It seems SPEWS is one of the most hated block lists, not by spammers, but by regular folk that end up on their list. In fact, some speculate that some of the DOS attacks against SPEWS aren't actually done by spammers, but by enough innocent people pissed off by them and their attitude. Seems like SPEWS loves collateral damage against innocent people, doesn't update often (even though it claims to "automatically" remove old listings, a lie), hides behind a newsgroup and pretends to not exist so there is no responsibility, and other practices that go against the running of a good anti-spam list (eg. Spamcop, Visi, etc.). And if you're listed, you have to go beg in a newsgroup to get out, just to be told to switch ISPs by people who think they are holier than thou.
It is simple... enable Spamassassin not just for incoming mail, but for outgoing mail too.
Then calculate the scores of each user. If a particular user is sending lots of email that Spamassassin is "scoring" highly, then it is likely that the user is spamming or at least sending out spammy emails, and would warrent a closer look.
This would increase the load on outgoing mail servers, but if they want to do this right, and do it much more automated than manually reviewing everyone that sends "X emails in X minutes", then this would be one good way.
Or even... hold user's emails that have a very high score in a "pending" queue, and have an admin go through the queue to make sure it isn't spam before actually sending it.
Of course, this depends on Spamassassin being able to correctly target spam versus ham (and recently spammers are getting better at getting around it) but each new version of Spamassassin gets better at this again, so as long as they keep upgrading, the above system would work pretty accurately, and would minimize intrusion into people's private emails.
Because most of the hardcore spammers in the world are from the USA. Most of them are either abusing/hacking overseas servers to send their crud (eg. hijacking Korean broadband user's poorly configred home computers) or otherwise.
See the Spamhaus ROKSO database: Spamhaus ROKSO and you'll see that 99% of the spammers listed are in the USA.
SO having a law to stop them would help. Yes, they might then actually move to India, Korea, etc. to send spam, but as you can see, that would create a much bigger obstacle for them. I see this law as a positive move.
This is certainly a good thing for corporations adopting Debian... especially since Redhat now has it's 1 year End Of Life policy for it's desktop products. I've always found Debian's release policy FAR more stable than almost any other distro out there, and stability is probably the main focus of most companies (far more than the latest wizz-bang features).
Hopefully this will see more corporations adopting Debian, Linux, and will result in a more unified installation process.
If this were the case, wouldn't it be possible to host the website offshore, so that the entire transaction occurs offshore?
If the Point Of Sales occurs in an offshore jurisdiction, then theoretically the sales is not part of the US. Sure, the shipping may occur anywhere, but theoretically wouldn't this be a way around this "internet" tax?
Hum... how much did Microsoft pay to have this "discovered"?
No... not saying that Microsoft did this for sure, but did Microsoft offer a "bounty" for coming up with this? They should you know... this guy just saved Microsoft many many millions of dollars...
With more and more brilliant minds (and even not so brilliant minds) going offshore and leaving the US, who is going to be left?
And on the same note, who is going to host their stuff on-shore? Sure it's cheaper, but with the DMCA and Patriot Act and all this crap, aren't we better off getting offshore web hosting, and leaving NO intellectual property in the US anymore?
I can see this applying to not just people who are doing "grey area" things but even companies, individuals, and so forth that just don't want "BIG BROTHER" watching over them all the time, patent idiocy, copyright stupidity...... ugh, don't get me started...
And most importantly, READ THE POLICIES OF THE BL *BEFORE* USING IT. The last thing you want is to start using a BL, only to find most of Asia, or big ISPs, are among the ones blocked, and you're losing legitimate email.
You really, really don't want to get on the wrong side of Big Brother in Russia, China, and many other not-so-free countries.
I'd tell you about the story of what happened to the phone spammer in China that kept pestering a government office, but then I'd have to kill you... or someone'd do me.
So long story short... get the spammers to spam top government officials in Russia, China, N. Korea, and so forth... heck... maybe they'll drop a nuke on the spammers, and solve the problem for good!
Well, sounds almost like in Hong Kong. The "Chinese" government would like to put in laws that allow anyone/anybody/any company that is deemed to be "subversive" or "threat to national security" in jail first, ask questions later.
Next you know, over half a MILLION people are demonstrating in the streets against it (official government figures put it at 500,000 people, but more realistic figures at 600-700,000 people at least).
With a population of only 6.5 million people to start with, you're looking at a _HUGE_ number of people demonstrating.
And if this law is put in place, people will RIOT in the streets against it.
Now tell me... if CHINESE people are willing to stand up for their rights and freedoms (and risk so much in doing so), how come USA people cannot do the same now?
