SPEWS Adds DSL Reports to Block List

← Back to Stories (view on slashdot.org)

SPEWS Adds DSL Reports to Block List

Posted by timothy on Tuesday January 20, 2004 @09:14PM from the but-they're-good-guys dept.

Kylow writes "Last year, Slashdot publicized our efforts at DSL Reports to pursue a group of spammers who had spammed our forums. The Slashdot community immediately pitched in to help, and the publicity wiped the sites owned by the spammers off the internet. Fast-forward to today, and the popular yet often draconian block-list SPEWS has added DSL Reports to their blocklist due to the activities of other websites hosted on NAC.net. DSL Reports users are less than happy. This is hardly the first time SPEWS has been accused of going too far."

4 of 814 comments (clear)

Min score:

Reason:

Sort:

Level 2 by Phroggy · 2004-01-20 21:21 · Score: 5, Interesting

Comment from At Sea:

your mail server is NOT BlackListed! If you look at the listing it is at level 2 the [2] means level 2. Read the SPEWS FAQ. No one blocks on level 2 listings.

Level 2 listings are netblocks which are watched carefully for evidence of abuse, usually because the adjoining netblocks are in use by spammers, and because the provider (NAC in this case) is ignoring complaints about the abuse, or is doing nothing to remove the abusers.

But, from the SPEWS FAQ, The Level 2 list ... can still be used by small ISPs or individuals who want a stricter level of blocking/filtering. "No one blocks on level 2 listings" is obviously wrong.

--
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
1. Re:Level 2 by Anonymous Coward · 2004-01-20 22:00 · Score: 5, Interesting
  
  "No one blocks on level 2 listings" is obviously wrong.
  
  You're right. A more accurate phrase would have been "ISPs who cannot afford a critical mass of false positives do not block on level 2 listings."
  That's the majority of ISPs, and certainly all of the big ones. Very few block on level 2 listings.
  
  Small ISPs or people like me who run an SMTP server for less than ten people (who really hate spam and are willing to deal with some false positives) have thought about it and are willing to reject inbound email from entire netblocks that are owned by sleazeballs who take money from spammers, even if it means a half dozen false positives a year. We block about 200 spams a day using a combo of spews, ordb, and spamcop, so it's definitely worth it. If that makes life difficult for the sleazeballs who take money from spammers, fine. If it encourages their legit customers to get pissed off enough to threaten to move elsewhere and stop giving the sleazeball ISP their money, that's great too. I love the fine spam-haters at DSL Reports, but they need to realize that they're pissed off at SPEWS because their ISP is hosting spammers. If they want to ignore that and place the blame totally on SPEWS, then I'm willing to chide them by bouncing any email they send my way for a little while.
  
  I like SPEWS and it's my choice as to whether to use it or not. Nobody else has to like it and nobody else has to use SPEWS if they don't want to.
Re:The problem with lists like SPEWS... by Dimensio · 2004-01-20 22:01 · Score: 5, Interesting

NAC has been what I would call a "good supporter of internet society" offering decent services and a good location without degrading into a plain and outright capitalist corporation.

NAC.net harbors known spammers, despite repeated spam runs and subsequent complaints. This means that nac.net is not a "good supporter of internet society".

--
STOP MISUSING APOSTROPHES, YOU MORONS!!!
The SPEWS philosophy by Malor · 2004-01-20 22:24 · Score: 5, Interesting

From what I have gathered, the SPEWS philosophy isn't just indifference to collateral damage (ie, 'civilian casualties'); they actively do this damage in order to try to force ISPs into changing their habits. And they are extremely difficult to both reach and reason with; you can post on a newsgroup and hope someone pays attention to your pleas.

I don't know if the actual newsgroup replies come from people who make decisions with SPEWS, but those replies are amazingly hostile. "Oh, you're blocked? That's because you're on a crummy ISP that allows spammers. You're on a contract and can't switch? Well, you'd better start calling your ISP, because the block on your addresses isn't going away until the spammer adjacent to you does, and maybe not then, because you're a whiner."

(ok, ok, that last part was a bit of hyperbole, but it's not that far off... check dejanews!)

Admittedly, they're not killing anyone, but the tactic of deliberately attacking people who are only tangentially related to your real target is often called 'terrorism'. The consequences here are far less serious, but the fundamental tactic remains the same.... someone is doing something you don't like, and so you hurt a whole lot of people to try to force them to stop. So I don't use SPEWS.

There are a number of other, much saner, blocklists available, and the advent of Bayesian filtering is a VERY big deal. I am personally using a combination of postfix, maildrop, SpamAssassin and bogofilter, and I get amazing results; I only started training about two weeks ago, and the spam I have to deal with has dropped by over 99%. I get 1 or 2 false negatives per day, and I have had only one false positive since I started using this system. It does take a little maintenance, but it's much less annoying and intrusive than the constant attention digging through spam takes.

It is possible, in other words, to do an exceptional job of stopping spam without contributing to a form of terrorism.