How many times is this idea going to come up before it finally goes away? Nobody is going to put up any amount of cash to send their legitimate email. Nobody will use a service that requires such a fee.
It's a simple concept really... the only solution that will be accepted is one which requires the masses to do nothing different than what they do now. People will not change their ways, even if it meant a spam-free environment. When it comes to computers, most users are lucky to remember one way to do things. They can't be bothered with learning how to do things the *right* way.
maybe IBM will end up owning SCO, I'd like to see that
Now THAT would surely be ironic, since all indications are that SCO's original hopes in filing this lawsuit were that IBM would simply buy them out.
So if this actually happened, the investors would not only lose every dime they put into this mess, they also lose the company AND they will likely be remembered in the business world for making very poor decisions.
I would have to agree with that. The number of bugs isn't as important and the number of -unpatched- bugs. Want to really impress me? Who has the fewest unpatched bugs that are a week old? A month? A *year*?
Seriously, you can't have critical bugs floating around out there. Sure not everyone updates the instant a patch comes out, but I want to know that a fix is at least available.
If I am walking down the street and someone holds up and advertising sign, I will ignore them. However if the advertiser runs down the street after me and starts waving his sign frantically in front of my face, I'm going to punch him. This is how I feel about pop-up ads.
If that advertiser tags me with a GPS, tracks what stores I visit, then starts sending me coupons for their own similar products, they are invading my privacy and can likely be sued. Yet this is exactly what they are doing when they put tracking cookies on my browser, install ad-ware onto my computer, and start pounding me with more pop-up ads (even when I'm not online) and spam.
As for the spammers themselves... I'd like to deal with them by cutting off a finger and asking if they'd like to opt-out. If I opt-out, I generally get twice as much spam to that account, so let's cut off a couple more fingers. Now you have two more chances to opt-out. Don't want to this time? Well my mailbox just got another spam delivered to it, so I guess I'll take another of your fingers. You think I'm a whiner for having to delete all these emails? You think it's funny that I have to pay for server upgrades to kep up with the onslaught just so I can get my legitimate email? Bring it on, bastards!
Actually this does NOT take away the dying factor... How many people these days actually die of natural causes (IE: old age)? How many people are hit by a bus or murdered? The prospect of immortality will not change any of these things, in fact greater age only increases your chances of an unnatural death.
Also consider the large number of diseases which can kill us. And these are getting worse every year. Nature is striking back, trying to balance out the population. Sure we can come up with a cure for almost anything, given time, but new things will always come along.
Overall I agree, if this becomes a reality then our population is going to increase even faster. However it is NOT going to be an instant overnight explosion, and it will force us to finally face resource conservation and restructure a lot of our current systems (If you're an immortal on welfare and you just had your tenth child, you damn well better be making some changes bcause I'm sure not going to support your lazy ass anymore!)
I have firefox open with 7 tabs at the moment, and it's taking up 50MB of memory. Sure it sounds like a lot, but check out what other applications you have running. Thunderbird is at 37MB. DivX player is at 36MB. And AVG (total of 4 programs running) is at 45MB. In fact, a full 1/4 of all the applications currently running are using over 10MB each on my system.
Considering what all features firefox has, it's not all that bloated in comparison. On the other hand, I think everything is general is bloated these days, but I learned programming on a computer with 1K of ram. Anyone else remember the days when a math processor was optional?
I don't believe that will matter. A reverse lookup on my domain name also returns what my ISP has dictated, however I believe (and I'm by no means an expert on this) that what happens is SPF looks up the domain the email claims to be coming from, checks the IP address the email actually came from, and does a dns lookup from the claimed domain to see if that domain's specified SPF info includes the IP where the email came from.
For what it's worth, SPF has been working great on my home mail server for the last several months, and the amount of emails that it is catching are slowly increasing. I'm up to 10-15 emails per week that SPF is weeding out for me (not a lot considering my RBL's blocked over 3200 spams last week). It's use is growing, and every system that publishes an SPF record helps the rest of the internet block more garbage.
I work for a support desk for a company that uses IE exclusively. By the time someone calls us due to performance problems with their PC, Adaware finds on average about 200 items. While waiting for that to run through, we generally try to educate the users on how to run Adaware for themselves, and how to avoid further infections.
