Use Linux -> You have substantial control over the box, and can make it do what you want. No licensing costs. Good.
Support Linux Clients -> Users have substantial control over their boxes, and can have arbitrary local patches, changes, or different (and possibly incompatible versions). Impossible to *support*.
I don't particularly blame them. I've done Unix support, and even if you have people nailed down to a specific version of a specific distribution, it's a serious pain.
In particular, if you use a term like this in a case where you could have meant either thing, you're not communicating *anything* - unless everyone is careful about usage.
"begs the question" is a term of art. It is a technical term describing a specific logical fallacy. Using it in another way is like using "logic" to mean "intuition", or using "animal" to mean "an object which moves". It makes it harder for a reader to be sure of what you meant.
Computers are not the only things which will understand you better if you're precise in your use of language.
Of course, if you don't know what you mean either, no big loss - and this is the impression people will get of you if you are careless with language.
POSIX doesn't specify compilers. You mean an ANSI/ISO compiler with a POSIX library.
Compiler and library are, fairly often, separate tools.
It's dimly possible that POSIX has special C++ bindings, but so far as I know, they still just use the POSIX C bindings, and rely on the link-compatability with C++.
There is no such thing as POSIX C++. There is such a thing as ISO C++ on a POSIX system, but that's subtly different.
Actually, the original rule (25 years past the death of the creator) is probably better. I don't want to get into the "legal spouse" thing, and anyway, what about, say, kids?
25 years lets you provide for your family, even if it's someone you're not legally married too, but isn't particularly abusive.
Anyway, the problem with only-people-have-copyright is this: If three people collaborate, who owns the work? The current system evolved largely from the need to create corporations as a repository for IP rights in collaborative works.
alan.cohen@abc.com already confirmed that they are *NOT* doing this.
You see, prerecorded calls are *ILLEGAL*, in general, under the TCPA. The prospect of $500 minimum statutory damages *PER PERSON* probably stopped them.
Anyway, this is old news, it went through the TCPA lists a few days ago, and it's already dead.
Duchovny will be back. The T1000 will, of course, morph into "Mulder" to cover its real mission.
Re:the right to have an insecure-but-harmless syst
on
MAPS vs. ORBS
·
· Score: 2
Maybe anyone *can*.
But, in a number of cases, only Alan Brown *does*.
That's why he's a black hat, not a white hat.
Re:the right to have an insecure-but-harmless syst
on
MAPS vs. ORBS
·
· Score: 2
Remember, the "flawed" system in question does *NOT* allow for *ANY* kind of attack *WHATSOEVER* against the rest of the world.
If you are going around searching for guns, and you find a house with no guns, and accidentally set it on fire, and you keep coming back and setting it on fire, even though you know the owner will never leave a gun in his house, and always leaves the door locked...
There comes a point where the only responsible thing to do is stop probing a given host. If Alan were capable of seeing beyond his own ego justifications, he would be able to leave people alone. But, for now, we are in the world where, if you don't recognize Alan's self-granted right to interact with your systems in any way he wants, he'll tell people you're a spammer.
I don't see any abuse of the net in some guy being connected to it with a server that will never, under any circumstances, cause trouble for anyone else.
I do see abuse in someone being connected to the net and continuing to crash a system after being asked to stop doing so. Maybe the system should be crash-proof. It doesn't matter; once you're told that you're triggering crashes, continuing to do so is script kiddie behavior.
It comes down to whether or not Alan Brown gets a special license to crash systems at will, which is unique to him and no one else is allowed to do it. I don't see why he should.
Remember, we are *not* talking about an open relay. We are talking about a box that cannot be used as the basis for any kind of attack on anyone else. It may be flawed, but its flaws are harmless to everyone. ORBS may also be flawed, but its flaws have people being paged at 3AM around the world.
If I tell you that a system does not support a given extension to an RFC, and will crash if you attempt to use it, and you have no intention of actually using the provided service (e.g., mail delivery to my users), and I tell you it's causing trouble and you keep doing it... Yes, it's net abuse.
If Alan were trying to not crash the server, he'd stop probing it.
It's not really a friend of mine, just a guy I know.
