Slashdot Mirror
Spanish Internet Provider's SMTP traffic Blocked
Andrew D Kirch writes "After being barraged by spam and 419 scams from Rima-TDE and telefonica.es [translated], the AHBL has announced that all of Spain's national ISP's e-mail will be blocked by their blacklisting service. One has to ask though, is blocking an entire country like this the future of spamfighting, or has something gone horribly wrong?"
It is an extreme reaction; there's no denying that. But perhaps it's the only way for governments to take spam seriously and take action accordingly.
People say I'm crazy, I got diamonds on the soles of my shoes...
It seems to me like this whole concept of Spam blacklisting is a matter of the blind leading the blind.
If you trust your mailservers to automatically block whoever's on a blacklist, you've basically handed control of your mailserver's main function over to somebody else... but those somebody else's are just self-appointed dimwits who eventually get drunk with power and do something crazy like blocking a whole country worth of IP space.
Sorry. This ain't the solution to Spam. It's a band-aid on a system that's much too wounded, but we use it anyway...
This is crazy, blocking an entire country because of spam - while I can appreciate the 'irritation' of receiving spam, the dis-service imposed by this massive block will greatly outweigh the 'service' it's supposed to perform.
It's like back in school, when the entire class would be put into detention because of the actions of one person, it was a pathetic method then and it's a pathetic method now. Ultimately, it comes down to the teacher/blocker being lazy and hoping that such drastic measures will induce the 'masses' to seek out and obliterate the offending party. I never saw such 'action' succeed at school, I doubt we'll see much happen from this either (apart from iritate a lot of people).
*disclaimer: school was more than half a lifetime ago - so perhaps my brain is rusty by now.
Bad luck to those ligitimate ISP's out there that get brought down by a few big National ISP's.
Blanket measures like this are wrong. Target the individual ISP's that are known bad.
some suggested other countries be blocked in the past, but i believe over half of all spam originates from the US... i figure they probably should have tried to get the isp to kill the accounts sending the e-mails instead of blocking the country though... that seems kinda insane, cause you know once the kiddies see that they can get whole countries blocked, they'll jump right on it, and then the blacklist would be pretty worthless wouldn't it ;)
Sounds like the post-9/11 mentality. You know, that "I don't care what you have to do, do SOMETHING!" mentality.
Look where that got us, eh?
One has to ask though, is blocking an entire country like this the future of spamfighting, or has something gone horribly wrong?
What went horribly wrong is that Telefonica should allow spammers to operate on their network. So yes, blacklisting them would, perhaps, send a much-needed signal to them.
Actually, if it was running a spam blocklist, I'd suggest that administrators using it automatically send out, every 1000 blocked mail or so, at random, an email explaining why an email from this domain was blocked. Eventually, such an auto-reply is bound to reach one of the domain's legit customers (in this case, Telefonica) who would in turn demand explanations from the ISP they leave money to.
Getting ISP customers to fight the spam war they would normally don't give a toss about is, in my opinion, the way to go against spammers.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
This is amazing really.
All the democratizing functions, promises of free education, free dispersion of information, increased international communication and understanding..... all these things that the internet promised is being brought to it's knees because of penis enlargements, nigerian fraudsters, and greedy marketers all wanting to make a buck!
Don't mod this funny! It's NOT!
(Actually, now that I think of it, TV suffered the same fate. Originally touted as an educational resource, it turned into the junk box it is today. It's just history repeating.)
READY.
PRINT ""+-0
This is the same reason why organizations such as Spews.org, when leveraging their clout correctly, can get things fixed: they get the regular end users after the ISP to fix their problems. Spain now can't email a LOT of places. Spain. Not just TDE customers, but ALL people there. Now, all of TDE will be complaining to TDE, along with TDE's partners. Their competitors. Heck, maybe the government. They'll clean up their act, or else. If they don't, that's fine too, if they don't want to email anyone.
Remember that no one on the Internet is obligated to accept traffic from anyone. Be it email or otherwise. If I choose to block you from mailing me via my website, or from even viewing my site--or if I decide this of your entire country--that is my decision. My IP address(es), my mailbox, my rules. ISPs flaunt my wishes by spamming me, and they get dropped.
