Slashdot Mirror

← Back to Stories (view on slashdot.org)

Should You Trust MAPS?

Posted by Cliff on from the your-email-into-RuBbLe dept.

patrick42 asks: "Recently, my co-location facility was hit by a massive blacklist by an over-zealous 'investigator' at MAPS. 180,210 IP addresses in total are included in the blacklist -- and all because of a few spam complaints that weren't dealt with quickly enough. To make matters worse, they put this in effect either late Friday night, or early Saturday morning -- hours during which MAPS is not available for contact! (Mon-Fri, 9-5 only) How do people deal with MAPS and other RBL services who will not cooperate or be reasonable? And on a broader front, are you really prepared to trust a company like Kelkea, Inc. (owners of MAPS) to decide what emails gets to you without really knowing how they operate and deal with resolution processes?"

"I spent all weekend long trying to get a hold of the people at MAPS, as they don't bother telling you when they are open. When I finally got a hold of someone on Monday morning (not an easy task, mind you!), they told me that they are not open on the weekend, so it would have been *impossible* to resolve this issue quickly. And because I was only a customer of the company who owns these IPs, they would not unblock my subset of IPs. Despite the problem originating from a handful of IP addresses, MAPS saw it appropriate to block over 180,000 IP addresses just before the weekend! I had already made several phone calls and emails to my co-location facility, and they told me they were doing their best to get a hold of someone there. Several emails had been sent, and just as I first experienced, they could not reach anyone at MAPS by phone. When I finally talked to someone at MAPS, he told me that he would not be proactive in the matter by actually phoning my co-locator to work this out.

These people at MAPS thinks themselves quite high and holy, and in some ways they are: many ISPs and the like will bounce emails just because MAPS tells them to. (I've since removed MAPS from my list of RBL servers to check.) As a small-business owner, MAPS can be very hurtful to a business and very uncooperative in helping resolve the issue. I gave them a couple subnets of mine to unblock, but they would not, even though my IPs were not involved in the original complaint.

This experience has certainly made me think twice about who I trust to decide the fate of my incoming email."

27 of 866 comments (clear)

  1. A sword that cuts both ways by Space+cowboy · · Score: 5, Insightful


    Whereas I have sympathy for the innocent bystander (as the poster appears to be), and whereas I agree that uncompromising behaviour can be frustrating, the SPAM black hole servers are somewhere between a rock and a hard place...

    They can't just block small sections of netblocks (because a spam-happy ISP will just allocate new IP's to their paying spammer customer) - the only way they can police the offence is to ban the block.

    They can't just add people back in when they've been blocked either - there has to have been some resolution of the problem, and that has to come from the ISP, at least IMHO. A customer running a website will say anything (especially if they're a scum-of-the-earth-spammer-type customer) to get back online. AN ISP who lies knows their next block will be more permanent...

    OTOH, Being unavailable out of hours is ... frustrating. In the end, that will reduce the value of the service, and perhaps MAPS will be overtaken by someone who perhaps charges a fee, but is in some what accredited and responsible for their actions.

    The real problem though isn't MAPS and their attitude, it's the spammers. Get rid of the spammers and you get rid of the need for MAPS. These lowlife internet-scum are where any ire ought to be directed, again IMHO.

    A Sony NDA I once signed said that in the event of disclosure of anything under NDA, Sony would seek damages, and that financial reparation may not be sufficient penalty. The point being that the penalty *ought* to have teeth, and atm, the spam penalties do not. If you want less spam on the 'net, you're going to have to accept more regulation of the 'net. Another double-edged sword...

    Simon

    --
    Physicists get Hadrons!
    1. Re:A sword that cuts both ways by AKAImBatman · · Score: 4, Insightful

      They can't just block small sections of netblocks (because a spam-happy ISP will just allocate new IP's to their paying spammer customer) - the only way they can police the offence is to ban the block.

      Doesn't this suggest that the MAPS approach might be the wrong one to take? i.e. Have you ever tried swatting a fly with a shotgun? You could chase it around all day, and all you're likely to do is destroy your own house.