Anyway, he doesn't "fix" the server because, except in terms of *ONE* person doing *ONE* thing, it *isn't broken*. It runs. It doesn't relay mail. It doesn't crash unless ORBS probes it. It doesn't open anyone up to any kind of security problems. On the other hand, it *does* do what he wants, correctly, and without further administrative effort.
If someone found a bug in your system, and you couldn't easily fix it, would you agree that it was reasonable for your system to be taken down every so often, every time some guy wanted to take it down, and the guy is not only *allowed* to do this, but *encouraged*, because Slashdot readers unanimously agree that, if your server can be crashed, it's your own fault for running a crappy server?
DOS is DOS. It doesn't matter if the guys doing it claim to have white hats.
ORBS could stop. They do not have to test this system. The only argument they have for testing it is the belief that it could somehow magically turn into an open relay. It's not an open relay. It won't be. In fact, the most likely outcome of their behavior is that the MTA will be replaced - and the result might be open. If they leave him alone, everything is fine.
Only one problem with that: Alan can't accept a world where he can't fuck with anyone he wants, any time he wants.
If you like this, I only hope you have the honesty to still stand up for it when it's your box being crashed by some asshole with a net-abuse-friendly provider.
I still don't buy it. You can say "maybe this will have other problems", but if in three or four years, no one has found a way to relay through the server, it is not an open relay.
ORBS claims to be blocking open relays. In fact, it is doing a lot more.
ORBS is abusing the net. Yes, a malicious cracker could do the same thing - but if they didn't pretend it was about stopping spam, no one would tolerate it.
Think about it. Wouldn't *you* expect someone to be kicked off for willfully and repeatedly crashing a box using a known exploit?
Okay, imagine that you're running a version of Linux that has a bug, such that a remote user can crash your box.
This exploit is not widely known.
One guy decides to try to test for a possible security hole. You don't have the security hole, but his test crashes your computer.
How is this your fault? The bug isn't being tickled except when someone attacks you.
Now, in the ORBS case, it's worth remembering that ORBS *knows* that this server is secure, and *knows* that this test crashes the server.
Should the guy get a new server? Sure. But why should anyone be allowed to *FORCE* him to, when *HIS SERVER IS NOT A THREAT TO ANYONE UNDER ANY CIRCUMSTANCES*. Remember, it is *NOT* an open relay.
ORBS may be "designed" just to test, but they know they are crashing some people's computers, and they don't care, and they won't stop. It's not about stopping spam, it's about forcing people to jump when Alan says "jump". That's not *preventing* net abuse.
Finally, no, it's not the case that "anyone" can have their system taken off the list. If your system is listed *for relaying*, you can be taken off the list. If your system is listed *for complaining*, nothing will get it taken off the list except saying "Thank you sir, may I have another."
If ORBS were only about open relays, and they were willing to leave people alone once those people were not open relays, I don't think anyone would mind them.
Re:Additional Background and Perspectives
on
MAPS vs. ORBS
·
· Score: 2
I don't think above.net is "competing" with ORBS. You might say that MAPS is, but really, they're going after totally different goals, for different reasons.
ORBS is about blocking open relays, and about blocking people who don't like the massive testing and retesting they will do of any computer they've ever heard of.
MAPS is about stopping email abuse.
When you think about it this way, it's obvious that MAPS has to list ORBS.
Let me say that this is *not* about "competition". This is about stopping network abuse.
I know a guy whose mail server is buggy. It is *NOT* insecure. You cannot relay mail through it. The bug is this: Certain addresses will crash it. The mail doesn't go through, but the mail server crashes.
ORBS crashes his mail server. Up to seventeen times per run. Over and over. They won't stop.
Some postmasters get email every time a relay attempt is made and fails. They are getting mailbombed by ORBS.
ORBS is doing the same thing spammers are doing: Using the email system, and refusing to stop when asked.
Even if you get on their "static" list, they'll probably still spam you occasionally. But, think about it: Is it fair for a system which claims to block "open relays" to also, if you turn it on withuot knowing about the "static" list, block mail from anyone who dislikes the constant and repeated tests?
