Dude, Mailinator is a site that offers free disposable email addresses with no password/signup/registration. Read the link before you go flaming helpful posts.
If I hadn't read the link, how would I know there was an ad on the page's sidebar for ServerBeach?
I'd want to know a *lot* more about these people before I used their service to, for example, make a web purchase that might contain my personal or billing information.
Not saying these guys are, but what is to prevent a phisher/scammer/spammer from setting up a similar service, then ripping out all the juicy info they get as the new "man-in-the-middle" of your e-mail? Or for that matter simply a rogue admin at the hosting company doing the same thing behind the other parties' backs?
The more I think about the whole thing, the *more* suspicious I get, in fact. No responsible geek ought to be encouraging the entire internet to route their e-mail through a ServerBeach colo box. That's *hideously* irresponsible at best.
I apologize for my knee-jerk, although I'm still suspicious about the origins of this service, having heard nothing about it out of the anti-spam community, including who's actually behind it. I'll be the first to admit, when it comes to the spam fight I'm pretty paranoid. The dirty tricks I've seen in my day...ugh.
I still stick my guns though that it seems suspicious, and *definitely* stick to my guns about ServerBeach being black-hat sleazeballs. Anyone with connections to ServerBeach who offers anti-spam products or services is, IMO, worthy of intense scrutiny. Especially when the product is advertised in a spammy slashdot AC post.
Besides, I run mail servers and control domains of my own, so I already have a free and guaranteed secure version of their service -- its called/etc/mail/aliases.
Who modded that up? The guy is spamming slashdot for an unknown, suspicious looking "mail filtering" product, and right there on the side-bar is a Coupon Code for bullet proof/black hat hosters ServerBeach!
Isn't it obvious why MyDoom.C was released? The intricacy makes it fairly apparent that its either the original author or someone connected with it. Why would they release another variant of their own tool?
After the release of MyDoom.A, there was more than a little speculation that the true hidden purpose of these e-mail worms was to spawn a network of zombied PCs to use for spamming. The 'A' version made it a little too obvious, even with the included red herrings of DoS attacks against SCO and MS. Uh oh. And now Mr. Spammer is getting a little antsy -- has the FBI made the same connection many in the infosec scene have? Uh oh. Time to cover your tracks.
What better way to do that than to release another version of your virus that throws all the investigations off the trail, looking for some OSS Loving Blackhat who'd want to DoS SCO instead of the criminal head of a spam gang trying to enlarge his empire?
And before anyone suggests I put on a tin foil hat...go gather some statistics. Specifically, make a chart of the release of e-mail worms, and another chart of the accuracy-rate of DNSBLs. You'll see, as I did, that as DNSBL accuracy reaches 100% (they contain all currently-zombied hosts), boom, out comes another e-mail worm. The release of MyDoom seems to have gone off poorly -- admins received warning and were prepared, not very many machines (relatively) were infected, and a lot of attention from the infosec community was directed at the source of the releases. I'm sure purely by coincidence, my DNSBL hit rate remains high, and spams by a certain well known individual who I believe to be responsible for this don't seem to be coming at nearly the volume one would expect from such a prolific scumbag.
You wouldn't, provided that you used only the stock networking feature of PC Doom 1.9. However, even when the game was new, hard-core Doom enthusiasts pretty much exclusively used a program called serdoom for deathmatching. (In addition to letting the server set more options, it allowed you to tunnel a game over a BBS)
And none of the things you mentioned even came up. The control was how I liked it
Great for you, but what about all the rest of us? I wanted the custom "w,a,s,d,backspace" key grouping I had been using on the PC version (and have used in every FPS I've played since then). Even if you got lucky and the keys were how you liked them, you have to admit that this was a pretty majorly stupid thing to leave out given how trivial it would be to code. That one misfeature alone totally ruined the game for a lot of people.
and we even used different wads without a problem.
The WADs will work just fine...simply without any MIDI music. On the mac version, the music files are seperately stored in a "music" directory! The game just ignores any MIDIs embedded in the WAD itself.
I loaded it, it ran great, and I was able to frag my roommates and friends, what else did I need?...Higher standards?
Actually yeah. On a power computer 604e based machine I used to network with nothing but PC users and had zero problems doing it. Mac Doom was a great port. Smooth play at a higher resolution than pc doom had.
OK, MacDoom did have one additional feature: it supported higher resolutions than 320x200. For that, you were asked to trade off:
1) Broken WAD file format (go on, try to get MacDoom to read MIDI from a WAD...I still can't fathom why they broke this.) 2) 3 Preset Keymaps (you mean you want to assign keys individually as you choose? too bad...until several years after release when a fan puts out a System Extention(!) allowing this) 3) No serdoom or serdoom support. (All your PC buddies playing Doom on BBSes get to laugh at you -- this is also the utility most Doom afficianados used for LAN Dooming) 4) Poor performance. (Doom ran smoothly on my buddies 486DX2/66...604e/150 is the first Mac I ever ran Doom "smoothly" on, even the 1st gen PPC would get choppy)
No offense, but if you call MacDoom a great port, I can't imagine what you'd call a bad one...
Note that Lion Entertainment has to their credit the Mac Warcraft II port
Were they involved in that? My memory must be failing me, I don't recall their logo or involvement. At any rate, I do know factually that quite a bit of work AT BLIZZARD (North) went into making the Mac port kick ass.
one of the best ports in the history of game ports.
Agreed wholeheartedly. WC2 for the Mac made up for its lateness by going well beyond the original: higher resolutions, better sound, a Mac-like interface as appropriate, and yes, built-in TCP/IP networking that spawned ladder after ladder of Mac WC2 gamers who didn't have to pay for Kali. And it ran smoothly on an average Mac of the day.
...and certain companies have absolutely no qualms about extorting that. I've always[0] found the argument that there's no Mac game userbase a bit lacking. If you make something good, people will buy it. However, in the past the majority of the game development took place on other platforms (specifically, Windows). What little effort was put into porting those titles invariably produced unstable, ill-performing, and embarassingly late hacks that I'm sure were more emulator than engine. Anyone else here ever try to get a network game of Doom on with PC users back in the day? Or try to assign keys? Or try to play on anything less than a top of the line system?
I've owned and played Halo on my XBox for how many years, now? C'mon Bungie. You sold out, you're now putting out Mac games through the 2004 equivalent of Lion Entertainment, the least you can do is STFU and get back to making Halo 2 (...for XBox) and suckling at the teat of your overlord Mr. Gates. Stop insulting Mac users and, by proxy, your great legacy.
1) Fix your mail server. If you're not sure it's fixed, hire an administrator. This includes migrating away from a spammy network, if you live in a slum don't be surprised when you can't get a pizza delivered. 2) Determine if you are listed in any public DNSBLs or RHSBLs. If so, check the website for a way to request a retest and removal. Failing that, contact the maintainers. Get yourself removed from these first. 3) Gather a list of ISPs which are blocking you directly. When you are sure you've got all your ducks in a row with steps 1 and 2, contact postmaster@ those ISPs, explain the situation, and politely request a reevaluation of your status. Be polite but persistant. If you don't make any headway in e-mail (or if postmaster@ doesn't accept mail -- a contravention of RFC) contact them by phone and then paper letter. Keep things polite. Don't go making insults or legal threats...speaking personally as an admin, this will get you on my "do not remove until the heat death of the universe" blacklist with a quickness. You have no rights to the pipe I pay for.
NOTE: All bets are off if you're actually just a spammer (this includes unconfirmed opt-in), or are an ISP who has had a relapse after claiming to turn over a new leaf. In either of those cases, I will at my discretion block you and anything you're associated with, forever.
Yeah, I have seen PLENTY of businesses move into co-location facilities that showed absolutely NO SIGN of spam problems. What can they do after the fact? They've signed the contract. They've setup all their servers there. It has taken them many months of planning and execution to move their entire networks to this remote location. They are small businesses operating on tight budgets, not Microsofts. Then SPEWS hits their ISP's netblock and they are fucked.