      --
      Javascript + Nintendo DSi = DSiCade
    2. Re:A sword that cuts both ways by Malc · · Score: 4, Insightful

      It's not the spammers who are really getting hurt here. The collateral damage caused by MAPS' brain-dead sledgehammer approach is not justified.

      You mentioned an operation similar to MAPS that could charge a fee. Who would pay this? The spammer, or the victim, or the person signing up for the service? That sounds so open to abuse and extortion if it's the victim who has to pay to be unblocked.

      I've had to deal with other RBLs and they're a holy pain in the arse. They're not worth the service they provide. They might save a couple of people from recieving some spam, but they're costing others time, money and stress in the process. To make it worse they invariabley have a terrible attitude. They're no better than vigilantes in most cases, and are normally a good demonstration of why vigilantes aren't tolerated in the real world.

    3. Re:A sword that cuts both ways by tricops · · Score: 4, Insightful

      Uhmm, wouldn't blocking an entire block of 180,000 IPs be more akin to swatting a fly with a square mile sheet than a firing at it with a shotgun?

      --
      (\(\
      (^v^)
      (")")
      This is the cute vorpal bunny virus, copy to your sig or runaway, runaway in fear!
    4. Re:A sword that cuts both ways by arodland · · Score: 3, Insightful

      MAPS can't do any harm on their own. The real problem is people who use MAPS' braindead advice as part of their policy.

    5. Re:A sword that cuts both ways by dillon_rinker · · Score: 4, Insightful

      Godwin's law and all that...but your analogy is flawed. We're not trying to kill a fly. If we were, someone would have built a flyswatter by now.

      Rather, what we're engaged in is the unconditional surrender of Nazi Germany. Sure, all we REALLY needed to do in WW II was fire a single bullet into the brain of Der Fuhrer, but getting to that point required the invasion and destruction of much of Europe. Once the menace was gone, the Continent was rebuilt.

      The rather scary part of this analogy, of course, is that the subsequent peace on the continent was secured by the decades-long occupation of the continent by a foreign army (ie the Americans). THAT is my concern in the anti-spam wars. The cure may be worse than the disease. (See other comments in this thread about increased government regulation.)

      It is unfortunate that geeks aren't better at forcing other people to play nice.

    6. Re:A sword that cuts both ways by killjoe · · Score: 5, Insightful

      I run a mail server at home to service a few domains I have. I subscribe to multiple RBLs and they help an immensely to cut down on the spam.

      Honestly I don't care it you are an "innocent victim" of an RBL. My use of RBLs is completely voluntary. If you send me mail and I don't get it I don't see how it harms you at all. I am presuming of course that your email was so great and useful that it caused me tons of money not to have read it.

      BTW my mail server has a bounce message that says you were in a blackhole. If you know me then you also know my gmail account and email me there so I can put you on my while list. Hell you could just call me too.

      If I sent an email to a business and it bounced I would probably call them and ask them if there were alternative methods.

      So sorry, no tears from me. My RBL list blocks hundreds of emails every day for that I am grateful.

      --
      evil is as evil does
    7. Re:A sword that cuts both ways by NDPTAL85 · · Score: 3, Insightful

      Why was it scary? America isn't trying to take over the world. I know thats what certain slashdotters like to think but its not true. Who would you rather have occupying Europe, the Soviet Union? I think what should REALLY be scary is that Europe was unable for so long to police itself, not that someone else had to.

      --
      Mac OS X and Windows XP working side by side to fight back the night.
    8. Re:A sword that cuts both ways by snuf23 · · Score: 3, Insightful

      "Running a legitimate business online on a spam-friendly ISP is like opening a fancy restaurant in the ghetto."

