admin should take it upon themselves to read, especially when they are using an RBL whose policies are not under their control. hell, you could have just bothered to occasionally read the news updates on his website.

blocking the world is what happens to clean up the idjits who are still using a DNSBL weeks or months after it's been announced that the list is shutting down.

jeez.

Re:sad news, but there are alternatives

[Indy1]

if i did business in those countries, i'd do selective white listing. Since i dont, I plonk the entire countries and be done with it. Every mail admin will blacklist what he needs to nuke as needed . As far as american spam, you should see my firewall, its LOADED with entries for XO, CW, level3, qwest, etc. I terminate all spammers, be it foreign or domestic. And if the network they come from is just a spam network, then the whole network goes, be it American or foreign

Re:perhaps this is a lesson that needed learned

[Cogneato]

I have been with my ISP for years. They have a strict spam policy. They get rid of spammers as soon as they are discovered. They also get rid of anyone that is generally causing any pain to their other subscribers. I know this because I have seen it happen a few times.

Did it ever occur to you that a spammer does not walk up to an ISP an annouce that they are a spammer? What exactly would you suggest an ISP do? Background checks? Get a note from the spammer's mom? This may come as a surprise, but spammers sometimes tell lies.

And again, how fricking presumptive of you to think that you can fight your war at any cost, including costs you force upon me. The big problem with spammers is that the email they send costs the world way more than it does themselves. The ironic thing is, the same goes for the blocklists.

Re:Bad for any RBL!

[Paul+Jakma]

This is bull. relays.Osirusoft.com was mainly a composite zone - data from other sources (eg SBL, SpamHaus, SPEWS) made available via a convenient DNSbl service. Joe had little to do with the content, only with hosting it, at considerable expense to himself.

If major blacklists can be sued...

[KalvinB]

What about local blacklists? Am I under some legal obligation not to use a blacklist on my server which I use to host e-mail accounts? What's the difference between my local blacklist and SPEWS?

Idiots need to learn that no one is obligated to allow others unrestricted use of their private resources. You don't have a legal right to tie up MY CONNECTION and MY HARDDRIVE with YOUR CRAP.

Can't send an e-mail to my server because I blocked your domain? Too f-in bad. Contact your "customer" with a letter or by phone. The first amendment doesn't override my ability to mark you as trespassing on my property if you attempt to tell other people who reside on my property how you like to suck on a horse. In fact I have a right to ban people who wear funny hats from my property if I so choose. It's MY PROPERTY. I CHOOSE who can be on it.

Blacklist == restraining order.

Last I checked those were still legal. You don't have a first amendment right to talk to your ex wife who you beat and banned you from comming near her.

People who try to pretend the first amendment grants them some kind of right to my resources needs to go back to kindergarten and start the educational process all over again.

Ben

OH boo hoooooo

[NitroWolf]

Somebody call the waaaaambulance.

I'm an anti-spam nazi, and SPEWS gave us all a bad name. I'm glad SPEWS is dead, and it needs to stay dead. It did nothing good for the anti-spam movement, only exacerbated the situation. With no appeal process and the total lack of caring for innocents leaves me with nothing but happiness to see this travesty of justice get blown into oblivion.

Sometimes, the enemy of my enemy is my friend...

Goodbye Spews... we won't miss you, you hulking piece of ill-thought out crap. Let me wave goodbye with my middle finger.

Now, maybe System Admins without a clue will be forced to take real steps to protect their users from spam, instead of playing the lazy asshole and taking the Hail Mary approach that is SPEWS and hoping for the best.

I feel greasy, now... to have agreed with spammers. I think I'll go take a shower.

Re:blacklists -- bah!

[whoever57]

A blacklist is like the death penalty

Not at all, it depends how you use them. You have 3 choices:
1. Use them to block at the server or
2. Use them to tag incoming email or (the one I favor)
3. Use them as part of your spam scoring system.

The last is a built-in feature of SpamAssassin and works well.

It matters not... "Son of SPEWS" will rise...

[KC7GR]

I would guess it will take no more than three months for another blocklist, very similar to SPEWS, to rise from the ashes. Remember that SPEWS, and the anonymous group of admins that made it up, are still Out There -- they're just without DNS at the moment.

One important point to remember is that Joe Jared himself was NOT SPEWS. No one ever knew who they were (at least no one that will admit to it). He merely acted as a reflector for their listings.

