Slashdot Mirror
Ask Slashdot: Dealing With Anti-Spam Service Extortion?
An anonymous reader writes "I work for a European ISP, and lately we're receiving quite a few complaints from customers about not being able to send emails because of UCEProtect's listings. After checking with their site, we found out that our whole AS (!) was blacklisted. Their 'immediate removal policy' asks for money, around 90 euros Per IP for end users and 300 euros for ISPs, and their site has bold statements like
'YOU ARE LOSING YOUR RIGHT TO EXPRESSDELIST YOUR IP IF YOU ARE STUPID AND CLAIMING THIS WOULD BE BLACKMAIL...'
Could this be considered extortion-blackmail ? Has anyone else on Slashdot dealt with this service before?"
In the US, I'd say what they're doing is restraint of trade. It's kinda like what Yelp does here. People list a business or service. It cost extra to remove negative reports. I avoid them.
While you may not have the resources to deal with these assholes long term, maybe the lawyer will say "litegate" or they may just say "Pay the extortion".
Or you could just find the principles involved and do an Anonymous disclosure on them. Maybe they don't want a bullseye painted on their foreheads or their cars or where their kids go to school. I like this strategy for the Westboro Community Church but you'll have to evaluate if it's OK for these asshats.
I used to run the AHBL (for those wondering, I am Andrew Kirch), my advice is this. UCEProtect isn't a protection scheme. They're just people who run a DNSBL and got tired of dealing with spammers lies for free. I am incredibly sympathetic, though I did not go the same route. I've been lied to, threatened, received death threads, etc. Eventually you stop doing it for free, and since I was unwilling to charge, I simply stopped. If you want to be delisted, pay, if you don't, don't. If one of your customers/friends/whatever is using UCEProtect, you can also contact them and ask them to stop. I've used it in the past, but not on a block outright basis. My policy applies only to my mail server though, and not yours.
lots of places use them, and it really shits me.
Most of them list you for stupid reasons, eg having a dynamic ip (even if it is really static, and they will only remove dynamic listings if you are the ip range owner)
Its a constant support hassle for me.
I'm a receiver, I use UCEProtect to score emails, they help to block a LOT of recent and bleeding edge spam. I don't have to pay them anything for their assistance.
Adding an IP address to their whitelist is no easy thing. You see, they hire only blind, deaf quadriplegics, so each octet is entered in binary through a mouth open/close morse code interface. But that's only after your request makes it through the queue to be read through tactile forehead tapping tty... Perfectly understandable that these folks detest spam, isn't it?
blackmail [blak-meyl]
noun
1. any payment extorted by intimidation, as by threats of injurious revelations or accusations.
2. the extortion of such payment: He confessed rather than suffer the dishonor of blackmail.
3. a tribute formerly exacted in the north of England and in Scotland by freebooting chiefs for protection from pillage. verb (used with object)
4. to extort money from (a person) by the use of threats.
5. to force or coerce into a particular action, statement, etc
blackmailer, noun
blackmail (blækmel)
1. the act of attempting to obtain money by intimidation, as by threats to disclose discreditable information
2. the exertion of pressure or threats, esp unfairly, in an attempt to influence someone's actions
3. to exact or attempt to exact (money or anything of value) from (a person) by threats or intimidation; extort
4. to attempt to influence the actions of (a person), esp by unfair pressure or threats
You'd be surprised. Apple's MobileMe email uses it, for one. Recently I had an email to my brother's address at me.com blocked because my hosts SMTP server was blacklisted. And only yesterday I exchanged a few emails with an online retailer to get some product info; my 3rd mail suddenly got blocked (by a different blacklist service, who state that dynamic IP addresses are auto-blocked).
I can see why this is a problem for ISPs and hosts. Some people have been claiming the demise of email for years what with Facebook and such, but email is important enough for me to consider switching host, even though it is probably not their fault.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Ask your company's legal team about options, such as suing in the UK for defamation.
Just a thought.
How about sending a bunch of spam from a laptop at an open Wifi like Starbucks, where the spam is promoting UCEprotect.org. Send it to/through Gmail and other blacklist organizations. The goal being to get them placed on a spam blacklist...
Either seems preferable to spending 300 Euros for an express de-list. Then, doing it again, etc.
Make sure you monitor out-going email through your ISP's servers so that no spam is being sent by your customers.
Maybe it's the language barrier, but that seems like a lot of smiley faces and profanity for a professional organization.
Their revenue model seems odd as well - it's almost like they're set up just to extract money from senders.
My instinct is don't pay them, figure out why you got listed, and stop whatever triggered the listing.
If the customers are complaining excessively, consider the unblock fee - once. Definitely terminate the accounts of the spammers.
I get my internet through Shaw which, unless you pay extra, uses dynamic IPs. By dynamic, I mean "technically" dynamic, but keep the same IP for at least 6-8 months at a time. Shaw also uses blacklists, one of which is Spamhaus among others. Shaw has a policy where they reject E-Mail if a SINGLE blacklist has you listed for ANY reason. Spamhaus has this annoying feature where they add all dynamic IP addresses to their blacklist. Basically, shaw is auto-blocking their own f*cking customers and nobody in the tech support chain seems to understand this.
Well you got enough guns over there use them and take em out that is what you seem to like doing as a pass time shoot people because you can ..
1. The poster lives in Europe, as stated.
2. Us Yanks? Some times we have good reasons, some times they are bad, and some times they are a very good reasons with BAD grammar
You find that when you start turning up spam solutions to high levels, a lot of legit shit gets filtered.
I mean if all you care about is blocking spam, I can give you a 100% solution: Just block "." as in the root of all DNS. No more spam, ever. Of course it also will have a massive false positive rate, you won't get any e-mail at all.
If a spam service just takes the "Block all of the things!" attitude it really isn't that useful overall.
Indeed. Recently our Rackspace hosted email got blacklisted because one of their subscribers was apparently a bot net zombie or something according to some blacklist. Wasn't even anyone in our organization, but whoever maintained the blacklist shitcanned a whole range of ips and I guess we were just collateral damage. I am wondering if the same thing didn't happen... Rather than a blacklist, maybe it was a blackmail list against rackspace. It did seem to get resolved by them fairly quickly...
Blacklists are among the many reasons why email is simply an antiquated cluster fsck that is broken beyond all hope of repair. How it even functions at all amazes me sometimes. DKIM, spf, etc, are all hacks that are rendered meaningless because of blacklists.
I feel your pain, but as a small-time hosting provider the dynamic-IP blocklists reduce spam by about 90%. In reality there are very very few legitimate mail servers located on a dynamic range. You are an unfortunate example. I currently get less than 1 complaint per year on false-positive rejection. For me this is an unfortunate but acceptable loss compared to the large amount of spam I no longer receive.
If an experiment works, something has gone wrong.
They're almost certainly not paying royalties to Paramount for the use of the Borg-9 font in their logo.
By all means, take them to court in Europe. These is unfair trade practice. For that alone you can get pretty severe fines. Get a preliminary injunction as well, if possible with a nice daily fine attached to it. If they want to play it like that you should too. We had the same thing happen to us a while back (large IRC network). They blacklisted our mail server so our services couldn't email the users anymore to verify their email address. We threatened to get a preliminary injunction against them and they backed down very quickly. It took a total of 5 minutes between our lawyer sending an email and us being removed from the blacklist.
It would be helpful to know what abuse your users are supposed to have committed that resulted in the blacklisting. If you're allowing spammers to operate freely, you should be subject to much greater penalty than 300 euros.
Firstly, as Pamela Jones over at Groklaw would tell you in a heartbeat, convince someone at your company to take legal advice. If your company is contemplating action of any kind in response to what has happened, it is critically important that you understand that your intended steps will not undermine you at some later date. Only a legal professional can tell you that. So please, get proper legal advice.
Secondly, thinking about the relationship between yourself and the party you believe to be performing the blocking/spam filtering. Is the issue between your company and the third party, or your *clients* and the third party? I can understand that you are coming under fire from your clients, but please refer back to the first point, above.