      The point is it doesn't have to be a spam friendly ISP. All it takes is some server at the colo getting cracked and used for spam. Or some idiot setting up an open relay at the colo because they don't know what they are doing.
      It can also be because some jackass at the company decided to send an unsolicited "email blast" to their address book. Believe me there are plenty of sales and marketing types who have NO CLUE why this would be wrong.
      So along comes MAPS and jumps on it with gusto, blotting out the whole range of ips including hundreds of companies who haven't done a thing because of a the stupidity of a single person.
      Consequently, you have a bunch of people at those companies running around and trying to figure why the hell their email no longer works. Which impacts business and costs money. It can also be extremely damaging to reputation for people trying to get customer service via email.
      You're right people should call the company, and I'd like to think most will - but any kind of hassle a customer has to go through impacts their perception of the company in a negative manner.
      SO sure you can switch ISPs. Of course this takes time, labor and may involve getting out of existing contracts which can cost money.

      --
      Sometimes my arms bend back.
    9. Re:A sword that cuts both ways by Detritus · · Score: 3, Insightful

      The client is an idiot for making their business dependent on the reliability of public data networks and SMTP. If the information is that valuable, they can afford to invest in hardware, software and redundant communications channels to guarantee delivery of their inventory reports.

      --
      Mea navis aericumbens anguillis abundat
  2. RBLs are a failure by MoxCamel · · Score: 4, Insightful
    There was a time that I supported RBLs wholeheartedly. In theory, they're a great way to approach the spam issue as a community. And for awhile, they even worked that way. RBLs were very effective in the fight against spam.

    But in practice, the RBL community has been a bust. The maintainers are often militant and, IMHO, too emotionally attached to the problem. They don't provide a service anymore--they provide a surgeon with a chainsaw. While it's extremely easy to get a site on an RBL, it's often difficult or impossible to get off one. There are exceptions of course, but in general you are a designated spammer until some random magic happens and you manage to get yourself off. (yes, there are procedures, usually on a website, but often removal requests will go unreplied to, and in some cases will error. Sometimes removal works and often it doesn't) And Goddess help you if the previous owner of your IP address was a spammer. (And no, I've never run an open relay.)

    I hate spam, but I don't use RBLs anymore. It's too bad, really. They were a great idea, but have been poorly managed. I'm sure someone will post links to the "good" ones, but using them is like reaching for the few good apples in a barrel of rotten ones.

    Mox

  3. MAPS very flawed... by raydobbs · · Score: 4, Insightful

    First, they want you to pay for the service. They will consider free usage occasionally, but take it from someone who has submitted five (5) applications for that kind of consideration - and have been flat out ignored - they are not a valid solution anymore, and are just looking to make money with the least amount of effort.

  4. Woe Is You by American+AC+in+Paris · · Score: 3, Insightful
    180,000 addresses is roughly equivalent to only three Class B blocks. It looks like a big number, but it's a fairly narrow target. It's all of 0.004% of the theoretical IP address space.

    You've discovered the joys of running a site on the modern Internet. These kinds of things will happen; there is very, very little you can do to prevent it. Your best defense against this sort of thing is a general outage contingency plan; whether by thunderstorm, fire, hardware failure, power outage, vengeful backhoe, blacklisting, or stupid admin trick, an extended service outage is an eventuality, not a possibility.

    My advice to you? Take some time to lay out an outage response plan, or learn to be satisfied with three nines availability. Don't waste your time getting 'em in a bunch over MAPS and prepare for the next time something like this hits.

    --

    Obliteracy: Words with explosions

    1. Re:Woe Is You by FreeLinux · · Score: 3, Insightful

      The only people who won't get your mail are the people who CHOSE to use a particular RBL.

      Ah ha!! You just hit the nail on the head, so to speak. The supposed recipient's provider/administrator is the one that is causing the blockage, no one else.

      You will notice that there are two points of view in this story's comments. Those that are viamately opposed to RBL's and those that are in favor of them.

      The people that are for them, such as yourself, are the network operators that are tired of dealing with the constant onslaught of spam and the complaints that it generates, not to mention the resources that it consumes.