You wouldn't believe how many of these folks have hotbar simply because 'a co-worker told them it was great'. These same people are absolutely shocked when I inform them that their own computer is now sending out these same emails to everyone in their address book advising people to install this program.
I think what gets them the most is the fact that spyware is forging emails in their name, from their own computer. As long as it scares them into taking some responsibility in what they click or install, it works for me.
The cruise control on my '74 Pontiac has a single button. If you tap it, it sets your speed. If you hold the button for more than 1 second, it resumes your previously set speed. And a cruise control definitely qualifies as a "limited resource computing device."
So much for 2/3 of their patent. Now if someone finds true prior art on the actual 'double-click' portion, then this patent is sunk.
I assume you're referring to INCOMING email in a shared queue? I set up DNS to point to all of my postfix servers, so simple round-robin balancing is done. I have mail delivered directly to the user's.maildir folder, which is shared across NFS. I also have/var/spool/postfix shared via NFS. Mail comes into a single queue, each server only processes a portion of the total mail, and it's quickly scanned and delivered to the user's folder.
As far as outgoing email... use the DNS trick again, so each user trying to send email gets pointed to the next server.
It's different because they advised everyone immediately of the problems, and released a patch as soon as they had one. MS has in the past spent considerable time blaming the customers for problems (for instance, IE automatically downloading and executing exe files from websites, without the user's consent).
It's different because this is only one of a handful of programs which have required security updates in the past X weeks. How many security updates has MS released in the same amount of time?
All of the MS advocates are spending a lot of time complaining about how everyone here bashes MS. I've been using Windows since 3.1 was released. Now I have a choice. Linux isn't for everyone. It requires a lot of time to learn it. Windows also required a lot of time to learn, but most people don't remember that. Back in the days when GUI's were new, we expected things to be difficult, and we lived with that until it was fixed. Now linux is coming in and trying to do everything the right way, but apparently many people are unwilling to give linux the same chance they originally gave to Windows.
Windows is like a first-draft program. It's a kludge. It works, and with enough effort you can add a lot of eye-candy to make it look like a polished system, but underneath, it's still a kludge. They started with a vague idea of what they were going to write, and created it as best they could.
Linux is more like a second-draft program. It's built from scratch completely based off of all the concepts that were discovered in writing the original version. The goal is in site, the mistakes can mostly be avoided, and they have a clear idea of what they're doing from start to finish. It's still not going to be perfect, but it's built on a solid understanding of what needs to be done.
Up next..? Who knows, but I imagine that comparing the next generation software to what we have now will be like comparing a finely-tuned Indy car to a horseless carriage.
So you're saying that because they are poor, they are not entitled to any form of entertainment?
Take a moment to look at the article at face value (assume the mother really does believe she was paying for the Kazaa service to download music)... If you only have limited funds for which to buy some entertainment for your family, would you spend $20 for a single CD, or would you spend $29.95 to be able to download all the music you want? It looks to me like the mother was trying to get the most value for her dollar.
And don't try to tell me that this is needless spending. Entertainment is a necessity of life. Everyone needs a distraction from the everyday.
I'm seeing all these people note what a bad analogy the open car is, however insurance companies have already covered all of this. If your car is broken in to, the insurance company will pay for the damages, because you yourself did nothing wrong.
HOWEVER -- If you leave your car unlocked and the keys laying in the front seat, the insurance company will laugh at you for your own stupidity, and will gladly deny your claim to damages. Sure if they catch the thief, s/he will be charged for auto theft, but the owner is still SOL for damages.
The same should be true in the computer world... If you leave your computer vulnerable to a well-known exploit, a hacker should be responsible for any data that was stolen or damaged. If they deface your website or steal credit card information, they should be held responsible for the time required to rebuild that information. But if someone simply walks into your system, leaves a note that you have a problem, and then leaves again, that person should not be held responsible for clean-up costs.
Another way of putting this... Someone walks into your unlocked house, takes your stereo, and walks out again. When they get caught, do you sue that person for the cost of replacing your stereo, or do you sue them for the stereo, a new deadbolt, bars on your windows, and an alarm system?
Or for a more graphic analogy, say someone is murdered in your house. Who pays for the cost of cleaning up the blood - the homeowner or the murderer?