Third, go get familiar with the relevant legal frameworks. Your legal support, when you hire, them, is going to start asking legal questions. You understand the tech, but take the time to familiarise yourself with the law. Start with: RIPA (the Regulation of Investigatory Powers, which, IIRC, makes it illegal to intercept any communication between two parties), PEC (the Privacy in Electronic Communications Act [2003]), and take a quick look at the DPA (Data Protection Act [1998]) inasmuch as the data being generated and acted upon by the third party [email addresses] was created for the express purpose of *routing email traffic*, not *filtering* email traffic. There may be an argument that the filtering is inappropriate. See how a lawyer (I'm not one) can help you here???
Fourth, are there any professional trade bodies or organisations that both your company and the third party subscribe to (i.e. a UK Association of ISPs) that may have a dispute handling process? Are the two parties able to sit down with an arbitrator? If so, this might be a free service that you could try?
Fifth, if all of the above fail, then use of the Internet in the UK is regulated by various Government departments and Quango Regulators, such as the ICO (Information Commissioner's Office) and Ofcom (the Communications Watchdog). As above if you have taken proper legal advice from a law firm with expertise in this area, they should advise you on the best method of engagement.
I understand that you want to help your clients, but in this case it's critically important that any steps you take don't make it worse. Legal advice must be step 1.
Hope this helps...
I have reduced spam by 100% (Yes, one hundred) by also blocking the fixed IPs.
I don't get any complains as they can only send them by email.
Now if my provider would do the same and blocks this one email, I would not send in a complaint. I would change providers.
And this whole fixed/non fixed IP is just a way of selling things that are not there. We do not use modems anymore, so you will need to have the IPs available anyway. Blocking dynamic IPs will just cause another excuse to ask for extra money for a fixed IP.
Don't fight for your country, if your country does not fight for you.
Indeed. We use a similar blacklist on our systems and it eliminated a massive chunk of spam from bots trying to reach out and touch you directly.
There just isn't any good reason to be operating a SMTP server on a residential connection; the user either needs to go through their ISP or they need to move to proper hosting in a datacenter (more uptime, static IPs, clearly not an end-user system).
Unfortunately, it IS effective. If you are really that concerned about it, then pay the fee to get a fixed IP, or relay your mail to a server than has a fixed IP. It's not expensive.
It tells you plainly how to get delisted for free. But that requires you to do some serious work and find out who you have spamming on your network. Regardless of the legitimacy of the supposed spam, you need to find out who it is sending it and make them stop.
The 7 day waiting period once it stops sucks. But that's their policy if you want it removed for free. Free removal = you stopping the spammer on your network.
Now, if you want to get it removed **faster** than 7 days plus however long it takes you to get the spammer to knock it off, then you have to pay. And in neither case is it guaranteed you will not end up back on the blacklist if someone starts spamming on your network again.
Its not blackmail, its a convenience fee. I'm sure your ISP charges your users some of those for things like getting network techs on site faster and such.
I call BS on that post.
The blacklist people don't block anything. All they do is publish a list with IP addresses. Isn't that covered under your precious free speech thingy?
Its the providers that use the blacklist that you should worry about.
If an experiment works, something has gone wrong.
That could be, but if the listing is inaccurate, they're likely guilty of defamation and probably other things as well if they're keeping the listing as such.
I don't know if in this case the listing is accurate, however, the OP could likely successfully file suit against them.
There is not such thing needed as Anti-Spam, just setup greylist with whitelisting and your set.
So you call BS on me cause I use the wrong terminology according to you? They do in fact block people, in many instances the blacklists are automatically loaded and many providers do use them cause of the spam problems they're experiencing. They're a very cheap solution to a major problem. Not everybody wants to dish out a lot of money for the latest in smart anti-spam software or hire somebody on staff to constantly update their own anti-spam rules. ... On the other hand I know this nice person who claims to be able to double your money in only 1 month! Oh wait...
Claim it's not a major problem? Setup a mail server on a new domain, create a random email address and publish it on a site with a fairly page ranking on google. To give you an idea: I have received over 100 spam emails in the last 24 hours on my regular email account, and I don't even spread the address of that one around. Sadly it turns out I'm not very interested in viagra, penis enlargements, huge fake DHL invoices, Nigerian princes, UN funding,
If you end up there check why and wait 7 days.
Obviously anyone giving you legal advice has failed due diligence. From their site: "Every IP listed will expire 7 days after the LAST abuse is detected, and FREE of charge."
So, find out whoever is spamming, and put a stop to it. It might be different if your ASN is listed, but I'd still be looking for spam sources on your own network.
NEVER trust an AC. The TRUTH is RIGHT there on the linked page
FREE OF CHARGE REMOVAL:
There is no need for you to request removal, if you do not want to pay.
Every IP address temporary listed as Level 1 expires automatically 7 days after the last spam email from it hits our SPAMTRAPS. This means your IP address will be removed, lesson learned, no more spam from your computer.
The FREE option is listed FIRST, you ONLY need to pay if you want someone to manually check your SPAM sending IP can be cleared. Spammers LIE, they will abuse ANY complaint system and this costs time and energy.
Spammers rely on the low costs of their operation to remain profitable, they spend nothing and instead leech from others people infrastructure, efforts and time to make their money. The easiest way to combat this is to cost the Spammers time, energy and money. That hurts their profits the most and is the only way to hinder them.
Yes it sucks to hell and back if you are caught in between with your "legit" reasons to run a mass emailer from your own computer. But the needs of the many outweigh the needs of the one. Don't like it? You PAY ME then to deal with spam. You don't want to pay? Well... then what do you want? Email was ruined by the spammers, the old idea of anyone being able to mail anyone else is GONE thanks to them. You fix the spammers then because I am NOT going back to the days when 99% of email hitting my systems was spam.
Frankly there are so many alternatives to sending mass mail from your own system, only highly suspicious people want to go around this. And yes, loss of freedom for one means loss of freedom for all... but the costs associated with combatting spam all on your own are just to big. Installing a DNS blacklist is a cheap reliable option and the number of people hurt by it are statistical rounding errors. Really, nobody I know still uses their own email system but instead uses something like gmail with their own domain name. I use Amazon. And gosh, it just works.
Basically, it all comes down who has to spend time and effort. The recipient or the mailer. Do YOU have to make sure as a sender that your system can send to everyone OR does the recipient have to make sure that he can receive from everyone?
The recipient is the person with the least interest here in case of spam AND indeed in regular emails. If some entity wants to mail me from some home IP in black listed range. What is my motivation in wanting to receive said message? The spammer/sender is the one who needs the message to be received.
AND ALL THIS BLACKLIST REQUIRES: Is that AFTER your system has been caught sending spam, it stops sending spam for 7 days. That is all. Just 7 days without spam. The AC whiner clearly is running a system that sends endless spam. He needs to deal with that and NOT demand the entire rest of the world open their system to his spammy criminal customers.
When you sign up for Amazon EMS there are several security measures in place to avoid you using their systems to send spam. That is because Amazon and other email providers spend a LOT of money making sure their IP range remains unblocked and they do this by having people actively making sure no spam is send through their system.
Is it that difficult to ask that an ISP does the same?
Again yes it sucks if you are caught in between but hey, there are alternatives and YOU are FREE to come up with a better system. In the meantime, I take my DNS blacklist thank you very much and not shed a tear about your home mail setup. Hey, at least it is better then in the old days when many including me would just black list entire regions of the world. Still do for that matter, you would be suprised how much less attempts at hacking you get on a small webserver if you just block Africa, Asia, Middle Eaast, East-block, South-America etc etc. But you might get a legit visitor from those regions! For a local amateur soccer club home page?
My time is money,
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
The guy posts the question as an AC. Why? That is a MAJOR red flag.
Secondly, no consumer ISP would tolerate such a question being asked on a public forum, they have lawyers in house to deal with this kind of stuff, they do NOT Ask Slashdot. Never. No way, no how.
10 to 1 that this is some east European with a couple of servers at a hosting party who hires them out to spammers and now finds his leased servers are useless to those same spammers because his IP range has been blocked and he wants them unbanned to he can continue to rent out his servers to spammers.
DNS block lists do on occasion hurt real newsletters. But this is about a legit newsletter, why is not mentioned? If this is a legit service that is being hurt, why is not mentioned. If it is a legit ISP that is being hurt, why is it not named?