      The ones that are opposed to RBL's are the "site operators" and business owners. They are upset because their business critical emails and "news letters" are blocked, supposedly unreasonably. They fail to realize that regardless of the fact that they feel their emails and "news letters" are of critical importance, they are in fact only important to them. Everyone else, including their beloved customers, thinks those emails are spam! They are the reason that the other group started using an RBL!

      For those senders of emails to people who actually subscribed to their lists, I pose a challenge. Every three months, send a message to your subscribers telling them that they will be unsubcribed and that they must opt-in again to continue to receive the "all important news letters". Most of you will never do this. But, if you did, you probably won't be surprised to find that your subscriber list shrinks drastically. Hey CNN, give it a shot!

      I for one am probably going to block the entire countries of croatia, hungary, china, and korea pretty soon.

      Most of my US customers have a list of country domains that are blocked. It works very well for them. in fact, I have only had one customer where this was a problem because .de was being blocked.

  5. It beats some of the others by winkydink · · Score: 3, Insightful

    which offer no way to contact them and no way to get off. Others are private lists run by telcos that offer no acknowledgement of the BL or how to get off it. Not an easy task.

    MAPS has made some big bloopers over time. They've also done a heck of a lot of good. The founders have had to endure all sorts of attacks, threats on their lives, etc.. and they perservered with their vision.

    Are they perfect? Far from it. IMHO, if you weigh the good they've done against the harm they've caused, my view is they are overwhelmingly good.

    As for Kelkea, I have no opinion.

    --

    "I'd rather be a lightning rod than a seismometer." -Ken Kesey

  6. If i remember correctly... by zerocool^ · · Score: 3, Insightful

    We stopped using some blacklist when I was working at netmar a couple of years ago. I remember it being a huge pain for customers.

    Of course, we had been saving all our spam since like 1997, and when we fed all the spam (30,000 messages?) into a bayesian filter, it caught most spam. Also, we still used ORDB, as they tend to only target specific kinds of problems (obviously, Open Relay Data Base). That caught a lot, also.

    Really, it goes back to the eternal tradeoff for any computer system - ease of use traded for security. Always.

    Strike a compromise - don't be overzealous, but take reasonable precautions.

    ~Will

    --
    sig?
  7. The only thing worse than a spammer is an RBL scam by salesgeek · · Score: 3, Insightful


    What do you do when you find out that a domain that gets used is blacklisted by someone for no reason, and they won't take you off the list unless you give them $250?

    --
    -- $G
  8. Similar thing... by AusG4 · · Score: 4, Insightful

    happened to my girlfriend's work, a charity, operating a clear, double-opt-in newsletter service about their ongoing work... some moron who clearly subscribed to their newsletter decided it was easier to use an automated "report as spam to ORBS" tool then it was to simply reply to the e-mail, click the "unsubscribe now" link, or re-visit the web site and opt-out via the very prominent, very obvious opt-out tool.

    ORBS, in turns, blacklisted their mail server as an open relay, and then had the unbelievable nerve to tell my girlfriend that they would lift the ban in exchange for a "donation" so that they could continue to run their service.

    While this isn't criminal, it's morally repugnant.

    Bottom line, "blacklist" services like ORBS/MAPS are a horrible, misguided and idiotic idea. Case study after research project after real-life experience can attest to this.

    --
    bash-3.00$ uname -a
    SunOS panda 5.10 Generic sun4u sparc SUNW,Ultra-2
    1. Re:Similar thing... by Motherfucking+Shit · · Score: 3, Insightful
      The only people who use the phrase "double opt-in" are spammers.
      Oh, bullshit. Consider this scenario:
      Customer: I need some more memory, my computer is running low.

      Clerk: What sort of memory do you need? PC133, maybe?

      Customer: I need a couple more RAMs, I'm running out of space to store my files.

      Clerk: Ah, so you need a bigger hard drive!

      Customer: Right, some more memory, like I said.
      The customer knows what he needs (more storage space for his files), he just isn't sure which term to use. And why should he? He isn't in the computer business, so nobody expects him to be familiar with all of the lingo. That doesn't mean he's an idiot.

