Slashdot Mirror
DoS Assaults Underway Against Spam Blocklists
Hiawatha writes "The same sort of denial of service attacks that drove spam blocklist Osirusoft off the Internet are battering many other blocklist services as well." Apparently spammers aren't going to sit by and let people try to ignore their unwanted pitches.
Apparently spammers aren't going to sit by...
Has anyone stopped to think that maybe it's not spammers who are doing this? I hate spam with a passion, but words cannot describe my pleasure in seeing these blacklists, especially SPEWS, shut down. They are pure evil in their methods, and largely ineffective against spam while causing massive inconvenience for ISPs and legitimate users of the network.
All of these centralized blacklists have made so many enemies in their history that any finger pointing is simply laughable. They have made powerful enemies, including the large ISPs who happen to be the only ones that in a position to stem these attacks. This is not your normal DDOS: it is not only the originators of the DDOS, but the very network itself that wants them destroyed!
I'm not condoning this DDoS, but the perpetrator is probably just some sysadmin running a legitimate, secure server that found its way onto some blacklists and got frustrated by all the red tape getting off the lists. This may be his last hope to get off their list.
I wonder how many people really rely on blacklists anymore. I've tried using them before only to find out that over half of my legitimate email was being filtered and a significant amount of spam was still getting through.
Bayesian is the only affective method I've seen for significant spam reduction.
So when do we get to launch our DDoS against the spammers again?
ELOI, ELOI, LAMA SABACHTHANI!?
Would someone please remind the federal government that DOS attacks are illegal? Anyone want to encourage them to take action against these people? Can they stop playing golf long enough to do their job?
Althought he presents a valid arguement, WE DONT WANT TO HEAR THAT!
Spam, DDoS attacks, both clog networks, cost businesses money. We already know that spammers would do these kinds of thing so this comes as no surprise
It may be easier to just go to white-listing or have some people go to a pay per e-mail thing (or spend computational time on protein-folding, as suggested earlier).
Apparently spammers aren't going to sit by and let people try to ignore their unwanted pitches.Too bad my users and I are behind a trained spamassassin, then, eh?
Mod me down with all of your hatred and your journey towards the dark side will be complete!
this is rediculous. . . they get away with hitting us with tens of thousands of unwanted CRAP every day and now they can ddos one of the best solutions we currently have.
Maybe it's time for some vigilante justice.
Spammers HAVE to have a weaknes. .
Of course it probably is spammers, but it wouldn't suprise me if some people who've had themselves blacklisted unfairly would like to ddos some blacklist servers into the beyond.
Personally I don't believe blacklists are the way to go, I think simply intelligent filtering should be installed wherever possible, and eventually spam will die out. I know spammers are smart and work their way around all sorts of blocks, but so are we, and there's a lot more of us than there are of them.
ObDisc:Don't bother flaming me about "collateral damage" or any of that crap, since I'm not the one ddosing the servers, and I've yet to find myself blacklisted, so I'm not interested.
Send lawyers, guns, and money!
Earlier this week when people talked about the writer of SoBig leasing his virus network for spamming many people said spammers wouldn't want to be involved with virii/attacks. I think the DOSing of black list sites pretty much shows that the people sending spam have little moral problem with invading your computer to break the law.
Why don't we just offer all the main spammers a free seminar on some small island in the south pacific or somewhere where no one will care, then when they all get there..
:)
NUKE IT!!!
Problem solved
K Man
I wonder... Is it the people who are paying for the SPAM also paying for these attacks? I can imagine a campaign among these sleazeballs drumming up support for a DDOS of the spam blacklists...
Just my act-now-to-get-a-six-foot-penis worth...
RickTheWizKid
what makes you think its spammers? there a plenty of legitimate email users with a beef against these fascists--me, for one. i had a domain on a subnet that's entirely blocked despite the fact that i don't have open relays nor have i ever done any kind of spamming. several of my clients within larger corporate structures couldn't receive email from me because some PHB read in DildoCTO Quarterly that these lists can stop spam--never mind the fact that they can stop any kind of legitimate email use as well. There were a LOT of times i'd wished i had had the wherewithal to undertake something like this; spammers or not, i applaud the culprits.
Fnord.sig
This is right on target, IMHO.
Why do the authors of --> EVERY -- submission *INSIST* on inserting their 1-sentence editorial at the end of each story?
Bad for them. The main reason for creating centralized blocklists was so people who reformed, or who kicked spammers off their blocks, could have their IPs relisted without having to worry that random admins had hardcoded filters into their routers. One central source for listing, one central source for delisting.
If they succeed in negating the value of centralized blocklists, guess what - admins will go back to blacklisting blocks manually. Those IP blocks will become useless once enough people add them to their blocklists, and there won't be any easy way of redeeming them.
Anyone who wants to get internet access better get a clause in their contract guaranteeing that the IPs they get weren't abused by someone in the past, or else they might be getting a useless connection.
Everyone knows it is Microsoft and SCO working together. The spam sent to the open source community will surely destroy the Linux kernel programmers' productivity. Duh.
This is an act of desparation on the part of spammers that proves the anti-spammers are winning the battle. Fortunately, the next phase of the "war" is moving away from blacklists and focusing on technologies that are user-based and user-specific, such as Bayesian filtering. There is no level of DDoS attack that can stop that battle.
"Spam, spam, spam, spam. Lovely spam, wonderful... Ow! Ow! Stop that! Bad spam! Ow! That hurts!"
In Soviet Russia, Jesus asks: "What Would You Do?"
Impressive.
Hopefully there isn't a slashdot story linking to them any time soon!
Why are there only 19 people folding@home for slashdot?
fucking karma whores
Might need to move these block lists onto a distributed network. If lists were sent out via a Gnutella- or BitTorrent-like system, using digital signatures to verify authenticity, it'd be impossible to DoS.
Everyone appears to want to direct mod power today, so why not?
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
So, these services figured out how to non-effectively block spam, now they should release something that non-effectively blocks DoS attacks.
What is slashdot?
blacklists might not be the best defense we have. .they sure aren't perfect. .but ddos'ing them is childish.
The fundamental problem is that SPAM WORKS.
What we need is soem silly grass-roots movement/boycott to get people to STOP doing business with companies that adverstise with UBE.
If spam didn't work, they wouldn't send it.
I'm not too disappointed to hear of these new attacks. Conspiracy theories and the like aside, I'd rather have the responsibility for SPAM-blocking placed on the client side.
Damnit, if I want a larger penis, then I should be able to read SPAM directed towards that. That being said, I'd much prefer if these SPAM services were forced to be opt-in.
Unfortunately, client-side filtering doesn't adequately address the massive amounts of bandwidth consumed by SPAM operations. Nonetheless, the idea that an autonymous corporation/whatever can decide what is valid e-mail for ME is just as offensive, in my opinion, as e-mail advertising product/scam/idea X.
Peas,
j
[sarcasm]
Well, spammers has varies "online marketing association" that owns the ears of some politicians in the capital. And the anti-spammers has...?
[/sarcasm]
Attack against anti-spammers is a vigilanti action. Attack against spammers is a federal felony.
ELOI, ELOI, LAMA SABACHTHANI!?
Just Mod the damn thing.
Because you can reject mail at the SMTP level. I typically get about 70 emails a day to my own server. About 40-50 get denied by a DNS based filter on qmail (rblsmtpd). Which means on average, only 25 get through to Spamassassin, where another 15-20 are deleted due to high spam thresholds. Then I get about 5-8 real emails, and maybe 1 or 2 spams that make it through (which Mozilla mail promptly eats as spam).
If I had to burn CPU to Bayes-classify all mails, it would bog me down more than I am now (running on Linux on an old PC).
DNS based BL is useful because it doesn't even let it in the door.
I want to delete my account but Slashdot doesn't allow it.
Was this text really in the article? Specifically, the part about 100,000 people pounding the same ass hole? Mods on Crack? Again?
Very clever little troll mr submitter.
How can he be whoring for karma if he posted AC?
From the article: In a technique called a "distributed denial of service attack," vandals exploit security flaws to plant programs, called "Trojan arses," on thousands of Internet-connected computers. They then order the Trojan arse programs to spew useless data at a targeted machine.
The mental image of a bunch of Greek soldiers pouring from the sphincter of a huge, wooden butt is just too funny for words.
~Philly
The FBI ought to make this a priority. Instead they're probably busy investigating some company's claims to have lost $100k to an intrusion. That kind of damage figure is a gross overestimation 99% of the time... e.g. the IT people weren't going to be overly productive doing something else (rather than investigate the attack) anyways. Instead, here you have tens of thousands of people losing real value. The economic definition of value lost to a nuisance is the maximum amount of money you'd be willing to pay to get rid of the nuisance. I'd personally be willing to pay up to $500 a year to get rid of spam permanently (to anyone but the spammer of course.) Assuming that the average RBL user's a little less sensitive than I am, say, at $100 a year, that's still $1 million for just 10,000 RBL users, and I'm sure there are at least that many mail server operators that use the lists, let alone spam-sensitive users on those servers.
Mod it down. I'd heard trolls were doing this. Boston.com isn't even near being slashdotted.
Well not really that clever, but it serves a socially useful purpose if it persuades mods to actually READ what they are modding! Honestly.
Organized crime? hardly. Maybe it's just another group of bored script kiddies...
ELOI, ELOI, LAMA SABACHTHANI!?
The FBI (who have jurisdiction) don't investigate crimes with less than $25,000 provable damages. Well, that or $25,000 in campaign contributions. Either way, the blocklist maintainers (who all work pro bono publico) can't prove the damages, so the law effectively doesn't apply.