Could it be that this question is posted by an AC with not even a hint about the nature of the hurt party being the very generic label "ISP" is that even the simplest google research would reveal that the ISP in question is a spam haven?
Anyway, a DNS list is just a list of numbers. It is a fact list that does nothing unless someone ELSE uses that list. Listing ip's on a list cannot be illegal and block mail from MY server is perfectly legal as well.
Spammers have tried fighting DNS lists for years now and failed. This question should never even have been asked.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
As posted elsewhere in this thread, 10 to 1 this is a spam haven ISP. How can he terminate his only customers? Some east block kid thought he could make some fast money renting out a small IP range to spammers, then found it became useless once it got blocked and now he is butthurt the world doesn't allow his get quick rich scheme. Proof me wrong, get the coward to name the company in question. He can't since it would instantly reveal it for what it is.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
They look quite unserious on their support pages. And im suprised some goverments is using them but they might be successfull since they apparentely block whole AS series....
Godaddy did a similar thing some years ago. They blocked the/24 net if they recived spam.
problem was that they required us as customer of an isp to "stop" the offending ip even if it was not
under our control...Since back then i was just the sysadmin of a customer with only few ip numbers.
Anyway call your lawyer first. But they will probably say it is not illegal to use shitty services..Depending on your local country laws.
Put up a big notice in simple language to your customers about what a blacklist is and it is mostly out of your controll.
You could start to block outgoing port 25 and force all to go via a forwarder. But make sure
it works or hire another company that know how to run mailservers 24/7 with high loads and block spam before they go
out on the net.
Hi,
even those guys from uce-list have honorable goals I think their way of trying of achiving a spam free internet it will hurt the ecosystem of the internet itself.
And especially one aspect "freedom". I distaste spam as many like you being nagged by "Luke" or "Mr. Motumba" with their ideas of marketing, I thought that blacklisting might be a good way to prevent spam, but lately being affected by yahoo & aol filtering out emails sent to people that I know in person(arround 12 per month to the same person), the emails aren't marked as spam, they just don't reach their destined recipient, they just vanish.
Also the behaviour of putting internal communication into public and stating that german law does not apply to them because they are not operating from germany is wrong and is a lie. On their page they state that "bavarian people" make up these lists. Those guys are behaving like outlaws, like those spammers they fight.
But I don't get it like many others here in /. why not using fingerprinting of those messages and statistical methods to identify spam.
I skimmed their policy pages and it looks like they do remove automatically and free of charge. IF the ISP cleans up their network and makes the spam sending boxes shut up.
The way this is handled in Finland that each isp has one outgoing SMTP-relay server that you have to use, you can't send the mail directly out. You can receive all the mail you want but the outgoing pipe has restrictions to prevent open/miss-configured servers, works great. (I have my own mail server with such arrangement on a static IP)
If you are a ISP I would suggest a similar arrangement to prevent all your customers sending spam :)
There just isn't any good reason to be operating a SMTP server on a residential connection
In the EU (and probably elsewhere too) there are VERY compelling reasons to do so. ISPs are required by law to store all your e-mail (and other) traffic and make it available to the government at a whim. So much for the basic human right to privacy and private communications (but hey if you're no turrerist you've got nothing to hide eh?) They are still snooping port 25 and probably reading it at the receiving end anyway, but I'll be doing anything in my power to hinder the government from snooping on my private communications.
Its a warning that you have dynamic IPs. You start opening ports to their mail servers, with ungodly amounts of UCE? Are you really clean? Do you hunt down with fervor anyone using your Internet for UCE? Are you sure?
Its so very easy to find, and see the offending people, or do you have your hands full just getting them connected. I had an ISP who found a co-lo spending spam, and they pulled its plug. The customer never offered to fix their server, or anything.
There is a place to go to find recent incidents from known honeypots: Have you see those?
Actually I used to work for Shaw. Most of them understand exactly how it works and why it does what it does to you.
Use their email server. Vancouver for an example uses shawmail.vc.shawcable.net.
What it really comes down to, is they don't care, and shouldn't. People on dynamic IP addresses generally do not need to operate their own mail server. If you really really want to, you'll have to do the responsible thing, get a dedicated IP address, setup reverse DNS PTR etc. This provides security and verification of where the email is coming from. There's a few other services you can setup to properly register your mail server.
It annoyed me at first too as I was running a personal one just for me and my domain, but since I really don't need it I got over it.
If you don't want those things, you're probably a spammer or want to spam, and therefore Shaw has done their job.
They do in fact block people, in many instances the blacklists are automatically loaded and many providers do use them cause of the spam problems they're experiencing.
No, blacklists do not block anyone. The providers are blocking people.
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
1 - Are they relevant to your operation? If not, ignore.
2 - Are these guys for real? You could just be looking at a scam.
3 - Do you actually HAVE a spam problem? Worth checking anyway. If you're an ISP, all you need is a couple of infected customers and you may end up getting blocked by more than just this outfit (a tactic I disagree with, but I appreciate the sentiment).
I cleaned up an ISP in Hong Kong who had a spam problem, and the size of the problem was really too much for identifying affected clients - we'd be playing whack-a-mole for months. We closed the outbound router for email exit traffic and installed a gateway that did some extra checking. It was then relatively easy to ping back warnings to customers from there that they were having a possible virus infection (it also served as a heads up to those who were spamming for real that the game was up).
How about blocking port 25 for residential customers and dynamic IP's ? In some countries this is already mandatory. ...
Using RBLs is so last decade
It looks more like UCEProtect is declaring to its customers that you are a spam haven and that they should not be accepting any mail from your systems. That sounds more they are libeling/slandering you. I am not a lawyer but I imagine an imaginative legal team would be able to sue UCEProtect in that way.
Qu'on me donne six lignes écrites de la main du plus honnête homme, j'y trouverai de quoi le faire pendre.
If you run an ISP and use dynamic address allocation, chances are that a low percentage of your users is infected and they appear to be coming from your entire address pool. This will mean that in practice, your entire AS will be blacklisted permanently.
The way it often is solved, is that the abuse department for the ISP sets up a "custom" communications protocol with the blacklist operators. In that protocol, it's usually described how the blacklister deals with IPs (only block individuals, block for $lease_period) and that the ISP will get abuse mail for each of those offending IPs. In return, the ISP will have to take measures to pull the offending machine/customer offline in a very short timeframe, usually well within 24 hrs after the abuse mail has been sent. Often ISPs will have some sort of mechanism that will re-route the customers sending spam into a walled garden environment, in which they can only send mail via the outgoing mail servers of the ISP and not browse the web, apart from web sites of the ISP themselves and anti-virus and update websites and such.
This is by no means a perfect solution, since you are automatically tossing customers in a non net-neutrality setup because some third party triggered your abuse system. However, when configured and tweaked correctly, you get less than 3% false positives and your customers generally appreciate what you do. If you deal openly and swiftly with the false positives, even those tend to agree with your policy, but you have to make sure that you help them quickly and take the blame.
If you have a setup like this working in your environment, getting a "custom" deal with the blacklist admins usually isn't that hard, but you have to take the initiative and prove to them that you do anything reasonably within your power to take care of spammers and zombies, before they will cut you some slack.
I was promised a flying car. Where is my flying car?
Stop sending spam, wait 7 days and your good. Your at level 3 your AS has been spewing spam for awhile and you have done NOTHING to fix it. As an ISP you should be checking all your IPs against all major spam lists and proactively dealing with spam. This will probably mean loosing customers. Some things to consider it's trivial to setup a relay server for your own mail servers outside your AS to keep outbound email going. Look into some technical means like transparent outbound spam filters, outbound port 25 syn rate limiting, or a plethora of other aids. Those clients will all claim it's triple opt in super secret they have everybody's dna on file, they are lies. Remember that spammers are at worst criminals at best have absolutely no morals in either event they have no compunction lying to you. Strengthen your TOS put BIG fines in there for repeated spamming wave them based on your gut and history. Often you need something to push legit companies to fix there issues.