Is it fair for them to tell their users that you're a spammer, if you tell them you don't want or appreciate their testing? Remember, we're talking about systems that are *NOT* open relays!
Finally, only ORBS has maintained spite listings. MAPS has never maintained them. I'm sure someone will find a case where MAPS listed a system that was not involved, in any way, in mail abuse. I bet you can't find one where the listing stuck past the first complaint.
ORBS has consistently condoned mass scanning of netblocks. They have encouraged people to scan whole netblocks, and resubmit any hosts they find to ORBS.
ORBS will list systems that cannot be used to relay actual spam. ORBS will list anyone that complains too loudly about them, or plays games with their tests. And they will list such people out of spite, not out of any desire to eliminate spam.
Some people have put network-wide filters on the address space ORBS probes from. ORBS retaliated by starting to farm out relay probes to external sites. You know, just like what spammers do when you block their unwanted communications.
The only thing I think the RBL did wrong in this picture is let it go so long. ORBS has been abusing the email system for a long time, and has done a lot of stuff out of ego and spite. It's time *someone* reminded them that you can't abuse the email system forever.
I don't claim to be a common carrier, and I don't think ISP's should pretend to be CC's.
If my telco decided I couldn't call certain numbers, I'd look for another telco, unless I agreed with their judgement. On the other hand, if my telco stopped accepting connections from, say, a specific telco from which most of the telemarketing and junk faxes I get originate, I'd be overjoyed.:)
I have to say, I agree with the RBL's position. How did IBill's listing affect you? It affected you because other sysadmins chose to do something based on it.
You are right, *I* don't have the right to decide whether your rights, or the rights of millions of spam victims, take precedence, except on my network. But I *do* have the right to refuse to do traffic with the people who support spammers, and I will continue to do so.
The RBL is not about blocking spam. It is about education. It works. Nothing else does. IBill has stopped supporting spammers.
I'd much rather see this solved in better ways. Believe me, if you can find a way to stop spammers that *doesn't* involve collateral damage, the MAPS team will leap to put your suggestions into action.
In the mean time, we, the sysadmins that run this network, have made the best decisions we can, based on the information available to us.
Finally, when you talk about your criteria, realize that, as long as you place "in business more than two years" above "good anti-spam policies", you *are* supporting a company which supports spammers. This may be necessary to your goals, but you *are* endorsing them.
When MCI spammed me, I switched long distance services within a day. When FirstUSA spammed me, I cancelled two credit cards, within a day. Yes, it sucked having a sudden drop in available credit. It wasn't totally convenient paying those bills off that very same day. But, the spam issue is important to me.
If a good anti-spam policy is not a crucial quality of a payment processing service for you, you may find that you run afoul of the RBL. You may also find that you will run into other, site-local, blacklists. Some sites may just drop IP traffic from IBill, even now.
The world is not obliged to offer you an ideal solution, or an ideal choice. You pick trade-offs. You picked the trade-off of "slightly sleazy company unwilling to act as a responsible citizen of the network". You got burned, briefly, when that turned out to be a serious liability. Other people maybe dealt with companies that occasionally pay them late, and they got burned too.
This isn't "fair". Life isn't fair. Physics isn't fair. This is the best available way to protect a large network from damage. Better suggestions would be welcome, I assure you.
(BTW, I don't work for the MAPS team, although I respect them a lot, and use their services. My sole work "for" them has been RBL nominations, and a little early advice to radparker about setting up RSS.)
This is starting to drift, if you want to debate this more, feel free to drop me email.
It's not just that no one else is handling the problem.
I own a system. Do you deny that I have the right to restrict traffic to it in *ANY* way I want to?
Do you deny that I have the right to discuss the strategies I use with others?
If not, you can't argue with the legitimacy of something like the RBL.
You say IBill is innocent. Do you think that hosting companies are innocent, if they host the page the spam advertises? How about AOL? If a dialup user with an AOL account spams, is AOL an "innocent third party"?
You are not disagreeing about the fundemental premise here, which is that people enabling spam are part of the problem. You are disagreeing with whether or not one *particular* party - IBill - was enabling spam.
You did not get beaten up by the RBL. You got beaten up by me, and thousands of other sysadmins like me, who concluded that IBill was *not* a part of the cooperative network we call the "internet", because they were continuing to endorse and support spammers.
When IBill's policies changed, a lot of spammers stopped running their scams, because they could no longer make money sending spam.
As to the other examples you suggest, I recommend you consider whether or not they are part of the network. This is about the network.
Now, if you think *you* were an innocent third party, well, I have to agree. I also agree that the 15 million AOL users who *DON'T* spam are innocent third parties, and when people block AOL (and some do!), those users suffer. When Netcom was RBL'd, a friend of mine couldn't email me, until they fixed their problem.
That's how a large distributed network runs. It's regrettable, but there are companies that will never change until they are told to from both sides.
Do I regret that you, personally, suffered? Sure. But, frankly, if it comes down to a choice between you and millions upon millions of other people, I'll pick them, because they outnumber you. The spammers IBill was supporting were causing a lot more damage per *HOUR* than you suffered during the entire affair.
Because that "cheap" transportation is expensive, it's just not *you* paying those expenses, it's everyone, and especially, people in the future who may have a harder time getting enough fossil fuels some day.
One of the useful functions of government is to make sure the "hidden" costs are paid up front.
Except that, if I use a confirmed opt-in, when you complain, I go to MAPS and show them the confirmation email from you, and they tell you you're mistaken.
Even if I run a plain opt-in list, *one* person complaining will get nothing done.
The most you can do is force me to start using confirmations - which I should probably do anyway.
It's much harder to get listed than you seem to think. You have to make it clear that:
1. You will do something which results in unsolicited email reaching people. 2. You will not correct this.
If you don't have both elements, you will *not* be listed.
Slashdot Mirror
Use Linux -> You have substantial control over the box, and can make it do what you want. No licensing costs. Good.
Support Linux Clients -> Users have substantial control over their boxes, and can have arbitrary local patches, changes, or different (and possibly incompatible versions). Impossible to *support*.
I don't particularly blame them. I've done Unix support, and even if you have people nailed down to a specific version of a specific distribution, it's a serious pain.
Flexibility is hard to support.
So, I'm not sure about this, but I did notice that HTTP 1.0 (doesn't support the by-name hack) is still about 40% of the hits in our web logs.
Is that more modern browsers trying to be friendly, or is that people who actually *can't see* the NamedVirtualHost stuff?
Fox is running it Saturday mornings around 10.
In particular, if you use a term like this in a case where you could have meant either thing, you're not communicating *anything* - unless everyone is careful about usage.
"begs the question" is a term of art. It is a technical term describing a specific logical fallacy. Using it in another way is like using "logic" to mean "intuition", or using "animal" to mean "an object which moves". It makes it harder for a reader to be sure of what you meant.
Computers are not the only things which will understand you better if you're precise in your use of language.
Of course, if you don't know what you mean either, no big loss - and this is the impression people will get of you if you are careless with language.
POSIX doesn't specify compilers. You mean an ANSI/ISO compiler with a POSIX library.
Compiler and library are, fairly often, separate tools.
It's dimly possible that POSIX has special C++ bindings, but so far as I know, they still just use the POSIX C bindings, and rely on the link-compatability with C++.
There is no such thing as POSIX C++. There is such a thing as ISO C++ on a POSIX system, but that's subtly different.
Uh-huh. And a POSIX SCSI cable, I suppose?
Hint: POSIX only does Unixy standards. Language specs are generally ANSI, ISO, or both.
No, it does not "beg" the question.
TO BEG THE QUESTION IS TO ASSUME THE ANSWER YOU ARE TRYING TO DEMONSTRATE.
It does *not* mean "to bring up or suggest the question".
Actually, the original rule (25 years past the death of the creator) is probably better. I don't want to get into the "legal spouse" thing, and anyway, what about, say, kids?
25 years lets you provide for your family, even if it's someone you're not legally married too, but isn't particularly abusive.
Anyway, the problem with only-people-have-copyright is this: If three people collaborate, who owns the work? The current system evolved largely from the need to create corporations as a repository for IP rights in collaborative works.
There's a vast gap between "designed by the people who did VMS" and "VMS-based". "VMS-like", and not all that much, yes. "VMS-based", not at all.
alan.cohen@abc.com already confirmed that they are *NOT* doing this.
You see, prerecorded calls are *ILLEGAL*, in general, under the TCPA. The prospect of $500 minimum statutory damages *PER PERSON* probably stopped them.
Anyway, this is old news, it went through the TCPA lists a few days ago, and it's already dead.
Duchovny will be back. The T1000 will, of course, morph into "Mulder" to cover its real mission.
Maybe anyone *can*.
But, in a number of cases, only Alan Brown *does*.
That's why he's a black hat, not a white hat.
Remember, the "flawed" system in question does *NOT* allow for *ANY* kind of attack *WHATSOEVER* against the rest of the world.
If you are going around searching for guns, and you find a house with no guns, and accidentally set it on fire, and you keep coming back and setting it on fire, even though you know the owner will never leave a gun in his house, and always leaves the door locked...
There comes a point where the only responsible thing to do is stop probing a given host. If Alan were capable of seeing beyond his own ego justifications, he would be able to leave people alone. But, for now, we are in the world where, if you don't recognize Alan's self-granted right to interact with your systems in any way he wants, he'll tell people you're a spammer.
I don't see any abuse of the net in some guy being connected to it with a server that will never, under any circumstances, cause trouble for anyone else.
I do see abuse in someone being connected to the net and continuing to crash a system after being asked to stop doing so. Maybe the system should be crash-proof. It doesn't matter; once you're told that you're triggering crashes, continuing to do so is script kiddie behavior.
It comes down to whether or not Alan Brown gets a special license to crash systems at will, which is unique to him and no one else is allowed to do it. I don't see why he should.
Remember, we are *not* talking about an open relay. We are talking about a box that cannot be used as the basis for any kind of attack on anyone else. It may be flawed, but its flaws are harmless to everyone. ORBS may also be flawed, but its flaws have people being paged at 3AM around the world.
If I tell you that a system does not support a given extension to an RFC, and will crash if you attempt to use it, and you have no intention of actually using the provided service (e.g., mail delivery to my users), and I tell you it's causing trouble and you keep doing it... Yes, it's net abuse.
If Alan were trying to not crash the server, he'd stop probing it.
It's not really a friend of mine, just a guy I know.
Anyway, he doesn't "fix" the server because, except in terms of *ONE* person doing *ONE* thing, it *isn't broken*. It runs. It doesn't relay mail. It doesn't crash unless ORBS probes it. It doesn't open anyone up to any kind of security problems. On the other hand, it *does* do what he wants, correctly, and without further administrative effort.
If someone found a bug in your system, and you couldn't easily fix it, would you agree that it was reasonable for your system to be taken down every so often, every time some guy wanted to take it down, and the guy is not only *allowed* to do this, but *encouraged*, because Slashdot readers unanimously agree that, if your server can be crashed, it's your own fault for running a crappy server?
DOS is DOS. It doesn't matter if the guys doing it claim to have white hats.
ORBS could stop. They do not have to test this system. The only argument they have for testing it is the belief that it could somehow magically turn into an open relay. It's not an open relay. It won't be. In fact, the most likely outcome of their behavior is that the MTA will be replaced - and the result might be open. If they leave him alone, everything is fine.
Only one problem with that: Alan can't accept a world where he can't fuck with anyone he wants, any time he wants.
If you like this, I only hope you have the honesty to still stand up for it when it's your box being crashed by some asshole with a net-abuse-friendly provider.
I still don't buy it. You can say "maybe this will have other problems", but if in three or four years, no one has found a way to relay through the server, it is not an open relay.
ORBS claims to be blocking open relays. In fact, it is doing a lot more.
ORBS is abusing the net. Yes, a malicious cracker could do the same thing - but if they didn't pretend it was about stopping spam, no one would tolerate it.
Think about it. Wouldn't *you* expect someone to be kicked off for willfully and repeatedly crashing a box using a known exploit?
Okay, imagine that you're running a version of Linux that has a bug, such that a remote user can crash your box.
This exploit is not widely known.
One guy decides to try to test for a possible security hole. You don't have the security hole, but his test crashes your computer.
How is this your fault? The bug isn't being tickled except when someone attacks you.
Now, in the ORBS case, it's worth remembering that ORBS *knows* that this server is secure, and *knows* that this test crashes the server.
Should the guy get a new server? Sure. But why should anyone be allowed to *FORCE* him to, when *HIS SERVER IS NOT A THREAT TO ANYONE UNDER ANY CIRCUMSTANCES*. Remember, it is *NOT* an open relay.
ORBS may be "designed" just to test, but they know they are crashing some people's computers, and they don't care, and they won't stop. It's not about stopping spam, it's about forcing people to jump when Alan says "jump". That's not *preventing* net abuse.
Finally, no, it's not the case that "anyone" can have their system taken off the list. If your system is listed *for relaying*, you can be taken off the list. If your system is listed *for complaining*, nothing will get it taken off the list except saying "Thank you sir, may I have another."
If ORBS were only about open relays, and they were willing to leave people alone once those people were not open relays, I don't think anyone would mind them.
I don't think above.net is "competing" with ORBS. You might say that MAPS is, but really, they're going after totally different goals, for different reasons.
ORBS is about blocking open relays, and about blocking people who don't like the massive testing and retesting they will do of any computer they've ever heard of.
MAPS is about stopping email abuse.
When you think about it this way, it's obvious that MAPS has to list ORBS.
Let me say that this is *not* about "competition". This is about stopping network abuse.
I know a guy whose mail server is buggy. It is *NOT* insecure. You cannot relay mail through it. The bug is this: Certain addresses will crash it. The mail doesn't go through, but the mail server crashes.
ORBS crashes his mail server. Up to seventeen times per run. Over and over. They won't stop.
Some postmasters get email every time a relay attempt is made and fails. They are getting mailbombed by ORBS.
ORBS is doing the same thing spammers are doing: Using the email system, and refusing to stop when asked.
Even if you get on their "static" list, they'll probably still spam you occasionally. But, think about it: Is it fair for a system which claims to block "open relays" to also, if you turn it on withuot knowing about the "static" list, block mail from anyone who dislikes the constant and repeated tests?
Is it fair for them to tell their users that you're a spammer, if you tell them you don't want or appreciate their testing? Remember, we're talking about systems that are *NOT* open relays!
Finally, only ORBS has maintained spite listings. MAPS has never maintained them. I'm sure someone will find a case where MAPS listed a system that was not involved, in any way, in mail abuse. I bet you can't find one where the listing stuck past the first complaint.
ORBS has consistently condoned mass scanning of netblocks. They have encouraged people to scan whole netblocks, and resubmit any hosts they find to ORBS.
ORBS will list systems that cannot be used to relay actual spam. ORBS will list anyone that complains too loudly about them, or plays games with their tests. And they will list such people
out of spite, not out of any desire to eliminate spam.
Some people have put network-wide filters on the address space ORBS probes from. ORBS retaliated by starting to farm out relay probes to external sites. You know, just like what spammers do when you block their unwanted communications.
The only thing I think the RBL did wrong in this picture is let it go so long. ORBS has been abusing the email system for a long time, and has done a lot of stuff out of ego and spite. It's time *someone* reminded them that you can't abuse the email system forever.
I don't claim to be a common carrier, and I don't think ISP's should pretend to be CC's.
:)
If my telco decided I couldn't call certain numbers, I'd look for another telco, unless I agreed with their judgement. On the other hand, if my telco stopped accepting connections from, say, a specific telco from which most of the telemarketing and junk faxes I get originate, I'd be overjoyed.
I have to say, I agree with the RBL's position. How did IBill's listing affect you? It affected you because other sysadmins chose to do something based on it.
You are right, *I* don't have the right to decide whether your rights, or the rights of millions of spam victims, take precedence, except on my network. But I *do* have the right to refuse to do traffic with the people who support spammers, and I will continue to do so.