      Legitimate mass mailers talk about "confirmed opt-in."
      No, professional mass mailers should be using this phrase if they want to appear reputable in their field. Jane Public, who operates a charity and not a mass mailing company, might describe her mailing list as "double opt-in" and might ask the computer store for "more memory" when her disk is filling up.
      --
      "BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
  9. Story has valid complaint. by AtariDatacenter · · Score: 5, Insightful

    1. MAPS finds problem, discovers hosting by co-loc, bans entire co-loc.
    2. Very shortly after ban, MAPS is unavailable for contact for 48+ hours.
    3. MAPS refuses to unban innocent bystander.
    4. MAPS refuses bystander's plea to contact co-loc.

    Seems to me that MAPS has several problem. Aside from procedural issues, perceived arrogance, negligence, incompetence. Submitter is right. Overzealous, for sure.

    I sure wish they were better. It hurts the users.

  10. Re:You're wrong by Future+Man+3000 · · Score: 3, Insightful
    I know you sound a little flamy, but it's the truth. Administrators who use MAPS are willingly allowing a third-party to choose for themselves and their users what they can and can't see.

    You need to let the users know however you can (on your website?) that their administrators may be blocking their e-mail without their knowledge and let the users handle the rest. It's their problem.

    In my case I got quite upset when my ISP chose to bounce e-mail about the Blaster worm from my Bugtraq subscription without letting me know or giving me a means to opt out of the filtering. It would be the same thing if I was waiting on an important e-mail that never arrived because they chose to drop it on the floor for me. The users aren't being given an option to choose, and that's the real problem.

    --

    I never vote for anyone. I always vote against.
    -- W.C. Fields

  11. Get real by fm6 · · Score: 3, Insightful

    A rock and a hard place? Nobody's twisting anybody's arms and saying, "Go out and blacklist people!" These are net vigilantes on a power trip, and they're making life difficult for a lot of innocent people who have nothing to do with spam. Those are the people caught between a rock and a hard place.

  12. Missing critical information by Stephen+Samuel · · Score: 3, Insightful
    The poster goes to pains to point out that a massive 180,210 IPs (that is such a strange number. Where did it come from?) have been blocks, but goes to equal pain to avoid identifying either the ISP or the specific netblock(s) which were blocked.

    If we go thru the history if the ISP and netblock in question, we may find that an infamous spammer has been using it for the last 6 months with no attempt by the ISP to resolv the problem despite many warnings from MAPS and other anti-spam organizations -- or we may find that MAPS went on a wildcat strike.

    Given the very vague real data about this dispute, I'd be inclined to tell the complainant that he's probably the customer of a hardened spam provider, and he may be best to find another provider (as unpleasant as the move will be). If we get more than generic information, I may be able to giver more than a generic suggestion.

    Usually Usenet death penalties are a last resort. MAPS may seem like they're assholes, but my guess is that they're finding themselves dealing with some assoles of their own (i.e. the offending ISP). In the moment, they can't tell the difference between you, and the offending spammer(s) who triggered this showdown. (( I'll presume, for the sake of argument, that you're not a spammer yourself )).
    They're not willing to deal with you because their beef is with the ISP, and that's the only place where the problem can be resolved. They're iconveniencing you because it's probably one of the few tools left that they have to push your ISP to stop inconveniencing the entire internet.

    --
    Free Software: Like love, it grows best when given away.
  13. Re:No. by rekoil · · Score: 5, Insightful

    Another time, we deduced that someone else had signed up the person in question (the person's last name was recorded in the database as "Assface").

    You obviously didn't have a confirmed opt-in system in place then...if you had, the address in question wouldn't have gotten on the list, he would have gotten one email asking him to confirm his subscription, and nothing else if he didn't reply to it.

  14. No, YOU get real (Was: Re:Get real) by B747SP · · Score: 4, Insightful
    When Al Qaeda flew 737s into the world trade towers

    No-one ever flew 737s into the world trade towers. ITYM 767s. The ones that landed in the pentagon and the paddock were 757s.