Another thing to remember is that a DDoS attack -- ANY DDoS attack -- is a criminal act. If the release of the recent incarnations of the SoBig worm and the DDoS attacks against SPEWS are indeed related, then it only proves that spammers are indeed criminals.

For my part, I've already seen an increase in spam as the result of losing access to the SPEWS DNSBL. I've had to update our local blocklist six times today, and that's really unusual for my setup. I suspect I'll be fairly busy over the next couple of weeks, doing a little of the same each day.

Spammers may have won a battle today. They're a LONG way from winning the war.

Slight correction...

[Dimensio]

They're now resorting to theft of services since they can't find legit connections anymore...


Spam is always theft of services. They're just doing it more blatantly now.

Re:Good riddance to bad rubbish

[harlows_monkeys]

My co-located server has been blacklisted by SPEWS for months now. And it's only because of a spammer elsewhere on my two-providers-up-the-chain regional ISP. And the spammer is on a different C-class entirely

SPEWS starts out with a listing of JUST the IP address that is spamming. It gets wider only if abuse reports are repeatedly ignored. It takes many steps to get as wide as you are describing. I suspect you are greatly understating the magnitude of the spam flowing from your ISP or the upstream providers.

I can't email several friends

Email them from somewhere else and ask them to whitelist you. If they are on an ISP that doesn't support whitelists, then either they have to move, or you have to move.

The usual glib criticisms of SPEWS

[crucini]

If it was about blocking spam and ISP's they'd strategically blacklist ISP-critical machines and the spammers.

Please tell me more about these ISP-critical machines that don't affect innocent users. But then why are they critical?

As for narrowly listing spammers, it's been tried. Sleazy ISPs move the spammers around to evade such blocks.

Re:Bad for any RBL!

[Paul+Jakma]

Logical depends on how you look at it - the problem is that if he simply takes it down, people dont deconfigure their systems to query his map and he continues to receive a flood of DNS queries - relays.osirusoft.com was high traffic, in excess of 300 queries/sec per server (at a time when there were 6 of them).

In order to stop the traffic he has to *force* people to deconfigure.

Does it seem more logical now?

Re:sad news, but there are alternatives

[targo]

Then be part of the solution and start fighting network abuse in your country.

BTW, what have you done to fight abuse in the US?
To me personally, spam blacklisting is a much bigger problem than spam itself because many organizations abroad (like some departments of my former Uni) with whom I sometimes have to communicate (I live in the US right now) blacklist all major US ISPs (MSN, AOL, Yahoo, AT&T) and justify this behavior with the arrogance of US sys-admins that tend to block all foreign mail. This tit-for-tat behavior does not benefit anyone and if anything pisses me off it's the arrogant attitude of sys-admins who for some reason forget their place and think they have absolute power to decide with whom the people in their organization may communicate with and with whom they cannot.

Re:perhaps this is a lesson that needed learned

[DonnarsHmr]

A major flaw with your stance, and the stance of many people responding to this article, is that you assume end users have free will when it comes to ISPs. Due to regulatory bullshit, there is exactly one ISP available from my apartment. One. I have a choice to either accept their policies, or not use the internet. My father, due to his remote location, has exactly one ISP available at his house. One. Neither of us had the choice to approve of the ISPs' methods of doing buisness. We either accepted it or didn't use the internet. If either of our ISPs gets blacklisted, we no longer communicate. Neither of us have any appeal, neither of us have any choice. The ISPs don't have to care (though, thankfully, they are small enough that they do) a bit about our complaints. They know we have no where to go to. So how does preventing me from emailing my father help other people not recieve spam? I'm sure some of you think that it's still the ISP's fault, that I can always choose not to use their service, but if my ISP is blacklisted I cannot communicate, and if I refuse to use the ISP then I cannot communicate. Tell my how blacklisting with "collateral damage" helps a god damn thing. Hey, explain biological warfare is a good way of making nations behave while you're at it.

Bigots and censors?

It appears in fact SPEWS are just a bunch of bigots and childish censors. Their fanatical anti supposed spam zelotry shows they are persons with ill minds and serious power triping issues. If I find a system administrator at my companies using this list they will be fired. I don't like getting sued for the acts of stupid persons whom are paid to do a good job out of my wallet.