Maybe this has been suggested before, maybe not. How about a key that is only known to the MTA? Any legitimate email sent out will have a header added which includes the hash for the key and the actual email. This hash is added to a list of submitted messages with an expiration time. Once the email is sent out, the receiving end takes that hash, and submits it to the MTA which supposedly originated the message, to be verified or rejected. If a hash is verified the originating MTA will take it off its list.
This should be a simple process which has at least two major uses... First, email viruses which are bypassing the legitimate domain MTA will not have a valid hash in the header. Second, any email where the origination is forged will also not contain a valid hash.
The list of sent hashes that the MTA maintains could further be enhanced by including the hash of the destination address where the email was sent to.
In essence, a header would be added to each outgoing mail as such: X-Authenticate:
With an ever-changing table of valid hashes, it would be nearly impossible for someone to forge a legitimate hash. Even on the off-change that a hash WAS forged, a spammer would only be able to send a single message with that hash, then the MTA would expire it.
Of course there are some cons against this plan as well... There would be a small increase in traffic required to send a single email (negligable, maybe a few hundred bytes at most). Each MTA would have to reserve space for a hash table, the size of which would be based on the number of unreceived messages at any given moment, and how fast hashes were expired from the table (do you give up on sending a message after 5 minutes or 5 days).
The best thing about this method is that it provides a means of authenticating the sender of a message which is backwards-compatible with existing MTA's.
Gee you must have extra hardware out the wazoo, if you consider that an easy change. Personally, I've got enough hardware at home to run my firewall and servers. T1/T3? Doubtful.
But then again, you probably think my little home operation isn't that important, and I shouldn't whine about having to be offline for a week so I can switch providers. But you know, the people who rely on my servers for their email and web space, it matters to them. The guy looking for a tech position because he's out of work, he relies on reliable email to make sure he doesn't miss a job offer.
But what do you care? You've obviously got a nice fat pipe to play with. Your connection is solid, and is probably even under your control. What if it wasn't something you could control? What if that connection were suddenly cut from under you, and there wasn't a thing you could do about it? I bet you'd be whining the loudest.
Your reaction is exactly what the problem is... You act as if everyone is automatically guilty. I challenge you to show me ANY provider who has not hosted a spammer at one time or another. And the bigger your provider is, the more likely that there will be multiple spammers at any given time.
I bet you would blacklist any provider who was discovered to be the source of a hundred spam reports in a given month. In your narrow viewpoint, a spammer is a spammer, and a provider is a provider. But get real! How many things are you purposely ignoring just to make the data fit your perseptive?
Do you expect ISP's to automatically disconnect a customer just because some random group on the internet *says* that person is a spammer? Sure it helps when the emails in question are provided as proof, but what steps were taken to show that the IP wasn't spoofed?
What about the SIZE of the provider? If a mom&pop shop is hosting 3 spammers in their base of 100 users, this is significant. If a nation-wide provider is hosting 3 spammers out of 20 million users, that's not exactly spam-friendly, it's just new users getting lost in the shuffle. And what if that provider actively terminates the accounts of those 3 spammers, but picks up 2 more that month? OMG that provider hosted FIVE spammers this month, they must be spamer-friendly!!! Give me a break.
I've even seen suggestions that ISP's should be responsible for doing a background check on each of their customers. Are you people really serious? That costs time and money. Who pays for that? I do, of course. And how is this any different from the time/expense that I incur from downloading the spams in the first place? And do your reasonably expect any business to perform a background check on 20 million customers on the off-chance that one of them may be a spammer?
From what I have found on google, I must agree with the general consensus... If someone is going to run an RBL, there MUST be responsibility. There are several lists out there which seem to have a good track record. Some just has too many complaints against them. For me, it is no better that having a spam filter set up too restrictivly... If there are too many false-positives, the list is virtually useless, and at worst, destructive to your initial cause.
You have obviously never been on the receiving end of a blacklist. I look at the mailing lists and all I see are a bunch of jerks acting as if the provider is always at fault, and that everybody has a choice who their provider is.
In the past week, I've had some messages start bouncing. A lookup at http://openrbl.org/ shows 0 positives on my IP, yet for some reason I'm getting bounces claiming both SPEWS and Osirusoft are rejecting me. It would be nice to find out what's going on, but both of their websites are unaccessible. The only reference I could locate to others in my/24 block was the local Catholic School having an open proxy (NOT an open relay), but no reported spam.