All thing considered getting to l3 means your just ignoring the spam coming from your network. You need to get proactive and fix the root issue of spam spewing from your network. There are plenty of technical methods to avoid the 7 days block that are far cheaper then paying them. At the end of the day spend less energy railing about "blackmail" and more policing your network. If you do not, your facing the internet death penalty and the business needs to go under this is the internet working as intended.
No sir I dont like it.
I'd echo the "NEVER trust and AC" post by SmallFurryCreature (593017). I'd further consider the scenario where a few computers or the entire network being compromised. Botnets have been around for a while and are a growing problem. It is possible for individual customers or even ISP owned machines to be infected by botnets that send out spam email in bulk quantities. You may not necessarily have the legal ability to monitor the traffic due to privacy laws. Perhaps you can setup a honeypot of your own or work with people that operate them to figure out which machines are sending out the spam. Does the ISP assign IPs in a dynamic manner? If so the problem may appear larger than it really is to an external viewer. Altering how much IPs change could maybe help as well.
I've had to deal with UCEProtect in my job as a system administrator. Whenever we got listed it was because their spambots (that send mail coming from the droppatrol.de domain) managed to get a bounce out of our system. We allow our users to forward mail offsite and some do to sites that are far far less permissive then us, and when that happens we properly send the bounce.
I would say that running spam bots, and then asking someone to pay to get off a blacklist that their spambots got you onto, is effectively organized crime type extortion.
Since when is the UK a part of Europe?
It's like that with most ISPs worldwide. You can still use another SMTP server if you use one with SSL on another port though.
In my opinion any respectable ISP should nowadays block port 25/TCP in the residential blocks to protect it is own customers from being blacklisted, as there are know and better alternatives. Further more, the email servers should run in separate addresses, or better yet, in a different net block. Alas, spammers and configuring it has gotten so time intensive, that in the long run, it gets cheaper to outsource to google. (many people is not aware they still can keep their domain). You can always also do transparent routing in the 25/TCP and filter it through a spam appliance/email server. Block yourself the repeat offenders. Warn the customers. (as I said previously, blocking 25 altogether seems a nicer idea). I would finish saying port 25/SPAM is more a political than a technical problem, however if you dont act on it, it is not of use posting rants as articles in facebook.
They don't (have to) store your mails, only who you send it to: the traffic data. That in itself is bad enough though, and one of the reasons I run my own mailserver on a provider subdomain. Them setting up reverse DNS incorrectly caused a lot of mail to bounce, but after they corrected it (9 minutes after I mailed them about it, they act very quick) I have not had those problems again.
Here on my ISP we get the same problem from time to time. We have a very strong antispam policy regarding our own users (about 40k) and they usually understand it. Our main problem right now are hijacked user accounts. So we have systems in place the blocks users/passwords after they start sending spam, but only after a few hundred were already sent (we are improving on that shortly). While this has led to a much lower RBL block rate, we still get one from time to time. In that case we remove that mail server from our cluster for a week. You only get ASN blocked if there are too many IPs sending spams on your network. There is no other way: watch your users, specially the web hosting users (PHP's mail() should be deactivated). RBLs works on the premise that they should block any spam regardless of any other traffic you might have. Reputation systems knows better. In any case, no one will like your network as long as your users keep sending spams. Your only complaint about UCE is because they charge to unblock your IP. The others don't charge and will just not unblock it.
been hiding under a rock much?
http://en.wikipedia.org/wiki/The_Abusive_Hosts_Blocking_List, considering his own name is HARDLY spattered over the internet as a karma whore / full of himself - I would be much more likely to to believe him than some trolling A/C that has what, committed translations from English UK to English US? Of course that is on the assumption that the poster is who he says he is but if you did actually google rather than being arrogant and full of yourself - then you would find that the guy has indeed been rather involved in anti spam lawsuits etc.
http://www.declude.com/Articles.asp?ID=262
OR
"My name is Andrew D Kirch, I'm one of the founders of the AHBL, and served in that capacity until 2008. I've been harassed, extorted, sued, and defamed by a Mr. Richard Morton Scoville, a resident of San Antonio, Texas for a period of 7 years. During that time I have suffered nearly irreparable damage to my character, and public reputation. I've been questioned by police, and my customers, and I have incurred over $10,000 in legal costs defending myself in court against this person."
So, AC - is your code contributions worth $10k to you?
OR
http://www.ahbl.org/legal/scoville/courtdocs
Let me just make another assumption here, You are American and don't know who "Tim" Berners-Lee is either? I actually couldn't care less if you do or don't know who he is - but my point being is you wouldn't do the extra effort to look it up.
not posted anon, because I've not been a pussy since 1994.
Wooooooooooooooooosh
A person who raises his fist is a fool who's run out of ideas. How do you live with yourself? I'll be applauding when your ass is sent to jail for an extended period.
There just isn't any good reason to be operating an outbound SMTP server on a residential connection
FTFY. I've always made a point of having fixed IP on my DSL, which is now via AT&T, formerly SBC. I'm not sure that they ever implemented an outbound port 25 block, but it was just an extra line or two in my sendmail m4 config, it was a "good netizen" thing to do, and I was aware that eventually spam blocking was going that way. (In fact, it was much more annoying to find out that some DNS servers failed to find you if your registrar-listed nameserver names weren't also returned by your own nameserver.)
And there isn't much of an excuse for running an inbound one without a fixed IP, but at least if you do run one, your e-mail isn't stored somewhere that a government can declare it "abandoned" if it sits there for six months or some bullshit like that to let them download it wholesale whenever they feel like it.
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
There is a reason you are listed:
* You have spam originating from your system for too long of a time.
* You are unresponsive to reports.
So, your entire network range is listed. Everyone is bouncing emails. Everyone is complaining to you, and you've noticed. You've been forwarded the site, and you're contemplating just paying them off... except that it just won't work. You'll be relisted again, and with reason -- someone on your network spammed and nobody's listening.
Thus:
* If you haven't done so, open up abuse@ and point it to somebody with the power to diagnose, disable, and close accounts.
* If the guy behind abuse@ doesn't have said above power, GIVE IT TO HIM.
* If the guy behind abuse@ does, but doesn't use it, FIRE HIM.
* If you haven't done so, disable outbound port 25 at your border router with the exception of an out-bound SMTP server.
* Put an outbound spam filter in place.
If you are unwilling to do the above, then there is one last thing you will eventually do: CLOSE SHOP.
--
# Canmephians for a better Linux Kernel
$Stalag99{"URL"}="http://stalag99.net";
1) Determine why you are listed
2) Change your infrastructure to avoid that in the future (port 587, auth, etc)
3) Be patient, watch it work
none
This is a direct violation of net neutrality laws, at least in the Netherlands. You could take them to court if you live there.
A person who raises his fist is a fool who's run out of ideas. How do you live with yourself? I'll be applauding when your ass is sent to jail for an extended period.
I always have a pint in my clenched fist when I raise it, you insensitive clod!
Blacklists can and often DO get considered IN COURT as blocking people, the police in my country had to remove an erroneous criminal record from someone because it was blocking him from employment, same thing here in Europe. Maybe you USA folks just have a shit system.
All ISPs should block them
mod parent up.
Since 1973.
http://news.bbc.co.uk/1/hi/world/europe/3583801.stm
not the ISP as in "i use my ISP to contact my mail server", but only the ISP as in "i use the mailbox provided by my ISP". So they are required to snoop on the metadata (from, to, date) of mail sent via their own servers.
the police in my country had to remove an erroneous criminal record from someone because it was blocking him from employment
Again, no, the potential employers that were checking the blacklist were blocking. I imagine the police had to remove the erroneous record because it was libellous.
Blacklists can and often DO get considered IN COURT as blocking people
Just because a court treats it as true doesn't mean it is, even if COURT is in all caps.
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
Sometimes a person just gets tired of trying to deal with trolls and bullies. Cowards love to cut a person with their words or actions then act saintly when the victim caves in their face. A lot of the internet is filled with cowards and especially AC's, that's why trolling and bullying is so prevalent. Emotional scars can last forever and should be dealt with immediately and fiercely. The law provides no protection against bullies because they usually craft their attacks to be perfectly legal but then laugh at your sorrow as their reward. Sometimes you just can't reason with an asshole and when words fail, its usually both easier and more effective to translate your emotions into violence. The bully's ROI is always infinitely high because they believe there is no risk. Show them that there is indeed a risk to their actions and they probably won't be so likely to act in the same way again towards someone else.