    And anyway, WTF does any of this have to do with terrorism? It's a ridiculous link - a way to invoke Godwin without actually mentioning the 'n' word perhaps?

    RBLs are advisory. RBLs do not block email. Which parts of this are y'all having so much damn trouble with. The operators of about 8 different RBL lists advise me (in response to a request for information that I initiate) that the MTA that has just contacted me is coming from an IP address that is known to have been used recently by a spammer. I choose to refuse to accept the proposed email delivery from that source on the strength of advice from one or more RBLs. (eight different ones, as it happens, on my home postfix server. It takes a full fifteen seconds for my smtp daemon to answer when you connect 'cos of all the lookups!!!).

    Why is it so damn hard to grasp? Realtime Blackhole Lists do not block spam . Administrators and their policies block spam, and they've every right to choose what arrives on their boxes and what doesn't!

    The original poster (article) has no right to get upset at anyone for my decision not to accept email from him. All he gets to do is F.O.A.D. Getting his royal whinge frontpage on slashdot is nice for him, but it's not a right or a guarantee.

    --
    I find your ideas intriguing and I wish to subscribe to your newsletter.
    1. Re:No, YOU get real (Was: Re:Get real) by Eggplant62 · · Score: 3, Insightful

      Hilarious. Godwin, Godwin, Godwin. Is that all you can refer to is how the Nazi's operated when thinking of blocklists?

      I have an email server. I like to get mail. I don't like to get spam. I consult several lists of known IPs that have sourced spam when a machine connects to my server to decide whether I maintain the connection and receive the mail or not.

      Note one key operative phrase throughout that last paragraph: "My server." My personal property. I'll run it any damned way I please, thank you. The blocklist you don't want to get on is my private one, the one that works on the same basis as many Ronco products: "Set it.. and FORGET IT!!"

      If you find yourself on a blocklist and unable to communicate with me via email, I have several suggestions:

      Consult whois for my domain. There's a working email address, snail mail address, and telephone number. Call me. Drop me a line. Arrange to have your mail sent from a service that is not blocklisted.

      I'm not really a prick in real life. Unfortunately, spammers have ruined the experience when it comes to email. If you're into righteous anger, I suggest you aim it in the right direction:

      If it weren't for the damned spammers, none of this would be necessary.

  15. Re:Welcome to ISP email administration - Level 2 by doon · · Score: 3, Insightful
    1. Negotiate ahead of time to get your servers whitelisted or registered as a "good" server. This means setting up proper forward/reverse DNS, configuring SPF, possibly registering with one or more "bonded sender" programs, looking at the AOL postmaster FAQ and getting into their whitelist system, etc.

    Well that is all well and good, but AOL doesn't whitelist. IF you can prove you are for real and a valid mailling list server etc, they will take that into account when looking at the volume of complaints coming from said IP, but it isn't a guarenteed whitelist. At least what I can find in dealing with their Postmaster.info stuff. Couple that and with their Brain dead users and the report as spam button, we finally made a rule that you can nolonger forward mail from our Virt Servers to your AOL account. Since AOL decides who do blacklist based on the last server that the mail came through before it got to them. So if one of my 40K or so customers forwards xxx@domiain to yyy@aol, every time they hit the report as spam button (which I am told is very close to the delete button), I get a nasty gram, and if they do it enough, you get the AOL report card, that says we have concerns about your ability to send e-mail to us since your complaint level has hit zz%. THe other fun part of that, is that users think anything they don't like is spam, or they aim with the mouse isn't quite good enough to hit the correct button, as we get copies of Private notes responding to a message from an AOL user, stuff between friends. People responding back to a note from their mothers,etc... Me personally could care less if I can send e-mail to AOL, but if my mail clusters get blacklisted , I have a lot of very uspet customers, and it costs us a lot of money to fix.

    ok Rant mode off..

    --
    To E-mail me, replace the first period in my domain with an @