Slashdot Mirror
Should You Trust MAPS?
"I spent all weekend long trying to get a hold of the people at MAPS, as they don't bother telling you when they are open. When I finally got a hold of someone on Monday morning (not an easy task, mind you!), they told me that they are not open on the weekend, so it would have been *impossible* to resolve this issue quickly. And because I was only a customer of the company who owns these IPs, they would not unblock my subset of IPs. Despite the problem originating from a handful of IP addresses, MAPS saw it appropriate to block over 180,000 IP addresses just before the weekend! I had already made several phone calls and emails to my co-location facility, and they told me they were doing their best to get a hold of someone there. Several emails had been sent, and just as I first experienced, they could not reach anyone at MAPS by phone. When I finally talked to someone at MAPS, he told me that he would not be proactive in the matter by actually phoning my co-locator to work this out.
These people at MAPS thinks themselves quite high and holy, and in some ways they are: many ISPs and the like will bounce emails just because MAPS tells them to. (I've since removed MAPS from my list of RBL servers to check.) As a small-business owner, MAPS can be very hurtful to a business and very uncooperative in helping resolve the issue. I gave them a couple subnets of mine to unblock, but they would not, even though my IPs were not involved in the original complaint.
This experience has certainly made me think twice about who I trust to decide the fate of my incoming email."
Whereas I have sympathy for the innocent bystander (as the poster appears to be), and whereas I agree that uncompromising behaviour can be frustrating, the SPAM black hole servers are somewhere between a rock and a hard place...
They can't just block small sections of netblocks (because a spam-happy ISP will just allocate new IP's to their paying spammer customer) - the only way they can police the offence is to ban the block.
They can't just add people back in when they've been blocked either - there has to have been some resolution of the problem, and that has to come from the ISP, at least IMHO. A customer running a website will say anything (especially if they're a scum-of-the-earth-spammer-type customer) to get back online. AN ISP who lies knows their next block will be more permanent...
OTOH, Being unavailable out of hours is
The real problem though isn't MAPS and their attitude, it's the spammers. Get rid of the spammers and you get rid of the need for MAPS. These lowlife internet-scum are where any ire ought to be directed, again IMHO.
A Sony NDA I once signed said that in the event of disclosure of anything under NDA, Sony would seek damages, and that financial reparation may not be sufficient penalty. The point being that the penalty *ought* to have teeth, and atm, the spam penalties do not. If you want less spam on the 'net, you're going to have to accept more regulation of the 'net. Another double-edged sword...
Simon
Physicists get Hadrons!
But in practice, the RBL community has been a bust. The maintainers are often militant and, IMHO, too emotionally attached to the problem. They don't provide a service anymore--they provide a surgeon with a chainsaw. While it's extremely easy to get a site on an RBL, it's often difficult or impossible to get off one. There are exceptions of course, but in general you are a designated spammer until some random magic happens and you manage to get yourself off. (yes, there are procedures, usually on a website, but often removal requests will go unreplied to, and in some cases will error. Sometimes removal works and often it doesn't) And Goddess help you if the previous owner of your IP address was a spammer. (And no, I've never run an open relay.)
I hate spam, but I don't use RBLs anymore. It's too bad, really. They were a great idea, but have been poorly managed. I'm sure someone will post links to the "good" ones, but using them is like reaching for the few good apples in a barrel of rotten ones.
Mox
It's time to ignore some of the more trigger-happy blacklists. If enough well known businesses and providers end up on these lists and do nothing about it, using these lists to block email becomes infeasible: problem solved. Black lists are useful against a small number of hardcore spammers, no more, no less.
First, they want you to pay for the service. They will consider free usage occasionally, but take it from someone who has submitted five (5) applications for that kind of consideration - and have been flat out ignored - they are not a valid solution anymore, and are just looking to make money with the least amount of effort.
We use them, and they're one tool in the anti-spam arsenal. If your domain gets locked out, there's a good chance that your administrator was non-responsive. They're not foolproof, and they're not well funded. Nonetheless, their record and methodology are well-known. So is their success at getting the attention of admins from tiny domains through to AOL, its subsidiaries, and major corporations.
Yes, it bites when you get black-holed. It's usually (but not always) entirely deserved.
---- Teach Peace. It's Cheaper Than War.
You've discovered the joys of running a site on the modern Internet. These kinds of things will happen; there is very, very little you can do to prevent it. Your best defense against this sort of thing is a general outage contingency plan; whether by thunderstorm, fire, hardware failure, power outage, vengeful backhoe, blacklisting, or stupid admin trick, an extended service outage is an eventuality, not a possibility.
My advice to you? Take some time to lay out an outage response plan, or learn to be satisfied with three nines availability. Don't waste your time getting 'em in a bunch over MAPS and prepare for the next time something like this hits.