Your job to administer the systems given unto your care. Using SPEWS kind of list is lazy. If you need such a list to do your job I will pay for it. Meaning you will be expected to prepare it your self or I will purchase it for your use. Other wise I am paying for the bandwidth. This is a service company. We rely on email from all over the world to stay in that business. Your use of this list precludes our making money from addresses you block when using this kind of list.
Do your fucking job or find another.

The Boss.

Re:Spews was really effective

[zakezuke]

In a pigs eye. I understand where they are comming from, really I do. However Spews's mision statement of attempting to encourage real users to move from their spam infected ISP just didn't work. If all the real users left, and only spammers remained, it does jack shit for discouraging that form of behavier. If all the real users just switched to hotmail, again it does jack shit to discourage the behavier. The only way that their mission would be successful if their list was in wide spread use cutting off the spammers income and making it a pointless business venture.

While quite a few people actually used spews, mailadmins whom i've spoken with pretty much didn't want the headache complaints generated both spammers and legit users attempting to get e-mail out.

Libertarian Newspeak Doesn't Negate Censorship

[FreeUser]

I'm not sure it can be correctly called censorship - that requires a governmental entity.

That is a fucking myth, and I am sick and tired of hearing people parrot that nonsense. Saying a business can't censor because it isn't a government is akin to a black man saying he can't be racist because he is black. These are both examples of the same logical fallacy: just because a behavior is traditionally associated with one entity or group doesn't mean it is impossible for another entity or group to begin behaving in exactly the same behavior.

Obviously, anyone of any ethnicity is capable of becoming a racist, just as anyone with any power or influence over others is capable of engaging in censorship.

Responsible parents routinely censor what their kids see and hear. We as a society, by and large, find this to be an acceptable form of censorship.

Many religions routinely censor what their congregations are and are not allowed to see and hear (the Catholic church has had a censorship office for centuries, but they are hardly alone. The Mormons censor what they deam inappropriate for their membership, just as the Jehovah's Witnesses do, and I really don't need to cite example after example for Islam, do I?).

And finally, yes, many, many companies engage in censorship, both the obvious 'media' companies that bury stories they don't like or can't be bothered with, as well as other more subtle businesses (like Monsanto pressuring Fox News into not running a news story on how their hormone saturated milk was actively harmful to the health of children, an action that resulted in Fox News firing two reporters who refused to disavow their story, and said reporters winning a lawsuit against Fox News under Florida's whistleblower laws).

Anyone with any form of power over another, be it parental, religious, corporate, or governmental, has the power in some capacity to censor information available to those less powerful. It is a telling, and appalling, commentary on our culture to observe just how common this sort of censorship is, and how eager we have become to silence those with opposing viewpoints, rather than to argue the counterpoint (as I am doing here, for example).

Your Libertarian Newspeak definition of censorship is plain wrong. You may have the right to censor what comes across your network, and you may chose to excersize that right, but don't think for a moment you aren't engaging in censorship, or think you can convince the rest of the world (a few gullible moderators aside) you are not simply by trying to spin your verbiage.

And lest there be any doubt as to what censorship is:


censorship
n.

1. The act, process, or practice of censoring.
2. The office or authority of a Roman censor.
3. Psychology. Prevention of disturbing or painful thoughts or feelings from reaching consciousness except in a disguised form.

censor

1. A person authorized to examine books, films, or other material and to remove or suppress what is considered morally, politically, or otherwise objectionable.
2. An official, as in the armed forces, who examines personal mail and official dispatches to remove information considered secret or a risk to security.
3. One that condemns or censures.
4. One of two officials in ancient Rome responsible for taking the public census and supervising public behavior and morals.
5. Psychology. The agent in the unconscious that is responsible for censorship.

tr.v. censored, censoring, censors

To examine and expurgate.

(source: dictionary.com)

You will notice, that with the exception of historical references to Rome, none of these definitions presuppose governmental authority over just plain authority, indeed, quite the contrary.

Re:Libertarian Newspeak Doesn't Negate Censorship

[Abm0raz]

As a Liberatarian, I have to say ... you are 100% right. The act of censoring is NOT limited to the government. ANYONE can censor. Censorship (in layman's terms) is preventing another individual or group from receiving all or part of a communication. What the ORIGINAL poster SHOULD'VE said is that it's only ILLEGAL for the Government to censor private citizens, except in the cases where the lack of censorship would lead to injury (yelling "FIRE!" in a movie theater), intimidation (blackmail, threats), or immediate damage to public or private property (unauthorized protests). There are a few other minor cases such as outlawing porn to minors and where the act disrupts public proceedings or safety, like a mime performing on a major interstate.

Now, that being said, the Government is in no way OBLIDGED to reward "free speech" either. If the government gives an art museum $1,000,000 in grants a year to showcase art through the National Arts Endowment and then the bigwigs there see a statue of the virgin mary covered in blood and feces displayed as art, they are well within their rights as a governing body to NOT renew the grants. This is not censorship. The government is NOT required to reward behavior that it doesn't find acceptable, regardless of whether that behavior is legal or not.
The same way the Lesbian, Gay, BiSexual, Transgender Association on here on campus had a "SexFaire" and "CuntFest" a few years back that "promoted safe sex and raised awareness of students inherant sexuality". About 200 of the university's 45,000 students went to it, but it became a big deal cause they handed out condoms, gave kissing lessons, and other stuff that escapes me at the moment. The state government heard about it and decided to cut the universities funding because the groups that put on these events used campus funds. Were the censored? No. They were no longer rewarded for their behaviors. The money was given to them for free before and they lost that priviledge.

"Don't bite the hand that feeds you" comes to mind.

-Ab

being black and your list

[kraksmoka]

truly, white listing and bayesian filtering (Mozilla Thunderbird or Mac Mail) is the way to go. those guys running the blacklists wear black hats just like the spammers. for every spammer that they've stopped (spam increases every year exponentially ) there's a new one to replace them and an innocent company that eats shit by accident because of black lists. good riddance.

Wouldn't this fail if it became common?

[porkchop_d_clown]

After all, if spammers saw a lot of it, wouldn't they just learn to send the same spam several times at one hour intervals?

Re:sad news, but there are alternatives

[PhoenixFlare]

I agree with most of your post, but this part bears some discussion:

There was an informal poll held in NANAE (network.admin.net-abuse.email) on how mail server admins block all of 200.0.0.0/8. And dozens if not hundreds of people replied they do block all of it. How long before it becomes thousands of networks block your country for spam abuse?

From all appearances, those on NANAE are seen as grouchy, stubborn, drunk-with-power, vindictive nerds by most of those outside the list. Don't go thinking you're going to impress anybody with informal polls or whatever done by them.

Re:perhaps this is a lesson that needed learned

[Cogneato]

Ok, as far as I am concerned, if you personally want to use a spam block list, great. Have fun. I have no problem with that.

What I have a problem with are the system admins and management of ISPs that are making the decision to use these blocklists to bounce email for all of their customers, including the ones that don't want their email blocked. Yes, it is easy to say that the customer should simply change ISPs, but in many areas, especially when it comes to high speed options, there are no other ISPs available.

Additionally, many of my clients have been with the same local internet provider for years and only recently has that provider started using the block lists. The cost of changing internet providers can be tremendous. Consider simple things like emails addresses printed on business cards and letterhead (they had their internet provider long before they had their own website).

I think many responses that put spam block lists in a positive light are not considering the huge costs they place on actual real businesses. Often times the effects are worst on small businesses that simply cannot afford the additional costs of trying to figure out how to get off the lists.

So I wonder, if you were working for a company that was struggling a bit, and was affected by inaccurately being placed on SPEWS list, costing them thousands of dollars, how would you feel about taking a partial pay or time cut to make up that money? Would your reverence to the list stay so high? The reason I ask is because, as a business owner, I had to take a pay cut, at least temporarily, as a result of inaccurately being placed on SPEWS' list.

If an ISP wants to use an IP blacklist, fine, but they need to take responsibility for its use, use it in an intelligent way, and really consider the quality of the list that they are using. SPEWS has a reputation for being far from the highest quality list, and that reputation has grown from their own actions.

Re:How *do* we fight spam?

[TaliesinWI]

The problem is that many people, for a variety of reasons (geography being one) can't change ISPs, and many ISPs (mine included) did nothing in response to my complaints (because they knew I wasn't going to move).

Or in many cases the spammers are paying the ISPs far more per month than the $19.99 dial up guy who's complaining about spam.

Who do you think they're going to bend over backwards to serve?