So is my ISP being lax in their anti-spam policy? I could only find 1 report of a known spammer operating from my ISP's address block in the past year, and that one appeared to have been picked up from their purchase of another provider. Sounds to me like they are doing their job.
And don't give me any of this BS about 'well the ISP had their chance to shut down the troublemakers before they were blacklisted.' Where the hell was *MY* chance to do something before *I* got blacklisted?
I've been using ordb and spamhaus to filter incoming mail for the past severl months, but had never really read any of the mailing lists to see what was going on. Quite frankly I'm amazed at the attitudes. The scenario that comes to mind is this... On the block where I live, someone who I have never met gets a DUI while driving (someone spams). The court orders them to attend classes about drunk driving (send a message to ISP to get rid of the problem). The person never attends those classes, so the city takes away the driver's license of EVERYONE on the block (blacklisted). Of course, nobody on my block has any idea what was going on, and if we had, we may have been able to put some pressure on the individual to make changes, but no, the city doesn't care about that.
In my case (with the discovered open proxy), it's a little more incredible... A neighbor lends his car to someone else, and even though that person drove safetly and there were no reported incidents, our whole block has restricted anyway.
I'm going to keep using RBL's on my mail server, but I'm going to do a little more research into who I'm using. It's a great concept, but I've seen too many people on huge power trips now to explicitly trust what they are telling me should be restricted.
Considering all the horror stories I've read on paypalsucks.com, this story somehow isn't as shocking as it should be. How is it that people like this continue to operate, when legitimate merchants are getting screwed out of their cash?
4.7MHz? 128K of ram? Well aren't we just Mr. Fancy-pants? I started out on a Sinclair ZX81 with a whopping ONE K of memory. Sheesh... kids these days got it easy!:-)
Slashdot Mirror
How many times is this idea going to come up before it finally goes away? Nobody is going to put up any amount of cash to send their legitimate email. Nobody will use a service that requires such a fee.
It's a simple concept really... the only solution that will be accepted is one which requires the masses to do nothing different than what they do now. People will not change their ways, even if it meant a spam-free environment. When it comes to computers, most users are lucky to remember one way to do things. They can't be bothered with learning how to do things the *right* way.
maybe IBM will end up owning SCO, I'd like to see that
Now THAT would surely be ironic, since all indications are that SCO's original hopes in filing this lawsuit were that IBM would simply buy them out.
So if this actually happened, the investors would not only lose every dime they put into this mess, they also lose the company AND they will likely be remembered in the business world for making very poor decisions.
I like it!!!
I would have to agree with that. The number of bugs isn't as important and the number of -unpatched- bugs. Want to really impress me? Who has the fewest unpatched bugs that are a week old?
A month?
A *year*?
Seriously, you can't have critical bugs floating around out there. Sure not everyone updates the instant a patch comes out, but I want to know that a fix is at least available.
If I am walking down the street and someone holds up and advertising sign, I will ignore them. However if the advertiser runs down the street after me and starts waving his sign frantically in front of my face, I'm going to punch him. This is how I feel about pop-up ads.
If that advertiser tags me with a GPS, tracks what stores I visit, then starts sending me coupons for their own similar products, they are invading my privacy and can likely be sued. Yet this is exactly what they are doing when they put tracking cookies on my browser, install ad-ware onto my computer, and start pounding me with more pop-up ads (even when I'm not online) and spam.
As for the spammers themselves... I'd like to deal with them by cutting off a finger and asking if they'd like to opt-out. If I opt-out, I generally get twice as much spam to that account, so let's cut off a couple more fingers. Now you have two more chances to opt-out. Don't want to this time? Well my mailbox just got another spam delivered to it, so I guess I'll take another of your fingers. You think I'm a whiner for having to delete all these emails? You think it's funny that I have to pay for server upgrades to kep up with the onslaught just so I can get my legitimate email? Bring it on, bastards!
2.5kW was for the ENITIRE RACK. A single unit is pulling about 60W, which is only 5A in a car.
Actually this does NOT take away the dying factor... How many people these days actually die of natural causes (IE: old age)? How many people are hit by a bus or murdered? The prospect of immortality will not change any of these things, in fact greater age only increases your chances of an unnatural death.