Obliteracy: Words with explosions
which offer no way to contact them and no way to get off. Others are private lists run by telcos that offer no acknowledgement of the BL or how to get off it. Not an easy task.
MAPS has made some big bloopers over time. They've also done a heck of a lot of good. The founders have had to endure all sorts of attacks, threats on their lives, etc.. and they perservered with their vision.
Are they perfect? Far from it. IMHO, if you weigh the good they've done against the harm they've caused, my view is they are overwhelmingly good.
As for Kelkea, I have no opinion.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
You might be better served by doing business with a more reputable ISP. I'm not sure what "a few spam complaints that weren't dealt with quickly enough" means, but I imagine there's a large other side of this story. If your ISP's inability to follow the rules impacts your business, it seems more reasonable to me for you to have taken the matter up with them all weekend long, rather than spending it trying to fix what they screwed up.
We stopped using some blacklist when I was working at netmar a couple of years ago. I remember it being a huge pain for customers.
Of course, we had been saving all our spam since like 1997, and when we fed all the spam (30,000 messages?) into a bayesian filter, it caught most spam. Also, we still used ORDB, as they tend to only target specific kinds of problems (obviously, Open Relay Data Base). That caught a lot, also.
Really, it goes back to the eternal tradeoff for any computer system - ease of use traded for security. Always.
Strike a compromise - don't be overzealous, but take reasonable precautions.
~Will
sig?
What do you do when you find out that a domain that gets used is blacklisted by someone for no reason, and they won't take you off the list unless you give them $250?
-- $G
"more accessable than MAPS"? You mean have someone who actually answers the phone? Sounds great to me.
The issue with MAPS is that the "YOU" you refer to had NOTHING to do with the spamming, and when they requested to have their IP subnet unblocked (after MAPS was closed over the weekend) they were told
1) No.
2) And no, we will not contact the IP-block-owner to resolve the issue
So whose customer service is lacking here?
There are no trails. There are no trees out here.
How can you blame MAPS when you should be blaming the ISPs and other email administrators for subscribing to a blacklisted that has no checks or balances?
While MAPS (or SPEWS) may be overzealous and entirely destructive in their obsessive quest to stamp out SPAM, it is ultimately the email administrators responsibility for using them. Blame them for not doing their job right.
Feed the need: Digitaladdiction.net
If sending email on weekends is so damned important to your business why do you only have one ISP?
happened to my girlfriend's work, a charity, operating a clear, double-opt-in newsletter service about their ongoing work... some moron who clearly subscribed to their newsletter decided it was easier to use an automated "report as spam to ORBS" tool then it was to simply reply to the e-mail, click the "unsubscribe now" link, or re-visit the web site and opt-out via the very prominent, very obvious opt-out tool.
ORBS, in turns, blacklisted their mail server as an open relay, and then had the unbelievable nerve to tell my girlfriend that they would lift the ban in exchange for a "donation" so that they could continue to run their service.
While this isn't criminal, it's morally repugnant.
Bottom line, "blacklist" services like ORBS/MAPS are a horrible, misguided and idiotic idea. Case study after research project after real-life experience can attest to this.
bash-3.00$ uname -a
SunOS panda 5.10 Generic sun4u sparc SUNW,Ultra-2
1. MAPS finds problem, discovers hosting by co-loc, bans entire co-loc.
2. Very shortly after ban, MAPS is unavailable for contact for 48+ hours.
3. MAPS refuses to unban innocent bystander.
4. MAPS refuses bystander's plea to contact co-loc.
Seems to me that MAPS has several problem. Aside from procedural issues, perceived arrogance, negligence, incompetence. Submitter is right. Overzealous, for sure.
I sure wish they were better. It hurts the users.
You need to let the users know however you can (on your website?) that their administrators may be blocking their e-mail without their knowledge and let the users handle the rest. It's their problem.
In my case I got quite upset when my ISP chose to bounce e-mail about the Blaster worm from my Bugtraq subscription without letting me know or giving me a means to opt out of the filtering. It would be the same thing if I was waiting on an important e-mail that never arrived because they chose to drop it on the floor for me. The users aren't being given an option to choose, and that's the real problem.
I never vote for anyone. I always vote against.
-- W.C. Fields
A rock and a hard place? Nobody's twisting anybody's arms and saying, "Go out and blacklist people!" These are net vigilantes on a power trip, and they're making life difficult for a lot of innocent people who have nothing to do with spam. Those are the people caught between a rock and a hard place.
If we go thru the history if the ISP and netblock in question, we may find that an infamous spammer has been using it for the last 6 months with no attempt by the ISP to resolv the problem despite many warnings from MAPS and other anti-spam organizations -- or we may find that MAPS went on a wildcat strike.