So, again, why is this bad if it forces them under huge pressure to fix their issues?
Dude, where's my packet?
e-mail will be blocked by their blacklisting service
Nope, only *you* can block email to *your* server.
I've been blocking all of china for 2 years now. Basically if its in unicode, my server rejects it.
-Polyhead-
Uh... the site says:
Blackholes.us does not list spammers, spam supporters or vulnerable hosts at the present time. These lists are meant to contain all known networks assigned or allocated to the respective provider or organizations within the respective country. Lists are created for research purposes, primarily, and are made public for any use others see fit.
Really, all they're giving you is a list of IPs assosicated with the named nation or company. If you were to use all of those blacklists at once, you will have blocked out nearly every major hosting firm in the USA, and a good chunk of the world. Not just the spammers, but everything within those ranges. This is definitely a "We can't find the criminals, so we're nuking the town!" defense plan.
These lists are valuable if you want to lock out an entire provider... but realize that you're going to throw out a lot of legitimate servers in your quest to block a few Spammers. Unless you're sure you're never going to have customers in Mexico, don't throw out all of Mexico's IP space in one swipe.
Also, beware that these lists don't sort datacenters from customers. EV1's IP space for example is mostly servers, but they do operate a regional ISP as well. Block that whole range, and some dial-up customers might try to reach you and fail.
Think before you block...
If you don't agree with a BL's listing criteria or policies, don't use it.
There's a variety of DNSBLs out there. Some attempt to list spam sources (IPs from which spam is injected) with surgical precision whilst others go for the 'spam support' services, typically listing increasing swaths of space as the responsible party refuses to act (SPEWS for one).
In many cases the surgical approach simply won't do. Playing whack-a-mole with a fake ISP/spam support service isn't everybody's game.
Are you drunk, crazy or both?
Spain is one of the largest economies in Europe and one of the largest tourist venues in the world.
Apart from this, are you preparing to negate the value of communicating with a whole country for the convenience of not having to delete a few emails?
You must be nuts!
Pragmatism as an ideology is not particularly pragmatic in the long term. Keep it in mind when you dismiss Free Software
I believe Poor Richard's Almanac (written by Benjamin Franklin) which went something like this:
When solving a problem it is common to take a method and try it. When it fails, try another. But above all, do something."
According to this ( http://www.telefonica.com/quienes/ing/ ) they're pretty big; the major telephone company of Spain, as far as I can tell.
At least the system would government controlled and thus a lesser evil than the tyranny of vigilante groups like SPEWS.
Boy you are a True Believer(tm) aren't you!?!
Name one thing the Government (any government) does well?
As For SPEWS and others, their actions are based on actual monitored events (spam) and not the whim of some dictator or someone doing a favor for a bribe.
Further, the use of these BlackLists is TOTALLY voluntary. You don't have to use them. Run your own MTA.
But let the government get ahold of this and no one will speak out of turn.
Sig Battery depleted. Reverting to safe mode.
1) It's not like this has not happened before. Also cf usenet death penalties.
/. editors and submitters would finally get a clue and stop posting nonsensical drivel. Slashdot used to be cool, but it's gotten soft and annoying. Go ahead, mod me down, confirm my point...
2) Usagle of any BL is voluntary on the receiver's end. Don't agree? Don't use it.
3) If the IP ranges listed are indeed a major source of spam, then of course there is nothing wrong with blacklisting them. If this happens to be the entirety of Spain, then so be it.
In short, I wish the
Personally, I get anywhere between one thousand and one hundred thousand spams a week directed at my domain from some asshat in Brazil. They come addressed to user1@mydomain.com, user2@mydomain.com, etc., in alphabetical order. Tens of thousands of them. And that's just the Brazilian stuff. That doesn't include the mortgage ads, 419 scams, porn ads, and advertisements that will help me make my wife's penis larger.
Since I'm the only person who uses my domain, and I don't read Portuguese anyway, these are nothing but a drain on my bandwidth and resources, even if I were inclined to buy penis enlargement cream for my wife.
And since I use a hosting service I can't implement a connection-level block because I don't have root on the box. Implementing SpamAssassin on the hosting server brings their box to its knees (I know because I've done it and they shut down my account); instead, I have to dedicate one of my own boxes to scanning all this shit -after- downloading it. My box does virtually nothing else.