Also consider the large number of diseases which can kill us. And these are getting worse every year. Nature is striking back, trying to balance out the population. Sure we can come up with a cure for almost anything, given time, but new things will always come along.
Overall I agree, if this becomes a reality then our population is going to increase even faster. However it is NOT going to be an instant overnight explosion, and it will force us to finally face resource conservation and restructure a lot of our current systems (If you're an immortal on welfare and you just had your tenth child, you damn well better be making some changes bcause I'm sure not going to support your lazy ass anymore!)
I have firefox open with 7 tabs at the moment, and it's taking up 50MB of memory. Sure it sounds like a lot, but check out what other applications you have running. Thunderbird is at 37MB. DivX player is at 36MB. And AVG (total of 4 programs running) is at 45MB. In fact, a full 1/4 of all the applications currently running are using over 10MB each on my system.
Considering what all features firefox has, it's not all that bloated in comparison. On the other hand, I think everything is general is bloated these days, but I learned programming on a computer with 1K of ram. Anyone else remember the days when a math processor was optional?
I don't believe that will matter. A reverse lookup on my domain name also returns what my ISP has dictated, however I believe (and I'm by no means an expert on this) that what happens is SPF looks up the domain the email claims to be coming from, checks the IP address the email actually came from, and does a dns lookup from the claimed domain to see if that domain's specified SPF info includes the IP where the email came from.
For what it's worth, SPF has been working great on my home mail server for the last several months, and the amount of emails that it is catching are slowly increasing. I'm up to 10-15 emails per week that SPF is weeding out for me (not a lot considering my RBL's blocked over 3200 spams last week). It's use is growing, and every system that publishes an SPF record helps the rest of the internet block more garbage.
I work for a support desk for a company that uses IE exclusively. By the time someone calls us due to performance problems with their PC, Adaware finds on average about 200 items. While waiting for that to run through, we generally try to educate the users on how to run Adaware for themselves, and how to avoid further infections.
You wouldn't believe how many of these folks have hotbar simply because 'a co-worker told them it was great'. These same people are absolutely shocked when I inform them that their own computer is now sending out these same emails to everyone in their address book advising people to install this program.
I think what gets them the most is the fact that spyware is forging emails in their name, from their own computer. As long as it scares them into taking some responsibility in what they click or install, it works for me.
The cruise control on my '74 Pontiac has a single button. If you tap it, it sets your speed. If you hold the button for more than 1 second, it resumes your previously set speed. And a cruise control definitely qualifies as a "limited resource computing device."
So much for 2/3 of their patent. Now if someone finds true prior art on the actual 'double-click' portion, then this patent is sunk.
I assume you're referring to INCOMING email in a shared queue? I set up DNS to point to all of my postfix servers, so simple round-robin balancing is done. I have mail delivered directly to the user's .maildir folder, which is shared across NFS. I also have /var/spool/postfix shared via NFS. Mail comes into a single queue, each server only processes a portion of the total mail, and it's quickly scanned and delivered to the user's folder.
As far as outgoing email... use the DNS trick again, so each user trying to send email gets pointed to the next server.
Haha ok you got me. But still...
The problem is that if someone were to actually buy SCO, it would set a dangerous precedent and other failing compaines would be sure to follow.
No the only way to put an end to this is to make sure that SCO goes down in a ball of fire that can be seen around the world.
Already read this on Groklaw :-)
What ever happened to the guy that pied Bill Gates? Is he still around? I'm thinking Darl needs a dose of reality.
It's different because they advised everyone immediately of the problems, and released a patch as soon as they had one. MS has in the past spent considerable time blaming the customers for problems (for instance, IE automatically downloading and executing exe files from websites, without the user's consent).
It's different because this is only one of a handful of programs which have required security updates in the past X weeks. How many security updates has MS released in the same amount of time?
All of the MS advocates are spending a lot of time complaining about how everyone here bashes MS. I've been using Windows since 3.1 was released. Now I have a choice. Linux isn't for everyone. It requires a lot of time to learn it. Windows also required a lot of time to learn, but most people don't remember that. Back in the days when GUI's were new, we expected things to be difficult, and we lived with that until it was fixed. Now linux is coming in and trying to do everything the right way, but apparently many people are unwilling to give linux the same chance they originally gave to Windows.