With all these new "mini" cases requiring notebook hard disks, I wonder what the small case is that supports a regular size hard disk?
A lot of expense goes into the hard disk, and since notebook hard disks are relatively slower and much more expensive, a "mini" case supporting a regular hard disk would be a boon!
Is this a case where offshore web hosting might be a good idea?
Come to think of it, for any content even slightly "controversial" (or heck, the way the DMCA is being used, that might mean all content), would hosting it completely offshore on offshore servers actually help anyything?
just checked apt-get update again... it still isn't there yet........
Strange... Debian is *USUALLY* pretty fast about issuing security fixes... is there something else going on?
At least he is only on Spamassassin which tends to be run on the client-side, so statistically less people would not see the newsletter. If he were on the SPEWS's blocklist, he'd never get out!
http://www.antispews.org/ the SPEWS fansite (not!)
Personally I see less problem with client-side blocking, as there is less chance that any 2 people would use exactly the same combination of blocklisting/priorities/etc. Plus, programs like Spamassassin use quite a lot of processing power, so large mail servers (eg. for an ISP) would need significant additional resources to handle this. Thus it is best to move such individualized and resource-intensive applications to the client-side anyway.
Isn't this why more and more people are going to offshore dedicated servers and offshore web hosting?
Since they'd have to launch a lawsuit or such wherever the offshore server is, it becomes far more troublesome and difficult for them to successfully close down the site.
I can imagine all the great uses for such a service... like the recent X-box hack project... this PCI project... and all other "cloudy" situations.
Damn... I'd go offshore just to avoid all the recent privacy and freedom laws (or lack thereof) in the USA now.
Slashdot Mirror
http://www.ifn.net/classic/rblstory.htm covers SPEWS in detail (i don't agree with all of it, but it is pretty spot on).
but you are sure to find lots more on http://www.google.com/search?q=spam+hate+spews.
Notice how it seems to be mostly innocent people complaining about SPEWS and the way it operates?
I hate spam just like the next guy, so I would recommend the wonderful Spamassassin and use it with Spamcop.
Isn't this what XML is for?
It is simple... enable Spamassassin not just for incoming mail, but for outgoing mail too.
Then calculate the scores of each user. If a particular user is sending lots of email that Spamassassin is "scoring" highly, then it is likely that the user is spamming or at least sending out spammy emails, and would warrent a closer look.
This would increase the load on outgoing mail servers, but if they want to do this right, and do it much more automated than manually reviewing everyone that sends "X emails in X minutes", then this would be one good way.
Or even... hold user's emails that have a very high score in a "pending" queue, and have an admin go through the queue to make sure it isn't spam before actually sending it.
Of course, this depends on Spamassassin being able to correctly target spam versus ham (and recently spammers are getting better at getting around it) but each new version of Spamassassin gets better at this again, so as long as they keep upgrading, the above system would work pretty accurately, and would minimize intrusion into people's private emails.
See the Spamhaus ROKSO database: Spamhaus ROKSO and you'll see that 99% of the spammers listed are in the USA.
SO having a law to stop them would help. Yes, they might then actually move to India, Korea, etc. to send spam, but as you can see, that would create a much bigger obstacle for them. I see this law as a positive move.
Wouldn't it be possible to just grab updates from somewhere else?
Just like in Debian's apt-get. In the sources.list file, it contains a list of places to check for updates.
Is this possible with Redhat's up2date? Is there anywhere we can get an alternative (even if it is paid, like Redhat's $60/yr)?
Is this an opportunity for some company to offer these updates to all the customers left stranded by Redhat with nowhere to upgrade to?
This is certainly a good thing for corporations adopting Debian... especially since Redhat now has it's 1 year End Of Life policy for it's desktop products. I've always found Debian's release policy FAR more stable than almost any other distro out there, and stability is probably the main focus of most companies (far more than the latest wizz-bang features).
Hopefully this will see more corporations adopting Debian, Linux, and will result in a more unified installation process.
is my friend ;-)
If this were the case, wouldn't it be possible to host the website offshore, so that the entire transaction occurs offshore?
If the Point Of Sales occurs in an offshore jurisdiction, then theoretically the sales is not part of the US. Sure, the shipping may occur anywhere, but theoretically wouldn't this be a way around this "internet" tax?
Hum... how much did Microsoft pay to have this "discovered"?
No... not saying that Microsoft did this for sure, but did Microsoft offer a "bounty" for coming up with this? They should you know... this guy just saved Microsoft many many millions of dollars...
And on the same note, who is going to host their stuff on-shore? Sure it's cheaper, but with the DMCA and Patriot Act and all this crap, aren't we better off getting offshore web hosting, and leaving NO intellectual property in the US anymore?