I still don't understand why you consider this SPEWS' fault and not the ISP that started to support spammers'. SPEWS is just noting down the names of everyone who behaves in a certain way.
Anyone that thinks SPEWS' collateral damage policy is reasonable does not understand: (a) what is involved in moving a business from colo to colo,
Maybe not with your "Legit-a-mite Email Bizness", but I've got plenty of real network engineering experience. Enough to know that very few types of business operations are run out of colo facilities, primarily based on e-mail, and have a history of problems with SPEWS...
(b) that there are very few quality colo's out there that are capable of dealing with the onslaught of new/incoming spammers to the liking of the SPEWS mob
I haven't found that to be the case at all...rather, there are simply a few of the bigger colo houses/server farms (ev1 used to be bad about this, don't know about now) that simply don't care what the customer does as long as they pay their bill. Those are the types of organizations that tend to have problems with SPEWS. Yes, running an ISP with a lot of customers is hard work, but thats not an excuse to do a half-assed job of it, especially when the area you're skimping on has a negative impact on everyone else on the network.
and (c) that you could possibly predict who will get hit by SPEWS based on their past performance.
I can, with near 100% accuracy: SPEWS will hit organizations that support spam.
Even when a colo cleans up their act, and are de-listed, they are dealt with much more harshly later if the SPEWS MOB feels they are slipping.
What is so unusual or inappropriate about repeat offenders being treated more harshly than first timers?
Imagine a successful colo. They kick spammers off and have new spammers sign up every day.
If you're a colo and you have spammers signing up every day, you need to take a good hard look at your policies and engineering decisions, specifically with an eye to security. Not every colo has problems like that with spammers...most do not. If you do, there's a reason.
From the perspective of some of the SPEWS MOB, they are spammer havens.
As I said before, SPEWS knows a lot more than they say publically. If SPEWS says an organization supports spammers, you can bet there's been a lot of investigation that went into that listing and not all of it is disclosed (lest the spammers learn the tricks!).
These colo's are more likely to be listed on spews regardless of their actions.
Out of all the colo places on earth, I really only see a handful discussed in NANAE...it would seem that contrary to your assertion, it is both possible and easy to run a relatively spammer free colo.
I think the bigger issue is that, as a company, you have to *want* to run a spammer free colo.
BTW, when your entire business is legitimate email-based, and you are co-located, it is not an easy task to just arrange to have all your email sent from another source.
Hmmmmm. Basically, you're saying you run an e-mail based business...and you've had problems with SPEWS. Why am I starting to feel very very skeptical? SPEWS in my experience doesn't act before they've got a lot of information, though they generally do not disclose all that they know publically.
Since you're already discussing the specific problem you've had with SPEWS, why not give some detail? What exactly was the problem? What SPEWS record number did your problem fall under?
Prediction: you won't tell us.
Are you unable to grasp the concept of a service provider that has so-far not done anything stupid with spammers, only to fall under the foot of the SPEWS MOB after you've signed a contract with them?
Sure...and that sucks. If you sign a contract with someone, make sure its a good one. Then if the service you agreed to buy becomes degraded due to the companies broader business decisions, you can either get out of it or sue them.
Unlike you, I do not believe SPEWS is a good judge of which companies are spam-friendly.
Hah I bet you don't, Mr. Legit-a-mite Email Biznessman!
But that's only because I've had first-hand experience of how the SPEWS MOB works...
Care to go into specifics? A SPEWS record number would probably be enough.
You seem to confuse "Responsibility" with "Soul Responsibility"
Hmmmm, does one have to do with James Brown?
I'm saying its not the responsibility of SPEWS if I block an e-mail because its on their list. Their list has a reputation, and that reputation is free to sink or swim as it may. That's really the only point of attack against SPEWS in fact. Thus, we are here.
I'm not telling SPEWS to stop existing, I'm telling people to stop using SPEWS. I am telling them this because SPEWS is responsible for a lot of legitimate mail being blocked.
You can choose to use SPEWS in a fashion which causes some non-spam to be blocked (legitimate is too strong a word for traffic coming from bad ISPs, IMO). You can also choose to use it in, as I do, in a fashion that does not cause this to happen. It is your choice as an admin, even if that choice is dictated by your own ignorance.
Likewise, blocking mail which is not all spam is part of the whole point of SPEWS: to punish bad ISPs, not the spammers specifically living within those ISPs. The reason this tactic had to be adopted, as has been stated a million times now, is that ISPs were collaborating with spammers to make them unfilterable. Decisions regarding what is and is not abuse on the internet are too important to be decided by "what you can get the lowest common denominator to do for the most money".
Use a list which does not intentionally block innocents.
In the absence of SPEWS, these lists would be useless as unethical ISPs would happily play ball with spammers and shift them around constantly in massive allocations, for instance.
If Happy Funland Daycare agency was hiring child molestors, that's no reason to prevent people from collecting health insurance from the company Happy Funland Daycare uses.
That analogy is pathetic on the face of it, as the monetary reward" is travelling in the wrong situation. You clearly do not have a facility for analogy, so I'm trying to steer you away from this. Its just nonsense and I doubt you're even understanding the arguments I make in analogy form, given your response. Customers of ISPs that support spam are contributing to the continued presence of rogue organizations on the internet, and thus are not in any way innocent third parties.
My point is that SPEWS is responsible for innocent people having their e-mail bounced. If SPEWS did not exist, these people who are being bounced would not be bounced.
And my point is that at best, these people you're talking about are giving money to an organization that is intentionally causing spam to thrive on the internet, and at worst are actually spammers themselves.
If SPEWS decided to stop their terrorism
Ohhhhh boy. There goes all your credibility, and with it any doubt I may have had that you're no innocent third party.
("Stop paying a company which sells to a company which sells to a company which sends SPAM,
Uhhh, don't you mean "buys from"?
or your customers will not be able to send e-mail. That is, Go out of business, or we will force you out of business."), then those people would no longer be blocked.
What is wrong with telling a company "stop supporting spam or you will be forced out of business"?!? If you took a survey right now, how many people do you think would be for "forcing companies out of business who knowingly, intentionally support spam"?!?!? If you said: the total population of the planet minus those working in spam, methinks you'd be just about right.
That's the point of SPEWS. Abuse our open nature, and we will close ourselves to you (and tell each other about you!!!). Support spam, we will boycott you. Enjoy your intranet.
What you mean to say is: if you move into a upscale, nice neighborhood don't blame a shady telco employee who you'll never know when they prevent any telephone connections going to Pizza Hut because you live next to someone who may or may not be a criminal.
NAC is an "upscale, nice neighborhood"? Riiight.
Every argument for SPEWS is fallacious.
Hey, you sound objective.
very strict anti-spam hosts have been listed on SPEWS because they give (legitimate, non spamming) service to someone SPEWS considers a spammer, even though no spamming occurs through that link.
Care to cite any specific instances? Unless you're referring to spamvertized sites, I'm not familiar with any such issues.
Are ISPs now expected to run every customers name through the NCIC?
It doesn't take running the name through NCIC to figure out what someone is going to do with "abfe50pillz.biz".
You certainly can't be arguing that human attention be given to every customer's name for the express purpose of checking for any supposed 'spamming tendencies'.
Nope! To my knowledge, SPEWS has never listed an ISP merely for failing to catch spammers before the abuse department gets complaints. Nobody expects ISPs to be able to do this. However, if that abuse department does receive complaints and fails to act on them (and act appropriately), then and only then does SPEWS go into action.
Even with only hundreds of customers that would be unfeasible due to the limited amount of staff which would have an intimate knowledge of the current events in the spam-world and thus be able to spot such people.
I don't entirely agree with this, but your point is moot anyway. SPEWS does not punish ISPs simply for unknowingly signing up spammers, it punishes them for ignoring abuse reports and allowing the abuse to continue. If your ISP handles abuse reports in a timely and clueful manner, you will never have to worry about SPEWS.