Years ago I was running an email server, (Very low output 3 to 5 users personal email only, no lists) and we had some inbound addresses that were overloaded with spam, so we abandoned them. But rather than just discarding email sent to those addresses ( for fear that someone didn't get the new address) I set them up so (via a piped script in the aliases file ) to fail on receipt with the message "your message to abandoned@email can not be delivered, please use the webform here to send your message"
/dev/null. second, I didn't actually send the email, but we got blacklisted simply because our IP adress was in the chain of Received headers in the email header.
So we got blacklisted, and checking the logs we had *NO* outgoing email at the time of the accursed spam message(s). The blacklist service didn't give me the whole message, but it contained enough for me to find reference to it in my log.
Near as I can figure, some spammer sent email to us through an open relay, using a honeypot (you get classed as a spammer if you send email to this address ) as his spoofed 'from: address'. My mailer refused to accept the email to the abandoned address, so the relay returned the 'undelivered' message to the honeypot address.
Now I had several problems with this. First, to avoid blacklisting, I had to remove this helpful service. Now those messages go to
More recently, I had newsletter messages sent to a members of a private club bounced by their local ISP. The sending IP address was not listed in any blacklist I could find. The ISP was just refusing connection, No message, nothing. (I could send email to that ISP from other services like gmail) They wouldn't take my call ( I'm not their customer) so I had some of their customers call and ask "Why am I not getting these newsletter messages?" . I wasn't on the call, but it sounded like they just played dumb. A few of the list members gave us non-local-isp addresses (gmail , yahoo) and now they get the newsletter there.
Again, legitimate email loses out.
And finally, Just about every time, my "password reset" messages end up in people's spam folder. This is one of my most common support calls. (this even after the page where they request the password reset says right on it "check your spam folder" ) There are lots of false positives on spam.
I manage several exchange servers and use Postini with outbound filtering configured mainly to avoid any blacklist problems. If the pricing is a problem you can purchase a single user for filtering and set Non-Account Bouncing to Off and all incoming mail will get delivered to your server while all outbound messages go through Postini's servers.
There just isn't any good reason to be operating a SMTP server on a residential connection
And this philosophy is what brought Europe down and is killing the U.S. It isn't up to you to decide if what I want to do is a good idea.
I run my own mail server. At home. And here's one good reason why.
All my personal contacts, emails, etc. that sync to my smartphone... don't go through Google, Apple or Microsoft. Essentially I run my own cloud.
Is privacy and wanting control of our data/contacts, at least keeping the nexus away from the corporate giants, not a "good reason"? Who are you to unilaterally decide "no"?
As long as you confirm thricely that the targets of your spam are willing to receive it you should be good. I'd suggest meeting each and everyone of your in person and with verified live human witnesses present to attest that your prey is willing to subjected to the advertising that you are want to force upon him.
Time is what keeps everything from happening all at once.
When did the IRA sue Channel 4? Do you have a link for that?
Depends on the country, but you might get away with publishing a list of "scum". In the UK, the PCC would be more likely to handle general misconduct. I'm not sure calling someone "scum" is any more legally actionable than calling them "absolute shits" or similar. Where it becomes legal is if an actionable statement is made, such as publishing a list of "terrorist scum", or a list of people described as being "IRA terrorists".
Depending on how you define "free speech", it may not exist anywhere. From what I see in most countries, standing out in the street with a bullhorn claiming your neighbour is a paedophile is going to fall foul of some slander/defamation laws. Simply accusing them of being scum is more likely handled under public order laws. Of course in the UK we like our libel/slander laws to be batshit crazy, so it's difficult to predict how anything will end. I can legally say that Jeffrey Archer is a liar, and I can say the same about Jonathan "simple sword of truth" Aiken. This is because these liars have been convicted of perjury - with Aiken following the trend of meeting Christ in the prison exercise yard. It's almost always free speech with strings, and in general I agree that there should indeed be strings attached. A man's life could be ruined by false allegations, and even with libel proceedings, some allegations are just too nasty to be erased.
-- Using the preview button since 2005
You really have to enjoy some of the comments in this thread, especially those saying things like:
- "Just wait 7 days with sending no spam!"
- "ISPs should be proactively taking care of this!"
The majority of these spammers are not some Eastern European criminal mastermind with spam servers; they are your grandma's PC which has been turned into a bot. Guess what? Grandma's computer is sending out spam in the background as fast as her system and connection limits will allow. When one of those hits a honeypot, you get RBL'd. If this isn't found and detected by the ISP (who likely has tens of thousands of endpoints, minimum), all of the sudden their network is now L3 (or something) and has to be paid for the "privileged" of delisting. Meanwhile, while the "just wait a week" crowd is off enjoying themselves, anyone on the network is no not able to send email to anyone using this RBL for at least a week. Think most customers (especially any sort of a business) will find this delay acceptable?
These lists are extortion, pure and simple.
I've seen this story several times before with people complaining about "blackmail" with different blacklists and filters, and in all cases I have ever seen there has been some sort of real problem. Remember that there are different levels of blacklisting, from the lowly backscatter blacklisting which hits a lot of legitimate organisations, up to Level 3 (which indicates that you've been informed of a problem for a long time but basically don't give a fuck), up to the next step which is de-peering or permanent widespread blacklisting. OP is clearly drinking in the last-chance saloon on this one.
Top tip: running an ISP is harder than it looks. Not managing abuse of your systems will eventually cause major problems, and in the worst cases will drive you out of business and have law enforcement forcing their way into you server rooms to take your kit. Don't assume that YOU are the innocent party and the the complainers are just making it up if you want to remain in the ISP business..
Never email donotemail@WeAreSpammers.com
Guess you missed the part where it's pointed out it's a money grab?
So, you're saying Shaw is just another thug asking for protection money?
Then tell them it will cost to have it stopped, followed by a posting on your site saying, 'You Are Losing Your Ability To Do Business If You Are Stupid And Claiming This Would Be Blackmail."
Bark less. Wag more.
The only difference here is that it's accepted. All the big email carriers use the spamhaus block list. ALL cable modem IP blocks area already on the block list and you cannot get them removed. Therefore, to send mail, you MUST pay someone or use their "free" service where they can monitor your email and feed you ads.
My guess is they, in collaboration with the US government, set it up this way on purpose because it benefits both of them.
When customers contact us because they can't receive certain mail, we try to whitelist the IP(s).
When customers complain that they can't send mail to a certain person because our IPs are blacklisted, we ask them to ask their recipients to have our ranges whitelisted. It's almost the only way this is going to work. No point in trying to have someone whitelist our range over the phone in a company with several layers of managers between a helpdesk-agent and a server-operator.
We don't host any spammers, but sometimes accounts get hijacked and spam does get sent from our IPs. When we find out, we stop it.
But still, blacklistings do happen.
Windows 2000 - from the guys who brought us edlin
Just because a court treats it as true doesn't mean it is, even if COURT is in all caps.
Please stop using non sequiter arguments, it really doesn't help your case.
since they don't identify themselves, don't provide proof, and charge fees to organizations that rely on email in order to avoid a week-long disruption -- it is basically a scam. perhaps if they REFUNDED the 'express delisting fees' if the ip address(es) delisted remain so for a period of time (like 3 months).... can't call it extortion or blackmail then...... would be more like a refundable deposit....... without that, there is incentive to intentionally introduce false positives -- one here and there wouldn't raise alarms and if they chose the right 'victims' they'd collect every time..... they also need an outside independent auditor to regularly inspect their operations and performance metrics.
the potential employers that were checking the blacklist were blocking. I imagine the police had to remove the erroneous record because it was libellous.
In other words, using defamation to encourage others to block people is as bad as blocking people.
That is exactly my point, if he ended up on some government no-fly list, what is he going to do?
The UK is part of the European Union, and one of its countries shares an island with a eurozone member.
This seems bad. My ISP should not be interfering with traffic.
In the EU (and probably elsewhere too) there are VERY compelling reasons to do so.
So use encryption. While you lose the ability to perform server based searches your email content remains secure and you don't have the hassle of running your own SMTP server.