Given the very vague real data about this dispute, I'd be inclined to tell the complainant that he's probably the customer of a hardened spam provider, and he may be best to find another provider (as unpleasant as the move will be). If we get more than generic information, I may be able to giver more than a generic suggestion.
Usually Usenet death penalties are a last resort. MAPS may seem like they're assholes, but my guess is that they're finding themselves dealing with some assoles of their own (i.e. the offending ISP). In the moment, they can't tell the difference between you, and the offending spammer(s) who triggered this showdown. (( I'll presume, for the sake of argument, that you're not a spammer yourself )).
They're not willing to deal with you because their beef is with the ISP, and that's the only place where the problem can be resolved. They're iconveniencing you because it's probably one of the few tools left that they have to push your ISP to stop inconveniencing the entire internet.
Free Software: Like love, it grows best when given away.
I'm an admin on another small service who was hit by the same MAPS tantrum. Some people on here seem to be posting comments that illustrate confusion about what went on. In the simplest terms it is this: a large number of IPs were blacklisted by MAPS even though the vast majority of those IPs were allocated to servers with responsible admins that had never sent spam. Many of the IPs in those blocks had been leased to smaller co-lo sites and then leased again to organizations like my own. Apparently, though, the decision was to block all IPs belonging to the highest-level organization; a completely ridiculous decision.
Once more to make it clear: many of the blocked IPs were in no way related to spamming. Please do not respond by saying "you've admitted there was some spam". The truth is that many people were punished because they happen to share the same block.
Say what you want about the need to fight spammers. Any system that produces 180,000 false positives to get one true positive is not useful. MAPS has clearly demonstrated that they are not a useful system for preventing spam.
MAPS is being harsh, yes. But too many sysadmins (and now, WAAAAAY too many zombie computer owners) are unwilling to do anything to combat this. So if MAPS blacklisting everyone in an IP block is a way to get the ISP to wake up and deal with the problem on their network, I say more power to them.
I sympathize with this guy's plight (especially since it sounds like he was just a bystander) but his ISP was lax -- and it might have just ignored the whole thing altogether if MAPS hadn't taken action as radical as this. What this really says is that he either needs to demand that ISP enforce stricter no-spam policies or he needs to take his business elsewhere.
I don't have any pity for the few (if any) legitimate users of spam haven networks like Optigate or Genesis II having their e-mails blocked. Spammers are willing to go the extra mile, that's why they're winning.
Why were you sending email directly from a home IP address?
One line blog. I hear that they're called Twitters now.
The expected, desired response to this situation is to go hire a new ISP which _does_ respond quickly to spam complaints. If he and all of his ISP's customers start doing this, his ISP will either improve their spam complaint handling, or go out of business. Eventually all you have left is ISPs who respond quickly to spam complaints.
This is exactly how the system should work. Outraged customers make ISPs perform better.
"Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking
I find it stunning to see all of these complaints about RBLs from people who apparently consider internet email access vital to their business processes, but have service from only one ISP. Have these people never heard of redundancy????
"Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking
Another time, we deduced that someone else had signed up the person in question (the person's last name was recorded in the database as "Assface").
You obviously didn't have a confirmed opt-in system in place then...if you had, the address in question wouldn't have gotten on the list, he would have gotten one email asking him to confirm his subscription, and nothing else if he didn't reply to it.
No-one ever flew 737s into the world trade towers. ITYM 767s. The ones that landed in the pentagon and the paddock were 757s.
And anyway, WTF does any of this have to do with terrorism? It's a ridiculous link - a way to invoke Godwin without actually mentioning the 'n' word perhaps?
RBLs are advisory. RBLs do not block email. Which parts of this are y'all having so much damn trouble with. The operators of about 8 different RBL lists advise me (in response to a request for information that I initiate) that the MTA that has just contacted me is coming from an IP address that is known to have been used recently by a spammer. I choose to refuse to accept the proposed email delivery from that source on the strength of advice from one or more RBLs. (eight different ones, as it happens, on my home postfix server. It takes a full fifteen seconds for my smtp daemon to answer when you connect 'cos of all the lookups!!!).
Why is it so damn hard to grasp? Realtime Blackhole Lists do not block spam . Administrators and their policies block spam, and they've every right to choose what arrives on their boxes and what doesn't!
The original poster (article) has no right to get upset at anyone for my decision not to accept email from him. All he gets to do is F.O.A.D. Getting his royal whinge frontpage on slashdot is nice for him, but it's not a right or a guarantee.
I find your ideas intriguing and I wish to subscribe to your newsletter.
I suppose that is the real question here.
The OP is extremely vague about exactly what IP range is involved. So, I smell a rat up front.
But, for sake of argument: Suppose the IP space had a notorious spammer in residence for a long time. Suppose the owner of that huge space had ignored complaints for a long time. Then, were I MAPS, or SPEWS, or SBL or any other block list, I'd have no qualms at all about dropping the space into a blocklist then leaving for a 2-week vacation.
As for the poster whose outbound email was blocked. I say, tough shit. Get a new provider and get over it.
Ok, I've got mod points here but I have to post.
/end rant
I just have to say that anyone using MAPS or SPEWS or any other high false positive RBL list to outright blacklist servers is just asking for trouble and is indeed not a good mail admin.
You might want to use MAPS or SPEWS or others to help reduce spam in conjuntion with SA or another tool but you can not use them to block the IP's at the SMTP stage, that's just ludacris.
There are RBL's out there with almost zero false positives, use them to block the initial connection and perhaps use MAPS et al to add *points* to the spam rating of the message, but never use them to block outright.
Do aol, google, yahoo etc use them ? No, you'd have to be out of your mind to do that.
Bah, ignorant mail admins bother me just as much as stupid mail admins who continually send me warning messages about how my email to them was bounced because it contained a virus (if you don't get that you shouldn't be admining a mail server).
Well that is all well and good, but AOL doesn't whitelist. IF you can prove you are for real and a valid mailling list server etc, they will take that into account when looking at the volume of complaints coming from said IP, but it isn't a guarenteed whitelist. At least what I can find in dealing with their Postmaster.info stuff. Couple that and with their Brain dead users and the report as spam button, we finally made a rule that you can nolonger forward mail from our Virt Servers to your AOL account. Since AOL decides who do blacklist based on the last server that the mail came through before it got to them. So if one of my 40K or so customers forwards xxx@domiain to yyy@aol, every time they hit the report as spam button (which I am told is very close to the delete button), I get a nasty gram, and if they do it enough, you get the AOL report card, that says we have concerns about your ability to send e-mail to us since your complaint level has hit zz%. THe other fun part of that, is that users think anything they don't like is spam, or they aim with the mouse isn't quite good enough to hit the correct button, as we get copies of Private notes responding to a message from an AOL user, stuff between friends. People responding back to a note from their mothers,etc... Me personally could care less if I can send e-mail to AOL, but if my mail clusters get blacklisted , I have a lot of very uspet customers, and it costs us a lot of money to fix.
ok Rant mode off..
To E-mail me, replace the first period in my domain with an @
It's hard to figure out the right way to do justice. But the reason that "vigilante" is a bad word is not because ad-hoc or public systems of justice can't do things right. It's because we've learned, the very hard way, that all systems of justice need accountability and checks and balances built into them. Built into them _hard_, from the very start, and impossible to remove. And even then, people find ways to remove them.
The vigilance committees start with the best of intentions. And often they do good, and help the problem. But history knows it doesn't always go that way, and when there are no checks and balances, you pay the price.
Of course, it's not impossible to set up a private justice system that has the right safeguards. But the safeguards are expensive. They deliberately... deliberately are designed to let many guilty people go unpunished. This frustrates people (especially in the spam wars, amazingly.) So people rarely stick to the safeguards.
This is why many people were worried about blacklists like these from the very start, even when they had nothing but the best laid plans.
Has it been over a year since you last donated to the Electronic Frontier Foundation
My brother's cable company is his ISP, and it's the only ISP he can use. My cable company is my ISP, and it's the only ISP I can use. WE HAVE NO CHOICE unless we move, and I ain't moving just for MAPS. A couple of years ago, my brother couldn't get my email for a few months because his ISP -- without his requesting it -- used MAPS to filter his email. And my ISP -- through no fault of mine -- somehow got on the MAPS list. You think my complaints had any effect on this situation? My ISP was all over MAPS right away, but MAPS was, as usual, so far up their high horse that they couldn't seem to remedy the situation. For months. MAPS is a pack of vigalanties and should be outlawed. Use of their "service" should be illegal.
Let me be clear here: Blocking anyone's email without their permission should be illegal. My brother's email should not have been filtered, by MAPS or anyone, without his permission. Due to their monopoly, cable companies should not be allowed to do this. We should be free choose our ISP, regardless of where we live. (the cable company actually told me they're not a monopoly because I'm free to move)
Question for all you pro-MAPS zealots out there: At what point does MAPS go away? What does victory look like? Because as I see it, even if all the spam disappeared tomorrow, MAPS would continue on because they would think the spam went away because of them, and that without them it would all come back. In other words, they don't know what victory looks like. Statements like "it will only stop the spam" show that you have no clue what the real world wants. But we know what you want, you want your little power trip. Fine. Be a big man on your tiny little campus, but know this: the world thinks your cure is worse than the disease.Yes, but does everyone you send to read yours? What if one of them is stuck behind a MAPS customer?If all this should have a reason, we would be the last to know.