That said...a lot more can be done by ISPs to dent this spam problem. Protecting end users against the e-mail borne viruses and trojans that are distributed in order to create the backbone of these spammers' networks would be a big step. Monitoring outbound activity for irregularities, particularly related to anything dealing with port 25, is not very difficult, or is open proxy scanning. From a policy angle, adequately staffing the abuse desk and making sure that their input is as important as the sales departments could make a big difference, too.
Gee, I guess I missed that whole thing about SPEWS not being a list of Spammers, given that their faq explicitely states that they are a list of Spammers and Spammer Operations.
Q1: What is SPEWS? A1: SPEWS is a list of areas on the Internet that several system administrators, ISP postmasters, and other service providers have assembled and use to deny email and in some cases, other network traffic, from.
Hmmm. I don't even see the word "spam" in that. Let's go a bit further down in the FAQ.
Q5: Why are network addresses listed if no spam has originated from them? A5: They are listed because they have been set up by known spammers and spam support operations, most with a demonstrable repeated history of spamming or spamming services. They are also listed if they host websites advertised in spam, as this too falls under spamming services - these listings normally occur if the owners of that network address range do not remove the offenders.
Hmm, the very existence of question 5 seems to break your logic.
Walking into a crouded room and shooting each person one-by-one in the head when you know quite well who your actual target is, you dont get to call the others "Collateral Damage" Being in the same building as someone else does not make you guilty.
In some cases, it does. If you're a waitress at a restaurant that doesn't serve minorities, and minorities stage a boycott of the restaurant, its going to affect your tips whether or not you personally are a racist or not. Too bad for you.
SPEWS claims that they blocklist people who know what they're doing, neglecting to mention that such is in no way true- as they intentionally block people who are innocent. (Someone using an ISP which allows spam is not automatically "Well aware of what they are doing wrong")
I've never seen anyone affiliated with SPEWS claim that they only block people who know what they're doing. Everyone I've seen in the groups seems to be well aware that all end users affected by the blocks are not necessarily themselves the spammers. What I think you may be misinterpreting is that SPEWS does not block ISPs who don't know what they're doing (aka intentionally hosting spammers and ignoring abuse reports).
As for being the only one who has ever heard SPEWS say anything, I guess I'm the only one who knows what.org stands for. Or maybe you're just entirely wrong, it can probably work either way.
I congratulate you on your mastery of the.org TLD. For your next trick, please learn how to read a FAQ.
I have no idea what your point is with the "Duh". Yes, SPEWS admits that it purposely blocks the innocent in order to ruin legitimate businesses which are indirectly associated with Spammers. But since it states that directly, I guess saying "Duh" should make it okay to overlook the point.
Hint: "Duh" is typically a response to someone stating the obvious. That SPEWS is a boycott list of spam supporting ISPs, not a list of spam source IP, could not be more obvious.
As for your claims for success, wouldnt a successful blacklist (for what SPEWS is trying to do) perhaps be staying at about the same size at some point, rather than be growing constantly?
Huh? The spam problem has been escalating continually (and exponentially!). That SPEWS reflects this is not evidence that SPEWS is not effective.
You dont need to like spam to hate spews. There are plenty of lists which go out of their way to prevent listing the innocent. Lists more effective than SPEWS, I hear.
No, you don't need to like spam to hate spews. You just have to have bought the PR spin from spammers about SPEWS hook, line, and sinker. I post with the hope that the average slashdot reader may use his deductive reasoning skills to see past this smokescreen and realize that SPEWS is a
First of all, even if there are no riders on the contract for paying penalties for ending it early, there is the serious cost in time, manpower, and physical resources in moving a server farm from one co-lo to another.
Apparently you should stick to being a "businessman" and stay away from network engineering. If you've got to move your entire server farm from one colo to another simply to cause e-mail to be sent from a different IP block, you have no business running a network.
This cost is non-negligible and can range from a few paltry hundreds of dollars to millions depending on the size of your business.
So, before you made your millions-of-dollars investment in internet connectivity through one backbone or another, shouldn't someone have done a little research? And shouldn't the attitude of a backbone towards network abuse be a part of that research?
This is exactly why SPEWS exists. If you're giving "millions of dollars" to a company who supports spam operations, whether you know it or not you are aiding in the abuse of the network as a whole.
This is of course a crisis which the business hasn't had prior warning of and must do last minute planning for which is means being without revenue for long periods of time until the block is lifted.
Fire whoever approved the purchase of access from a company with a bad internet reputation. Duh.
It's the explicit goal of organizations like this to hurt innocent businesses so that they'll complain to their ISP or just stop doing business with them.
Where do you get innocent from?!? If a company is giving "millions of dollars" to another company that condones and supports internet abuse, I don't consider them to be in any way innocent.
Does SPEWS offer to help cover the cost of the economic damage they do to these deliberately targetted innocent people? Hell, no! They give lame excuses like...
SPEWS is an unbudgeted volunteer organization, and more to the point this would entirely defeat the purpose of SPEWS. Economic damage to companies which have bad policies is exactly the goal. I believe the proper term for this technique is boycott.
Oh, that's a really great justification. Blame the victim. (You sure you're not with SPEWS?)
There is no victim in this case except the millions of internet users flooded with unwanted junk solicitations.
After all, all "pink" ISPs are very up front about the fact that they host spam on their network to prospective customers, right? What great, omniscient lookup service would let a business know that an ISP is allowing spammers when said ISP has never been put on a spam list before?
Uhhh...SPEWS? That's the freaking point of SPEWS, for about the millionth time.
How do you really know you're safe from spam vigillantes when a business has had a clean record so far? You can't, but people like you will continue to blame the businesses that you ruin for not knowing better.
Let me see if I can translate your spin into a real concern:
Question: "What is to guarantee that an ISP with a previously clean record will suddenly go rogue?"
Answer: Absolutely nothing, except the threat of a SPEWS listing. This exact thing has happened in the past, in fact the listing we're discussing right now, NAC, is one instance of it. NAC used to be a very clued provider, until they lost all the staff with clue. Now NAC ignores abuse reports and forwards them to the spammers to listwash, and hosts known spam organizations. Thanks to SPEWS, not only are those facts reaching the light of day, but they're doing so in a way that empowers the individual and forces the ISP to respond.
My roommate's starting up a small webhosting site soon, and I'm really worried for him that some jackass like you will come along and destroy everything he's worked for an al
OK, what is the count? It's a stretch to say 30 - in over two years. BFD.
Where did you ever arrive at such a rediculously low number? Here's a more accurate way to determinte this:
Go to google and look at the number of posts appearing in NANAE/NANAB beginning with [SXXXX] where XXXX is a 4 digit number identifying the SPEWS record of the offender. If you only see 30 of these in two years, something is very wrong with your computer or yourself.
What else can you count - complaints from peoplle who have no connection to spam and have their perfectly decent email blocked? Numbers are good: show some numbers. You said you could count them: do it.
Count them yourself, go to google and do as I suggested above. What I'd like to ask you is where you got that "30" number?
Where's this PR war?
You're reading it, right now! Look at the people posting links to kookery like this.
In addition you ignore that most of the blocking that occurs because of SPEWS listings is blocking for actual spam-source IPS. That's what the spammers don't like, that's the source of their PR war, such as it is (where is it?)
Riiight.
Why would spammers give a damn if non-spam-email is blocked? They'd celebrate: the darling of the loudest anti-spammers is a rogue, anonymous monster.
Here's how SPEWS hurts spammers:
Spammers arrange "pink contract" with $LARGE_BACKBONE provider. Contract stipulates that spam complaints will be ignored if the spammer pays a premium for his access, and that the ISP will move the spammer's allocation occasionally to prevent blacklisting.
SPEWS completely foils this arrangement. Now an ISP who makes an agreement with a spammer not only risks being caught out and having their backroom dealings exposed to the light of day, it will eventually *also* break the service of its legitimate customers, causing them to (hopefully) find out what all the fuss is about and eventually vote with their wallets against spammer friendly ISPs. Since SPEWS records and discussions are inherently public, this also provides the entire internet community with an in-stone history of the compliance of various providers.
As we've all seen over the past couple of years, using SPEWS as a mechanism to block spam is very dangerous.
Using SPEWS to block spam is not using SPEWS for what it was intended for. Are you gonna start blaming car manufacturers because some people try to drive them underwater?
You're gonna lose legit mail if you use them, because their filters are way, way, way too broad[1].
The first part may or may not be true, the second part is decidedly false. Their filters are not "too broad" unless your idea of "the right size" is "only the IPs of spammers" -- and thats not ever been the goal of SPEWS.
In the case of spews, I would use them in conjunction with something like SpamAssasin to assign a score e-mails rather than outright block them.
This is how I use SPEWS. A SPEWS listing adds to your SA score...and let me tell you, it works effectively.
[1] - Any time you see/16's and/12's and stuff blocked, that's way to freakin' broad.
I'd hate to hear what you think of me blocking the entirety of LACNIC from my mailserver.
There is a HUGE difference between "False Positive" and "Intentional False Positive".
"Intentional false positive"?!? If its intentional, its not a false positive. Its just a positive. Duh.
SPEWS does not claim to be a list of spammer IP addresses.
SPEWS defends their actions by saying that they cannot eliminate all False Positives, and so shouldnt try.
I've never seen SPEWS say any such thing. You seem to be the only person on/. who has ever heard SPEWS say a damn thing.
SPEWS intentionally blocks legitimate e-mail for the purpose of causing people to complain to their ISPs to the point that their ISPs complain to their provider, to the point that a legitimate customer who is not violating any terms of service is asked to change their practices or move to another region of the country.
And thats what everyone says SPEWS does. Duh.
Is this effective? Of course not.
What do you base that on? If I look through NANAE/NANAB and count the admins who are getting in touch with SPEWS to say "hey we finally nuked our spammers" after nothing else could convince them, I'm forced to conclude that SPEWS is damned effective.
If I look at the amount of work spammers put into the PR war against SPEWS, I'm forced to conclude the same thing.
Certainly, someone who uses the list will not recieve as much spam, as well as blocking much legitimate mail at the same time. But SPEWS is not about blocking Spam, it is about trying to get high-level service providers to violate their contracts.
If you replace the word "violate" with "enforce", then you're right on the money. We (I am not SPEWS) want ISPs to enforce their AUPs. If they want to publically have an AUP that permits spamming, thats a different problem and could be handled easily outside SPEWS.
Any list you use is going to have False-Positives. The difference is that SPEWS does it on purpose.
No, the difference is SPEWS is not a list of spammer IP addresses and if you're using it that way you're a dumbass.
SPEWS claims that they are innocent, because they don't block anyone. This is a lie.
It is?!? SPEWS is forcing me as a mail admin to cause e-mail to be blocked based on their listings?
They publish lists which are in turn downloaded by automated scripts and are applied to e-mail servers as filters. They are aware of this. Their lists have no other purpose.
They don't? What if I simply use SPEWS as an advisory system when determining a SpamAssassin score? Say, having a SPEWS level 1 listing gets you +1 point. Hmm. Seems like another purpose to me.
Conversely, what if I simply use the SPEWS list to determine my router ACLs?
Remember when SPEWS blocked everybody, and many automated scripts did the same?
Huh? You just linked to a story that says "Osirusoft" in the damn story title, yet you try to relate it to SPEWS? I can only assume you're intentionally trying to cause such confusion.
When you publish a list which has no other purpose, then tell people how to configure their servers to automatically download and use the list, you Are blocking people.
No you're not. You're just making it easy for other people to do so.
There is more, but I need to head off. I may post again later.
It's not paranoia if they really are out to get you...
But isnt it entirely possible that 'professional spammers' could set up mail relays under a subnet of highly regarded anti-spam sites?
Spammers have been trying to find creative ways to damage SPEWS' public image for a good long time. I've got my suspicions about the somethingawful debacle, and this one too.
Think about it from the point of view of an ISP -- host a large antispam site, get a free pass to host spammers.
After a run in last year with SPEWS, and after some investigation, I believe I have found SPEWS owner/administrator, and posted last March as SPEWS no longer anonymous
From what I have gathered, the SPEWS philosophy isn't just indifference to collateral damage (ie, 'civilian casualties'); they actively do this damage in order to try to force ISPs into changing their habits.
Correct, so far. I wouldn't term in "collateral damage" so much as "guilt by association" though.
And they are extremely difficult to both reach and reason with; you can post on a newsgroup and hope someone pays attention to your pleas.
Which, to be fair, they always do. The reason nobody admits to running SPEWS is quite simple -- many times in the past blocklist owners have become the targets of bogus lawsuits by spammers. Sure they eventually get thrown out of court, but not before costing lots of time and money to the volunteer blocklist admins.
I don't know if the actual newsgroup replies come from people who make decisions with SPEWS, but those replies are amazingly hostile.
NANAE, like all other newsgroups, have all kinds of people. Professionals, annoyed small time admins, and pissed off end users.
"Oh, you're blocked? That's because you're on a crummy ISP that allows spammers. You're on a contract and can't switch? Well, you'd better start calling your ISP, because the block on your addresses isn't going away until the spammer adjacent to you does, and maybe not then, because you're a whiner."
Aside from that last part, whats wrong with that?!? Its working great.
What you seem to be glossing over is the fact that YOUR ISP IS HOSTING SPAMMERS AND DOES NOT CARE. That's the only way you get a SPEWS listing to begin with. Static blocklists have been tried and tried, and unless there is a SPEWS sitting out there to punish bad ISPs, there will always be someone who will happily host spammers and continually shift their IP space to prevent blocklisting. That is why SPEWS exists.
Please put the blame where it belongs -- with the ISP that allows their sales department to outweigh their abuse department.
Agreed, look at how hard spammers are fighting against SPEWS.
How long has SPEWS been "in business"... and how many complaints do you guys still have coming from legit people who CAN'T just up and move to a different provider?
Who literally cannot under any circumstances? I am not SPEWS, but I've never seen one.
You know, some of us are trying to do legitimate business on the internet.
Tell me about it.
It's not like we have a friggin dialup account and can just pick someone else. The process of moving a business from one provider to another, especially if the provider is co-hosting your servers, is quite involved and usually involves a contract that can't easily be broken without penalties.
Which is exactly why you ought to do your damn homework and perform due diligence when researching your "very important" internet connection. If you move into a slum, don't blame Pizza Hut for not delivering to you.
As with some of the other posters in this thread, you seem to have misunderstood my origonal post...I do not argue that spam is a problem, but I would also argue that it is also not a threat to the infrastructure of the network...
I would (perhaps) have been more inclined to agree with you before I read this.
The problem is that we shouldn't blow this out of proportion. We need to look at this from both a social and technical angle.
Quite true. I agree wholeheartedly.
From what I've seen in the past, many companies have not even taken some of the most basic counter-measures against spam.
I'm not sure on which end you mean. Unsecured "open relay" mailservers are not a major source of spam these days, the spammers have moved on to exploiting vulnerabilities and installing zombie networks for that. It's true that adoption of filtering technology has taken a long time to reach the end user, but for the most part I attribute that to the bizarre and complex nature of spam filtering. It's one of the more complex parsers you'll ever see, for sure. Its not every day something that complex becomes a "killer-app".
Spam filters and block lists should be standard for almost any mail server installation.
Given the nature of his spamming, it sounds like he is a prime candidate for what this law was intended for (not random victim, or a script kiddie learning to spam for fun).
Ugh. That is the single scariest most disturbing comment I have ever read on slashdot. This is what "script kiddies" do for fun, now? What the hell happened to The Mentor? There isn't even any semblance of excuse for spamming. Its surely not to discover, nor is it even about "making your voice heard" or even "attacking your enemy". It's just picking the pocket of every single one of your peers out of sheer greed.
Slashdot Mirror
Dude, Mailinator is a site that offers free disposable email addresses with no password/signup/registration. Read the link before you go flaming helpful posts.
If I hadn't read the link, how would I know there was an ad on the page's sidebar for ServerBeach?
I'd want to know a *lot* more about these people before I used their service to, for example, make a web purchase that might contain my personal or billing information.
Not saying these guys are, but what is to prevent a phisher/scammer/spammer from setting up a similar service, then ripping out all the juicy info they get as the new "man-in-the-middle" of your e-mail? Or for that matter simply a rogue admin at the hosting company doing the same thing behind the other parties' backs?
The more I think about the whole thing, the *more* suspicious I get, in fact. No responsible geek ought to be encouraging the entire internet to route their e-mail through a ServerBeach colo box. That's *hideously* irresponsible at best.
I apologize for my knee-jerk, although I'm still suspicious about the origins of this service, having heard nothing about it out of the anti-spam community, including who's actually behind it. I'll be the first to admit, when it comes to the spam fight I'm pretty paranoid. The dirty tricks I've seen in my day...ugh.
/etc/mail/aliases.
I still stick my guns though that it seems suspicious, and *definitely* stick to my guns about ServerBeach being black-hat sleazeballs. Anyone with connections to ServerBeach who offers anti-spam products or services is, IMO, worthy of intense scrutiny. Especially when the product is advertised in a spammy slashdot AC post.
Besides, I run mail servers and control domains of my own, so I already have a free and guaranteed secure version of their service -- its called
Who modded that up? The guy is spamming slashdot for an unknown, suspicious looking "mail filtering" product, and right there on the side-bar is a Coupon Code for bullet proof/black hat hosters ServerBeach!
Isn't it obvious why MyDoom.C was released? The intricacy makes it fairly apparent that its either the original author or someone connected with it. Why would they release another variant of their own tool?
After the release of MyDoom.A, there was more than a little speculation that the true hidden purpose of these e-mail worms was to spawn a network of zombied PCs to use for spamming. The 'A' version made it a little too obvious, even with the included red herrings of DoS attacks against SCO and MS. Uh oh. And now Mr. Spammer is getting a little antsy -- has the FBI made the same connection many in the infosec scene have? Uh oh. Time to cover your tracks.
What better way to do that than to release another version of your virus that throws all the investigations off the trail, looking for some OSS Loving Blackhat who'd want to DoS SCO instead of the criminal head of a spam gang trying to enlarge his empire?
And before anyone suggests I put on a tin foil hat...go gather some statistics. Specifically, make a chart of the release of e-mail worms, and another chart of the accuracy-rate of DNSBLs. You'll see, as I did, that as DNSBL accuracy reaches 100% (they contain all currently-zombied hosts), boom, out comes another e-mail worm. The release of MyDoom seems to have gone off poorly -- admins received warning and were prepared, not very many machines (relatively) were infected, and a lot of attention from the infosec community was directed at the source of the releases. I'm sure purely by coincidence, my DNSBL hit rate remains high, and spams by a certain well known individual who I believe to be responsible for this don't seem to be coming at nearly the volume one would expect from such a prolific scumbag.
None of us had problems networking it with PCs.
...Higher standards?
You wouldn't, provided that you used only the stock networking feature of PC Doom 1.9. However, even when the game was new, hard-core Doom enthusiasts pretty much exclusively used a program called serdoom for deathmatching. (In addition to letting the server set more options, it allowed you to tunnel a game over a BBS)
And none of the things you mentioned even came up. The control was how I liked it
Great for you, but what about all the rest of us? I wanted the custom "w,a,s,d,backspace" key grouping I had been using on the PC version (and have used in every FPS I've played since then). Even if you got lucky and the keys were how you liked them, you have to admit that this was a pretty majorly stupid thing to leave out given how trivial it would be to code. That one misfeature alone totally ruined the game for a lot of people.
and we even used different wads without a problem.
The WADs will work just fine...simply without any MIDI music. On the mac version, the music files are seperately stored in a "music" directory! The game just ignores any MIDIs embedded in the WAD itself.
I loaded it, it ran great, and I was able to frag my roommates and friends, what else did I need?
Actually yeah. On a power computer 604e based machine I used to network with nothing but PC users and had zero problems doing it. Mac Doom was a great port. Smooth play at a higher resolution than pc doom had.
OK, MacDoom did have one additional feature: it supported higher resolutions than 320x200. For that, you were asked to trade off:
1) Broken WAD file format (go on, try to get MacDoom to read MIDI from a WAD...I still can't fathom why they broke this.)
2) 3 Preset Keymaps (you mean you want to assign keys individually as you choose? too bad...until several years after release when a fan puts out a System Extention(!) allowing this)
3) No serdoom or serdoom support. (All your PC buddies playing Doom on BBSes get to laugh at you -- this is also the utility most Doom afficianados used for LAN Dooming)
4) Poor performance. (Doom ran smoothly on my buddies 486DX2/66...604e/150 is the first Mac I ever ran Doom "smoothly" on, even the 1st gen PPC would get choppy)
No offense, but if you call MacDoom a great port, I can't imagine what you'd call a bad one...
Note that Lion Entertainment has to their credit the Mac Warcraft II port
Were they involved in that? My memory must be failing me, I don't recall their logo or involvement. At any rate, I do know factually that quite a bit of work AT BLIZZARD (North) went into making the Mac port kick ass.
one of the best ports in the history of game ports.
Agreed wholeheartedly. WC2 for the Mac made up for its lateness by going well beyond the original: higher resolutions, better sound, a Mac-like interface as appropriate, and yes, built-in TCP/IP networking that spawned ladder after ladder of Mac WC2 gamers who didn't have to pay for Kali. And it ran smoothly on an average Mac of the day.
...and certain companies have absolutely no qualms about extorting that. I've always[0] found the argument that there's no Mac game userbase a bit lacking. If you make something good, people will buy it. However, in the past the majority of the game development took place on other platforms (specifically, Windows). What little effort was put into porting those titles invariably produced unstable, ill-performing, and embarassingly late hacks that I'm sure were more emulator than engine. Anyone else here ever try to get a network game of Doom on with PC users back in the day? Or try to assign keys? Or try to play on anything less than a top of the line system?
I've owned and played Halo on my XBox for how many years, now? C'mon Bungie. You sold out, you're now putting out Mac games through the 2004 equivalent of Lion Entertainment, the least you can do is STFU and get back to making Halo 2 (...for XBox) and suckling at the teat of your overlord Mr. Gates. Stop insulting Mac users and, by proxy, your great legacy.
[0] I used System 6.
1) Fix your mail server. If you're not sure it's fixed, hire an administrator. This includes migrating away from a spammy network, if you live in a slum don't be surprised when you can't get a pizza delivered.
2) Determine if you are listed in any public DNSBLs or RHSBLs. If so, check the website for a way to request a retest and removal. Failing that, contact the maintainers. Get yourself removed from these first.
3) Gather a list of ISPs which are blocking you directly. When you are sure you've got all your ducks in a row with steps 1 and 2, contact postmaster@ those ISPs, explain the situation, and politely request a reevaluation of your status. Be polite but persistant. If you don't make any headway in e-mail (or if postmaster@ doesn't accept mail -- a contravention of RFC) contact them by phone and then paper letter. Keep things polite. Don't go making insults or legal threats...speaking personally as an admin, this will get you on my "do not remove until the heat death of the universe" blacklist with a quickness. You have no rights to the pipe I pay for.
NOTE: All bets are off if you're actually just a spammer (this includes unconfirmed opt-in), or are an ISP who has had a relapse after claiming to turn over a new leaf. In either of those cases, I will at my discretion block you and anything you're associated with, forever.
Yeah, I have seen PLENTY of businesses move into co-location facilities that showed absolutely NO SIGN of spam problems. What can they do after the fact? They've signed the contract. They've setup all their servers there. It has taken them many months of planning and execution to move their entire networks to this remote location. They are small businesses operating on tight budgets, not Microsofts. Then SPEWS hits their ISP's netblock and they are fucked.
I still don't understand why you consider this SPEWS' fault and not the ISP that started to support spammers'. SPEWS is just noting down the names of everyone who behaves in a certain way.
Anyone that thinks SPEWS' collateral damage policy is reasonable does not understand: (a) what is involved in moving a business from colo to colo,
Maybe not with your "Legit-a-mite Email Bizness", but I've got plenty of real network engineering experience. Enough to know that very few types of business operations are run out of colo facilities, primarily based on e-mail, and have a history of problems with SPEWS...
(b) that there are very few quality colo's out there that are capable of dealing with the onslaught of new/incoming spammers to the liking of the SPEWS mob
I haven't found that to be the case at all...rather, there are simply a few of the bigger colo houses/server farms (ev1 used to be bad about this, don't know about now) that simply don't care what the customer does as long as they pay their bill. Those are the types of organizations that tend to have problems with SPEWS. Yes, running an ISP with a lot of customers is hard work, but thats not an excuse to do a half-assed job of it, especially when the area you're skimping on has a negative impact on everyone else on the network.
and (c) that you could possibly predict who will get hit by SPEWS based on their past performance.
I can, with near 100% accuracy: SPEWS will hit organizations that support spam.
Even when a colo cleans up their act, and are de-listed, they are dealt with much more harshly later if the SPEWS MOB feels they are slipping.
What is so unusual or inappropriate about repeat offenders being treated more harshly than first timers?
Imagine a successful colo. They kick spammers off and have new spammers sign up every day.
If you're a colo and you have spammers signing up every day, you need to take a good hard look at your policies and engineering decisions, specifically with an eye to security. Not every colo has problems like that with spammers...most do not. If you do, there's a reason.
From the perspective of some of the SPEWS MOB, they are spammer havens.
As I said before, SPEWS knows a lot more than they say publically. If SPEWS says an organization supports spammers, you can bet there's been a lot of investigation that went into that listing and not all of it is disclosed (lest the spammers learn the tricks!).
These colo's are more likely to be listed on spews regardless of their actions.
Out of all the colo places on earth, I really only see a handful discussed in NANAE...it would seem that contrary to your assertion, it is both possible and easy to run a relatively spammer free colo.
I think the bigger issue is that, as a company, you have to *want* to run a spammer free colo.
BTW, when your entire business is legitimate email-based, and you are co-located, it is not an easy task to just arrange to have all your email sent from another source.
Hmmmmm. Basically, you're saying you run an e-mail based business...and you've had problems with SPEWS. Why am I starting to feel very very skeptical? SPEWS in my experience doesn't act before they've got a lot of information, though they generally do not disclose all that they know publically.
Since you're already discussing the specific problem you've had with SPEWS, why not give some detail? What exactly was the problem? What SPEWS record number did your problem fall under?
Prediction: you won't tell us.
Are you unable to grasp the concept of a service provider that has so-far not done anything stupid with spammers, only to fall under the foot of the SPEWS MOB after you've signed a contract with them?
Sure...and that sucks. If you sign a contract with someone, make sure its a good one. Then if the service you agreed to buy becomes degraded due to the companies broader business decisions, you can either get out of it or sue them.
Unlike you, I do not believe SPEWS is a good judge of which companies are spam-friendly.
Hah I bet you don't, Mr. Legit-a-mite Email Biznessman!
But that's only because I've had first-hand experience of how the SPEWS MOB works...
Care to go into specifics? A SPEWS record number would probably be enough.
You seem to confuse "Responsibility" with "Soul Responsibility"
Hmmmm, does one have to do with James Brown?
I'm saying its not the responsibility of SPEWS if I block an e-mail because its on their list. Their list has a reputation, and that reputation is free to sink or swim as it may. That's really the only point of attack against SPEWS in fact. Thus, we are here.
I'm not telling SPEWS to stop existing, I'm telling people to stop using SPEWS. I am telling them this because SPEWS is responsible for a lot of legitimate mail being blocked.
You can choose to use SPEWS in a fashion which causes some non-spam to be blocked (legitimate is too strong a word for traffic coming from bad ISPs, IMO). You can also choose to use it in, as I do, in a fashion that does not cause this to happen. It is your choice as an admin, even if that choice is dictated by your own ignorance.
Likewise, blocking mail which is not all spam is part of the whole point of SPEWS: to punish bad ISPs, not the spammers specifically living within those ISPs. The reason this tactic had to be adopted, as has been stated a million times now, is that ISPs were collaborating with spammers to make them unfilterable. Decisions regarding what is and is not abuse on the internet are too important to be decided by "what you can get the lowest common denominator to do for the most money".
Use a list which does not intentionally block innocents.
In the absence of SPEWS, these lists would be useless as unethical ISPs would happily play ball with spammers and shift them around constantly in massive allocations, for instance.
If Happy Funland Daycare agency was hiring child molestors, that's no reason to prevent people from collecting health insurance from the company Happy Funland Daycare uses.
That analogy is pathetic on the face of it, as the monetary reward" is travelling in the wrong situation. You clearly do not have a facility for analogy, so I'm trying to steer you away from this. Its just nonsense and I doubt you're even understanding the arguments I make in analogy form, given your response. Customers of ISPs that support spam are contributing to the continued presence of rogue organizations on the internet, and thus are not in any way innocent third parties.
My point is that SPEWS is responsible for innocent people having their e-mail bounced. If SPEWS did not exist, these people who are being bounced would not be bounced.
And my point is that at best, these people you're talking about are giving money to an organization that is intentionally causing spam to thrive on the internet, and at worst are actually spammers themselves.
If SPEWS decided to stop their terrorism
Ohhhhh boy. There goes all your credibility, and with it any doubt I may have had that you're no innocent third party.
("Stop paying a company which sells to a company which sells to a company which sends SPAM,
Uhhh, don't you mean "buys from"?
or your customers will not be able to send e-mail. That is, Go out of business, or we will force you out of business."), then those people would no longer be blocked.
What is wrong with telling a company "stop supporting spam or you will be forced out of business"?!? If you took a survey right now, how many people do you think would be for "forcing companies out of business who knowingly, intentionally support spam"?!?!? If you said: the total population of the planet minus those working in spam, methinks you'd be just about right.
That's the point of SPEWS. Abuse our open nature, and we will close ourselves to you (and tell each other about you!!!). Support spam, we will boycott you. Enjoy your intranet.
What you mean to say is: if you move into a upscale, nice neighborhood don't blame a shady telco employee who you'll never know when they prevent any telephone connections going to Pizza Hut because you live next to someone who may or may not be a criminal.
NAC is an "upscale, nice neighborhood"? Riiight.
Every argument for SPEWS is fallacious.
Hey, you sound objective.
very strict anti-spam hosts have been listed on SPEWS because they give (legitimate, non spamming) service to someone SPEWS considers a spammer, even though no spamming occurs through that link.
Care to cite any specific instances? Unless you're referring to spamvertized sites, I'm not familiar with any such issues.
Are ISPs now expected to run every customers name through the NCIC?
It doesn't take running the name through NCIC to figure out what someone is going to do with "abfe50pillz.biz".
You certainly can't be arguing that human attention be given to every customer's name for the express purpose of checking for any supposed 'spamming tendencies'.
Nope! To my knowledge, SPEWS has never listed an ISP merely for failing to catch spammers before the abuse department gets complaints. Nobody expects ISPs to be able to do this. However, if that abuse department does receive complaints and fails to act on them (and act appropriately), then and only then does SPEWS go into action.
Even with only hundreds of customers that would be unfeasible due to the limited amount of staff which would have an intimate knowledge of the current events in the spam-world and thus be able to spot such people.
I don't entirely agree with this, but your point is moot anyway. SPEWS does not punish ISPs simply for unknowingly signing up spammers, it punishes them for ignoring abuse reports and allowing the abuse to continue. If your ISP handles abuse reports in a timely and clueful manner, you will never have to worry about SPEWS.
That said...a lot more can be done by ISPs to dent this spam problem. Protecting end users against the e-mail borne viruses and trojans that are distributed in order to create the backbone of these spammers' networks would be a big step. Monitoring outbound activity for irregularities, particularly related to anything dealing with port 25, is not very difficult, or is open proxy scanning. From a policy angle, adequately staffing the abuse desk and making sure that their input is as important as the sales departments could make a big difference, too.
Gee, I guess I missed that whole thing about SPEWS not being a list of Spammers, given that their faq explicitely states that they are a list of Spammers and Spammer Operations.
.org stands for. Or maybe you're just entirely wrong, it can probably work either way.
.org TLD. For your next trick, please learn how to read a FAQ.
Quoting the SPEWS FAQ verbatim:
Q1: What is SPEWS?
A1: SPEWS is a list of areas on the Internet that several system administrators, ISP postmasters, and other service providers have assembled and use to deny email and in some cases, other network traffic, from.
Hmmm. I don't even see the word "spam" in that. Let's go a bit further down in the FAQ.
Q5: Why are network addresses listed if no spam has originated from them?
A5: They are listed because they have been set up by known spammers and spam support operations, most with a demonstrable repeated history of spamming or spamming services. They are also listed if they host websites advertised in spam, as this too falls under spamming services - these listings normally occur if the owners of that network address range do not remove the offenders.
Hmm, the very existence of question 5 seems to break your logic.
Walking into a crouded room and shooting each person one-by-one in the head when you know quite well who your actual target is, you dont get to call the others "Collateral Damage" Being in the same building as someone else does not make you guilty.
In some cases, it does. If you're a waitress at a restaurant that doesn't serve minorities, and minorities stage a boycott of the restaurant, its going to affect your tips whether or not you personally are a racist or not. Too bad for you.
SPEWS claims that they blocklist people who know what they're doing, neglecting to mention that such is in no way true- as they intentionally block people who are innocent. (Someone using an ISP which allows spam is not automatically "Well aware of what they are doing wrong")
I've never seen anyone affiliated with SPEWS claim that they only block people who know what they're doing. Everyone I've seen in the groups seems to be well aware that all end users affected by the blocks are not necessarily themselves the spammers. What I think you may be misinterpreting is that SPEWS does not block ISPs who don't know what they're doing (aka intentionally hosting spammers and ignoring abuse reports).
As for being the only one who has ever heard SPEWS say anything, I guess I'm the only one who knows what
I congratulate you on your mastery of the
I have no idea what your point is with the "Duh". Yes, SPEWS admits that it purposely blocks the innocent in order to ruin legitimate businesses which are indirectly associated with Spammers. But since it states that directly, I guess saying "Duh" should make it okay to overlook the point.
Hint: "Duh" is typically a response to someone stating the obvious. That SPEWS is a boycott list of spam supporting ISPs, not a list of spam source IP, could not be more obvious.
As for your claims for success, wouldnt a successful blacklist (for what SPEWS is trying to do) perhaps be staying at about the same size at some point, rather than be growing constantly?
Huh? The spam problem has been escalating continually (and exponentially!). That SPEWS reflects this is not evidence that SPEWS is not effective.
You dont need to like spam to hate spews. There are plenty of lists which go out of their way to prevent listing the innocent. Lists more effective than SPEWS, I hear.
No, you don't need to like spam to hate spews. You just have to have bought the PR spin from spammers about SPEWS hook, line, and sinker. I post with the hope that the average slashdot reader may use his deductive reasoning skills to see past this smokescreen and realize that SPEWS is a
You're also not a businessman.
Says who?
First of all, even if there are no riders on the contract for paying penalties for ending it early, there is the serious cost in time, manpower, and physical resources in moving a server farm from one co-lo to another.
Apparently you should stick to being a "businessman" and stay away from network engineering. If you've got to move your entire server farm from one colo to another simply to cause e-mail to be sent from a different IP block, you have no business running a network.
This cost is non-negligible and can range from a few paltry hundreds of dollars to millions depending on the size of your business.
So, before you made your millions-of-dollars investment in internet connectivity through one backbone or another, shouldn't someone have done a little research? And shouldn't the attitude of a backbone towards network abuse be a part of that research?
This is exactly why SPEWS exists. If you're giving "millions of dollars" to a company who supports spam operations, whether you know it or not you are aiding in the abuse of the network as a whole.
This is of course a crisis which the business hasn't had prior warning of and must do last minute planning for which is means being without revenue for long periods of time until the block is lifted.
Fire whoever approved the purchase of access from a company with a bad internet reputation. Duh.
It's the explicit goal of organizations like this to hurt innocent businesses so that they'll complain to their ISP or just stop doing business with them.
Where do you get innocent from?!? If a company is giving "millions of dollars" to another company that condones and supports internet abuse, I don't consider them to be in any way innocent.
Does SPEWS offer to help cover the cost of the economic damage they do to these deliberately targetted innocent people? Hell, no! They give lame excuses like...
SPEWS is an unbudgeted volunteer organization, and more to the point this would entirely defeat the purpose of SPEWS. Economic damage to companies which have bad policies is exactly the goal. I believe the proper term for this technique is boycott.
Oh, that's a really great justification. Blame the victim. (You sure you're not with SPEWS?)
There is no victim in this case except the millions of internet users flooded with unwanted junk solicitations.
After all, all "pink" ISPs are very up front about the fact that they host spam on their network to prospective customers, right? What great, omniscient lookup service would let a business know that an ISP is allowing spammers when said ISP has never been put on a spam list before?
Uhhh...SPEWS? That's the freaking point of SPEWS, for about the millionth time.
How do you really know you're safe from spam vigillantes when a business has had a clean record so far? You can't, but people like you will continue to blame the businesses that you ruin for not knowing better.
Let me see if I can translate your spin into a real concern:
Question: "What is to guarantee that an ISP with a previously clean record will suddenly go rogue?"
Answer: Absolutely nothing, except the threat of a SPEWS listing. This exact thing has happened in the past, in fact the listing we're discussing right now, NAC, is one instance of it. NAC used to be a very clued provider, until they lost all the staff with clue. Now NAC ignores abuse reports and forwards them to the spammers to listwash, and hosts known spam organizations. Thanks to SPEWS, not only are those facts reaching the light of day, but they're doing so in a way that empowers the individual and forces the ISP to respond.
My roommate's starting up a small webhosting site soon, and I'm really worried for him that some jackass like you will come along and destroy everything he's worked for an al
OK, what is the count? It's a stretch to say 30 - in over two years. BFD.
Where did you ever arrive at such a rediculously low number? Here's a more accurate way to determinte this:
Go to google and look at the number of posts appearing in NANAE/NANAB beginning with [SXXXX] where XXXX is a 4 digit number identifying the SPEWS record of the offender. If you only see 30 of these in two years, something is very wrong with your computer or yourself.
What else can you count - complaints from peoplle who have no connection to spam and have their perfectly decent email blocked? Numbers are good: show some numbers. You said you could count them: do it.
Count them yourself, go to google and do as I suggested above. What I'd like to ask you is where you got that "30" number?
Where's this PR war?
You're reading it, right now! Look at the people posting links to kookery like this.
In addition you ignore that most of the blocking that occurs because of SPEWS listings is blocking for actual spam-source IPS. That's what the spammers don't like, that's the source of their PR war, such as it is (where is it?)
Riiight.
Why would spammers give a damn if non-spam-email is blocked? They'd celebrate: the darling of the loudest anti-spammers is a rogue, anonymous monster.
Here's how SPEWS hurts spammers:
Spammers arrange "pink contract" with $LARGE_BACKBONE provider. Contract stipulates that spam complaints will be ignored if the spammer pays a premium for his access, and that the ISP will move the spammer's allocation occasionally to prevent blacklisting.
SPEWS completely foils this arrangement. Now an ISP who makes an agreement with a spammer not only risks being caught out and having their backroom dealings exposed to the light of day, it will eventually *also* break the service of its legitimate customers, causing them to (hopefully) find out what all the fuss is about and eventually vote with their wallets against spammer friendly ISPs. Since SPEWS records and discussions are inherently public, this also provides the entire internet community with an in-stone history of the compliance of various providers.
As we've all seen over the past couple of years, using SPEWS as a mechanism to block spam is very dangerous .
/16's and /12's and stuff blocked, that's way to freakin' broad.
Using SPEWS to block spam is not using SPEWS for what it was intended for. Are you gonna start blaming car manufacturers because some people try to drive them underwater?
You're gonna lose legit mail if you use them, because their filters are way, way, way too broad[1].
The first part may or may not be true, the second part is decidedly false. Their filters are not "too broad" unless your idea of "the right size" is "only the IPs of spammers" -- and thats not ever been the goal of SPEWS.
In the case of spews, I would use them in conjunction with something like SpamAssasin to assign a score e-mails rather than outright block them.
This is how I use SPEWS. A SPEWS listing adds to your SA score...and let me tell you, it works effectively.
[1] - Any time you see
I'd hate to hear what you think of me blocking the entirety of LACNIC from my mailserver.
There is a HUGE difference between "False Positive" and "Intentional False Positive".
/. who has ever heard SPEWS say a damn thing.
"Intentional false positive"?!? If its intentional, its not a false positive. Its just a positive. Duh.
SPEWS does not claim to be a list of spammer IP addresses.
SPEWS defends their actions by saying that they cannot eliminate all False Positives, and so shouldnt try.
I've never seen SPEWS say any such thing. You seem to be the only person on
SPEWS intentionally blocks legitimate e-mail for the purpose of causing people to complain to their ISPs to the point that their ISPs complain to their provider, to the point that a legitimate customer who is not violating any terms of service is asked to change their practices or move to another region of the country.
And thats what everyone says SPEWS does. Duh.
Is this effective? Of course not.
What do you base that on? If I look through NANAE/NANAB and count the admins who are getting in touch with SPEWS to say "hey we finally nuked our spammers" after nothing else could convince them, I'm forced to conclude that SPEWS is damned effective.
If I look at the amount of work spammers put into the PR war against SPEWS, I'm forced to conclude the same thing.
Certainly, someone who uses the list will not recieve as much spam, as well as blocking much legitimate mail at the same time. But SPEWS is not about blocking Spam, it is about trying to get high-level service providers to violate their contracts.
If you replace the word "violate" with "enforce", then you're right on the money. We (I am not SPEWS) want ISPs to enforce their AUPs. If they want to publically have an AUP that permits spamming, thats a different problem and could be handled easily outside SPEWS.
Any list you use is going to have False-Positives. The difference is that SPEWS does it on purpose.
No, the difference is SPEWS is not a list of spammer IP addresses and if you're using it that way you're a dumbass.
SPEWS claims that they are innocent, because
they don't block anyone. This is a lie.
It is?!? SPEWS is forcing me as a mail admin to cause e-mail to be blocked based on their listings?
They publish lists which are in turn downloaded by automated scripts and are applied to e-mail servers as filters. They are aware of this. Their lists have no other purpose.
They don't? What if I simply use SPEWS as an advisory system when determining a SpamAssassin score? Say, having a SPEWS level 1 listing gets you +1 point. Hmm. Seems like another purpose to me.
Conversely, what if I simply use the SPEWS list to determine my router ACLs?
Remember when SPEWS blocked everybody, and many automated scripts did the same?
Huh? You just linked to a story that says "Osirusoft" in the damn story title, yet you try to relate it to SPEWS? I can only assume you're intentionally trying to cause such confusion.
When you publish a list which has no other purpose, then tell people how to configure their servers to automatically download and use the list, you Are blocking people.
No you're not. You're just making it easy for other people to do so.
There is more, but I need to head off. I may post again later.
Got some more Herbal Viagra to hock?
Maybe I'm just being paranoid.
It's not paranoia if they really are out to get you...
But isnt it entirely possible that 'professional spammers' could set up mail relays under a subnet of highly regarded anti-spam sites?
Spammers have been trying to find creative ways to damage SPEWS' public image for a good long time. I've got my suspicions about the somethingawful debacle, and this one too.
Think about it from the point of view of an ISP -- host a large antispam site, get a free pass to host spammers.
After a run in last year with SPEWS, and after some investigation, I believe I have found SPEWS owner/administrator, and posted last March as SPEWS no longer anonymous
"School-yard bullies"? Spammer.
From what I have gathered, the SPEWS philosophy isn't just indifference to collateral damage (ie, 'civilian casualties'); they actively do this damage in order to try to force ISPs into changing their habits.
Correct, so far. I wouldn't term in "collateral damage" so much as "guilt by association" though.
And they are extremely difficult to both reach and reason with; you can post on a newsgroup and hope someone pays attention to your pleas.
Which, to be fair, they always do. The reason nobody admits to running SPEWS is quite simple -- many times in the past blocklist owners have become the targets of bogus lawsuits by spammers. Sure they eventually get thrown out of court, but not before costing lots of time and money to the volunteer blocklist admins.
I don't know if the actual newsgroup replies come from people who make decisions with SPEWS, but those replies are amazingly hostile.
NANAE, like all other newsgroups, have all kinds of people. Professionals, annoyed small time admins, and pissed off end users.
"Oh, you're blocked? That's because you're on a crummy ISP that allows spammers. You're on a contract and can't switch? Well, you'd better start calling your ISP, because the block on your addresses isn't going away until the spammer adjacent to you does, and maybe not then, because you're a whiner."
Aside from that last part, whats wrong with that?!? Its working great.
What you seem to be glossing over is the fact that YOUR ISP IS HOSTING SPAMMERS AND DOES NOT CARE. That's the only way you get a SPEWS listing to begin with. Static blocklists have been tried and tried, and unless there is a SPEWS sitting out there to punish bad ISPs, there will always be someone who will happily host spammers and continually shift their IP space to prevent blocklisting. That is why SPEWS exists.
Please put the blame where it belongs -- with the ISP that allows their sales department to outweigh their abuse department.
And this lovely idea is clearly working wonders.
... and how many complaints do you guys still have coming from legit people who CAN'T just up and move to a different provider?
Agreed, look at how hard spammers are fighting against SPEWS.
How long has SPEWS been "in business"
Who literally cannot under any circumstances? I am not SPEWS, but I've never seen one.
You know, some of us are trying to do legitimate business on the internet.
Tell me about it.
It's not like we have a friggin dialup account and can just pick someone else. The process of moving a business from one provider to another, especially if the provider is co-hosting your servers, is quite involved and usually involves a contract that can't easily be broken without penalties.
Which is exactly why you ought to do your damn homework and perform due diligence when researching your "very important" internet connection. If you move into a slum, don't blame Pizza Hut for not delivering to you.
Look, it's nice that you think you have free choice, but the innocent people who are on that list do not have any choice in the matter.
Untrue. They can always change their ISP, convince their ISP to stop supporting spammers, or smarthost their e-mail.
THIS IS A PROBLEM. You can claim it doesn't exist till the cows come home, but it will still be there.
Problem? I think its the whole point!
As with some of the other posters in this thread, you seem to have misunderstood my origonal post...I do not argue that spam is a problem, but I would also argue that it is also not a threat to the infrastructure of the network...
I would (perhaps) have been more inclined to agree with you before I read this.
The problem is that we shouldn't blow this out of proportion. We need to look at this from both a social and technical angle.
Quite true. I agree wholeheartedly.
From what I've seen in the past, many companies have not even taken some of the most basic counter-measures against spam.
I'm not sure on which end you mean. Unsecured "open relay" mailservers are not a major source of spam these days, the spammers have moved on to exploiting vulnerabilities and installing zombie networks for that. It's true that adoption of filtering technology has taken a long time to reach the end user, but for the most part I attribute that to the bizarre and complex nature of spam filtering. It's one of the more complex parsers you'll ever see, for sure. Its not every day something that complex becomes a "killer-app".
Spam filters and block lists should be standard for almost any mail server installation.
Hear hear!
Given the nature of his spamming, it sounds like he is a prime candidate for what this law was intended for (not random victim, or a script kiddie learning to spam for fun).
.sig just became so frightening.
Ugh. That is the single scariest most disturbing comment I have ever read on slashdot. This is what "script kiddies" do for fun, now? What the hell happened to The Mentor? There isn't even any semblance of excuse for spamming. Its surely not to discover, nor is it even about "making your voice heard" or even "attacking your enemy". It's just picking the pocket of every single one of your peers out of sheer greed.
My