Lacking <sarcasm> tags,
Just mod the damn thing.
seems like a good way to have two problems solve themselves simultaneously, like two panicking people in a pool who can't swim who grab onto each other.
It's the equivalent of having 100,000 people pound the same ass hole, over and over, at the same time. Such attacks can knock a computer offline simply by swamping it with more data than it can handle.
Hahaha! Too bad that was not in the real article.
--fatboy
I bet its Kevin!
My user number is prime. Is yours?
Good riddance, I say. I sure won't miss them.
Go to nana-e, and they'll tell you that robots from space run SPEWS, and there's no way to get a hold of them. They start with Class C's, then progress to banning class A's. Some of the crazies who post on nana-e even have the whole country of Brazil banned on their private lists. SPEWS had information too on DNS blackholing (i.e. preventing your users from going to internet sites) and on HTTP blocking. If it was anyone else (the government) who was advocating this, people would be outraged.
the internet has become self-aware.. these aren't trojans and virii that we see.. (well, they are, but) we're seeing the Internot wake up. It's practicing by attacking blacklists.. since they prevent full unfettered emailing. Network Packets have become the flowing nuerons of it's killer Internett brain.. all these random SoBigs and Slammer.Dongs are multiplying to the point where sentient behaviour must emerge!!!!
HAAHAHAHAHAHAHAHAAHAHAHA@@@@#!!  ; you beloNG TO THE INTERRRNOTT@@!!
Maybe this is the SoBig.F zombies at work. They have awakened from their "sleeper cells". There was a rummor that they were going to be used by spammers -- but not in this way.
"Mod up, not down" in action...
I pulled up the original article, and it looks like the karmawhore who posted the text may have had a little fun with it.
The proof is in the pudding, is it not?
Even if you happen to like the blocklists and agree with their methods, it's clearly irresponsible to assume they're being attacked by spammers -- there are a lot of non-spammers who would love to take them out.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
I know it sounds heartless, but as a group, blacklists are becoming less-useful by the minute.
If they were all to disappear today, it would only speed the adoption of much more valuable tools against spam, namely bayesian-type filters that are far more effective.
This is the silliest thing I ever expected to read in a spam story...
pamcop's Haight theorizes that the increasingly sophisticated attacks suggest a link with organized crime, but admits he hasn't a shred of evidence.
Anyone else have a wilder guess?
Yes. It's Aliens launching a denial of service attack in advance of their assimilation of the human race. This is clear and obvious to the most casual observer, although I don't have a shred of evidence to support this notion.
The Future of Human Evolution: Autonomy
.. cryptographically sign or hash the blacklist databases, and let mail admins p2p/rsync them..
Still, the only workable solution is cryptographically-secure signatures, probably with a SSL/TLS set of root certs.
Hell, sounds like a job for the post office! Keep it relevant in the age of email..
And depending on just Bayesian filtering is putting all of your eggs in one basket, IMHO (though it is a pretty darn good basket). There are many spammers out there trying to poison Bayes databases by adding random dictonary words to their HTML based emails.
The simple truth is that interstellar distances will not fit into the human imagination
- Douglas Adams
Maybe it's just me, but looking at the points that he has received for this post (which was interesting since I couldn't access the original)... a +1 mod was received, with a total of only 90% listed below.. what happened to the other 10%? Did the same MIT Mathematicians who SCO hired manage to get mod status here?
Given that God is infinite, and the Universe is also infinite, would you like some toast?
At least such attacks are more easily prosecutable.
(8-DCS)
Just in case I was missing some new nomenclature, I checked Google. 'Spam Blacklist' yields 63,700 results and a category (Computers > Internet > Abuse > Spam > Blacklists) whereas 'Spam blocklist' yields 3,9600 results. Oddly, it is used at least a little: there's a blocklist.com, for example.
just turn it into a survival-type tv show, where each contestant has to fight over the use of ONE computer terminal.
and don't forget to place a lot of weapons caches all around the island.
Well this is the problem, isn't it? The mods don't read the posts that they mod. God bless trolls who try to embarrass mods into actually reading posts that they are recommending.
-1 REDUNDANT IT IS NOT GETTING SLASHDOTTED
So we should wait until a site is completely overloaded before anyone tries to post the content? You do like DoS attacks, don't you?
If this kind of stupid attack takes out the blocklists, it just makes the more powerful approach to blocking spam more attractive: Whitelists. Spammers are digging their own grave.
A few falsely quarantined messages every now and then is a small price to pay for zero spam in my inbox.
Suprise! I NEVER want to get email from anybody that isn't a friend, co-worker, or critical message from a company that I have a business relationship with (saying my order has shipped / been delayed / cancelled, etc - advertisements are not tollerated).
Has there ever been studies on who responds to spam, and why?
I can easily see web content filtering going the same way eventually.
If people would only take a few minutes out of their day to READ spam rather than just trying to block it en mass, spammers wouldn't have to resort to this!
1) Your analysis is based on bad assumptions so your result is way off. 2) You're a sick bastard for fucking a horse.
People need to understand two reasons why they get spam and DDOS attacks:
1. The backbone providers make money based on bandwidth consumption. They don't care whether the traffic is legitimate or not. It's in their financial interest to not take action against DOS/DDOS attacks and they don't. Many top-level providers will not even intervene unless a lower-level ISP's pipes are completely saturated, even if they complain about a DOS attack.
It would be so easy for the backbone providers to implement temporary blocking of DDOS attacks. These types of attacks are identifiable and the whole procedure could be automated and authenticated, but the top-level ISPs make money off spam and illegal DOS/DDOS activity. People need to petition the backbones to start taking responsibility and implmenting measures to shut down networks that have rogue systems consuming illegitimate bandwidth.
2. The local and federal governments do not effectively (if at all) enforce the plethora of existing computer tampering/break in/attack laws that are already on the books. These attacks CAN be tracked. The law enforcement agencies are either ignorant, unmotivated or unwilling to take action.
No new laws are needed. There are plenty of existing laws on the books right now to justify criminal prosecution of these attackers, which don't merely attack relay blacklists, but every other network along the way, making everyone suffer, including systems that don't use blacklists.
We need to hold the proper people accountable for not using the existing legal system to stop this; we need to hold the top-level providers responsible for allowing a majority of the traffic they bill their clients for to be unauthorized and illegitimate.
Imagine if 70% of the time you picked up your telephone someone else was using it? This is what's happening with Internet bandwidth.
God Damned that was the best post ever, and I hadn't even hit the chewy marshmellow center yet!!!!
There's no connection proven yet between the ddos and spammers. That's like the fact that no WMDs being found proves they're there and hidden.
Where did you learn to draw conclusions, from the president?;)
Bill
Upon seeing the box was too small, Schrodinger's Elephant breathed a sigh of relief.
Also has a major downfall -- it prevents people from contacting you for the first time. So yes, it blocks all spam - but also all legit traffic from people you've never heard from before.
To make laws that man cannot, and will not obey, serves to bring all law into contempt.
--E.C. Stanton
Finally this is our chance to make Congress liken spammers to cyber-terrorists, and for a reason politicians fear and know well enough to do something about it: "Now some of the spammers are even building a network of worm-ridden computers, possibly at the fingertips of a madman who is willing to do anything for money, and may only be waiting to turn them into Weapons of Mass Disruption, wreaking havoc to the Nation, the Internet, and e-mail as we know it..." (spooky, huh? ;-))
Outlaw spammers, put an end to spam. Sometimes it's as simple as that. (And it works: Haven't seen much fax spam for years...)
Just be "Mr. Concerned Citizen" for once and send articles like this to your congresscritter now. Let them know what spammers have already done "to your kids" (rather omit the "to your p...s" part even if you've ordered their pills and pumps) "and to your computers".
...SomethingAwful claims VICTORY!
War was beginning...
Nothing quite so enjoyable as flogging an expired equine mammal on a quiet Thursday afternoon...
ehintz
Just how is this comment informative? I mean, let's think about this. I know that we all do not like spammers, but this guy is advocating the mass murder of hundreds, perhaps thousands, of people. (I'm hoping he was going for funny, but my beef is with the moderator.)
I know we live in a time where it seems the answer to everything is to send in firepower. But, let's try and be a little bit more civil on Slashdot. If it's funny, mod it as such. But please don't mod posts advocating killing as informative.
-- Fighting mediocrity one bad post at a time.
You can't really poison a Bayesian database this way.
I for one welcome our DDoSing, spamming overlords!
As the anti spam officer in a Major ISP in India, I have no problems with blocklists as such. But the people who maintain the blacklists also has a responsibility to correct their mistakes immediatly. They must listen to people who maintain networks and if a machine is wrongly listed they must remove it. The procedure for taking out a machine from blacklists must be documented and verifiable.
We have a large cable network, and there are 3 4 trouble making customers. We do allow people to run their own mail servers. But that also means that some customers misuse it to send spam. It takes us a day or 2 to shut down the spammer, and by then the C bloc will be listed in some black holes.
Now de listing it becomes a major pain if the black holes are not responsive. If the procedures are well documented life of ISPs become much easir.
and no we have not considered denying the freedom of our customers to run their own outgoing mail servers. one or two random spammers cannot force us to deny that freedom to majority of legitimate users in our network.
raj
Sarovar.org Hosting for open source projects in Indi
Spam does not bother me half as much as the fact that the true sender of said spam is easily able to disguise the origin of said spam by forging headers and spoofing, bouncing, relaying. (I.E. -- taking advantage of a bad set of protoccols that should not be in use anymore.) The first step to fixing the spam problem should be a mass adoption of protocols that make it imbossible to determine the origin and owner of the offending piece of data.