Who posted this interesting? Shaw do not allow mail servers on dynamic IP's. This is for obvious reasons. Spamhaus treat dynamic IP's the same way. Unless you are using your own mail server you will not be affected by Shaw or Spamhaus's policy that the parent is talking about.
Anyone running their own mail server should be using a static IP address.
It's freedom of speech.
If UCEProtect has an email they think is spam they are perfectly within their rights to proclaim said email is spam from the tops of the highest mountains. Other people have the right to either listen to them (and block the OP), or ignore them (and not block the OP). They do not have to be real nice to the alleged spammer and spend thousands of man-hours a year on appeals. It would be nice of them if they did, but their is no legal requirement to be nice to people.
"Frankly there are so many alternatives to sending mass mail from your own system, only highly suspicious people want to go around this."
I am a journalist, and I know what the laws are around email, subpoenas, (lack of any) protections under the (US) law, and the cost of lawsuits. I keep my own server, on my own premises, and keep logs only long enough for diagnostic purposes. All email is deleted after 2 weeks unless it is specifically moved to a location meant to be saved for the same reasons. I have been doing this, or parts of it, since before my ISP offered mail services, over 20 years now FWIW. Some people call me paranoid, I point to things like MegaUpload and call them ignorant. I guess that I would be considered "highly suspicious" according to many government agencies.
So there you go, there is at least one good reason to do the above, although I rarely send out mass mailings, probably less than one a year.
As for the rest of your points, I totally agree. Thanks for trying to stop the spam.
-Charlie
No, blacklists do not block anyone. The providers are blocking people.
Correct. That is the thing I find strange.
Blacklists certainly are a pretty good indicator that the message is spam, but it isn't definitive.
If you're going to use blacklists are part of your incoming spam filters, that should just increase the likelyhood of a message being flagged as spam. A blacklist shouldn't be used as a absolute ban.
I work for an ISP. We once had a problem where students at a local college often wouldn't get email. We eventually tracked it down to the college's spam filter. Their spam filter would quietly delete any incoming email containing the word "drug". (at least they should have rejected it with a 500 error)
Now, the word "drug" is often found in spam, but that isn't definitive. Especially since this college had a nursing school. Students would often be corresponding with other health care professionals and wouldn't get their replies (which is how we got involved).
The anger and misogyny in your post is getting in the way of communicating the (in my opinion accurate and justified) content of your message.
Violence is the last refuge of the incompetent.
By the time it is the last refuge it is almost certainly too late for violence to do any good. The competent get to violence _much_ sooner.
Paraphrased. L. Long.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Actually it's more like a car dealership, where one customer is alleged by a private company to have driven their new car illegally, now all customers of that dealership have been banned from driving in any town that uses the "bad driver" list, for 7 days unless the dealer pays a fee on their behalf.
Science is all about firing a drunk pig out of a cannon just to see what happens.
Hola, thanks for pointing out this to the AC above. I'm the current maintainer of the AHBL, Brielle.
After a while of maintaining a DNSbl, you start to refine your policies and how you handle things - unfortunately, with the amount of douchebags and assholes who operate mail servers and networks out there, those policies tend to get more restrictive and locked down to prevent abuse.
We used to offer a whitelisting service, where responsible ISPs could register to avoid auto-listing of their blocks. Had to nuke that due to being lied to and threatened (big surprise there). I used to provide free consulting to smaller ISPs who got listed to assist them in cleaning up their networks, securing their servers, etc. Had to nuke that program too - you can thank GoDaddy for that.
These ISPs, the ones that whine about being listed, usually have a good reason why they are listed. They won't publicly admit it obviously, but the almighty buck tends to override the common sense that you need to properly control and manage your own networks. If you are willing to allow your customers to spam, abuse, and just be downright shitheads from your IP space in exchange for money, then you need to be willing to accept the consequences.
The only reason why things are the way they are today, is because people don't know how to behave and be a good online neighbor. In other words...
"This is why we can't have nice things!"
Brielle
Mod this boy up!
Why is it that most of the people that I encounter seem to have been shat from the Sphincter of Mediocrity?
PURE BULLSHIT!!! I have proper hosting in a datacenter unfortunately they were under water a few months ago. All of my severe-weather forecasting for my customers was done out of my home. Granted my home cluster didn't have as many nodes and the forecasts took longer to generate, but at least I was able to mail out my forecasts. Take you lazy a$$ someplace else
In my experience, if you pay Shaw for a static IP for home home or office connection, you still get a dynamic IP (in the eyes of IANA) that just doesn't change like the old one did.
Except when it does anyway.
JUMP JUMP JUMP JUMP JUMP JUMP JUMP JUMP IRRIGATE
A while back our IP address was getting blacklisted for spam. So I started trapping info on recipient addresses for emails being sent outside the organization. I began to see a pattern. every few months there would be a burst of spam emails -- maybe a few hundred -- that lasted a few hours and then stopped. I traced the sending IP address to an ISP in the Virgin Islands or Bahamas. I then knew the spam was not coming from our organization. So that meant that an account in our organization had a password compromised. And that account was being used to log in to SMTP and relay spam
But eventually everyone's password should be changed and the spam should disappear. Only it didn't. Further investigation showed that there was an account named 'test' that did not require a periodic password change. Test did not have permissions for anything. It was defined as a guest and couldn't even print. But apparently it could use our SMTP server as a relay. It also had a dictionary word as a password. I figured a bot could be trying various id/password combos and occasionally hit on a working combo, sending a burst of spam. And that whoever was controlling the bot was too lazy to pay attention when it actually found an id/pw combo that worked.
Removing that account stopped the spam.
My takeaway was that even IDs with no apparent privileges can bite you. That IDs with simple names like test are bad. And that using dictionary word passwords even for testing purposes is bad.
TANSTAAFL
That's between you and your ISP. Mine doesn't charge for static IP.
sometimes I also have the feeling that these services are somewhat extortionist. I find this to be the case when they really don't help you in any way to track down the spam they think you're sending.
some of these are helpful and provide sample spam e-mails that they caught. usually the message ID is enough for me to track down the spam and spammer in question.
why such an organization would actually _not help_ fighting spam in this way is beyond me though.
>This seems bad. My ISP should not be interfering with traffic.
It is bad. Especially if you want to have actually mitm secure email with certs at both ends. This is a whole lot easier if you control the MTA.
DJ
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
In general, around these here parts, you don't have much of a choice in ISP. So for an amaizingly large number of people, that is not the case.
We've had several such extortion attempts and on the last occasion, we found that they are using domains that were previously held by e-mail providers as "spam honeypots". We've had such e-mail addresses in our forum users database since 2003 and now every time we sent them a forum notification, we got blacklisted by the extortionists (who by the way refuse to tell you which e-mail address caused the blacklisting). So in my opinion, they are trying very hard to get people blacklisted for legitimate uses of e-mail addresses in order to blackmail then.
"I love my job, but I hate talking to people like you" (Freddie Mercury)
* you do not get any notifications if you are blacklisted, except whatever obscure message is in your logs
* you do not have to have spam originating from your system, it can be perfectly normal e-mail to an address used by someone you knew in the past, that is now used by someone else as a spam honeypot.
UCEprotect sucks. It's no wonder the people behind it are hiding their identities.
"I love my job, but I hate talking to people like you" (Freddie Mercury)
For traditional reasons dating back to the dial-up UUCP era, most email systems are store and forward. That's really no longer necessary. In an "always-on" era, mail should be synchronous. When an SMTP server receives a mail that it needs to forward (presumably only to a known address) it should, while holding the incoming connection open, send the appropriate outgoing mail. If the outgoing send succeeds, the SMTP server should reply to the its client with success. If not, it replies with a failure code. No "bounce" messages are ever sent. So there's no possibility of sending a "bounce" message to a faked address. "Joe jobs" become completely ineffective.
Any non-success status from the outgoing send gets passed back to the incoming connection. If the destination server is down, the SMTP 450 status (Requested mail action not taken: mailbox unavailable) should be returned. For 4xx statuses, most mailers will resend, so the first mailer in the chain will handle retransmission. If the first mailer is a user SMTP client (rare today), the person sending will get an immediate fail, indicating that the mail was not received.