Windows is like a first-draft program. It's a kludge. It works, and with enough effort you can add a lot of eye-candy to make it look like a polished system, but underneath, it's still a kludge. They started with a vague idea of what they were going to write, and created it as best they could.
Linux is more like a second-draft program. It's built from scratch completely based off of all the concepts that were discovered in writing the original version. The goal is in site, the mistakes can mostly be avoided, and they have a clear idea of what they're doing from start to finish. It's still not going to be perfect, but it's built on a solid understanding of what needs to be done.
Up next..? Who knows, but I imagine that comparing the next generation software to what we have now will be like comparing a finely-tuned Indy car to a horseless carriage.
So you're saying that because they are poor, they are not entitled to any form of entertainment?
Take a moment to look at the article at face value (assume the mother really does believe she was paying for the Kazaa service to download music)... If you only have limited funds for which to buy some entertainment for your family, would you spend $20 for a single CD, or would you spend $29.95 to be able to download all the music you want? It looks to me like the mother was trying to get the most value for her dollar.
And don't try to tell me that this is needless spending. Entertainment is a necessity of life. Everyone needs a distraction from the everyday.
I'm seeing all these people note what a bad analogy the open car is, however insurance companies have already covered all of this. If your car is broken in to, the insurance company will pay for the damages, because you yourself did nothing wrong.
HOWEVER -- If you leave your car unlocked and the keys laying in the front seat, the insurance company will laugh at you for your own stupidity, and will gladly deny your claim to damages. Sure if they catch the thief, s/he will be charged for auto theft, but the owner is still SOL for damages.
The same should be true in the computer world... If you leave your computer vulnerable to a well-known exploit, a hacker should be responsible for any data that was stolen or damaged. If they deface your website or steal credit card information, they should be held responsible for the time required to rebuild that information. But if someone simply walks into your system, leaves a note that you have a problem, and then leaves again, that person should not be held responsible for clean-up costs.
Another way of putting this... Someone walks into your unlocked house, takes your stereo, and walks out again. When they get caught, do you sue that person for the cost of replacing your stereo, or do you sue them for the stereo, a new deadbolt, bars on your windows, and an alarm system?
Or for a more graphic analogy, say someone is murdered in your house. Who pays for the cost of cleaning up the blood - the homeowner or the murderer?
(grumble grumble html tags...)
Let's try that again. The header info I was trying to post is -
X-Authenticate: <MTA Key + Email Body Hash><Destination Address Hash>
Maybe this has been suggested before, maybe not. How about a key that is only known to the MTA? Any legitimate email sent out will have a header added which includes the hash for the key and the actual email. This hash is added to a list of submitted messages with an expiration time. Once the email is sent out, the receiving end takes that hash, and submits it to the MTA which supposedly originated the message, to be verified or rejected. If a hash is verified the originating MTA will take it off its list.
This should be a simple process which has at least two major uses... First, email viruses which are bypassing the legitimate domain MTA will not have a valid hash in the header. Second, any email where the origination is forged will also not contain a valid hash.
The list of sent hashes that the MTA maintains could further be enhanced by including the hash of the destination address where the email was sent to.
In essence, a header would be added to each outgoing mail as such:
X-Authenticate:
With an ever-changing table of valid hashes, it would be nearly impossible for someone to forge a legitimate hash. Even on the off-change that a hash WAS forged, a spammer would only be able to send a single message with that hash, then the MTA would expire it.
Of course there are some cons against this plan as well... There would be a small increase in traffic required to send a single email (negligable, maybe a few hundred bytes at most). Each MTA would have to reserve space for a hash table, the size of which would be based on the number of unreceived messages at any given moment, and how fast hashes were expired from the table (do you give up on sending a message after 5 minutes or 5 days).
The best thing about this method is that it provides a means of authenticating the sender of a message which is backwards-compatible with existing MTA's.
Gee you must have extra hardware out the wazoo, if you consider that an easy change. Personally, I've got enough hardware at home to run my firewall and servers. T1/T3? Doubtful.
But then again, you probably think my little home operation isn't that important, and I shouldn't whine about having to be offline for a week so I can switch providers. But you know, the people who rely on my servers for their email and web space, it matters to them. The guy looking for a tech position because he's out of work, he relies on reliable email to make sure he doesn't miss a job offer.
But what do you care? You've obviously got a nice fat pipe to play with. Your connection is solid, and is probably even under your control. What if it wasn't something you could control? What if that connection were suddenly cut from under you, and there wasn't a thing you could do about it? I bet you'd be whining the loudest.
Your reaction is exactly what the problem is... You act as if everyone is automatically guilty. I challenge you to show me ANY provider who has not hosted a spammer at one time or another. And the bigger your provider is, the more likely that there will be multiple spammers at any given time.
I bet you would blacklist any provider who was discovered to be the source of a hundred spam reports in a given month. In your narrow viewpoint, a spammer is a spammer, and a provider is a provider. But get real! How many things are you purposely ignoring just to make the data fit your perseptive?
Do you expect ISP's to automatically disconnect a customer just because some random group on the internet *says* that person is a spammer? Sure it helps when the emails in question are provided as proof, but what steps were taken to show that the IP wasn't spoofed?
What about the SIZE of the provider? If a mom&pop shop is hosting 3 spammers in their base of 100 users, this is significant. If a nation-wide provider is hosting 3 spammers out of 20 million users, that's not exactly spam-friendly, it's just new users getting lost in the shuffle. And what if that provider actively terminates the accounts of those 3 spammers, but picks up 2 more that month? OMG that provider hosted FIVE spammers this month, they must be spamer-friendly!!! Give me a break.
I've even seen suggestions that ISP's should be responsible for doing a background check on each of their customers. Are you people really serious? That costs time and money. Who pays for that? I do, of course. And how is this any different from the time/expense that I incur from downloading the spams in the first place? And do your reasonably expect any business to perform a background check on 20 million customers on the off-chance that one of them may be a spammer?
From what I have found on google, I must agree with the general consensus... If someone is going to run an RBL, there MUST be responsibility. There are several lists out there which seem to have a good track record. Some just has too many complaints against them. For me, it is no better that having a spam filter set up too restrictivly... If there are too many false-positives, the list is virtually useless, and at worst, destructive to your initial cause.
You have obviously never been on the receiving end of a blacklist. I look at the mailing lists and all I see are a bunch of jerks acting as if the provider is always at fault, and that everybody has a choice who their provider is.
/24 block was the local Catholic School having an open proxy (NOT an open relay), but no reported spam.
In the past week, I've had some messages start bouncing. A lookup at http://openrbl.org/ shows 0 positives on my IP, yet for some reason I'm getting bounces claiming both SPEWS and Osirusoft are rejecting me. It would be nice to find out what's going on, but both of their websites are unaccessible. The only reference I could locate to others in my
So is my ISP being lax in their anti-spam policy? I could only find 1 report of a known spammer operating from my ISP's address block in the past year, and that one appeared to have been picked up from their purchase of another provider. Sounds to me like they are doing their job.
And don't give me any of this BS about 'well the ISP had their chance to shut down the troublemakers before they were blacklisted.' Where the hell was *MY* chance to do something before *I* got blacklisted?
I've been using ordb and spamhaus to filter incoming mail for the past severl months, but had never really read any of the mailing lists to see what was going on. Quite frankly I'm amazed at the attitudes. The scenario that comes to mind is this... On the block where I live, someone who I have never met gets a DUI while driving (someone spams). The court orders them to attend classes about drunk driving (send a message to ISP to get rid of the problem). The person never attends those classes, so the city takes away the driver's license of EVERYONE on the block (blacklisted). Of course, nobody on my block has any idea what was going on, and if we had, we may have been able to put some pressure on the individual to make changes, but no, the city doesn't care about that.
In my case (with the discovered open proxy), it's a little more incredible... A neighbor lends his car to someone else, and even though that person drove safetly and there were no reported incidents, our whole block has restricted anyway.
I'm going to keep using RBL's on my mail server, but I'm going to do a little more research into who I'm using. It's a great concept, but I've seen too many people on huge power trips now to explicitly trust what they are telling me should be restricted.
Considering all the horror stories I've read on paypalsucks.com, this story somehow isn't as shocking as it should be. How is it that people like this continue to operate, when legitimate merchants are getting screwed out of their cash?
4.7MHz? 128K of ram? Well aren't we just Mr. Fancy-pants? I started out on a Sinclair ZX81 with a whopping ONE K of memory. Sheesh... kids these days got it easy! :-)