I can see this applying to not just people who are doing "grey area" things but even companies, individuals, and so forth that just don't want "BIG BROTHER" watching over them all the time, patent idiocy, copyright stupidity...... ugh, don't get me started...
spews.org
(and indirectly osirusoft.com)
selwerd.cx
blars.org
bl.reynolds.net.au
Personally I choose to use block lists that have clear open operating policies, including clear adding and removal methods. A small sample include:
spamcop.net
ordb.org
proxies.relays.monkeys.org
opm.blitzed.org
This is certainly not a comprehensive list, but it is a good start. A good comprehensive list is at: http://www.declude.com/JunkMail/Support/ip4r.htm
And most importantly, READ THE POLICIES OF THE BL *BEFORE* USING IT. The last thing you want is to start using a BL, only to find most of Asia, or big ISPs, are among the ones blocked, and you're losing legitimate email.
You really, really don't want to get on the wrong side of Big Brother in Russia, China, and many other not-so-free countries.
I'd tell you about the story of what happened to the phone spammer in China that kept pestering a government office, but then I'd have to kill you... or someone'd do me.
So long story short... get the spammers to spam top government officials in Russia, China, N. Korea, and so forth... heck... maybe they'll drop a nuke on the spammers, and solve the problem for good!
Ha, ha.
What I'm really interested in are things that work globally, not just in one or two countries.
Just like in Japan... they have all these new funky 3G apps, that work no where else but Japan.
When do we get services and apps that truely work worldwide (just like roaming GSM and similar, but on the app level rather than infrastructure?)
Well, sounds almost like in Hong Kong. The "Chinese" government would like to put in laws that allow anyone/anybody/any company that is deemed to be "subversive" or "threat to national security" in jail first, ask questions later.
Next you know, over half a MILLION people are demonstrating in the streets against it (official government figures put it at 500,000 people, but more realistic figures at 600-700,000 people at least).
With a population of only 6.5 million people to start with, you're looking at a _HUGE_ number of people demonstrating.
And if this law is put in place, people will RIOT in the streets against it.
Now tell me... if CHINESE people are willing to stand up for their rights and freedoms (and risk so much in doing so), how come USA people cannot do the same now?
With all these new "mini" cases requiring notebook hard disks, I wonder what the small case is that supports a regular size hard disk?
A lot of expense goes into the hard disk, and since notebook hard disks are relatively slower and much more expensive, a "mini" case supporting a regular hard disk would be a boon!
Any URLs or anything?
Is this a case where offshore web hosting might be a good idea?
Come to think of it, for any content even slightly "controversial" (or heck, the way the DMCA is being used, that might mean all content), would hosting it completely offshore on offshore servers actually help anyything?
Does the DMCA apply overseas?
Perhaps I can renumber my CPU from 2.0Ghz to 2.2Ghz?
or hard disk from 80Gb to 90Gb?
or...
heck, why dont I just renumber my good old faithful 486 to a 786?
'Just cause they got 4 legs don't make a cat and dog the same thing'
just checked apt-get update again... it still isn't there yet........ Strange... Debian is *USUALLY* pretty fast about issuing security fixes... is there something else going on?
Do you think Linux's vulnerability disclosure procedures are better than Microsoft's?
But what about the person that actually enquired about the penix enlargement?
At least he is only on Spamassassin which tends to be run on the client-side, so statistically less people would not see the newsletter. If he were on the SPEWS's blocklist, he'd never get out!
http://www.antispews.org/ the SPEWS fansite (not!)
Personally I see less problem with client-side blocking, as there is less chance that any 2 people would use exactly the same combination of blocklisting/priorities/etc. Plus, programs like Spamassassin use quite a lot of processing power, so large mail servers (eg. for an ISP) would need significant additional resources to handle this. Thus it is best to move such individualized and resource-intensive applications to the client-side anyway.
YMMV.
10 years... in cosmic terms, is still peanuts.
I doubt anything will happen in 10 years to advance our society enough.
Maybe another few hundred years...
Are we ready for this information?
If this is proof that there is life outside our little world, does that mean life on earth will change? And if so... for the better?
Time to reflect...
Isn't this why more and more people are going to offshore dedicated servers and offshore web hosting? Since they'd have to launch a lawsuit or such wherever the offshore server is, it becomes far more troublesome and difficult for them to successfully close down the site. I can imagine all the great uses for such a service... like the recent X-box hack project... this PCI project... and all other "cloudy" situations. Damn... I'd go offshore just to avoid all the recent privacy and freedom laws (or lack thereof) in the USA now.