A simplified SMTP server like that would be appropriate for machines that only handle mail as a sideline and forward it somewhere else, like most web servers.
Well yes, but you make one assumption: that everybody runs a well built system.
I've found that assumption to be incorrect, even large corporations with huge IT departments often take the lazy way out when it comes to filtering emails and will just load blacklists as block lists.
Well, if the provider uses a copy of the blacklist to simply start blocking spammers it is the blacklist who's responsible for blocking people. Your core assumption is that every system in use is well made and properly designed. Reality is that most systems are horrible in structure and very illogical. Problems only get solved if there are sufficient complaints. Funny problem is contacting the target if you've been blacklisted. They often use the same blacklist to filter their own emails so you need to use a gmail account or something similar to get through to them.
oooooh... I actually had to look this word up to make sure I was accurate in my response (of course)
"Misogyny (pron.: /msdni/) is the hatred or dislike of women or girls. Misogyny can be manifested in numerous ways, including sexual discrimination, denigration of women, violence against women, and sexual objectification of women.[1][2] Misogyny has been characterised as a prominent feature of the mythologies of the ancient world as well as various religions. In addition, many influential Western philosophers have been described as misogynistic.[1] The male counterpart of misogyny is misandry, the hatred or dislike of men; the antonym of misogyny is philogyny, the love or fondness of women."
Is the AC a woman? Statistically that would be a no, however we'll pass on that issue for now. Am I angry at someone who fails to do the smallest bit of research - yes. I mean no harm against you personally, however if my retort was intended to be anti-American etc I'm sure I could have came up with some better examples. My research is for free and my sarcasm a bonus - I'll take your criticism into consideration and promptly pass it on to my assistants at /dev/null/.
on a more serious note Gruber, you are right, if I was actively debating something I had a horse in, or, really had to use one ounce of diplomacy then personal attacks should not be encouraged, I will need to remember such next time I'm debating for world peace.
From http://www.uceprotect.org/cart00neys/2011-001.html , the requested fee is to be paid monthly.
It is true in the only sense that matters here: if a court treats it as true, he can force them to stop. For goodness sense engage brain before posting this drivel.
To avoid having to deal with blocked AS, you have to monitor and control you customers. I scan all my ip addrs daily in the populars dnsbls. If a user gets listed, block direct outgoing mail (automatically), tell them to use the (scanning) smarthost and offer services to fix the source.
Free speech is not a defence to a claim of defamation, and I think there is good chance this can be made to stick, or at least exhaust the resources of the fanatic one-man-band concerned before it is shown not to stick, which is sufficient to finish them.
Bullshit, only stuff that has to be stored (for 6 months) from email transactions is:
-envelope from
-from ip adress
-rcpt to
-date
Which are all logged in most MTA by default. Nothing from after the DATA command has to be stored. At least till there is a lawful interception ordered by a judge.
It is still a bad idea to have to log this, but it nearly has no intelligence value.
That's not an assumption. It's a description of where the fault lies. Blacklists are a tool. If you use the tool incorrectly, then it's you who's the problem, not the tool. The solution isn't to bitch about being blacklisted, the solution is to fix the poorly-implemented system.
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
No, the responsible party is always the person choosing to implement the blacklist as a total arbiter. The black list is not the fault, but the person configuring the system. The blame should be placed in the correct place.
Since you already have dealing with this company it is not spam, it is communication and corporate extortion is not blackmail it is "the cost of doing business" I doubt there is much you can do.
And all they do is maintain a list, so they can't "block" you. You get blocked because people use their list because they like it.
I would be more worried about how you got on the list than how to get off. (lest you get back on right away even after getting de-listed).
I can't blame them too much for charging, since spammers pull all kinds of dirty tricks and spend money on lawsuits, etc. to get rid of spam fighters.
But.........
When they use a word like "stupid" in all caps as an official part of their web site, I wouldn't bother to even deal with them, regardless of what gets blocked. You know their maturity level already.
Hey I feel you, I used to run my own mail server too. (It's not a "cloud" though, that is an architecture where you have many hosts which are pretty much randonly selected for any particular request, and auto-configure as you add more - though some marketers like to mix up "cloud" with simple hosting).
But running a mail server these days just isn't realistic unless you've got a hell of a lot of free time.
You need a static IP and an always on server, and a connection that allows you to run a mail server (both by contract, and physically by not port-blocking).
Then you need to make sure it is secure at all times to prevent people from using it as a spam relay.
Then you need to make sure your users (if you have any) aren't using it to send spam, purposely or not. (They could have a virus that uses their outlook or thunderbird to send lots of emails through your server).
Then you have to install, set up, and maintain filters like SpamAssasin to keep spam out that might come to you.
Then you have to diagnose strange connection errors from certain domains, etc. (Make sure your reverse DNS lookup matches your forward DNS lookup, etc., etc.)
Then if you want Web Mail..... you have to set up SquirrelMail or something.
Then you need to make sure DNS is set up properly (MX Record and all that) and you have at least two physical DNS servers. You do have a backup mail server too, right?
Or, you could just use your ISP's mail server. You don't like your ISP? You can use Google or someone. In fact, Google is a damned good choice in my view, because you can buy your own domain and then let them run the mail. You get Gmail interface, Gmail spam blocking, calendar, etc. built in. And.... you can use IMAP to synch all your mail and have it on your local server if you want. You can use POP to retrieve it from their server to yours if you want and then access it from there. I am pretty sure the privacy issue is moot. Google doesn't have employees that go snooping through your mail as far as I know, and if the government wants your mail, you'd better encrypt it anyway. (Running your own server doesn't stop anyone from snooping plain-text mail on the wire as you receive it, or on the sender's side).
Anyway, running an SMTP server properly in the long run is a lot of work and not really a fun hobby. Doing it on a /residential/ connection is asking for trouble, because:
1. Usually it's not allowed by the contract
2. If the IP is listed as residential it will be blocked by many places for that reason alone.
3. etc., etc.
Anyway, that philosophy is what's helping to strangle spam. Residential connections are for residential use, which doesn't mean running servers, unfortunately. You can probably buy a business connection to your house (through, f.e. Speakeasy.net in the US), but leaving port 25 open on a dynamic IP for the average consumer will cause a lot more problems than it's worth to make a few people like you happy.
Email's demise? please. Maybe among teeny-boppers who use email more for chat than real communication.
But if you'r trying to send email by port 25 from a dynamic address, changing providers won't help you. It's not allowed in general, and people will block you, because 99.999% of people sending mail directly from port 25 on dynamic addresses are malware sending SPAM. You can:
1. Take up the heavy work of getting a business class connection with a dynamic IP and configuring a real mail server.
or
2. Use an external mail server run by your ISP, Google/whatever, etc.
That may have happened since rackspace refuses to deal with spammers. Softlayer is also really bad with spam. I've blocked large ranges of softlayer IPs (and I think some rackspace ones too) with rbldns. The failure message does indicate that it is in place because their provider refuses to deal with spam. A single report of spam backed by logs should result in an immediate suspension of service to that customer until they can verify with certainty that they are only sending to people who have actively confirmed that they want to receive messages.
You should be more careful about how you use the following words: your/you're, losing/loosing, waive/wave, there/their.
Also, your writing would be easier to understand if you added commas, colons, and semicolons.
The content of your writing is useful, but I think many readers would be distracted to some degree by your misuse of basic words.
By choosing appropriate words, you make it easier for people to interpret your writing.
The interpretation of your comment is not ambiguous, despite the misuse of words. In principle, you could have eliminated most vowels from your writing without losing essential meaning, too. But there's communication, and then there's *efficient* communication.
There sure is a good reason to run my own email server. I'm an investigative journalist.
I control the server and the logs. I can delete email to and from confidential sources and know it's deleted. It's not perfect, but it makes the task of tracing my sources a lot harder if the mail (especially the headers) have been deleted properly from my system.
Blacklist are useful with greylisting: it is extremely efficient to request longer delays (12 hours) for a host caught in a blacklist
.
We had this issue with Time Warner.
The only practical option was to get a static IP address at extra expense. Several years hence, it hasn't been a problem again.