Let the spam battles of the future be fought in open view, collesium style rather than a thief in the night shooting you in the back.
(+1 Funny) only if I laugh out loud.
per capita, they consume the most spam of all 50 states.
Why do you ask?
The farther you let junk travel into the system, the worst your problem is. Bayesian is hard to apply at the network level, you must leave it to the individual users, causing a twofold problem: you keep letting the scum of Earth parasite your network (if you are an ISP) and you expand the processing needs of the end user (ever saw Mozilla Mail "think" for a couple of minutes after you mark one or two email as junk?). This is undesirable.
Lists work pretty well. They ocasionally piss people off, but the cost-benefit ratio is still largely on their side.
I'm getting a bit tired of people applauding DOS attacks on blocklists. Many of us run small mail servers for ourselves and/or small companies where EVERYONE who recieves email is in agreement that blocking spam is the right thing to do. When everyone chooses to do this, it's not censorship. Seriously -- the volume of spam is overwhelming, and in a small business there is no one delegate managing email to, and it's consuming precious bandwidth. Spam is the problem, not block lists. No spam, no blocklists, simple as that.
My server has seen as many as 500 spams a day directed at it -- for just two email accounts releated to my business. I had little choice but to elect to use drastic measures and escalate them until the spam became manageable -- and the best defense due to bandwidth issues (we run on just 128K because that's all that's available to us) is blocklists. The problem has been so bad that I maintain an internal block list that uses iptables to simply not route packets from IP blocks (/24) for any email that gets through the first layer of blocklists that sendmail checks.
Osirusoft in particular was very, very useful to me, because they maintained a number of DNS mirrors of other blocklists, so you could pick and choose how drastic you wished your blocking to be. I will miss their service greatly -- and can already notice it as my spam has doubled since it was removed from my sendmail config.
Without blocklists, email for my small business at least would be useless. I know that I've lost business using them, but I'd lose more business/time/money without -- there's no friggin' way I'm going to search through (and accept the bandwidth hit from) five hundred messages to find the few legitimate ones and still have time to get real work done.
Why not create a process that launches at the top of every hour and does 1000 page hits against each collected Spam related URL.
the combined effect might be sufficient for them to change their tactics.
Pretend to be interested in the sales pitch and string them along for as long as you find it amusing, then tell them to bugger off. I do this with telemarketers when I'm bored and have nothing better to do.
If a lot of people did this, I bet spammers would quickly give up on internet marketing.
As the blocklist lists more sites/providers, then it stands to reason those sites will follow the trail back to the blocklist, such as Osirusoft or SPEWS, in order to get information regarding their inclusion in that list, and how to get delisted. (Reference: The "Slashdot Effect).
I noticed that Joe Jared mentions his other site as a collateral casualty of the DDoS. Now where did I hear the term "collateral damage" before? As a provider of SPEWS blocklists, that would in effect make him as accountable as SPEWS, to use their own twisted logic of "a customer of an ISP is as guilty of spamming as the spammer themselves".
We do not condone any DDoS attack, nor do we condone the actions of SPEWS. The demise of Osirusoft demonstrates that unaccountable "vigilantism" does nothing to stem the tide of unwanted commercial emails and as stated in previous posts regarding spam, more rational discussion should be forthcoming, with real solutions, rather than the tactics used by the blocklists that would hack down the forest to fell one tree.
Pete Carr Owner Chatmag.com
Invade all ISP's, and hunt down WOMDs (Weapons of Mass DenialofService). If we don't find any, we'll blame it on faulty intelligence overseas.
This is WAR. Spammers will stoop to any level to get their crap into people's mailboxes, and now the blacklists are giving into their guerilla tactics - I say keep fighting, eventually they will figure out where the attack is coming from, and shut the damn thing down. We must never give up fighting spam, at any cost.
As a professional sender of UCE, I just want to tell you slashdotters to keep on playing with your spam filters. As long as you use spam filters on your e-mail, I can continue to reach my real intended targets, those non-slashdotters who do not know better and will buy my products or click through to my client's websites. Your filters really help cut down on the complaints to the Internet service providers I do business with, and as long as not too many complaints come in their marketing people assure me we can do business. Of course, I still waste your bandwidth and mailbox capacity, but you no longer complain to uce@ftc.gov, my access providers, or anyone else who might cause me problems. My yahoo and hotmail and other accounts for replies are lasting much longer before getting shut down because someone complained to these service providers. And my clients are even reporting that they can start mailing out 800 numbers like 1-800-901-3719 again and they will not have you damn geeks set up your modems to keep autodialing them, since you spend your own time and effort to filter the e-mail and only clueless users who might actually call will see the numbers.
Please don't bother your Congressmen or Senators proposing legislation that might not work 100%. Just keep on filtering the spam I send you, I know you would have never bought from me anyway. That you can filter legitimizes my business and my waste of your bandwidth.
P.S. To be sure of not getting a false positive, be sure to send all filtered mail to a special folder. Waste your storage space storing the mail until you manually go through every piece to be sure you didn't accidentally filter something important. Of course, this will take exactly as much effort as it would have to just check the e-mail when it first came in, not to mention the extra effort spent in setting up the filters and the extra space for storing your incoming spam folder, but what the heck. If you think that you can scan e-mail for false positives faster this way you are just fooling yourselves, if you are scanning faster e-mail that you expect to be all spam, you will miss the very false positives that you think you are looking for. And any fales positives that you do catch will have been delayed, perhaps days or more. You geeks enjoy wasting time this way, and I certainly appreciate it. It makes the work of all us spammers much easier. After all, slashdotters like Moderation abuser tell you that Bandwidth is cheap, disk is cheap, CPU is cheap , which is good, because at the rate spammers like me waste it the costs still adds up. I am gald I never pay for it, and I would just as well that everyone else takes the additude that all of the resources I waste are cheap than band together and pass laws against us. No one should care about spam because Bandwidth is cheap, disk is cheap, CPU is cheap and it is your job to filter it.
Think you've seen this before? Don't complain. Just go through lots more work to set up special filers on your computer so that you will not see it again. Crawl into your holes, let us attack the real problems we have in getting our spam to the clueless marks that will respond. You should have to do that. It's the true geek solution, and I would really like it if you did.
No Karma is given if one is modded up "funny".
Since an article here yesterday pointed out that viruses are actually good for us, I suppose we must now conclude that spamming is good for us too, because it helps strengthen our anti-spamming ability.
Now I feel much better.
I personally HAVE been blacklisted (by ordb.org) and once I cleared up the problem (some ability to relay) I was let out. This took 2 hours total, so I feel comfortable USING ordb.org myself, now that I am responsible for protecting a large network from spam. I also use spamassassin, quarantining and a number of other methods to prevent false positives, and we do notify once you get past spamassassin.
If I did not use SOME rbl though, I would be sending out 6000 spam blocking notification messages a day mostly to people who aren't there or are not the real sender. Since I block things prior to getting through postfix, I am able to send them back a clear informative message on the blockage, DURING the transmission.
In any case, I have heard of lots of bad stuff about SPEWS and all but my experience with spamhaus and ordb are that both help block alot of mail, and are responsible with their efforts.
In any case, it is my business (and my company's business of course) how we handle our incoming stream. If we choose to use a blacklist that is our right. As it waspointed out, we could always create our own (It is pretty easy to create a dnsbased one even to share with a few friends or whatnot)...
No one is going to be able to stop ALL blacklists, but by attacking the large centralized ones, it does not IMPROVE the ability to get taken off an RBL. It just makes it harder really.
If you will present me with your name, address and phone number, I will find you and we can settle this whole spam problem mano a mano. Any takers? ;) I suggest that the rest of the Slashdot community follow my lead.
Un-news
This morning around 6:30AM MST, the spam levels on our work server dropped from ~800 spam/hr to ~35/hr. They'd been hovering at the 800 level for more than a week (most are not actualy spam, but "bounces" from SoBig.F faking our domain as the From address). It's staying right around 35 still about 7 hours later..
Not complaining, but very strange nonetheless!
Perhaps it's Something Awful that's doing it?
Fark seems to think so.
(Ever feel like you're writing for memepool or Everything2? I sure do!)
Lame Joke...
... for freedom. Those who controll the blacklists can make sure that certain messages other than spam do not reach their destination.
A quote of an earlier comment:
" Go to nana-e, and they'll tell you that robots from space run SPEWS, and there's no way to get a hold of them. They start with Class C's, then progress to banning class A's. Some of the crazies who post on nana-e even have the whole country of Brazil banned on their private lists. SPEWS had information too on DNS blackholing (i.e. preventing your users from going to internet sites) and on HTTP blocking. If it was anyone else (the government) who was advocating this, people would be outraged."
i.e. no matter how hard one tries, there is still a great chance of getting screwed by these vigilantes.
retrorocket.o not found, launch anyway?
Not that I disagree with them.
0 5
http://www.somethingawful.com/articles.php?a=16
Very funny.
Vanuatu.
You know what?
on that.
http://www.baarbd.org - bay area adventure racing
I took over an SMTP server that was an open relay. Spam had been relayed, so the server was blacklisted. I secured the server, contacted the various blacklists, and the server was removed from the blacklists. I had no problem with any of the blacklists, and had no problem getting the server removed. Of course I was polite, and I went through the appropriate channels...
The volume of spam is sufficient without removing the blacklists.
You got me into this! You were the ideologue! I'm only a poor assassin! - Twenty evocations, Bruce Sterling
Stop trying to enlarge your penis, spy on your neighbors, or accept business advice from a Nigerian!
Personally im just really sick of spam as Im getting it shoved down my throat in exceedingly excessive volume everyday.. There should be vigilanty action against spammers, just like what they (or someone on theyre behalf) is doing to us.
IANAL, but I'm told that you can sue the government to prosecute a case.
Perhaps you need to retain better counsel?
Put it this way, if the blocklists were properly funded, I'd bet they could pay people to actually check each business out, and respond quickly. Therefore, it would seem to me that the following methods should be available:
(1) Pay $$$ to get reviewed immediately. That money shouldn't be small either. As an ISP, you pass this on to the customer, by making him post bond if he wants his own email server. That bond equals the money it costs to get you removed quickly.
(2) Don't pay $$$, and get reviewed at leisure.
If you suggested that, I'm pretty sure the blocklists would respond.
That said, I strongly suspect that this is the spammers, and they are going to win this round. They won't win long term; nor will those who sell them spam facilities.
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
The mods are expressed in percentages to obfuscate editor modbombing. The post of doom showed hundreds of moderations that made it obvious that unlimited points were being used--and the editors learned their lesson.
Call (206) 338-5780 COLLECT for information about a genuine BA, BS, MA, MS, MBA, or Ph.D.
We use Spam Assasin on Sendmail. We have Sendmail configured so that when a message is positively identified as spam, we automatically update our local access file to blacklist the entire class C of the relay host.
I have been watching this closely for several weeks. Originally, I thought there would be trouble -- surely we would nail some legitimate networks and have to unblock them. But NOOOOO! Every day we reject more and more via the local blacklist and it's always the evildoers. I don't think anyone needs a DNS-based blacklist, all you have to do is harvest the power of the spam data you already have.
How about new new virus that replies to all the spam in your inbox and asks the spammers if they want to add inches to their penis? SoBig.P?
---
Lousy rotten karmic retribution.
"Sent: 2003-08-28 14:01
Reason: Spam warning
The message was received from a host that is currently on a spam list.
Additional info:
The sending host was: XXXXXXX.XXXXXXX.com
The SLS service was: relays.osirusoft.com"
Called and tried to tell them not to use osirusoft and got a "we are recieving email just fine thank you spammer" speech.
If you are retrieving a blacklist from a site that is that is down, remove it ASAP. When I first started as net admin here I was getting a lot of complaints about people not being able to receive email from other companies. After learning how our mail server worked I realized that the smtp daemon was getting blacklists from a big list of servers. What I didn't realize was that more than half of those servers where down. This was making the smtp daemon take forever to respond, which caused a lot companies mail servers to timeout when they connected to us. Removing the servers that were down fixed the problem.
"The Internet is a fad."
A clever person solves a problem. A wise person avoids it. -- Einstein
I was polite about it in (the beginning) as well. When this whole ordeal began I was a fan of blacklists and thought that they were great. However, the problem is that in 6 months, I have not received a single communication from them. For all that I know, the e-mail link on their page is broken. I followed the instuctions on their site exactly and still nothing. Perhaps it is just this Blacklist that is the problem, but it has been a nightmare for me. YMMV. Anyway, my opinion of black ists has shifted dramatically. They just are not the answer to the problem.
The Tools Of Ignorance wanna be a tool?
What are these classes you speak off?
OH. You mean those things we used back before CIDR was implemented in the mid-nineties?
I hate spam with a passion, but I feel equally about any mail admin that looks to blacklists to do all their work for them. If you happen to run your own mail server, and you are the only one expecting mail through it, then do whatever you want. But if there are people at the end of your mail server that are expecting mail to pass through and you are blocking it "on their behalf", then I hope you lose your job.
Don't expect people to pat you on the back when you have to tell them that the mail they're expecting isn't coming through because you happen to be blocking IPs in a particular range.
Good riddance, I say.
"The market alone cannot provide sufficient constraints on corporation's penchant to cause harm." -- Joel Bakan
This is why nerds should never be allowed out of their cages to speak about anything other than their narrow specialty.
A malfunctioning IP blacklist will give a message more points, but only a fraction necessary to send the message to dev/null
Thought of in another way is that the decision of whether the message is spam or not is distributed among lots of "decision makers" The weight of those decision makers is determined by the number of points they are allowed to assign to a given message.
We also use Spam Sleuth Enterprise to protect our server from SoBig.F. We just look for the text "X-MailScanner: Found to be clean" and set it to enough points to delete the message. It takes the load off of our internal servers.
Hope this helps somebody.
... against our mail servers.
They are eating up resources that we, or our customers / users, should be rightly using.
How do you stop a DoS attack? You block the offending IP's.
That's what the block lists allow mail server operators to do.
Whenever you receive spam promoting a web site, just (automatically) hit that web site, downloading the home page, all graphics, follow a link, repeat ad bandwium. Maybe some kind of distributed system can be set up so that when many people detect spam for a certain web site, it's automatically "visited" by everybody. Distributed slashdotting!
Bill Rapanos
85 Thorncliffe Park Dr.
Toronto, ON
M4H1L6
416-467-6585
416-467-8986
express4676585@yahoo.com
Here is his reference on Spamhaus.
You know, the one about the customer list of a business selling stuff via spam?
Scary stuff, and it just indicates how bad the problem is - all kinds of people actually do click on those links in the spam e-mails and actually do buy stuff. Scary. There's no way to prevent dangerously insane gullibility, although that would be a good first step towards fixing the spam problem.
Unfortunately, spammers are like bad apples - when they find a spam-friendly ISP, they tend to conglomerate. Second, you don't think that individual SysAdmins will do worse? At least with centralized blocklists, you can be removed. Try that with a ton of individual admins.
-Looking for a job as a materials chemist or multivariat
Yes, folks, P2P and PGP save the day again!!!
/. is beginning to look like a script from Star Trek:
Can someone please come up with a solution to a problem that doesn't involve one of these two?
"Captain, a Klingon Bird of Prey is de-cloaking off the starboard bow."
"Sound red alert! Encrypt shields with a public key and stand by to share files."
I think the solution is to make e-mail more expensive. A simple way to do this is to have the remote host work a difficult problem and respond with the correct response. A difficult problem could take the form of a brute force attack against a secret that has been encrypted using a small key. For example when the remote host connects to my machine I would respond with something like
220: sdiofuowqihr8o23nisdfhoqwienroqwerinqweo
Then I would wait for something like
SCRT this was the secret
My server would know the secret it sent over, the remote machine would require a reasonable amount of resources to decrypt the secret, making such transactions undesirable to spammers. I could even have a "white list" of sorts where I use a shorter key for IP address I trust and a longer key for IP addresses that are new to me. Just my $.02
Don't be a spelling pedant unless you are 100% correct.
instruction is spelled properly.
This is the web. Publicize it and draw attention to the problem. Advocate not using that particular blocklist.
Without spamming, of course.
posted his personal info on slashdot. The last few times I've seen it happen it's gotten some amusing results.
Give us the home mailing address of the spammer, our response will be "in the mail" in no time!!
Including names and addresses. The list claims that these 200 spammers create 90% of the world's spam.
Have fun.
Tech Public Policy stuff
Here's an interesting problem. The spammers spam because in a billion e-mails one or two people give a positive response... that's enough to justify trillions of e-mails. The blocking of a paltry billion or so e-mails is enough to justify trillions of packets in a DDoS attack.
So one positive response in a trillion negative or null responses is enough to justify the wrath of a trillion DDoS packets on hundreds of servers.
How do you remove the desire to perform such a futile and repugnant act as spamming when such small positive reinforcement causes such profound tenacity for spewing forth volumes of wretched bile on innocent masses merely seeking to expunge said bile?
The crux of the problem is that communication is now so cheap that it is easy to waste. If communication were more valuable people would spend more time on it. If you had to pay for each e-mail in some way you wouldn't recklessly waste them.
I propose we start charging the sender for each e-mail... but not money. I propose we charge each sender for each e-mail they send a percentage of their soul.
Each e-mail you send would slowly drain away your soul until you were nothing but a dried out husk. Sort of like Slashdot.
[signature]
Yes, many have the entirety of Brazil blocked. And for good reason, too. Doing so cuts out a huge chunk of spam and reduces the costs on the receiving mail servers and networks noticeably. It works.
The problem is that most of Brazil is served by one big telco monopoly that is operated entirely incompetently. That doesn't necessarily mean each person in that company is incompetent, but those that are not are surely aware of their inability to do the right thing and stop the spam.
Some people even blocked all of 200/8.
Now I don't actually agree with the actions those people did. What I did was scan those networks for patterns and figured out specific domains to block. I'm getting most of the effectiveness without the false positives. I do have almost all the cable modem and dynamic DSL lines blocked as best as I can.
But the real goal is to get spammers disconnected so they can't even send a SYN packet, much less make an SMTP connection. You have a better idea that meets those goals that what is being done now? If so, post it.
now we need to go OSS in diesel cars
We have been using Roaring Penguin's commercial Mimedefang & Spamassassin combination, called "CanIt" for around a month now. ( Interestingly enough, Roaring Penguin seems unreachable at the moment. Hmmmmmm... )
:)
It's incredibly effective. You can set up custom rules for identifying spam ( regex supported ), and the whole thing has a nice PHP-based interface. It was pretty easy to convince management that we needed it - typically management get the most spam anyway. And it's good to support a company pushing open source software
Previously I was using blacklists and my own ip-address list with iptables, but it just became too much, and this has dropped our spam from ridiculous levels to basically nothing.
Well worth a look...
Bill Rapanos
85 Thorncliffe Park Dr.
Toronto, ON
M4H1L6
416-467-6585
416-467-8986
express4676585@yahoo.com
Here is his reference on Spamhaus.
I am glad someone finally shutdown these holier-than-thou smartasses running those F***ING Blacklists. I hate those people with a passion.
I have had mail servers blocked a couple of times, and all I get from them is attitude and absolutely no help in actually fixing the problem. I don't want to be a host for spam, and I would love to fix the problem, but most sites act like they are so goddam smart becasue they know how to configure their servers but the best advice they offer to the blacklisted is "Read your documentation".
If you really want to help out the Internet, use your knowledge of spam and email to help out, don't just block the email and tell them to "read the documentation". They could at least send an email to let you know you have been balcklisted instead of waiting until your CEO screams at you because he can't send out the quarterly report.
All I can say to those "unfortunate" blacklisters is- dont't let the door hit you in the ass on the way out....
will put a stop to this shit.
No repeat offenders. Public hangings, broadcast on ALL television stations. Cable, OTA, satellite, whatever else there is. Mandatory viewing. Interrupt ALL programming, including little childrens cartoons, porno movies, PPV's, everything. FORCE everyone to view these executions and I assure you that less than a dozen will have to be executed before all spamming comes to a dead halt.
Also, vigilante justice should be the rule of the day. Catch a spammer (and hackerz) in person, terminate him (or her) right there.
The public executions will be reserved for those spammers that the official law enforcement agencies catch.
Law abiding citizens should carry handguns and should SHOOT TO KILL lawbreakers as the need arises.
Quit crying about crime, arm yourselves and fight back..
What happens then?
Individual systems and networks administrators block spammy networks.
This unfortunately means duplication of efforts, of course... but if it's what has to be done, it will be done.
And then, when Joe ISP's customers complain that their mail is bouncing or being blackholed, instead of having to do the legwork to get off a few large, well-known blacklists... Joe can go around to thousands or millions of individual sites that have his network blocked.
Frying pan, fire, etc. I pity the ISP's.
Personally, I don't care what steps they take to stop SPAM. If people took the time to inform spammers to just add a mandatory remove list to each spam (THAT WORKED!) I would say SPEWS are unnecessary. However, with the amount of junk I receive and have to filter everyday, I think SPEWs are doing what is necessary to wake spammers up. The fact that they bulk with fake accounts and are genreally sending you unwanted adsthem no sympathy from me. They didn't ask me if I wanted their bullshit... so why would I care if SPEWs persecute them on the highest level.
Spam really brings out the worst in everyone - both those who recieve it, those who fight it, and those who send it.
/. belong to this group, but I would include myself.
But there are some mature Internet users who do not believe the way to solving things is running a DDoS against a party or blocking subnets carelessly. I do not know how many are on
There is no panacea for spam. Sorry.
It is very unresponsible of any maintainer of a blacklist to target large IP blocks. There is no possible way to maintain such a list accurately without targeting innocent parties. Collateral damage is understandable, but it should also be looked down upon and avoided at great cost, not accepted. Imagine IPv6 blacklists.
Admins need to take the responsibility to make use of blacklists which are strict in the conservative sense (i.e. very specific). We can all understand this is not as effective as blacklisting the entire Internet.
This is really ridiculous and childish, except with adult repercussions. On the one hand, we have virtual fascism with blacklists. On the other, we have DDoS attacks to end them. And what does this do for the users? Nothing. More bandwidth wasted, more time diverted from the real issue, and disruptive communications.
The Internet is not a playground anymore. Some people actually use it for business, important communication, etc. We need to get serious, not extreme.
From a spammers point of view, these blacklists are just another form of DDOS aimed directly at them.
DDOS = Distributed Denial of Service.
Distributed as in there are multiple computers involved, all coordinated by some central host. Denial of Service in that it inteferes with a desired activity.
If you are a spammer, any distributed sytem that blocks your ability to send email is a denial of service that should be dealt with using whatever resources are at your disposal. This DDOS is best dealt with by decapitating the central host (blacklist server) instead of by trying to deal with all the zombies (mail servers) involved.
The resources available to a spammer are limited. They don't have the ability to get a court order to force the blacklist server offline, they can't have Network Solutions yank the blacklist server out of DNS space, but they can launch a retributional DDOS attack back at the blacklist server.
Adapt or die, no? These blacklist servers are interfering with the ability of spammers to conduct their business. Any solution that stops this interference is going to be worth considering.
...but good luck touching my Bayesian filters.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
I think this is cool. An epic battle between good and evil rages on the Internet. It's sort of like a Lord of the Rings for geeks. Oh wait, Lord of the Rings is for geeks.
Not sure what you mean, what lesson did the eds learn?
I used to use dnsbls. When it was clear that blacklists weren't sufficient, I used them in conjunction with filtering. Then I had trouble with false positives of various dnsbls to the point where I'm now only using the filters. Of course, simply filtering doesn't solve the network and computing resources problem. So I had hatched Yet Another Plan for Spam a while back (had mucked around a bit with implementing it but got distracted).
The plan is essentially to use bayesian analysis of incoming mail to detect "open relays" and maintaining a personalized dnsbl. Initially every piece of incoming mail is analyzed. Upon being tagged spam, the connecting IP is added to the dnsbl preventing additional relaying of messages.
Pros:
1. No external testing/probing is required. All blacklisted IP's have been known to be an originator/relay point of spam.
2. A copy of the spam message can be retained in case of any dispute.
3. It's a personalized dnsbl so that it is generally immune to becoming a target by spammers (either ddosed or litigation).
4. A false positive does not impact systems not directly under your control.
5. Corrections to the dnsbl can be made as urgently as your time would allow.
6. Saves network and cpu resources due to rejection of additional messages from blacklisted IPs.
Cons:
1. Bayesian filter requires training and maintenance.
2. Personal dnsbl also means personal attention. More time and resources required to manage.
3. Not immune to false positives (actually amplifies the effect).
I'm sure I've missed some points on both the pros and cons, but it's a start.
Additional details of the plan had included a web interface for the blacklisted IP's delist the IP. The scheme works on a token system. Each IP is given a configured number of tokens per a configured period. Each delisting requires a token and is subtracted. Hopefully, this will minimize manual effort as it's trivially easy to get delisted (only requiring the blacklisted admin to visit a page and click on a button). However, if the problem is not fixed and the same IP continues to get listed and runs out of tokens, then my plan was to have the blacklisted party to purchase more tokens (something like the same webpage generating a tracking number linked to a paypal account). That way, there would also be financial incentives for the admin to fix their open relays.
My intention with the personal dnsbl was to reject future SMTP relay attempts based on IPs that have been known to relay spam. It doesn't exist to identify every open relay or proxy, but simply to deny those hosts the opportunity to send me more spam. I could careless if someone is running an open relay as long as it doesn't send me spam. So my plan is to only reject mail from people that have actually spammed me, and not in theory of being capable of spamming me. And the reason to use the connecting IP instead of any content in the email is to prevent junk data (too easily spoofed).
Anyhow, that was my YAPS. If enough people used such a system, it would probably put a decent dent in spam and open relays.
Any volunteers?
good!!! hate'em, hate'em all.... as a matter of fact, i hope they all....
OOH, shiny thing....
I run a mail system for a regional isp and in the last week or so I have seen my average mail load rais exponentially. Right now I am processing more mail in a 24 hour period than I had previously been in over a month. There are alot of people that are using these blocklists that didn't have the good sense to set up their own and mirror that data. So if every incoming message represents a query to the dns serving the data and the mail load on a typical isp server has increased literally by 10,000% it stands to reason that sobiga-f certainly did create most of this problem.
Maybe they're not getting your emails because you're blacklisted? :P
Why can't the Justice Department just brand these guys, SPAMmers, and the like cyber terrorists? Then (based on what they seem to be doing to other terrorists) they can lock them up, throw away key, and civil rights be damned.
"Love is a familiar; Love is a devil: there is no evil angel but Love." --William Shakespeare ('Love's Labors Lost')
Having a system that works 99% of the time will still lead to that unlucky 1% being the victims of the system. Blacklists have to be accurate in what they list or some bystander is gonna get caught...
I'm actually a little surprised they managed to pull this off. Good for them :P
And don't give me this "I should be able to decided who I receive mail from". You should, but that's not what this is about. This is about power-tripping admins deciding to prevent people under their power from receiving mail that could be more effectively filtered by things like Bayesian filters and the like.
autopr0n is like, down and stuff.
In recent days, I've found I couldn't email my sister, my brother, my CPA, and my best friend - because 1 ISP decided to use OsiruSoft (and I happened to send email as OS was blacklisting the universe) and because 3 other ISPs blocked port 25 access for "dialup" IP blocks.
/29 domain.
But my domain's mailserver isn't on a dialup. I'm a small, but completely static and strongly anti-spam,
In each case I've had to spend a lot of time and get my ISP to send email saying I'm a small piece of a big static block - all my inside hosts NAT'ed and MASQ'ed onto the private IP blocks. I don't know, but I suspect there are *lots* of other small operations out there having very similar problems.
This, IMHO, is not the way to stop spam. Blacklists fail and, in some cases, are irresponsibly maintained. And if an ISP decides to arbitrarily block great hunks of the IP spectrum, they could at least get it right.
It's very frustrating being on this side of the phenomenon. I wasn't given a choice in the matter.
Please, somebody, fix SMTP!
~~~
Well, why these servers have been blacklisted? Sometime or another, they might have sent spam.
We all know that spammers look for open mail servers to send their email. So can the virus writers.
Imagine if we didn't have blocklists, of any kind. Open relay servers are numerous, and can be used to distribute worms.
The worms writers are smart. They want to take away central locations which can block their worms, so new worms will spread easier.
It's like AIDS. It takes your defensive systems and some other disease kills you.
you'd reply to SPAM too, ..er, wait.., you do!
But it gets ridiculous when people in charge of large ISPs start blocking whole countries or other large blocks of the net from their customers because they 'just don't like' those sections.
There was an article on salon a while ago about a woman who's email was basically made worthless because a lot of the people she was working with had been blocked by her ISP (roadrunner)
Lots of people do get screwed over by this. And a lot of people don't run their own mailservers.
autopr0n is like, down and stuff.
It sure is. Except most people would have written "instructions". You're right about not being pedantic unless you're 100% sure of yourself. Otherwise it can bite you in the ass.
Personally, I currently use TMDA to protect some of my accounts. It's a challenge/response system that uses whitelist/blacklist technology and sends a challenge to the unknown senders. This is quite effective at combatting spam since the challenge to a spam message usually ends up bouncing anyways.
The only problem with TMDA is that some people consider the challenge/response method to be quite rude (click here and do a search for "gunfighter" to read the responses to my comment(s) about TMDA). TMDA, and similar technologies, definitely place the responsibility for ensuring message delivery in the hands of the sender and receiver. In addition, there are other considerations such as the additional overhead of the extra messages. There are even cases where people who haven't properly configured such technologies end up getting into confirmation loops and screw up by sending a challenge to a legitimate mailing list.
To overcome these problems I've actually concocted, in cooperation with a fellow developer, an automated means of verifying the authenticity of an email message. While this may not stop spam cold in its tracks from the get-go, it will definitely be a step in the right direction. Instead of blocking entire IP blocks (or even individual IP addresses), companies, ISPs, and individuals will soon be able to compare against blacklists of individual users.
By using this technology in cooperation with a challenge/response-type filter, only individual senders flagged as potential spammers will be a) blocked or b) flagged as possible spam or c) receive a challenge/response. This will completely obsolete any and all current methods of dns or IP based blacklist(s).
Time-to-market is up in the air right now, but hopefully we'll have a prototype ready here in the next month or two. Hope to see you then.
-- Gun-- Stu
/. ID under 2,000. I feel old now.
Here you go: trojan arses
Someone has got to mod that up :P
autopr0n is like, down and stuff.
I'm very happy.
They first blacklisted all dynamic IP's and then the smtp of my provider (because some people were trojaned by spammers).
I never spammed anybody, I suppose they (theses stupid blacklist maintainers) also never spammed but now we are both blocked. I hope they will learn something of this experience.
Like the way curfew works in The west bank and gaza. If there's a terror attack, people in certan cities are put under '24 hour curfew'. Often times hundreds of thousands of people just to get at a few.
autopr0n is like, down and stuff.
YOU just don't get it.
... Absent meaningfull regulation, the ISPs are the only wall we have against the spammers. Therefore any ISP who hosts spammers is as guilty as sthe spammer himself. The ISP is a criminal against The Net, a defiant one, at that, and I would support absolutely every legal means taken against him, even if those means would include physical attacks, killing, torture, whatever.
"Inconvenienced ISPs"... pfff
Would these ISPs behave, we'd have no spam problem. They would have draconian TOS contracts nailing every spammer immediately, and they would do what it takes to enforce them.
As it is, the Spammer attacks the communication of mankind itself. This is such an enormouzs crime that most singular issues pale against it. He is, therefore, beyond redemption or humanity, has voided whateveer right to decency, compassion or respect he might have had, and should be attacked by all means available.
So. Spammer-Friend, go and spew your irrespon-sible drivel somewhere else.
And go to hell.
We are the Borg.
You will be assimilated.
Resistance is futile.
Your cam whores and enormous penises will be added to our own.
Your credit cards will adapt to service ours.
Your inbox, as it has been, is over.
From this time forward your hot teens will service us.
.sig Realistic fines for copyright in
I was a 'Collateral Victim' once. It wasn't fun, but I changed ISPs and have had no problem since. To say there was nothing you could do about it when you had problems is silly.
Read about a project here [puremagic.com] to implement a grey list at the MTA level.
It basically involes inspecting the sending ip, sender envelope, and recipient envelope. If the receiving MTA has never seen this particular combination of the three before, it does not accept delivery of the mail piece with a temporary failure message. The vast majority of spam would then be ultimately rejected because it is often sent through open MXs and not a valid MTA with valid sender and recipient envelope information.
It is designed to be a compliment to other anti-spam measures without being as inflexible and cumbersome as black/white lists.
Along those same lines, you could also do a quick reverse check to verify reply-to addresses at the MTA level.
The battle against spam is not totally lost, and we shouldn't cut off our nose to spite our face the way blacklists do.
I don't want to sell anything, buy anything, or process anything. I don't want to sell anything bought or processed...
Very likely, this person is trying to send email to people who are his customers, or his friends, or whatever. And they arn't able to get it because someone with power over their connection is censoring their incomming mail. If the only people using these filters were the spam nazi's themselves, it wouldn't be an issue. But they are making decisions for lots of unsuspecting people who probably care more about getting mail from people they know then punishing people for doing bussness with people who do bussness with people who once ran an open relay.
autopr0n is like, down and stuff.
But rather than one powerful figure and his buddies compiling secret blacklists, it's known people giving methods for their lists [both to add and remove].
Nobody's forcing you to use the blacklists. Nobody's not forcing you to use the blacklists.
Those of us who use blacklists accept that there may occasionally be collateral damage. Too bad. If it keeps one porno spam out of my daughter's mailbox, then I am one happy father.
"You might as well get your son a ticket to hell as give him a five string banjo." -unknown minister
Thas was funny dude!!!
As an employee of a large (very large) ISP I can tell you that we'd rather side with the spammers than with you. You are largely seen as renegades who've embarked on a campaign of "vigilante justice" (as evidenced by your words: "It works. Better than anything else"). For your sake I hope you do know that vigilantism does not work.
The ends never justify the means.
To keep out hundereds of spam e-mails a day, I'm quite willing to resort to 'Draconian' measures. I use several blacklists. I didn't use SPEWS because it was too restrictive for me. I suspect for many, however, it was appropriate for their situation and so they used it. What I am hearing in this thread on the opposing side - anti-SPEWS folks - is they think they have a right to send me e-mail and that I must accept that e-mail. I quite disagree.
economics and geography.
/. world?
Christ, do you people ever step foot out of your own private little
If you do all that stuff, you will not be removed from the list unless the people who run the list KNOW you've done it. If you can't contact them, how will they know? They won't. You'll still be on the list.
And sometimes you end up in situations where you just have a similar IP number even though you have no actual relationship.
autopr0n is like, down and stuff.
Maybe this is NOT even a DDoS attack at all. The SoBig.F virus includes its own SMTP engine, and so, is bypassing the smart host mail server at each of the various ISPs the infected machines are served by. It is now making SMTP connections to various MX hosts all over the network directly from that access IP address which probably never was used that way in the past by most people. DNSBLs are, or were, scalable because the queries done by the receiving MX servers to verify each sending IP address would be cached by the DNS server there for usually at least a day or two. That caching is effective when the number of connecting SMTP clients (the sending role) is small. What SoBig.F did was greatly increase the number of different IP addresses being SMTP clients. This could be immensely greater, many times the number originally seen. That would mean the resolving DNS server at the MX server site would be missing its cache much more often, both due to the more diverse queries being done, as well as the increased volume of mail. My theory is that this alone, if the increase factor is high enough, could overwhelm the authoritative DNS servers for the DNSBL zones and appear like a DDoS attack.
DNSBLs might have also be configured in more servers as a result of the SoBig.F virus going around, too, to help block it.
How to verify this would be to examine the range of source addresses hitting the authoritative servers. If the range is about the same as before, or generally represents the resolving DNS servers those MX servers are using, then I could be right. Still, it is possible for a real DDoS attack to fake exactly that so as to look like this theory holds.
If the attack has source addresses that are not functioning as resolving DNS servers, then the theory would be wrong. But resolving servers, when run separate from authoritative servers, are usually blocked from outside usage. So simple testing would be inadequate to show that they are not real DNS servers.
now we need to go OSS in diesel cars
Sign up for e-mail with another service provider.
As usual (for a pro-SPEWS poster), you've twisted the parent post to fit your facist world view. If you read carefully and without bias, you will find out that Fastmail.fm actually is extremely aggressive in killing spammers, often within seconds. Does some spam get through? Yes, up to 100 spams per account. Why? Becasue Spammers don't set the Evil Bit when they sign up for an account. So the spammers have to do something that identifies themselves as spammers. As soon as that happens, bammo! This is what I would call a zero-tolerance for spam. The statistics about valid:spam emails aren't to justify the spam that does get through. As you should have seen, Fastmail.fm kicks spam in the ass. They statistic is supposed to show the harm that the reactionary blocking lists are causing.
It makes one wonder when someone's *only* way to communicate with a university administration is through e-mail. No telephone, eh?
Did you email them from an IP in your blocked class C? Maybe they are using their own block list and never recieved your email.
Now that would be some mighty fine irony.
If the spammers can't take the hint (WE DON'T WANT YOUR SHIT IN OUR MAILBOXES, HINT, HINT), then I think they will have little choice *but* to take the hint when someone shoots up Boca Raton. No, seriously. These people aren't going to take a subtle hint like massive blacklists. It will take either someone sniping them one by one, or a massive lynching mob converging on Boca Raton.
But the best case scenario doesn't usually happen. So we're left with either A) Requiring that all E-Mail be authenticated (meaning a massive violation of the anonymity it offers), B) Draconian spam filters that drop anything not found in a dictionary, or C) Requiring that you take a TEST before being allowed to use a computer.
Personally, I vote for the test. What keeps this human trash in business is Complete *ucking Morons (CFMs) who probably also genuinely believes everything Miss Cleo says, and take the horoscope quite seriously. These CFMs are the ones who will believe anything you say, and are destined to recieve either a Darwin Award or the Dogbert Gullibility award in the future.
If you can't recognise spam, or don't know the difference between a hard drive and floppy drive, then I honestly don't think you should have your own computer, which no doubt will end up with every known virus and worm on it, along with a hidden directory set up by crackers to serve child porn over your unfirewalled internet connection, along with several spybots and spambots that feed everything you do to a spammer.
Ever notice that you start seeing all these problems on a large scale when computers became idiot-friendly enough for idiots to get to the internet?
... and walked onto OSU's campus, closed my eyes, and started spraying bullets around everywhere, because hey, some of them were the rioters we've all heard so much about. Yeah, I killed a few non-rioters, but, hey, it'll just make the famlies of the students I killed ask for harsher punishments of the rioters. And I didn't decide to kill anyone, ballistic physics did!
Obviously, that example is WAY over the top, but the idea is the same. Black lists are a form of informational terrorism, no more, no less. The DDoS attacks aginst the lists are a form of informational terrorism, no more, no less. Both sides of this conflict are using the same tactics to achieve the same goal (obliteration of the opposing viewpoint). Both the DDoSers and the listers are trying to sensor someone, and the people who get hurt are the people who can't do a damn thing about it and never wanted to be bothered by it in the first place.
If I don't know anyone in Brazil and don't expect to, why should I not block Brazil when all I get from Brazil is spam?
So the obvious solution is a distributed RBL. Just how to do that is a whole different story. A lot of persnickity problems to work out. Looks like a lot of fun. If you're interested, drop me a line. Add my username to the domain in my URL above for my e-mail address...
*Condense fact from the vapor of nuance*
If you had been on spews, simply fixing YOUR system would not be enough. They rely on collateral damage.
Or rather, did rely. In Non-Soviet America, collateral damage relies on SPEWS!
Sarcastic Insight! I love it!!!
The yahoo who modded him a troll ought to be forced to read all of MY spam!!!
On the contrary, spammers love Bayesian and any other kind of filtering because it doesn't stop them from sending their spam.
Correct, it just stops us from seeing it.
They love it when people "just hit delete" either manually or in an automated fashion through filtering, instead of actively blocking their junk and getting their accounts shut down.
If smart filtering were heavily applied they would make less money and go out of business naturally.
They don't mind that you don't get their junk; they will just increase the amount of spam they send tenfold every year so they keep making money on those suckers that are born every minute
Thereby increasing the number of people using smart filtering to help ignore the spam and make it less profitable.
until e-mail has been completely destroyed
Too late.
Blocking - aggressive, massive blocking and boycotting of spam supporting networks - is the only way to save e-mail.
And you think this why? Has the aggressive blocking that has already taken place helped the situation AT ALL? Spammers are still out there, still getting through the cracks. Except for me... I don't get spam, it's smart filtered away, and my false positive ratio is TINY, almost zero.
You can't say that about shitlists like SPEWS.
...if SPEWS and it's ilk disappear tomorrow. Overzealous blacklists have contributed more to degrading the usefulness of the internet than spam ever can.
Since the latest virii do DDoS attacks against the MS update sites and anti-spam sites, the really good virus writers would DDoS the anti-virus companies sites so that people couldn't get new definition files. Just imagine... if all the anti-spam sites were DDoS'd off the net and the next virus did the same to the update sites for MS and Symantic, McAfee, AVG, Skywalker, etc... the only choice would be to just turn off all the infected machines. Who knows how long it would take to get updates.
I don't have a problem with people keeping a list of IP-ranges that has spammers. What I don't like is having my e-mail filtered for me by my ISP
How much you want to bet this is someone, not a spammer that got blocked by these blanket lists?
-- 'The' Lord and Master Bitman On High, Master Of All
I don't like babies.
A/V vendors "update" sites. The natural progression is to DOS them.
/. post about Linux Rox! It's "Linux is distributed." I know 100 sources alone for updates to samba vulns, etc. Can you say the same for mcafee, symantec, Trend?
Each are well published, easy to identify, and would absolutely shit the pants off of Microsoft Large Customer X, Y, and Z.
The advantage here is not your typical
You can query SPEWS at spews.bl.reynolds.net.au
While SPEWS's tactics may appear "doomed to failure" in your eyes, they are having a noticeable effect on spam-friendly ISPs. If you read nanae you regularly see ISPs that have ignored all spam complaints for months or years finally start dumping their spammers in response to a SPEWS listing.
Alaskans eat a lot of it too.
Furry cows moo and decompress.
it takes me 10 SECONDS to shut down a spammer.
why does it take you DAYS?
OOOOOOOOOOH! Lions and tigers and bears, Oh My!
Spamhaus.org is a nice convenience to have, much like a toilet. It should have police powers. Imagine, if you will, what fun it would be. An automated policeman much like Orin Hatch imagined, but for spammers, and VERY mobile, agile, and hostile.
Yes, they are dangerous, but so are a lot of other ree-taards. Somebody has to live next door to them.
Any preoccupation with ideas of what is right or wrong in conduct shows an arrested intellectual development. (Wilde)
...for good? STOP THE spam. Get ISP's to listen to abuse@. Act to get spammers off their network. Work with the General public and not the "$$$" marketers. Boycott those who use spam to sell their services ( i've stopped shopping at several stores because they chose to spam ). Boycott ISP's who knowingly host spammers. Vote with your wallet.
If it had been political, such as the case of the 20 year old with a link to a bomb making site, they would have gone at it like a pack of wolves.
In any case it does at least serve to give you a sense of your true worth to the government.
A mailbox at pobox isn't going to help you there, you still have to send via your local (blacklisted) ISP.
Got time? Spend some of it coding or testing
> (Score:2, Informative)
> This wouldn't be a problem if everyone just
> started setting the "Evil bit" on their spam
> packets....
I want some of what the mods are having.
No, you cannot sue the government (either federal, state, or local) in order to force a prosecutor to either file a suit (either criminal or civil) or bring a case to trial. Prosecutorial discretion is amazingly broad. Different rules apply to judges -- they can sometimes be forced to take action.
A lawyer & digital forensics examiner. Also an expert on open source software (OSS).
What else was on the ingredient list?
Got time? Spend some of it coding or testing
...every computer in this household is also its own mailserver. With PostFix it's easier to do that OOtB than to configure various things to use a single external mailserver.
Got time? Spend some of it coding or testing
...and it seems to be mostly effective for those accounts mailboxed there.
My oldest email account isn't filtered at all and gets maybe 200 spam and 2 useful messages per day. Not a happy ratio.
Got time? Spend some of it coding or testing
In no particular order
c ast.blackholes.usc kholes.uso les.us w an.blackholes.usl es.ust .blackholes.usb lackholes.usl ackholes.usb el.dkl ackholes.usy net.nle asynet.nld sbl.org
cihost.blackholes.us
turkey.blackholes.us
com
att.blackholes.us
nigeria.bla
russia.blackholes.us
argentina.blackh
brazil.blackholes.us
japan.blackholes.us
cn-kr.blackholes.us
hongkong.blackholes.us
tai
china.blackholes.us
he.blackho
rbl.mail-abuse.org
rr.blackholes.us
qwes
wanadoo-fr.blackholes.us
rogers.
mexico.blackholes.us
dynamicpipe.b
media3.blackholes.us
spamsources.fa
relays.ordb.org
sbl.spamhaus.org
verio.b
level3.blackholes.us
blackholes.eas
proxies.blackholes.easynet.nl
dynablock.
dnsbl.njabl.org
bl.spamcop.net
list.
The first thing I'd like to see is a mailserver plugin that uses a peer-to-peer blocklist sharing client to mitigate the damage done by DDoS attacks against one server. If not this, then an Akamai-type setup needs to be done.
The second thing I'd like to see is for ISP terms of service to change such that if the computer takes place in a DDoS attack due to a patchable bug in the operating system (coughWindowscough), they lose their access until they can prove the patch has been applied and the virus/trojan/worm removed.
Ok we have all this wonderful file sharing technology avalible, why not put it to good use. Why not build a distributed black list. One that is shared over an automated file sharing network similar to Napster or Kazaa. DDOS only works with a target, with 100 or more geographically diverse machines sharing it I wish them luck. Make being able to access the list depend on your willingness to share it out too. Of course someone would have to figure out the infrastructure but this would rock.
Sick of stupidity? http://www.patentlystupid.com
...is the favorite buzzword of the newest victim class. Any unwanted email is spam--evil incarnated. I manage a number of websites for small sporting goods retailers in the NE US, and I also manage their email advertising, and in the process send out ~3000 copies of their email newsletters every two weeks, but only to the legitimate customers of my clients. Indeed, most of the recipients HAVE ASKED to recieve my clients' newsletters. Occaisionally someone requests to be taken off the list, and we do so immediatly.
Apparently that's not good enough for some people, because lately we have been getting bouncbacks that mention "mail-abuse.org". Apparently someone 'dropped a dime' because we've been blacklisted! I checked their website and it exhorts visitors to 'fight spam' & suggests that visitors "report spammers"
Isn't that special!! Under our Constituion, the accused have a right to know their accusers; & are presumed innocent until proven guilty.
I guess that doesn't apply to spammers!
Seriously, the tactics you support (SPEWS et. al) are identicle to those used by totalitarian military states. "What? He doesn't crack his eggs on the big end?!?! Kill him and every one he knows!" Or more common nowdays: "He's gay? Let's beat the shit outta him and his friends 'cause he might have infected them!"
So you feel like blacklisting is similar to gassing kurdish children or hate crimes? Give me a break. You've dismissed yourself from intelligent conversation about the matter. Wipe the spit off your chin and go see a movie or something.
It's censorship allright, censorship of STUPIDITY. I've never setup a mail server in my life, but even I would know to make sure it wasn't a relay. Anybody that can't telnet ip 25 and check shouldn't be allowed near sendmail or any other mail server. Anybody that sets up an open relay needs to...
a.)Be blacklisted for a while.
b.)Hire a real admin to set it up.
For most "accidental" open relays (small companies, guys with a t1 and an employee that knows "all about" exchange), Getting out from under it is as simple as getting another domain and or IP address. Anybody that can't figure that out needs to...
a.) Be blacklisted for a while.
b.) Hire a real admin to set it up.
One ISP I worked at decided to run their own relay checker and shut down their own customers who had open relays. With very little effort they were able to prevent blacklisting. They did it because they hated SPAM (and were responsive to their customers who felt the same), it was easy to do, and they hated STUPIDITY, not because they were scared of ORBS.
The company I currently work for didn't bother to police their own network and was blacklisted by both AOL and RoadRunner (or at least whatever service they used) at one point. If it hadn't been for the blacklists my company wouldn't have bothered to get it under control (which they did, then got off the lists). So what happened was...
a.)Got blacklisted for a while.
b.) They got a real admin to take care of the problem.
c.)Started enforcing the fines they already had in the user agreement.
I LOVED sending those people to billing to pay their 500$ fine. HAR! In that way the blacklists (which are completely optional, and can be dropped at any time, and in all cases this is done in response to customers excercising THEIR freedom to take their business somewhere else) have increased ISP responsibility. That was sure the case here. Spam is the ultimate waster of bandwidth and storage space (besides my slashdot posts and the blaster worm) and needs to be dealt with.
What about your right to choose? Choose another email address. The list keepers and listusers are in business to make money and blocking spam is an attractive selling point. The fact that Shawn Atkinson was afraid for his life should give you some idea what a selling point it is. Maybe you want/need all that email about fat butts and small wieners. I don't. Well... maybe I NEED it but it hurts my butts feelings (yes my butt is so huge that it has feelings of it's own). Spam is not the price anybody HAS to pay so YOU can feel "free".
What about the "vigilante" method? I mostly liked the way Shawn Atkinson was dealt with, but realistically that doesn't happen often enough to be the only way of dealing with the problem. Granted there needs to be better notification and ease of remittance in some cases, but it doesn't kill any kurdish kids, may actually SAVE the lives of some homosexuals (less hate-spam), and makes me feel better about having a really huge butt and a small wiener.
"sensitive me: These pants make my butt look HUGE!
realistic me: No dude, your butt IS huge."
me
our company's T1 is provided by a company (Lightyear) that gets their upstream from a company (UUNet), that supports spammers.
So what exactly is stopping you changing your ISP?
What I use it for is my own business, JUST like a toilet-like device.
Nobody tells people how to use it.
Nobody can deny that, eh?
I wish they would sell Upper Canada here but it is natural.
Any preoccupation with ideas of what is right or wrong in conduct shows an arrested intellectual development. (Wilde)
As soon as something hits MY property. I choose whether I want it or not. No one has a right to enter your property. It's a privilage you grant them that you're free to revoke at any time for any reason.
The spammer only has a right to send spam from their computer on their connection as far as the ISP allows them to use their property for such a purpose. He doesn't have a right to utilize my connection and my resources to get to me or through me to someone else.
If you're my neighbor you can drive all over your own lawn all you want but you have no right to drive on my lawn to get to my front door and you certainly have no right to drive through my lawn to get to my neighbor on the other side.
This whole spam issue should be handled with existing property laws.
I personally don't care if SPEWS or whoever else is shut down. ISPs should be generating and maintaining their own blacklists. Or forming and maintaining a common list between trusted ISPs to prevent abuse and make it easier for customers to request additions or removals.
I have my own blacklist for my mailserver which is added to on an "as needed" basis. If I'm not getting tons of spam from Asia I don't very well need a thousand IPs to clug through looking for matches everytime an e-mail comes through.
Ben
Work Safe Porn
I generally do like blacklists, but I do not trust them to get everything right.
:) for mail.
My ISP has multiple POP boxes for each customer though. Currently all the spam gets into one box and the (presumed) legit mail gets into my normal mail box.
Now and then some legit mail gets into the spam pop account. Now and then I check this account for messages that are non-spam. Until now, only some mailinglists have been incorrectly identified as spam (ironically, mostly from IT security companies).
There is still an amount of spam in my inbox too, but some rules take most of that out as well.
I would not want my ISP to throw away all the mail they think as spam; they should never do that without my consent. But blacklistst do not have to be a 0 or 1 (or black or white
Warper
0 - evil bit
On the contrary, spammers love Bayesian and any other kind of filtering because it doesn't stop them from sending their spam.
Does anyone know of any work going on towards sharing the filters? IOW, if the training of a bunch of users' filters could propagate up to their ISP, and ISPs could aggregate, then any particular spam message would rapidly find less and less of the MTA's willing to let it through.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
I'm sure you enjoy your overblown rhetoric, but your history is a little spotty there. If the real fascists had simply published a list of people they didn't want to listen to, then about twenty million people who died in the 1940's would have lived a normal lifespan.
SPEWS doesn't turn off your net connection. If you're in the SPEWS list, then they're just telling *me* that I might want to drop your packets on the floor if I don't want to be recieving spam. I don't have to listen to you, and neither does anyone else. If you don't like that, tough.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
- That's a great idea. On the other hand, I live in a small town with exactly one feasible ISP that's not a residential cable service with incoming port filters.
Has the U.S. become so backward an nation that one is forced to have a choice of one provider? In Japan, even out where there are nothing but hills and rice paddies, if you've got a phone line, you have a choice of providers - and broadband providers at that.
Maybe it's your representitive or the FCC that you need to be complaining to. They're the ones allowing these monopolies to grow and fester.
My Mom and Dad keep trying to convice me to move back to the U.S. with their only grandchildren, but between what I see on CNN and what I read here about the backward state of ISPs over there, I don't forsee ever moving back.
SPEWS appears to be the least of your problems.
...is when it'll be legal for me to hack the shit out of anyone who spams me.
It's the Society for the Promotion of Elvish Welfare ;)
Since posting our original comment earlier today, other facts have come to light. In our Opinion posted on 24 May 2003 we outlined who we believe is responsible for SPEWS. Since then, certain details have changed, in particular the registration information for Wewak.net, which has been alluded to in the NANAE group as the host of SPEWS.
Pete Carr Owner Chatmag.com
whattahell is tubgirl? :)
and no, i dont wanna google it at work
class he-man extends man!
How can you decide if others want to receive email form Nigeria or not? If you are running a private server for yourself, then fine, do whatever, nobody cares.
we hate spam right? When we catch one of these motherfuckers in a large city, we should be able to get 100-500 geeks together and lay the smack down on where ever these guys go. Pester the fuck out of them. It'll be fun. Yeah!!
Please learn speaking English.
Another clueless lament by blocklist worshipers decrying the "obvious attack by spammers." To yet another blocklist.
Please allow users to decide what is spam and what is not. I can take care of my own email filtering and spam filtering.
If you claim I am a spammer because you disagree with me you better be able to prove it. You can't I am not.
The solution to this problem is end to end ip tracking not blocklists.
As you can see I don't care about my karma.
Awesome. Thanks for sharing.
From reading the postings already, all I see is 'my ISP's entire C-block' was black listed... So how many 'entire C-blocks' are there out there?
Anybody know of any that are not blacklisted?
anti-spam technogoligies DON'T WORK! {SHOCK-HORROR}
it's really taken people this long to work this out? I'm stunned with amazement.
The real problem is large ISPs/backbones like UUNet/MCI, Cogent, Comcast, Level3, China Netcom, AT&T, Brasil Telecom, and Above.net (among others) who flat-out refuse to do anything about the spammers to whom they provide connectivity.
Complaints sent to any of them are promptly auto-acked and then /dev/nulled (if they don't bounce) and so the spammers keep on spamming, most likely due to ephemeral pink contracts and the crooked marketing/sales departments that agree to them, who then put pressure on abuse personel and network admins to ignore complaints about the contracted spammers.
Because of this, those large ISPs and backbones end up on blacklists, DNS blocklists, and a wide variety of other filters. For them, the money they make off the spammers seems to be of greater concern than the money they make off legitimate customers, i.e. those who end up with their netblocks on every blacklist because of who their providers are.
If it weren't for rogue ISPs and backbones, there would be little use for blacklists or blocklists. However, those reprehensible companies do exist. And because of their policies on spam, they continue to be blocked. Money gained from spammers guarantees the blacklists' continued existence.
It's all just cause and effect. As much as it sounds like a conspiracy theory, I truly believe that it isn't, after fighting spam, one email at a time, since 1997.
This is false. They don't typicaly start with Class C's. Do go look at SPEWS listings yourself and see. Don't ask nana-e posters for more hearsay.
Frankly, the slashdot moderation is stumbling, IMO, many of the +5 posts on this thread are active misinformation designed to discredit DNS blacklists, precisely BECAUSE they work. (This was discussed on N.A.N.A.BL a while ago.)
This crap about the attacks probably not being from spammers is just that. Who else would would break the law to do so? (These attacks are illegal.)
Please mod 5.
Make 'em pay! http://Payola.org #include "stddisclaimer
Bush cites 9/11 to justify everything... http://www.washingtonpost.com/wp-dyn/articles/A574 56-2003Sep10.html
so there.
because I have been enjoined by this Holy Office to abandon the false opinion which maintains that the Sun is the centre