And since my domain is my last name, I can't exactly change it easily.
SMTP is broken. It has outlived its usefulness, and it is past time for it to die. Born in an era when the internet was a far safer place, patches and scanning placed on top of it to stop spam do nothing to put the burden of sending mail where it belongs: on the sender. While tools like SpamAssassin, SpamBouncer and RBLs help us to avoid seeing the crap in our inboxes, they remain kludges that still eat up our processor time, bandwidth, infrastructure and money.
But all my work in call centers has taught me that stupid people will always exist, and that some of them can never be taught to behave properly. This means that any schmuck with enough money and enough time and some basic Google literacy can set up a broken copy of $YOUR_FAVORITE_SMTPD on $YOUR_FAVORITE_OS and become the latest spew.
Proposals exist (Dr. Dan Bernstein's Internet Mail 2000 is one of several) to shift the burden of storage and processing from the receiver to the sender. All well and good, but nobody's bothered writing a bunch of cross-platform implementations that everybody will actually switch to, and that Microsoft won't be able to embrace and extend.
So where does that leave us mere mortals, except to use the hypersonic planet-smashing axe to kill the maggot-laying fly?
Remove the caps and hold to a mirror.
Thanks for listing thousands of good net citizens as spammers!
TDE is an abusive monopoly, it has been fined for abusive actions, and sure, they don't care about his customers, but blacklisting a whole country does not help, because abussing innocents has never been the right thing to do.
Hey AHBL people, there's a new goverment in Spain, why not to contact them before listing thousands of legal sites as spammers? Care to explain? I don't like monopolies, and I have not simpaty for TDE, not at all, but you're damaging OTHER people!.
What's in a sig?
What's in a sig?
Contrary to what many people seem to think here, the announcement doesn't say thay'll block the whole country. That measure would be draconian, along the line of nuking a city to quench a major disturbance.
Instead, they say (correctly) that they are blocking the offending IDE, which "is the govt run ISP of Spain" so it can be expected that this ISP provider is a major provider, and many people will be affected. I believe that. Telefonica was, until a few years ago, _the one and only_ telephone communications provider of Spain. It is BIG.
This is unfortunate, but _if_ this provider really is such a non-cooperative major source of spam and hack attacks, then I can't blame them for blocking it, much as it pains me.
Salutaciones, JCAB
Blocking specifics doesn't work. History does not bear out your suggestion.
SPEWS may be despised by some, but they aren't at fault. They do nothing but create a list. It's up to everyone else to decide what, if anything, they want to use from that list. It's no different than any other BL floating about out there - perhaps it's because SPEWS is willing to pull the trigger a bit sooner?
I'll wager good odds that if an IP address is in SPEWS it's at at least one [or more] of the other most-frequently used BLs. It's a fad - it's easier to bitch about something everyone else is whining about.
All SPEWS does is list an offending address. If that doesn't work [after a period of time], then moves upstream to list the next level of the tree. This captures the next branch and the first opportunity for another ISP to be involved. Each period of time in which there is no positive response (removal of the offending resources), the BL listing keeps moving up. Eventually, the customers will complaining to their ISP about their email bouncing.
Why is it done this way? The spammers aren't going to undo themselves. But putting everyone else on their back will.
It's really no different than blocking entire countries such as China, Korea, and Japan. Unless|until they (the countries) crack down on spammers (native and US making use of their utilities), open relays, and open proxies, most places really see no reason to uncork them.
Ideally, people would complain to their ISP. But, society is hardly an ideal...
:
:
:
:x That's spam I wouldn't mind receiving it means I could ring up the ISP and warn them that if 3 days later the ISP still finds itself listed, I'd take my business elsewhere - and find a decent alternative in the mean time, rather than being caught off-guard.
-----
Somebody robs a bank and flees.
The cops don't know where he is, but know that he can't have fled beyond 5 blocks.
The cops cordon off those 5 blocks.
Everybody within can't leave, everybody outside can't get in.
Does society, in general, get pissed wtih
A. The bankrobber, for robbing the bank, making this a likely necessity
B. The police, for preventing people from going where they want
Answer : B
-----
A local TV transmitter gets notice from a commercial network that the commercial network will no longer pay the transmitter to be aired. They'll have to put them on the air for free.
The local TV transmitter gives them the finger and pulls them off the air.
Delicate issue : the commercial network carries soap operas that are hugely popular within the local region.
Does society typically blame
A. The commercial network for using their show's/shows' popularity to try and strong-arm the local transmitter for a better deal
B. The local transmitter for making it impossible to watch their favorite show
Answer : B. Real story where I'm from, and people ended up getting TV dishes en-masse.
--
Same thing with this...
Do you really think all those Spanish people are going to blame their ISP for hosting (known) spammers once they get word/realize that their mails out to the world are bouncing/getting eaten ?
Of course not. They're going to say "wtf. stupid blacklists - that e-mail has to be there today, and that blacklisting of my ISP is the reason it can't. I guess I'll have to hotmail it. *expletive*"
That's how cause and effect is going...
effect : ISP is blacklisted
cause : ISP hosts spammers
NOT the legitimate people's problem!
at least, until...
effect : people can't send e-mail
cause : blacklists
Therefore - blame the blacklists!
you see, there is no
effect : people can't send e-mail
cause : ISP hosts spammers
relationship to most of society, so they're not about to blame the spammers.
And as much as I disagree with that stance, and would poke at my ISP to see if they can get off the blacklists a.s.a.p., I can't say that I blame users who point at the blacklists instead.
Maybe if blacklists could warn ISPs' users 3 days in advance. Maybe... mass e-mail them
Gandi.net just happens to be a cheap registrar. I bought a domain there, and their service is perfect AND cheap. Now your idea is just as plain stupid as blacklisting an entire country.
Note also that with a few simple scripts blocking by registrar should be fairly easy.
Then you'll know what to do. Complain to your ISP till they take action,
and get rid of the bad people/spammers.
And, gather up more people to complain.
Block lists are NOT torutre, or anything like it. It is a private entity (person or corperation) deciding to not allow certian IPs. That's all. Much as I have the right to decide who is and is not allowed to come in to my house or store, I have the right to decide who is and is not allowed to access my server. If a given ISP continually abuses the service I provide and refuses to respond to complaints regarding that, I am quite justified in blocking them.
In fact, I don't really need any justification in blocking anyone. There are plenty of servers on the Internet that are accessable by only a select few. That is just fine, they are private property and it is the owner's right to decide who gets access.
The Internet is not your personal playground, and if you act like an ass, don't be supprised to find people denying you access to what they offer.
your paper also doesn't really provide any emphasis or responsibility on ISP's to police their traffic, therefore it's more or less functionally useless at stopping spam. The best way to stop spam is to deny access to our mail servers from ISP's harboring spammers.
Criminals will forge i.d.'s regardless of the law *because - duh! - they're criminals. It's what they do
Actually, most IDs even work in such a context. They are not constructed to be unforgeable, they are construced to be hard (read: expensive) to forge, and this is their sole purpose. They increase the cost of "doing business" for criminals.
And even if an ID is forged, as long as it is expensive to forge, most criminals will have few of them, and losing or exposing one of their IDs will be a heavy loss for them. A forged ID may to reveal the identity of a criminal, but it will still create a traceable and linkable trail. Which is what really counts when you try to catch such people.
Back in 2000 already, Tom Geller made this statement in a discussion with the EFF: Mind you, it is the Spanish government's explicit duty under EU legislation to stop precisely this situation from happening to all of Europe - this is the very reason why Directive 2002/58/EC was adopted in the first place, and its wording is crystal clear - anything that is not opt-in (with the onus on the sender to prove it) is strictly illegal: It was a long hard fight getting this on the statute books almost all across an entire continent - but now, finally, the law is definitely not on the spammers' side.
Blacklists are a bad idea in the first place, but if legitimate eMail gets blocked because a provider fails to fight spam, it is that ISP (rather than the blacklist operators) who deserves all the wrath of its customers.
Sad as the current situation is, combined with the onslaught of Trojan eMail it will hopefully make Spanish businesses and citizens pressure their authorities to enforce a draconian crackdown on the perpetrators - finally treating spammers as the cyber-terrorists they are.