Having a static IP address seems to be one of the costs of running a mail server, these days, for better or worse. Bitching about it won't help because the folks doing the blocking are subscribing to these RBLs on purpose.
(Also: "f*cking"? Who are you trying to protect by censoring the word "fucking"?)
Kid-proof tablet..
Your problem is likely to be your customers running bots.
Clean your best strategy is to clean them up, they are bad customers for an isp any way, expensive to support and heavy band width users.
IMHO is they can't keep their computer clean it is their own fault, we don't let incompetent drivers on the road and we shouldn't allow incompetent users on the net either.
That is also the date they started to convert to SI.
Hiya. I'm an A/C and have been posting on-and-off long enough that I could've gotten a 5-digit UID.
Why didn't I register? Is it because I'm actually a "coward"? It's because I don't really care enough to register and would like to avoid pointless confrontation. /. is interesting to read, but the potential for disrupting my day is higher with an account and making possible enemies out of people with whom I simply have a political disagreement.
Cowardice? I have no idea, I just prefer to think of it as one of my few instances of proper discretion. Since this is A/C, of course, you'll not likely receive a reply from the same A/C who posted this. I just wanted to give you something to think about.
~ Not the same A/C as the one you were replying to.
Just look here (nice megalomaniac style threats) and here (how mature, with the writing style of a 14 years old script kiddie). Do you trust these people to deal with spam in a professional manner? I know I don't, because I've had to deal with the results of their "work" before. They simply don't care if they cause damage, they probably even enjoy it, otherwise they would try to screw up less often.
"I love my job, but I hate talking to people like you" (Freddie Mercury)
How the fuck is this Flamebait, I'm asking a question based on what is being discussed.
Let me give you an easy way to battle this organization. They claim to be based in Germany, yet their web site lacks lacks vital information required by German telecommunications law. Specifically, the imprint (Impressum) and a site owner address that is court-servable. And yes, their German-langugage site lacks this information as well.
This leads me to two conclusions:
a) This is either not a German company or a very stupid German company. There's a whole industry of Law firms specialized in serving cease-and-desist letters to web sites which don't obey telco law in Germany (And in the process asking for a healthy fee for their services, something German law permits them to do).
b) You have a very good handle to get them dragged before a German court because of that alone. Ask a lawyer experienced in German telecommunications law about a missing imprint and address on a Germany-based web site and watch their eyes light up with glee...
Point b) would be something you might wanna look into if you want to hit back against them. Find a lawyer who knows about this kind of stuff and ask them about it. They might even be able to do it for free to you because they can bill their fees in full to the web site the served the letter to as far as I know.
Reading their web pages in both English and German also leads me to the conclusion that they are either fighting a holy war against spam, not caring about any casualties they leave in their wake, or are out to squeeze money out of people. I'm basing this on how the language and verbiage on their web site sounds, compared to known-legit business websites. Either way, it's probably a good idea to be weary and look into options against them.
most of the general commenters avoid to reply the specific case. there are great rbl's and some really bad ones. uceprotect is special. it is run by a really arrogant asshole who is (or was at given points of time) banned from most civilised anti-spam groups due to his, erm, business oriented approach. enlist fast and delist slow, so most of his lists are simply junk and must not be used. only few mismanaged sites use them for straightforward blocking and they should be educated. oh, and NEVER pay, you will be relisted in moments for one bad email even if your system stopped a few hundred thousand spam. i am rbl operator myself, but I expire all records fast, and removal is possible.
use uceprotect for spam scoring if you insist with low-low scores... never for reject. btw only a *few* rbl's are good for straightforward rejection, but these junks are not of those.
Now this is off topic? Why don't you answer the question instead? Come on mods, use your noggin, I want to know why this is NOT extortion as everything about the context is textbook protection money extortion. How is this different from a thug walking into a small store and knocking down your merchendize unless you agree to pay? How?
This seems bad. My ISP should not be interfering with traffic.
No, it's good. Your ISP is reponsible for, and should be policing, its IP space. I've had no trouble using my ISP's Smarthost on any of the five providers I've used in the past two decades. There's been no valid excuse for allowing open mail relays for a long time, and certainly not now. There's too many people out there who are utterly incapable of knowing what their system could be up to behind their backs. It falls on individual ISPs to do it for them, for the good of all of the rest of us.
Last I heard (a couple of years ago), ca. 80+% of traffic on the net was spam and malware. We don't need clueless imbeciles adding to the problem.
"Tongue tied and twisted, just an Earth bound misfit
My personal, low traffic mail server got hacked recently and started spamming like there was no tomorrow. I ended up on most blacklists including UCE protect.
I cleaned up my crap, used the 'request removal' link where it was available and simply ignored UCE protect. Guess what? I'm not on there any more... with me doing nothing except cleaning up the spam source.
The conclusions are left up to the reader.
"After checking with their site, we found out that our whole AS (!) was blacklisted."
Given the visual (!) you spelled "ASS" wrong. In America, it's more like ( ! )
Oh no doubt, but they don't do that. Instead they instantly shit-can it.
Fuck you douche. You're the fool who stood there and got your pansy-ass beat. I'll enjoy the pics of you on the gurney to the hospital. Wanker.
Hint, he works for a European ISP, and UCEprotect is German. US laws don't particularly apply.
There are spam filter services that are traditionally very conservative - for many years you could trust Spamhaus not to cause false positives. There have been other spam filter services that were very aggressive, entirely non-responsive (even when Michelle wasn't busy), and impossible to get off of, and no inbound mail server admin with any sense would use them as more than a SpamAssassin weighting factor.
If UCEprotect is taking the overkill route, you'll need to contact the mail systems that are using their services about how to do so appropriately, in addition to potentially using whatever legal remedies are available. (If you were in the UK, for instance, libel law might be a useful tool, but I'm not a lawyer, much less an EU or DE lawyer.)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I don't know UCEprotect, but they're hardly the first RBL to be aggressive about putting people on their list, hard to get off even for false positives, and very hard to get off of quickly.
Even if they are legitimate, if they're not responsive or competent, you could find them blacklisting you (as a mail sender), or blacklisting people you want to receive email from (if you're a mail receiver). If you're running a good mail receiving service, you should only block on lists that are very careful about not reporting false positives - other lists can be very useful SpamAssassin weights or greylist triggers, but you can't trust them for simple blocking.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
If their business objective is to rake in extortion money by charging mail senders not to be blacklisted, that's a scam.
If their business objective is to provide a correct classification of email, so mail receivers can trust them to provide good advice about what email is spam, but they generate way too many false positives because their methodology is inadequate, that's not a scam, it's just incompetence.
This is the first I've heard of them, so I've got no informed opinion about whether they're honest or scammers, or whether they're competent or incompetent, but if you don't have very good reasons to trust their competence, you shouldn't use their lists as a hard filter - use them to trigger greylisting, or use them as a SpamAssassin weight, and see how well they work.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
European ISP, German blocklist publisher - US laws don't apply here. But yes, get legal advice first.
And there are times that life is just going to be difficult - one friend of mine actually is a pharmacist in Canada (:-), and friends of mine have a human rights organization that actually does sometimes want to receive email from Nigeria that at least talks about corrupt officials, even though they're not usually trying to smuggle money out of the country.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Any respectable ISP should never block inbound tcp/25, and shouldn't block outbound tcp/25 for people who want to use it. In practice, of course, 99.99% of outbound residential port 25 traffic is spam from infected machines, so it's good to make blocking the default behaviour for users who don't ask you to turn it off, but the primary reason for using an ISP smart mail server for your outbound email is also long obsolete, since most people have full-time internet connections instead of dialup modems on not-always-on computers at home these days.
My home PC has about 5000x the CPU horsepower and 300x the network speed of the VAX I used to manage as a departmental mail server, and by running a mail server myself I can theoretically have much better control over my outgoing mail, and Linux comes with several mail systems that are better than the mid-80s versions of sendmail. (In my case, I don't actually bother, because inbound mail service is a lot harder than outbound, and the service providers who do the first few steps of inbound filtering for me do a good enough job on my outbound mail.) It's certainly powerful enough for me to run a mailing list to send party announcements to a few hundred friends.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks