Of course it probably is spammers, but it wouldn't suprise me if some people who've had themselves blacklisted unfairly would like to ddos some blacklist servers into the beyond.
Whoever it is is an idiot then, because if SPEWS is down, there's now no way for ISPs to update their filters. The current SPEWS listings will remain until they can access an updated list.
Joe Sixpack SysAdmin probably thought SPEWS was a great service from reading their website. Too bad he doesn't have the time do more research. Otherwise he would have seen their darker side.
SPEWS does not hide their practices. The nature of SPEWS listings is very clearly spelled ou in the SPEWS FAQ. If an admin filters based upon SPEWS without understanding how SPEWS works, that admin should be fired.
Should Microsoft be punished for releasing such an insecure OS to millions? Or is it the user's fault for running it in the first place?
Microsoft software problems are a result of unintentional problems caused by lazy or irresponsible coders. SPEWS works exactly as advertised.
Should a gun manufacturer be responsible if you buy a gun and shoot a bunch of people in a crowd with it and then claim that you didn't know that you weren't supposed to use a gun that way?
The SPEWS FAQ (still available at a number of mirors) very clearly spells out the criteria for SPEWS listings. You are either willfully ignorant or lying to make such a claim.
SPEWS keeps logs which are not deailed and often downright inaccurate.
Specific reference, please.
SPEWS does not provide a way for spam filters to differentiate between real spammers and collateral damage. It's all listed the same.
SPEWS makes it very clear that their listing is of IP addresses owned by spammer-friendly ISPs, not just spammers. If an admin uses SPEWS without understanding what it will be filtering,that admin should be fired.
The point is that SPEWS is a crappy product that affects people who don't use it. We therefore have a responsibility to tell admins thatit is a crappy product, and urge them not to use it.
If a SPEWS-using admin isn't aware of how SPEWS works, then said admin should be fired for incompetence.
Secondly, it doesn't allow admins to refuse email as they see fit. It allows them to reject email as SPEWS sees fit.
SPEWS returns a value based upon a DNS query. It does nothing more. Admins who use SPEWS have options other than blocking all SPEWS-listed sites -- they can flag mail from such domains as potential spam, they can whitelist specific entries as they see fit or they can even reject all mail EXCEPT that from SPEWS-listed IP ranges.
While you could argue that the admin has the right to unblock any site he wants, this ability is worthless without the knowledge of which sites are wrongfully blocked.
First of all, that's bullshit about "quickly." They even say in the FAQ that it could take months to get off.
That's just a caveat, so that spam-friendly ISPs won't expect instantaneous results. The observed reality, however, is that SPEWS listings clear up very quickly after spammers get booted.
Secondly, what if your provider is a huge colocation facility that will ALWAYS have incoming spammers to deal with. You will then never be able to be taken of the list, even if the colocation facility is dealing with the problems as they come in, because there will always be some spammers on that service.
If the colocation boots spammers quickly, then they won't get listed in SPEWS. SPEWS lists when spammers aren't kicked off -- not when spammers are quickly kicked and replaced with new spammers. Further, ISPs that kick spammers quickly soon earn a reputation and the more hardcore spam cases won't go to them.
Why should an ISP believe SPEWS unless the ISP can generate evidence of their own?
It's a matter of the ISP trusting abuse reports. SPEWS does not identify itself when contacting an ISP -- they just send a standard abuse report like anyone else would.
Further, if SPEWS behaved irresponsibly, there would be evidence. Someone would be able to point toa SPEWS listing that was inaccurate, not a spammer. Despite many whiners claiming that such listings exist, no one has pointed to a single specific example.
No. It's like people boycotting all of the stores at a mall because the mall allows one of the stores to sell drugs -- and moves the drug dealer to different stores at random to avoid police raids (leaving an innocent shop owner to be the target of the raid).
SPEWS does not list until after an ISP refuses to take action after being notified of AUP violations. That your IP range was listed in SPEWS means that your ISP refused to act for quite some time -- as initial SPEWS listings only cover the spammer's IPs and they do not expand to other IPs until after the ISP takes no action and lets the criminal stay up and running.
Once again, the wrong target is attacked. Your ISP was negligent, that is why they were listed in SPEWS. Had they booted the spammer when it was first reported, there would have been no problem. Contrary to the lies of anti-SPEWS whiners, SPEWS does not list an entire ISP's IP range the nanosecond after a single spam run.
Thing is, if anyone on your network has even looked at a spammer in real life, your isp is considered guilty, as charged, and you stay blacklisted under spews.
You are either lying or being deliberately ignorant. SPEWS does not list on insinuation. SPEWS lists only after an ISP refuses to boot a spammer after repeated reports of their spamming. Once the spammers (all of the spammers) are gone and a note goes to nanae, the listing disappears very quickly.
It seems that many of the arguments against SPEWS are based on outright lies without any evidence to back them up (which is logical, since there is no such evidence).
If SPEWS has blown their credibility, then no one is using them. I guess that Somethingawful.com's ranting against them was just immature whining, since obviously no one is using SPEWS.
Say, how did SPEWS blow their credibility in the first place?
I understand your desire for AOL to lose. After all, they have a contractual obligation with CI Host to carry their e-mail.
Oh, wait, they don't. They're a privately owned company and they have the right to drop any mail traffic that they choose, even if the reasoning is completely stupid (though in the case of CI Host, it isn't). I guess that you believe that the government should be dictating how people run their private networks, including accepting the additional costs of spamming just because it makes spam-friendly ISPs feel bad when their packets get dropped.
NANAE is not SPEWS. There are some blowhard admins who post in nanae who make threats as the ones you described, however they do not represent SPEWS and they do not run SPEWS. You are either incredibly stupid or incredibly dishonest to assert as much.
what about some of the ISP's that SPEWS has threatened to permanently blacklist,
Please provide full documentation of SPEWS ever making any such threat. SPEWS never contacts anyone, for any reason, so I strongly suspect that you are lying.
I'm not referring to businesses or professionals who run webservers who are running IIS, I'm referring specifically to end-users who aren't actually running a website but who have IIS up and running thanks to some other install that activated IIS along with it without fully informing the user. Those people are the problem, because they don't even realise that they're running a webserver, much less an insecure one.
I'll not bother commenting on your analogy, but suffice it to say that it is heavily flawed and not at all applicable to SPEWS.
The DNS servers for spews.org have been knocked out thanks to a DDoS attack by some spamming criminal, which of course means that even if your ISP cleans its act up, SPEWS has no way to let its users know that the IP blocks are delisted. Spammers are incredibly stupid.
Anyway, you can probably look up your ISP's listing here : http://spews.sorbs.net/ (SPEWS mirror).
Some criminals have knocked out the DNS servers for SPEWS through a DDoS attack. This is a brilliant spammer strategy, because if SPEWS is knocked offline, no ISP will know to update their filters should an ISP clean up its act, and thus they'll stay blocked indefinitely. Rule #3: Spammers are st00pid.
However, there is a SPEWS mirror here: http://spews.sorbs.net/ and you should be able to look up your listing there.
I don't know if it's updated now that SPEWS is down, though because the attack is on the DNS server, if the people who run the mirror know the proper IP address for SPEWS (which I have been unable to locate) then they might be able to keep the mirror current.
Welcome to the real world, buddy. Where the blacklist nazis will leave an entire ISP blacklisted well after they've worked to remove the spammers causing the problem.
I understand why you posted this as anonymous coward, as it is a complete and total lie. SPEWS acts very quickly to remove ISP listings when the spammers are cleaned off -- sometimes within minutes of the report. SPEWS prevents the problem of blacklist nazis tossing IPs into filters forever by being responsible (if it weren't, no one would use it). SPEWS-haters, however, would much rather have a situation where filtered IPs never escape to send mail again.
Slashdot Mirror
Umm where have you been, a large part of the problem with SPEWs was that they were placing large IP blocks on the blacklist for no apparrent reason.
The "reason" is that the IP blcoks are owned by spammer-friendly ISPs. Do you have documentation of a listing where this was not the case?
Who is your ISP?
Of course it probably is spammers, but it wouldn't suprise me if some people who've had themselves blacklisted unfairly would like to ddos some blacklist servers into the beyond.
Whoever it is is an idiot then, because if SPEWS is down, there's now no way for ISPs to update their filters. The current SPEWS listings will remain until they can access an updated list.
Welcome to your permanent intranet.
Joe Sixpack SysAdmin probably thought SPEWS was a great service from reading their website. Too bad he doesn't have the time do more research. Otherwise he would have seen their darker side.
SPEWS does not hide their practices. The nature of SPEWS listings is very clearly spelled ou in the SPEWS FAQ. If an admin filters based upon SPEWS without understanding how SPEWS works, that admin should be fired.
Should Microsoft be punished for releasing such an insecure OS to millions? Or is it the user's fault for running it in the first place?
Microsoft software problems are a result of unintentional problems caused by lazy or irresponsible coders. SPEWS works exactly as advertised.
Should a gun manufacturer be responsible if you buy a gun and shoot a bunch of people in a crowd with it and then claim that you didn't know that you weren't supposed to use a gun that way?
Those listing criteria are not publicly specified
The SPEWS FAQ (still available at a number of mirors) very clearly spells out the criteria for SPEWS listings. You are either willfully ignorant or lying to make such a claim.
SPEWS keeps logs which are not deailed and often downright inaccurate.
Specific reference, please.
SPEWS does not provide a way for spam filters to differentiate between real spammers and collateral damage. It's all listed the same.
SPEWS makes it very clear that their listing is of IP addresses owned by spammer-friendly ISPs, not just spammers. If an admin uses SPEWS without understanding what it will be filtering,that admin should be fired.
SPEWS has false positives in its listings? Could you point one or two out?
The point is that SPEWS is a crappy product that affects people who don't use it. We therefore have a responsibility to tell admins thatit is a crappy product, and urge them not to use it.
If a SPEWS-using admin isn't aware of how SPEWS works, then said admin should be fired for incompetence.
Secondly, it doesn't allow admins to refuse email as they see fit. It allows them to reject email as SPEWS sees fit.
SPEWS returns a value based upon a DNS query. It does nothing more. Admins who use SPEWS have options other than blocking all SPEWS-listed sites -- they can flag mail from such domains as potential spam, they can whitelist specific entries as they see fit or they can even reject all mail EXCEPT that from SPEWS-listed IP ranges.
While you could argue that the admin has the right to unblock any site he wants, this ability is worthless without the knowledge of which sites are wrongfully blocked.
Please cite a "wrongful" SPEWS listing.
First of all, that's bullshit about "quickly." They even say in the FAQ that it could take months to get off.
That's just a caveat, so that spam-friendly ISPs won't expect instantaneous results. The observed reality, however, is that SPEWS listings clear up very quickly after spammers get booted.
Secondly, what if your provider is a huge colocation facility that will ALWAYS have incoming spammers to deal with. You will then never be able to be taken of the list, even if the colocation facility is dealing with the problems as they come in, because there will always be some spammers on that service.
If the colocation boots spammers quickly, then they won't get listed in SPEWS. SPEWS lists when spammers aren't kicked off -- not when spammers are quickly kicked and replaced with new spammers. Further, ISPs that kick spammers quickly soon earn a reputation and the more hardcore spam cases won't go to them.
Who blacklisted you?
Spammers steal bandwidth and resources to send unsolicited advertising.
What does SPEWS do that is illegal? Be specific, or be labelled a liar.
Why should an ISP believe SPEWS unless the ISP can generate evidence of their own?
It's a matter of the ISP trusting abuse reports. SPEWS does not identify itself when contacting an ISP -- they just send a standard abuse report like anyone else would.
Further, if SPEWS behaved irresponsibly, there would be evidence. Someone would be able to point toa SPEWS listing that was inaccurate, not a spammer. Despite many whiners claiming that such listings exist, no one has pointed to a single specific example.
They're now resorting to theft of services since they can't find legit connections anymore...
Spam is always theft of services. They're just doing it more blatantly now.
Do you have a better idea than SPEWS. If so, please present it. E-mail admins everywhere would be thrilled.
No. It's like people boycotting all of the stores at a mall because the mall allows one of the stores to sell drugs -- and moves the drug dealer to different stores at random to avoid police raids (leaving an innocent shop owner to be the target of the raid).
SPEWS does not list until after an ISP refuses to take action after being notified of AUP violations. That your IP range was listed in SPEWS means that your ISP refused to act for quite some time -- as initial SPEWS listings only cover the spammer's IPs and they do not expand to other IPs until after the ISP takes no action and lets the criminal stay up and running.
Once again, the wrong target is attacked. Your ISP was negligent, that is why they were listed in SPEWS. Had they booted the spammer when it was first reported, there would have been no problem. Contrary to the lies of anti-SPEWS whiners, SPEWS does not list an entire ISP's IP range the nanosecond after a single spam run.
Thing is, if anyone on your network has even looked at a spammer in real life, your isp is considered guilty, as charged, and you stay blacklisted under spews.
You are either lying or being deliberately ignorant. SPEWS does not list on insinuation. SPEWS lists only after an ISP refuses to boot a spammer after repeated reports of their spamming. Once the spammers (all of the spammers) are gone and a note goes to nanae, the listing disappears very quickly.
It seems that many of the arguments against SPEWS are based on outright lies without any evidence to back them up (which is logical, since there is no such evidence).
If SPEWS has blown their credibility, then no one is using them. I guess that Somethingawful.com's ranting against them was just immature whining, since obviously no one is using SPEWS.
Say, how did SPEWS blow their credibility in the first place?
SPEWS exists so that the people who are violently against spam can pass the burden of fighting it onto the innocents who aren't as bothered by it.
SPEWS exists so that admins who don't want e-mail from crime-ridden ISPs can reject it as they see fit.
SPEWS does not force anyone to use their lists for filtering. If you don't like SPEWS, don't use it to filter your mail.
I understand your desire for AOL to lose. After all, they have a contractual obligation with CI Host to carry their e-mail.
Oh, wait, they don't. They're a privately owned company and they have the right to drop any mail traffic that they choose, even if the reasoning is completely stupid (though in the case of CI Host, it isn't). I guess that you believe that the government should be dictating how people run their private networks, including accepting the additional costs of spamming just because it makes spam-friendly ISPs feel bad when their packets get dropped.
NANAE is not SPEWS. There are some blowhard admins who post in nanae who make threats as the ones you described, however they do not represent SPEWS and they do not run SPEWS. You are either incredibly stupid or incredibly dishonest to assert as much.
what about some of the ISP's that SPEWS has threatened to permanently blacklist,
Please provide full documentation of SPEWS ever making any such threat. SPEWS never contacts anyone, for any reason, so I strongly suspect that you are lying.
I'm not referring to businesses or professionals who run webservers who are running IIS, I'm referring specifically to end-users who aren't actually running a website but who have IIS up and running thanks to some other install that activated IIS along with it without fully informing the user. Those people are the problem, because they don't even realise that they're running a webserver, much less an insecure one.
I'll not bother commenting on your analogy, but suffice it to say that it is heavily flawed and not at all applicable to SPEWS.
The DNS servers for spews.org have been knocked out thanks to a DDoS attack by some spamming criminal, which of course means that even if your ISP cleans its act up, SPEWS has no way to let its users know that the IP blocks are delisted. Spammers are incredibly stupid.
Anyway, you can probably look up your ISP's listing here : http://spews.sorbs.net/ (SPEWS mirror).
Some criminals have knocked out the DNS servers for SPEWS through a DDoS attack. This is a brilliant spammer strategy, because if SPEWS is knocked offline, no ISP will know to update their filters should an ISP clean up its act, and thus they'll stay blocked indefinitely. Rule #3: Spammers are st00pid.
However, there is a SPEWS mirror here: http://spews.sorbs.net/ and you should be able to look up your listing there.
I don't know if it's updated now that SPEWS is down, though because the attack is on the DNS server, if the people who run the mirror know the proper IP address for SPEWS (which I have been unable to locate) then they might be able to keep the mirror current.
Welcome to the real world, buddy. Where the blacklist nazis will leave an entire ISP blacklisted well after they've worked to remove the spammers causing the problem.
I understand why you posted this as anonymous coward, as it is a complete and total lie. SPEWS acts very quickly to remove ISP listings when the spammers are cleaned off -- sometimes within minutes of the report. SPEWS prevents the problem of blacklist nazis tossing IPs into filters forever by being responsible (if it weren't, no one would use it). SPEWS-haters, however, would much rather have a situation where filtered IPs never escape to send mail again.