The RBL is not about blocking spam. It is about education. It works. Nothing else does. IBill has stopped supporting spammers.
I'd much rather see this solved in better ways. Believe me, if you can find a way to stop spammers that *doesn't* involve collateral damage, the MAPS team will leap to put your suggestions into action.
In the mean time, we, the sysadmins that run this network, have made the best decisions we can, based on the information available to us.
Finally, when you talk about your criteria, realize that, as long as you place "in business more than two years" above "good anti-spam policies", you *are* supporting a company which supports spammers. This may be necessary to your goals, but you *are* endorsing them.
When MCI spammed me, I switched long distance services within a day. When FirstUSA spammed me, I cancelled two credit cards, within a day. Yes, it sucked having a sudden drop in available credit. It wasn't totally convenient paying those bills off that very same day. But, the spam issue is important to me.
If a good anti-spam policy is not a crucial quality of a payment processing service for you, you may find that you run afoul of the RBL. You may also find that you will run into other, site-local, blacklists. Some sites may just drop IP traffic from IBill, even now.
The world is not obliged to offer you an ideal solution, or an ideal choice. You pick trade-offs. You picked the trade-off of "slightly sleazy company unwilling to act as a responsible citizen of the network". You got burned, briefly, when that turned out to be a serious liability. Other people maybe dealt with companies that occasionally pay them late, and they got burned too.
This isn't "fair". Life isn't fair. Physics isn't fair. This is the best available way to protect a large network from damage. Better suggestions would be welcome, I assure you.
(BTW, I don't work for the MAPS team, although I respect them a lot, and use their services. My sole work "for" them has been RBL nominations, and a little early advice to radparker about setting up RSS.)
This is starting to drift, if you want to debate this more, feel free to drop me email.
http://www.mutantwatch.com/
It's not just that no one else is handling the problem.
I own a system. Do you deny that I have the right to restrict traffic to it in *ANY* way I want to?
Do you deny that I have the right to discuss the strategies I use with others?
If not, you can't argue with the legitimacy of something like the RBL.
You say IBill is innocent. Do you think that hosting companies are innocent, if they host the page the spam advertises? How about AOL? If a dialup user with an AOL account spams, is AOL an "innocent third party"?
You are not disagreeing about the fundemental premise here, which is that people enabling spam are part of the problem. You are disagreeing with whether or not one *particular* party - IBill - was enabling spam.
You did not get beaten up by the RBL. You got beaten up by me, and thousands of other sysadmins like me, who concluded that IBill was *not* a part of the cooperative network we call the "internet", because they were continuing to endorse and support spammers.
When IBill's policies changed, a lot of spammers stopped running their scams, because they could no longer make money sending spam.
As to the other examples you suggest, I recommend you consider whether or not they are part of the network. This is about the network.
Now, if you think *you* were an innocent third party, well, I have to agree. I also agree that the 15 million AOL users who *DON'T* spam are innocent third parties, and when people block AOL (and some do!), those users suffer. When Netcom was RBL'd, a friend of mine couldn't email me, until they fixed their problem.
That's how a large distributed network runs. It's regrettable, but there are companies that will never change until they are told to from both sides.
Do I regret that you, personally, suffered? Sure. But, frankly, if it comes down to a choice between you and millions upon millions of other people, I'll pick them, because they outnumber you. The spammers IBill was supporting were causing a lot more damage per *HOUR* than you suffered during the entire affair.
"Perspective". It's a great idea.
Because that "cheap" transportation is expensive, it's just not *you* paying those expenses, it's everyone, and especially, people in the future who may have a harder time getting enough fossil fuels some day.
One of the useful functions of government is to make sure the "hidden" costs are paid up front.
Except that, if I use a confirmed opt-in, when you complain, I go to MAPS and show them the confirmation email from you, and they tell you you're mistaken.
Even if I run a plain opt-in list, *one* person complaining will get nothing done.
The most you can do is force me to start using confirmations - which I should probably do anyway.
It's much harder to get listed than you seem to think. You have to make it clear that:
1. You will do something which results in unsolicited email reaching people.
2. You will not correct this.
If you don't have both elements, you will *not* be listed.