Funny, that reminds me of how rich people talk about poor people --- too bad for them, they shouldn't "associate" those people or live in those spammy countries, surely people in Brazil have the power to force their ISP to stop spammers the same way people in the US were able to force Comcast to tell them exactly what the monthly bandwidth caps are. Oh, well, let them eat cake, change ISPs, complain to your ISP, its not SPEWS, they just create a list and then they wash their hands of it.
Elitist fuck, many people have as much power to switch ISPs as you do to make SBC stop using PPPoE. If you were in a situation where you were fucked as collateral damage by SPEWS or the war on drugs or the war for big oil or the war against terrorist hackers, then you wouldn't be so flip.
Regular people don't have power - ISPs, spammers and SPEWS (in these types of situations) have the power and regular people are just fucked as usual.
SPEWS - "We try to pressure ISPs into stopping spammers by drawing innocent parties into the line of fire and having them howl like tortured cats. We call it 'Coercive Recruitment' but we feel good about recruiting them because our cause is just" and as we know from history, when people are recruited against their will to fight for a cause they are always the better for it...
I'm an spanish system administrator and I have worked for the biggest ISPs here in the last 10 years, worked for Telefonica too.
/. ;)
/. lately to a strong american point of view, maybe the title should be changed for "news for american nerds" :), still most of the posts fortunately are made with a more (world)wide mind set.
:) /me waves
1. Telefonica isn't the only one ISP here. Although is the biggest one, the cable provider I work for right now has 500k residential customers. From my head I would say 50% of the market share is on Telefonica hands, but isn't the whole country. Still is a nice way to make up a headline for
2. From my experience as ISP sysadmin, I thing blacklisting is a stupid way to fight spam. Is like raiding all the houses of a town because you don't know in house lives the criminal. When you blacklist an entire ISP address space you are blacklisting a 99,9% of ppl who are NOT spammers. Blacklisting advocates would say that if you are a customer of an ISP which doesn't take care of security you should change ISP then. Well, a lot of ppl can't change easily of ISP, I just can't change because the place where I live (rural place outside city bounds) is only served by one ISP.
Changing ISP is a traumatic experience, involving being disconnected while you cease your former ISP service and getting connected again by the new one (in the case of ADSL where the last mile is covered by a single wire which has to change control from one ISP to another), changing email address, changing web hosting, etc, etc... I see changing ISP, like changing phone numbers one of the things I don't want to mess with... and I'm a sysadmin, now think in the average joe who doesn't have a clue of what is happening.
3. 99,9% of the spam I get is from USA space address and is directed at USA ppl. If you take some time to look into what is sold at those mails, most of the times you can only buy it if you live at the states. So I'm amazed that some ppl here are saying "cut all the email from china!", "I never got a real email from a spanish ISP!", if we heard to those idiots we will end talking with our neighbor shouting by the window... I have seen a trend here in
4. I'm totally opposed to make differences between dynamic IP addresses and filtering ports for them. Some ISP gives you static IP address just because is easier for them, so static IP address does not assure you nothing. Also this would make two internets de facto, one some privileges and one without them, and who is going to decide who deserves to belong to each one? Does this means that you aren't allow to have a bussiness with your own hosting with just 1-8 ips? Do I have to ask ARIN or RIPE for a PI space address and run BGP on borders routers just to be qualified to run a mail server?
5. Why nobody is ranting about the old and no up to date SMTP?, no forced authentication, no sender verification, waste of bandwith when attachments are involved... is an old beast which has to die and it's obvious it has a lot of problems addressing the late issues. I would wish all the effort which is put on blacklist would be focused on developing a good standard for mail exchange. SPAM is here to stay and we have to adapt, instead putting stupid patches over old protocols, or thinking about not exchanging mail with other countries.
Look here: Stop spam methods for more up to date methods of fighting spam, still is easier for a dumb sysadmin to just fill in the the form in his server where it says "Put here your blacklist server ip address:"
P.D.: I apologize in advance for my english, think is not my first language. Also my first post in slashdot although I have been reading it for years.
It's a little-known (in the U.S.) fact that people in other countries speak languages other than English.
For instance, I live in France, and my mail provider in the U.S. uses a whole bunch of these predominantly U.S.-based blacklists. Much of the mail sent via French ISPs by my friends is blocked because just once, perhaps seven or eight months ago, someone managed to send some spam from an account with those ISPs before having their account closed. Those ISPs are doomed to remain on the blacklists forever because, although the problem has been solved (open relays closed, AUP tightened up and closely followed) their technical staff can't get off the black hole lists because the lists' documentation and (in the case of one list) ransom demands are in American English. To a non-U.S. ISP, email from a black hole list operator looks very much like Korean or Brazilian spam must do to you: gibberish.
I've written to a few of these ISPs, explaining the problem and translating some of the information for them, but I don't have time to compensate for the weaknesses of two countries' education systems single-handedly.
If you want someone to do something for you (whether it be to fix the leak in a hotel room or to secure an open mail relay in a network) then it helps to talk to them in their language, rather than shouting at them louder and louder in your own.
Which is exatly why reputable spam filters (Spamassassin, etc) only use a positive match on a blacklist to increase your 'spam likelyhood' score. Ditto, as the primary mx for a dozen or so domains, I *NEVER* block or delete email based upon it's spam scorecard or whether the sending server is in a 'blacklist'.
If it goes past a certain threshold (in my case, an SA score of 5 or greater) my server will prepend ****SPAM**** to the subject line. What you choose to have your mail client do with such mail, based upon the subject line match as well as whether the sender is in your adress book, etc. is 100% your decision.
In my personal case, I have a couple of sender domains, namely yahoogroups.com that while not spam are *sometimes* misflagged as such... Not surprising since they are mass-emailed messages that *DO* have advertising. My mail filters move these into a seperate folder before procsssing '***SPAM****" messages.
Spam is a bitch and I hate it as much as the next admin. Deleting or blocking said email is the *wrong* choice.
I quite agree Telefonica.es are an insuferable source of spam (much of the 419 spam I get is relayed through there, as you say). Telefonica is in fact the single largest source of all the spam in my mailbox and I have tried to get them to take notice for years. I welcome this action with open arms.
Telefonica.es administrators are simply utterly incompetant and have been for years - they don't care one hoot, maybe now their own sence of self preservation will take over (though it's sad that it has to go this far before there is any hope of them taking action).
There was a large degree of debate when they first joined the European Union that less wealthly nations such Spain and Portugal joining would upset the balance, so they were 'eased in' thanks to legislation allowing for a transition period. Now, they are economicaly fully integrated, but cultural issues still remain. I think their behavior in this reguard is glaring example of the level of sophistication and competance in a highly technical field not being up to par.
Spain, South America, Africa and the less developed parts of Asia are main sources of spam (at least, the spam I receive). While South America, Africa and Asia all have understandable economic reasons for being sources of such abuse, the Spanish ought to be able to keep order and it's a damning indictment of their abilites that they have been unable to for so many years. What's even more depressing is I predict that we see a new influx of spam from the Eastern European nations now joining the EU in the not-too-distant future.
I say, filter everything. Stop the SMTP protocol and hey presto, no spam. Personally, I would make it unlawful to have the 25 port open.
Blacklists like this are the nazi way to fighting spam. Admins (and I'am an admin, too) use their godly powers to crash those spammers -- and just a few nearby unlucky innocent people. I have nothing against personal blacklists, but huge public lists are definitely not the way to go and this is exactly the example why.
Every anti spam tool should be measured in the terms of false positives and false negatives. Well, no false negatives this time, but look at the huge false positive count. And as Paul Graham said:
"False positives are innocent emails that get mistakenly identified as spams. For most users, missing legitimate email is an order of magnitude worse than receiving spam, so a filter that yields false positives is like an acne cure that carries a risk of death to the patient."
it's still better to have it under organized control than have a group of crazed vigilantes blocking entire countries.
No, it isn't. Government has proven to be entirely ineffectual at doing anything to stop, slow down, or even reduce spam by one teeny tiny little bit. Government efforts are, in this context, laughable at best.
The 'crazed vigilantes' stand a much better chance of getting some action than any government law has in the past. Fact is, I think this is a good thing; it shows that while governments may be oppressing us more and more in the real world, as yet they have little, if any, power in the virtual one. Citizen groups, for better or worse, are mightier than the nasty fuckers that control most government bodies today in at least one way.
And until there's a one-world government - which only happen over my cold, dead body - this situation is likely to persist for the foreseeable future.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
If SPEWS proved ineffective or untrustworthy, the list would stop being used. Look what happened to MAPS if you don't beleive me. Once one of the widest-spread lists out there, before the were sued and changed their policies to be all but worthless.
As opposed to the conservative regime in another country with its henchmen?
I'm a european and the occasional relayed-by-spain spam message doesn't even make the 95% that is relayed by US based machines.
Don't assume, measure, balance, and do something about your own country's companies. It could be your neighbour.
And that guy 3 postings up has a valid point: 80% of all spam topics are US centric. I should blacklist all US IP numbers for that. The US is capitally guilty of keeping spam in place, either by the largest DEMAND (companies and customers), or by non-conclusive legislation.
The equivalents exist IRL too.
I live in a place where I have difficulty finding a cab. If I call for one on the phone, they tell me to be out in the street waving for the cab, or they will drive past without stopping in the area. I never go out on a Friday or Saturday night without a bulletproof vest, and I'm always armed with at least one combat knife - often several.
This is where you live online. This is why people won't come to your place to deliver pizza. Or SMTP, or any other service.
Between the translators of altavista I was able to tease it out.
I'm sure his moral relativism and apathy are great comfort to those who were narrowly saved by US actions, and those who mourn those narrowly lost by delays to it. Who's to say what the world might be like if the US didn't have to drag the rest of the world kicking and screaming to the things that add an aire of nobility and generosity to the human condition. As for the middle east, damn right I write those fuckers off. I've all the love and compasion for them that they appear to have for me. If that makes me appear a small person, I'm completely fine with that.
Bad troll. The EC was formed in 1957 and Spain joined in 1986, at the same time as Portugal.
Maybe you should shut the fuck up. That 'socialist regime' is not more socialist than any Dem government in the U.S.
It really pisses me off how the U.S. is so afraid of words... socialist means different things in the U.S. than in the rest of the world, I guess...
We only block based on a few external lists (ORDB, SpamCop, Blitzed Proxy), and then, not unconditionally. 90% of our blocks are done by internally generated lists, because we do have to receive mail from compromised sources at times... our business customers have clients in countries that are notorious for spamming, and even on ISPs that are bad.
That said, we do not accept any mail on the first pass from a large number of subnets, varying in size from /24 up to /8's, and a growing number of European subnets are on that list - not just Spanish ones. Mail from these subnets is "soft-bounced" (given a 451 error code) until it can be reviewed for legitimacy. And anything that doesn't have at least 1 retry is judged to be a proxy-based spam attempt.
Now, I will check bounces against some of the more agressive lists in deciding whether to make exceptions for these "soft bounces", but the final authority is a check with the customer on anything questionable. A million-customer ISP can't do that; that's one of our advantages...
Spamming has become this prevalent. *That's* what has gone wrong.
I don't care which ISP or hosting service allows spammers to operate on their network - if they allow it, they need to be blacklisted. Hell, I'm of the opinion that they should be blocked at the router level - the Internet is an ISP's lifeblood, and without connectivity, their customer base goes elsewhere.
At this time, where at least one third of all email is spam, we *need* to be proactive in seriously limiting where spammers can find Internet access. If an ISP is going to be spam friendly, then it's time to kick them off the 'net.
This is just egocentric crap! We are frequently blocked because our netblock is a source of spam. The ultimate provider is controlled by a branch of the Chinese government. Like most people here, we have no choice, or influence over our ISP. The logic in the post is therefore fatally flawed. Be aware, that the fastest growing power in IT and related is China. Do you really want to exclude that potential source of business enquiry? If so, it is not surprising that you are exporting your jobs to India and China. Ironically, 99% of the spam I receive is for products whose ultimate source is the USA.
So what happens when it's some upstanding Chinese citizen whose home PC has been zombied and is sending spam without his knowledge or consent?
~REZ~ #43301. Who'd fake being me anyway?
Maybe the Spam Fighters figured out that since spain will bow to terrorist-type threats, they would resort to the same kind of threats to Spanish infrastructure in an effort to get what they want?
Not that I dont sympathize with the Spam Fighters in this case, but good fences make good neighbors. If spain can't be a good neighbor, fence em off, and let them talk to themselves.
There was a large degree of debate when they first joined the European Union that less wealthly nations such Spain and Portugal joining would upset the balance, so they were 'eased in' thanks to legislation allowing for a transition period. Now, they are economicaly fully integrated, but cultural issues still remain. I think their behavior in this reguard is glaring example of the level of sophistication and competance in a highly technical field not being up to par.
You're nothing but a troll insulting all of us spaniards. For your info, Spain has one of the most active Free Software comunity and contributors and the majority are very skilled.
You should note that I administer a medium volume mail server (10000-30000 real e-mail a day), and 70% of the spam comes from your highly sophisticate and competent country.
And I'm very proud of our "cultural issues", those issues that prevent us of having a DMCA, software patents, simulating the democracy, going to useless wars, and not having healthcare for everybody.
Emails and complaints to their abuse inboxes are completely ineffective. Neither are face to face meetings with wandadoo's legal team. BTDTGTTS. Changing French law to make them liable for failing to disconnect criminals from their network might make them take notice.
They are hiding behind a serious mis-interpretation of some antiquated laws that they cannot interfere with their customer's communications. The equivalent idea in American terms would be Common Carrier status. Not one other ISP in France has such a wrong headed idea. I've talked with their admins, and they all pointed to the legal team for the policy forbidding them from cutting off spammers.
Fortunately, the French government is changing the law, they are working on updating the law* to clearly state that a carrier can punt a customer after receiving complaints about spam, scams, pr0n, or other bad stuff. I have been championing a few articles which would make ISPs both civilly and criminally liable (code civile et code penale) for failing to investigate complaints against their users. The penal code parts may not make it through more readings before the senat, due to pressure from only one French ISP (I'll give you one guess whowho).
The spam coming through wanadoodoo's servers are most likely coming from zombie windoze machines. We can't cut off wankaqueue, because there is such a huge number of francophone lusers on their system. So the only alternative, after sparring with their legal team to allow their few, overworked and completely clueless admins to cut off a few lusers, is to help put really bad laws on the books to punish ISPs.
Not an ideal solution, but fuck, if they weren't so obstinate in their refusal to help with the spam flood, they get what they deserve. All the other ISPs in France actively punt spammers or cut off zombie machines, so its too bad to punish the whole industry with such a broad law. I'm normally against laws like this, but after a couple of years of banging my head against this problem, views change.
the AC
* - there is a public hearing on these amendments this thursday, if any locals care. There are many good articles in this projet, which clearly define who is responsible for content, postings, and forces opt-in on all spam and commercial communications.
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
If the US of a would finally start to get serious with spamming companies, it would all come to an end. Just follow the money.
I own my Internet connection, and simple cost/benefit analysis suggested that the number of Taiwanese people sending me legitimate e-mail was close to zero, whereas the cost of dealing with spam from China and Taiwan ran into hours per month.
I fully appreciate that there are nice Taiwanese people who know how to run a server and are competent and responsible and don't spam... However, the cost of continuing to accept their e-mail is too high, because of their countrymen's bad behavior. So I block everything with Asian character sets in it, everything on the blacklists, and so on.
Similarly, there's some nice useful Windows software--but the cost of running Windows exceeds the benefit I'd get from running the software.
GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
What determine "who have no business sending smtp"? virus or trojan ridden computers
That's not an unreasonable start for a definition. If your the webmaster of example.com, and your ads are coming through an smtp server in example.com's domain, your going to be careful not to get your domain blacklisted. Most hosting provider's have some way of alowing you to compose Email on your local machine, and sending through your hosted domain. Even if they don't, a perl or asp script on your websever can do the trick real easy.
Anyone with the knowhow that is paying for an internet conection deserves the right to use that internet conection as they see fit. No you don't, you have the rights given in your ISP's Terms of Service. And I'd bet that all of those rights are subject to change without prior notification. If you don't like the service provided by your ISP, simply find one who does. You can even look into getting a raw pipe for yourself, then you can deal with all of an ISP's headaches.
The Bottom line is an Internet cafe that doesn't block out-going port 25 is just an open-relay that requires your physical presence.
Apocalypse Cancelled, Sorry, No Ticket Refunds