The list of IP ranges from which my server will not accept inbound SMTP traffic is already staggering, and yet I can't seem to get them all. It's ridiculous
Deciding what is spam or not based on where it comes from works in some specific cases (ie, the spam bots you talk about) if you could keep up with all such sources. The broader your list becomes the bigger the chance that you will end up blocking non spam mail as well however.
Whitelisting has its obvious problems with regards to people trying to contact you whom you don't know about but with whom you'd want contact. One could use greylisting instead which sortof works (untill you run into one of the many lame smtp servers that don't know about temporary failures and won't resend.. Sadly enough there are quite a few of those out there also that are used for legitimate email)
In the end, using blacklists and whitelists in an 'advisory way', ie, as an indication of possible spam in case of a blacklisted source, and likely not spam in case of a whitelisted source, combined with content based filtering, seems to work relatively well, and when used with a feedback system it can work really well, stopping virtually all spam with no or an extremely low number of false positives.
I could understand if the guy had clicked the "unsubscribe" link in a previous email from the company, kind of like sexual harrassment law where you have to say "stop" first.
I never asked for it, don't have a prior relationship with them, so they have no reason to mail me, not to mention that in the EU due to its privacy laws, its not unlikely that their collecting and storing of personal information on me (name, email address) is illegal in itself without my prior permission. And really, go try to 'fondle' a random woman on the street and see how that works out.. or rather, just take my word for it, that is quite punishable. (and yeah, a somewhat extreme form of sexual harassment, better called assault, but the line between those 2 is prett thin and depends at least in part on what prior relationship you'd have with that woman.. oh, and those who happen to have a different sexual preference should ofcourse read man instead of woman where appropriate)
And then if he wanted to sue, he could present the first email, the second email, and a screenshot of the browser at the "removed from list" page. If one email is all it takes to sue someone, what's to stop my father-in-law from suing me when I ask him to join the latest pyramid scheme?
I believe he should be able to sue you for believing in stupid schemes, but thats not the law. You'd in that case be protected by having a prior relationship probably. In this case your idea would apply, going on when asked to stop may be an offense.
we are talking about an insigificant electronic message coming from ANYWHERE in the world randomly and taking up fractions of a second of processing time and which costs at most fractions of a pence to send and receive anywhere worldwide.
Lets see...
Sorting the approx 20-30 real mails I get from the approx 5000 messages that people attempt to drop in my account each day.. Takes about an hour a day, which equals a loss in productivity of approx 10-12%. With my hourly rate that equals to at least 60-70 euro in actual cost each day.
Of course I don't do this manually, rather I use automated filters, which took quite some time to configure properly, and take some time to maintain. Its cheaper, but definitely not without cost.
Then, I have to pay for data transfer, in case you didn't know, that is pretty common when running a server in some hosting center, so each message costs a bit there as well. This is also true for approx every ISP in the world btw.
No, spam is not the biggest evil men ever encountered (as some anti spam activists want you to believe) but it definitely costs money, and the fact that you as a consumer do not see that directly (hint, your provider does pay for it, guess how they compensate themselves for it... right, in YOUR monthly subscription fee) does not make it is not a problem or is not causing quite a bit of economic damage still.
Alternatively, make sure the desktop has focus and press alt+F4 to 'close' it. (and yes, this actually amkes a lot of sense)
Re:The VAX port stopped working a long time ago
on
NetBSD v3.0 Released
·
· Score: 1
I installed NetBSD 2.1 on my VaxStation 3100 m30, and it works fine. My DEC monitor broke, so I don't know if the monochrome framebuffer driver still works, but there has been considerable work on the VAX framebuffers recently so I would expect so. I've never needed to bootstrap an install with mopd, because the bootable CD's work fine with an old Sun CD-ROM drive - you can pick them up dirt cheap on Ebay.
Hmm, and there was a typo (more then one, actually) in my last pist, it is a 3100 m30 also. I still have the monochrome display somewhere, but it is in storage and not really accessable for now. Also have a bunch of vt220s around so that should not be much of a problem. While it is nice to have the internal console, my experience is that it is slow as hell (not just with NetBSD but also with OpenVMS) so well, its not too big a loss if it doesn't work I think.
Anyway, will take a peek at 2.1 or maybe 3.0 when I get the time to connect that machine again. Don't have a sun cd-rom drive around, but have a 4 speed toshiba drive that sun, sgi and ancient hp machines boot from without a problem, may connect that and try a cd boot, thanks for the info.
As for uptimes, with 1.4, this machine has been running for over a year before I shut it down when moving to a new apartment. Not an extremely impressive uptime for a vax, but its stable enough it seems.
Re:The VAX port stopped working a long time ago
on
NetBSD v3.0 Released
·
· Score: 4, Interesting
Hmm... just wondering, if I post what version each of the obscure pieces of hardware I have lying around manages to run, will all of those posts get a +5 interesting moderation?
Anyway, its a vaxstation 3100 m20 with 16mb ram and monochrome graphics with a local (scsi) disk for swap and temp storage, it is netbooted. When trying to run 1.5 or 1.6 and build a world, the machine just hangs after some 2 days of work. 1.4 finishes building a world but it takes forever to do so (actually, something like 7 or 8 days). I never tried 2.x and current however, maybe I should when I can be bothered to connect it again and setup mopd on some machine here.
Re:The VAX port stopped working a long time ago
on
NetBSD v3.0 Released
·
· Score: 4, Interesting
Heh, the last version that actually builds and works correctly on my VAX is 1.4
And are those services listed on SPEWS? I don't think so. To be listed on SPEWS, an ISP must repeatedly provide service to spammers and not take reasonable steps to shut off spam when they are made aware of it. That describes a few rogue ISPs, not a significant number of ISPs.
No they are not listed in SPEWS, which is not very relevant really. The problem is that the argument that when someone can just goto another ISP when theirs gets listed is flawed because of the fact that quite a few people do not have that choice.
That is a main difference that we have. If you give money to an ISP that supports SPAM, your hands are dirty as far as I am concerned. On that point, we will have to disagree. But limited damage for limited involvement seems pretty fair to me.
Actually, we would agree when that would say 'knowingly give money to an ISP that supports SPAM', which is what I assume you also mean. The disagreement seems to be on if such knowledge can be expected from the typical internet connected person, and how to deal with that.
You seem to believe that your lack of ability to convince me with your arguments means that I don't understand them. Well, I do. Insulting me in a public forum is not going to convince me that you are right (a fact that I would have expected someone so accomplished in "social dynamics" to recognize).
Why you do or don't understand them is another issue alltogether, but by not addressing them and repeating your own argument over and over you did rather give the impression that I already mentioned, that of an agry teenager who doesn't get his way. I'm sorry if you feel insulted by that, but you have your own behavior to blame there.
Your arguments focus on the tiny fringes -- like people in developing countries who have only one choice of ISP and the ISP is one that is a willing partner to spammers to the point that they are listed on SPEWS. I don't think that's a very common scenario.
Yes, someone in a developing country is relatively easy to imagine having this problem, but let me tell you what, most of the world still has to pay by the minute for phone connections, and hence 'going to dialup' is an extremely expensive option, so this limited or no choice is not exactly something that applies to people in developing nations only.
To witness, my girlfriend lives in Berlin, Germany (which is not exactly a 3rd world location). She has a choice between 2-online DSL and t-online dialup, or spendign a fortune on per-minute connection costs. Some paryts of the city do have more choices now, but that is a pretty recent development, and with luck, she'll get the option as well in the comming year. Regardless, at this moment it is simply not a realistic option.
The point is that the argument that everyone can just easily pick another ISP is not true, and it is not true for a substantial number of people, not just those in developing nations. It so happens that you and I do have a choice, which does not mean everyone or even most people have that choice or that people not having that choice are a mere fringe.
Your arguments exagerate the harm caused by the so-called "collateral damage." You act as if bounced e-mail from the relatively small number of domains which use SPEWS is a disaster for the senders. It is, at most, a minor inconvenience. Senders who find themselves in this predicament can complain to their ISP, change ISPs (in most cases), or turn to reputable e-mail providers like GMail, Yahoo!, and Hotmail. Those who run a server can usually make relaying arrangements with a third party.
I have said many times that my problem is with the reasoning behind SPEWS. You are right that so few peopel use it that it is not a real problem. It will be when enough people use it to make SPEWS effective however. I intend to have this argument with as many peopel as needed in order to keep things that way.
The 'use a 3rd party' argument somewhat works, but still puts the damage (tho limited) onto people who are not directly involved (eventho you believe otherwise, I think that is where our real issue lies also). And yes, having to inform everyone about email address change can be costly in time, and it is very easy to miss a few people.
I see spam as a major problem economically. It puts a drain on economies throughout the world. It costs businesses and governments huge sums of money that would be much better spent on other things. Organizations have e-mail administrators who spend much of their working day responding to spam complaints, tuning filters, whitelisting domains, blacklisting others, trying to figure out whether blacklist X has become unreliable, dealing with tens of thousands of bounces when they discover that a spammer has joe-jobbed their domain, and so forth.
I have been running smtp servers for the last 14 years, I am aware of all those problems, have been dealing with them for over a decade and for as far as my own domains go, pay for this from my own pocket.
Yes, it is annoying, yes, it even costs some money, but it
You need to recognize that we're talking about Internet access, not food, clothing, shelter, or water.
My abbility to pay my bills depends on it, that is good enough for me. I happen to know quite a few other people for whom the same applies. Of course I could pick another job, but really, spam is annoying, and a waste, but not the biggest evil that mankind faced so far.
So half of the world is just blindly signing up for Internet access without ever having been exposed to the Internet? That's right, people in Darfur living in straw huts without electricity, much less a computer, are jumping on the Internet bandwagon. You keep telling yourself that.
People in many places that have a slightly better economic, political and infrastructure situation then Dafur are indeed 'jumping on the internet bandwagon'. Go visit countries like India, China, Vietnam, Thailand and so on when you get a chance (lots to see there anyway)
I'm 44 years old and have been a computer professional since 1980.
A 'mature' age is no guarantee for mature behavior, which in itself is no news at all.
I own the domain anti-spam.org. I have consulted with a company that produces a high-end spam-blocking appliance and with another company that produces a commercial e-mail (POP/SMTP/IMAP/HTTPMAIL/web-mail) server. I seriously doubt that you have nearly as much understanding about this subject as I do.
You might be surprised, but I'm pretty sure I have at least as good an understanding of the subject matter, and a much better understanding of social dynamics. While a few years younger, I can look back at over 20 years of working as a computer professional, having done development and research for some huge 3 letter computer company, consultancy to government and banking etc on a variety of networking and security related subjects, including email, and currently doing consultancy for a variety of application and acces providers.
At any rate, I do not doubt your technical knowledge, and my comment about you behaving like an angry teenager did not say anything of that sort.
I understand the idea behind the policy of SPEWS, I understand the logic of their reasoning, and I understand why people believe it should work. The ones who lack understanding of arguments here are people like you, who are so fanatic in their fight against spam that they forget that spam is a big and somewhat costly annoyance, but not the devil itself, and hence are blinded for any reasonable argumentation. That my friend is why I said you behave like an angry teenager.
I'm not going to repeat my arguments, if you still don't understand them but would like to, reread my previous posts and ask any questions you like, but try to understand the arguments being made instead of dismissing them outright because they are inconvenient.
At any rate, good luck with what you are doing, if it helps it helps, even if I don't like the methods (and won't participate in them myself).
As a customer of an ISP, you are supporting that ISP with your money. Again, if NAMBLA is the local broadband provider, I'm going with dial-up.
There are people who can select EXACTLY ONE ISP. if you don't believe that then that is testamony to the fact that you obviously never ever left the well provided for area that you live in now. No, they cannot goto dialup, they ARE ON THE ONE AND ONLY dial up provider available to them. Yes, this is in fact a realistic possibility in more then half of the world. If you cannot understand such simple things then you are simply too stupid to have an argument with alltogether.
As a customer of an ISP, you are supporting that ISP with your money. Again, if NAMBLA is the local broadband provider, I'm going with dial-up.
No way to know for those people without having net access to get information on this, not to mention that as already mentioned, this is no option in more then half of the world, stop thinking that your particular situation applies to everyone, chances are almost 100% that it doesn't.
If you support a spam-friendly ISP with your monthly subscription, you are part of the problem. So don't play innocent bystander when your e-mail bounces.
You know what, you keep playing the angry clueless teenager, and I'll continue using some ani spam measures that are hugely more effective without the needless damage that SPEWS brings with it.
Please come back for an argument the day you understand that your situation is most likely not identical to that of others, and that the options you have may not apply to others.
I voted for Gore and Kerry, why should I be blamed for Bush? That would be like punishing Earthlink users because you got spam from MSN.
Because it doesn't really matter which one won, you still support that system by voting, and that system results in stupid presidents. You could decide to not support it and move somewhere else.
Translation: They obey the law. There's no law requiring you to use a spam-friendly ISP. The analogy still fails.
Paying tax is still a privilege, resulting from having a high enough income and living in the wrong country. GO move to Monaco or something.
Yes, you do have the choice to not pay tax, and that can even be legal.
Not to mention the fact that some 80%+ of the population of the USA did support their current government in polls not too long ago, so even if you didn't vote for this specific president, the statistic likelyhood is that you did support him.
So... get better informed, you do have options even if you are not aware of them, and even when not all those options are really viable for you.
As with regards to your Nike example, nicely thought up but completely flawed for the simple reason that Nike has a responsivility for what they sell to others and how they obtained that, while as a customer of an ISP you are not selling to others and do not have that same kind of responsibility. (read carefully, I DO agree with you that people have an obligation to not support things they think are bad, ie spammers or spam supporting ISPs, but they do not have the same kind of responsibility as Nike has simply because they do not have customers themselves. This is LEGAL as well as moral responsibility)
Not to mention...
If people are going to pick an ISP to connect to the Internet, how exactly are they going to find that information on the net you keep talking about before they got their connection?
Don't you think that you are being slightly silly here?
Nope. SPEWS is quite mediocre for blocking spam. But when used properly, it can get results (aka ISP shunning of spammers) in many situations when nothing else has worked.
When enough people would use it, which isn't the case now, and which I honestly hope will remain that way.
This all just ignores the fact that the large majority of spam does not come from IP blocks rented by spammers on a pink contract, but from zombies and spambots, which makes that even if enough people would use it, SPEWS would still be pretty ineffective in actually doing something about spam.
Making sure that virtually no spam makes it to its destination, and that circumventing this will take enough efford for each individual message makes spam unproffitable and useless (to the sender). This really sounds like a much more effective way to go.
Yes, a public 'shame' list of ISPs that knowingly allow spammers on their networks IS a good idea. Using that as an rbl is in virtually all cases a bad idea, esp. when such a list is not open for discussion and it is very difficult if at all possible to verify how something got listed, or how to remove somethign that is incorrectly listed.
No, because you don't know how each of them voted.
They voted, they pay tax, thereby they actively support the system that creates their government, and thereby also their government.
A customer of some ISP usually has no clue whatsoever that that ISP allows spammers, and as such did not have a choice to begin with. Arguing that such people do willingly support an ISP that allows spammers is stupid beyond belief.
Let's not forget that it's completely legal for someone to publish a list of spam-friendly ISPs and for someone else to refuse e-mail from those ISPs. I know of no place where it is legal to kill people with improvised explosives or to behead them because you don't like their government's policies.
Never did I claim it to be illegal, I claimed, and still clai,m that the reasoning you and other suppoerters of SPEWS are using with regards to 'collatoral damage' is flawed. That has nothign whatsoever to do with if your actions are legal. Is that so difficult to understand?
I'm not sure. To continue with your analogy, terrorism is often a very effective lobbying technique for an unpopular cause. The fact that no American ISP will openly associate itself with SPAM is proof of how effective the anti spam crusaders have been.
Ah yes.. that would not have anything to do with the fact that people strongly dislike spam, and all with the activity of a rbl like SPEWS?
Really, often the easier explanation is also the correct one.
If you're giving money to that ISP, you are involved.
I understand that this is indeed the opinion of SPEWS and their supporters.
Following that line of reasoning, since most Americans over 18 voted, shall I hold each of them responsible for voting in what I consider to be a rather bad president? Do they become a valid target when I happen to violently disagree with their government?
I know that this is something on a completely different scale with a different kind of consequence, but really, the reasoning is exactly identical, and maybe you can see the problem with that reasoning when it is applied to something else then spam.
America is a democracy and thus the people at large are responsible for the policies of the American government.
Yes, that is the exact type of reasoning I am pointing at.
So, following the type of reasoning of SPEWS, should I hold every American responsible for the actions of their government? They do support that system by voting you know.. so if I have an issue with what their government does every American becomes a valid target?
You see, that is why I have been arguing that while the actions are completely different and not comparable, the reasining is exactly the same as what terrorists use to justify their actions, and is as fundamentally flawed.
The large majority of people don't like spam, and it is indeed a good idea to try to involve them. By making them a victim of anti-spam measures, you turn a potential ally into a likely enemy.
At any rate, I think we are in agreement about the basic idea, maybe not in our judgement of it, but that is a matter of personal opinion really.
I do however believe you are being unfair to the SPEWS people they were aware of the consequences they just considered them within reason.
I'm sure they were aware of the consequences. Those consequences are an important part of the 'plan' and the primary means for putting pressure on ISPs.
The price is always payed by others, and as a result is reduced to mere statistics for those who want to put on the pressure. Considered? maybe.
When considered, the 'price' is often 'reasoned down' by claiming that the victims are in fact supporters of what is being fought (or non believers or whatever else can be used to paint them black for a bit), even if their involvement is at best accidental.
For example, I hear that Gmail is the "in" thing these days
Yeah, and hotmail used to be 'in', and tomorrow it will be someone else. let me tell you what, since the last 2 years I have been running my own little webmail service on a rented server because I want webmail and I don't want to deal with Yahoo, Microsoft, Google or any other such company for that, which costs money but hey, thats my choice.
Regardless, there is a big difference between specifically blocking IPs that send spam, and blocking ranges when one or some IPs in that range send spam. If an ISP allows spam to pass through their outbound smtp server, I see no issue whatsoever in blocking that smt server. I do see an issue in blocking the entire IP range of that ISP. When a customer of an ISP is sending out spam, I don't see a good enough justification to hinder all customers at that ISP by blocking the IP range. Does it put pressure on an ISP? I guess it does, but as said, I do not see that as a strong enough argument because of the damage it causes to people without a direct involvement.
'Ah, but they can just go use another service' is helpfull for those affected, but does not change the fact that this causes damage. Changing to another service, ifnorming everyone of the email address change, canceling all mailinglist subscriptions and moving them to the new account etc etc can take quite a bit of time. This is all still damage.
Reasoning that those other customers are involved because of having a subscription at the same ISP is just silly, and seeing how this is a known and explicitly allowed 'side effect' (or should we say the primary means to apply pressure?), it cannot be said that damage to them is accidental.
As I said before, the actions are completely uncomparable, but the underlying reasoning behind this type of 'bullying' and the type of 'bullying' that some 'terrorists' attempt is exactly the same one, and is stupid and misguided for the exact same reasons. The reasoning is that involving as many people as possible by making them a victim of your actions is a valid way to put pressure on some entity. (note that the 'making them a victim of your actions' part is extremely relevant and any argument saying that this is not how you reason has to address that, ie, this does in no way at all compare to organizing people for a protest action or such)
So they live with dial-up. If the only provider of cable television in my area is NAMBLA, then I'll live with the seven local broadcast channels rather than give NAMBLA my money.
THat is fine, television is virtually purely entertainment anyway. For quite a few people, having an internet connection is a requirement to get their job done, so you can't exactly compare the 2.
Then, you might want to realize that this thing called the Internet is not exactly limited to the USA, and that there are many people on this planet (which again is bigger then the USA) that simply do not have such a choice.
That's not what the OP said. He said "bullying ISPs into shutting down spammers after the event" as if the fact that it was done after the spam was sent was somehow the important point.
I think the 'bullying' part was actually what was important... That it is supposedly after the fact just makes it a bit worse.
I hardly think that someone bouncing your e-mail is akin to killing people. Now you're just being silly.
As I said, the actions are not comparable, the underlying reasoning is.
You're also missing something important: It's not illegal for me to refuse your e-mail at my server. I can refuse it because your IP address is on SPEWS, because I don't like your ISP, because your sysadmin "dissed" me in a newsgroup, because your IP address has a prime number in it, or because you tried to send the mail during the witching hour. You don't have a legal right to deliver your e-mail to my server.
No, and I ws nowhere claiming that a blocklist is illegal, I was claiming that the specific reasoning that SPEWS follows is bad and shortsighted.
On the other hand, SPEWS contributers do have a Constitutionally guaranteed right (free speech and freedom of the press) to publish a list of address blocks which they believe are spam sources. There is nothing illegal, immoral, or unethical about doing that.
That right is only guaranteed within the borders of the USA (and in those places that have similar provisions).
The fact that it is not illegal and that you have a constitutionally guaranteed right to do something does not make it moral or ethical to do it.
That you do not believe it is unethical to cause collatoral damage that you could easily have prevented is well, your thing, but I believe that to be unethical and immoral.
The intention of listing an ISP on SPEWS is to 'bully' that ISP, and regardless what way you turn it, that is and will always be bullying. The fact that you can refuse any mail you like at your mailserver has zero to do with that because you explicitly list something with the intention that as many people as possible block them, not just to block them yourselves.
Do I have a better idea? Well, I have a few possible 'improvements'..
How about only blocking specific IPs that cause spam instead of blocking entire ranges?
How about creating a kind of organisation that is transparant enough so it can be held accountable for its actions?
At any rate, Spam not being caught by my spam filters is a huge exception (far below 0.2%), non-spam being blocked by it has not happened at all in the last 2 years for what I am aware of. I do not use SPEWS, but I do use a variety of other lists with more sane policies combined with content analysis and when available sender verification (spf, domain keys, sender-id).
From monitoring what SPEWS would do to my mailflow (checing and logging the result, but not actually rejecting based on it), SPEWS would not come anywhere near this result at the cost of a number of false positives.
At any rate, I don't really care about SPEWS, they can do things as they like, but I won't use them because I think their ideas about how to run such a thing are misguided, not to mention that I have no need for their service to begin with.
What I do care about is people who proclaim it to be the ultimate solution to killing spam and their argument that any collatoral damage this causes is not something to try to prevent.
By "innocent bystanders," do you mean people helping to finance an ISP which caters to spammers?
Or who have no choice with regards to ISPs because there is only one active in their area?
So you would prefer that the ISPs not shut down spammers?
Stupid argument, not agreeing to using 'collatoral damage' to force things onto an ISP is not the same as not wanting those ISPs to remove spammers.
As long as you and other SPEWS proponents cannot see that difference, you will by most be seen as bullies and as doing more damage then good.
So how do you fight against such practices? You blacklist the ISP's IP blocks. That means that "normal" users will find that the ISP cannot reliably deliver e-mail. Those users will pressure the ISP into not writing pink contracts and not tolerating spamming. A blacklisted ISP will not be able to survive on pink contract revenue alone and, thus, will be forced to stop writing pink contracts in order to remain solvent.
Hmm, you do not see the similarity to the reasoning of those who justify killing innocent bystanders in order to put pressure on the USA to change its policies? What other means do those have to fight this?
Ah, but your goals are actually 'good' and theirs are not so this analogy is flawed? Your goals are good in your eyes (and those of many others), but so are theirs (most people in the west just don't share their point of view, but that in no way means there aren't people who do)
No, the goal does not justify your means with disregard of the consequences, and as long as you do not understand that simple fact, your behavior is by far not as bad as that of a terrorist, but your reasoning is exactly identical, and is wrong and actually amazingly stupid for the exact same reasons.
Oftentimes, even for a geek, it's difficult to see how one more expensive service is worth the extra cost.
Fixed IP, no data limit, approx yearly doubling of my bandwidth without extra cost, allowed to run servers, and a helpdesk that actually keeps track of which customers have previously shown to know what they are doing and skips the normal stupid list of questions..
Slashdot Mirror
The list of IP ranges from which my server will not accept inbound SMTP traffic is already staggering, and yet I can't seem to get them all. It's ridiculous
Deciding what is spam or not based on where it comes from works in some specific cases (ie, the spam bots you talk about) if you could keep up with all such sources. The broader your list becomes the bigger the chance that you will end up blocking non spam mail as well however.
Whitelisting has its obvious problems with regards to people trying to contact you whom you don't know about but with whom you'd want contact. One could use greylisting instead which sortof works (untill you run into one of the many lame smtp servers that don't know about temporary failures and won't resend.. Sadly enough there are quite a few of those out there also that are used for legitimate email)
In the end, using blacklists and whitelists in an 'advisory way', ie, as an indication of possible spam in case of a blacklisted source, and likely not spam in case of a whitelisted source, combined with content based filtering, seems to work relatively well, and when used with a feedback system it can work really well, stopping virtually all spam with no or an extremely low number of false positives.
I could understand if the guy had clicked the "unsubscribe" link in a previous email from the company, kind of like sexual harrassment law where you have to say "stop" first.
I never asked for it, don't have a prior relationship with them, so they have no reason to mail me, not to mention that in the EU due to its privacy laws, its not unlikely that their collecting and storing of personal information on me (name, email address) is illegal in itself without my prior permission. And really, go try to 'fondle' a random woman on the street and see how that works out.. or rather, just take my word for it, that is quite punishable. (and yeah, a somewhat extreme form of sexual harassment, better called assault, but the line between those 2 is prett thin and depends at least in part on what prior relationship you'd have with that woman.. oh, and those who happen to have a different sexual preference should ofcourse read man instead of woman where appropriate)
And then if he wanted to sue, he could present the first email, the second email, and a screenshot of the browser at the "removed from list" page. If one email is all it takes to sue someone, what's to stop my father-in-law from suing me when I ask him to join the latest pyramid scheme?
I believe he should be able to sue you for believing in stupid schemes, but thats not the law. You'd in that case be protected by having a prior relationship probably. In this case your idea would apply, going on when asked to stop may be an offense.
we are talking about an insigificant electronic message coming from ANYWHERE in the world randomly and taking up fractions of a second of processing time and which costs at most fractions of a pence to send and receive anywhere worldwide.
Lets see...
Sorting the approx 20-30 real mails I get from the approx 5000 messages that people attempt to drop in my account each day.. Takes about an hour a day, which equals a loss in productivity of approx 10-12%. With my hourly rate that equals to at least 60-70 euro in actual cost each day.
Of course I don't do this manually, rather I use automated filters, which took quite some time to configure properly, and take some time to maintain. Its cheaper, but definitely not without cost.
Then, I have to pay for data transfer, in case you didn't know, that is pretty common when running a server in some hosting center, so each message costs a bit there as well. This is also true for approx every ISP in the world btw.
No, spam is not the biggest evil men ever encountered (as some anti spam activists want you to believe) but it definitely costs money, and the fact that you as a consumer do not see that directly (hint, your provider does pay for it, guess how they compensate themselves for it... right, in YOUR monthly subscription fee) does not make it is not a problem or is not causing quite a bit of economic damage still.
Alternatively, make sure the desktop has focus and press alt+F4 to 'close' it. (and yes, this actually amkes a lot of sense)
I installed NetBSD 2.1 on my VaxStation 3100 m30, and it works fine. My DEC monitor broke, so I don't know if the monochrome framebuffer driver still works, but there has been considerable work on the VAX framebuffers recently so I would expect so. I've never needed to bootstrap an install with mopd, because the bootable CD's work fine with an old Sun CD-ROM drive - you can pick them up dirt cheap on Ebay.
Hmm, and there was a typo (more then one, actually) in my last pist, it is a 3100 m30 also. I still have the monochrome display somewhere, but it is in storage and not really accessable for now. Also have a bunch of vt220s around so that should not be much of a problem. While it is nice to have the internal console, my experience is that it is slow as hell (not just with NetBSD but also with OpenVMS) so well, its not too big a loss if it doesn't work I think.
Anyway, will take a peek at 2.1 or maybe 3.0 when I get the time to connect that machine again. Don't have a sun cd-rom drive around, but have a 4 speed toshiba drive that sun, sgi and ancient hp machines boot from without a problem, may connect that and try a cd boot, thanks for the info.
As for uptimes, with 1.4, this machine has been running for over a year before I shut it down when moving to a new apartment. Not an extremely impressive uptime for a vax, but its stable enough it seems.
Hmm... just wondering, if I post what version each of the obscure pieces of hardware I have lying around manages to run, will all of those posts get a +5 interesting moderation?
Anyway, its a vaxstation 3100 m20 with 16mb ram and monochrome graphics with a local (scsi) disk for swap and temp storage, it is netbooted. When trying to run 1.5 or 1.6 and build a world, the machine just hangs after some 2 days of work. 1.4 finishes building a world but it takes forever to do so (actually, something like 7 or 8 days). I never tried 2.x and current however, maybe I should when I can be bothered to connect it again and setup mopd on some machine here.
Heh, the last version that actually builds and works correctly on my VAX is 1.4
And are those services listed on SPEWS? I don't think so. To be listed on SPEWS, an ISP must repeatedly provide service to spammers and not take reasonable steps to shut off spam when they are made aware of it. That describes a few rogue ISPs, not a significant number of ISPs.
No they are not listed in SPEWS, which is not very relevant really. The problem is that the argument that when someone can just goto another ISP when theirs gets listed is flawed because of the fact that quite a few people do not have that choice.
That is a main difference that we have. If you give money to an ISP that supports SPAM, your hands are dirty as far as I am concerned. On that point, we will have to disagree. But limited damage for limited involvement seems pretty fair to me.
Actually, we would agree when that would say 'knowingly give money to an ISP that supports SPAM', which is what I assume you also mean. The disagreement seems to be on if such knowledge can be expected from the typical internet connected person, and how to deal with that.
You seem to believe that your lack of ability to convince me with your arguments means that I don't understand them. Well, I do. Insulting me in a public forum is not going to convince me that you are right (a fact that I would have expected someone so accomplished in "social dynamics" to recognize).
Why you do or don't understand them is another issue alltogether, but by not addressing them and repeating your own argument over and over you did rather give the impression that I already mentioned, that of an agry teenager who doesn't get his way. I'm sorry if you feel insulted by that, but you have your own behavior to blame there.
Your arguments focus on the tiny fringes -- like people in developing countries who have only one choice of ISP and the ISP is one that is a willing partner to spammers to the point that they are listed on SPEWS. I don't think that's a very common scenario.
Yes, someone in a developing country is relatively easy to imagine having this problem, but let me tell you what, most of the world still has to pay by the minute for phone connections, and hence 'going to dialup' is an extremely expensive option, so this limited or no choice is not exactly something that applies to people in developing nations only.
To witness, my girlfriend lives in Berlin, Germany (which is not exactly a 3rd world location). She has a choice between 2-online DSL and t-online dialup, or spendign a fortune on per-minute connection costs. Some paryts of the city do have more choices now, but that is a pretty recent development, and with luck, she'll get the option as well in the comming year. Regardless, at this moment it is simply not a realistic option.
The point is that the argument that everyone can just easily pick another ISP is not true, and it is not true for a substantial number of people, not just those in developing nations. It so happens that you and I do have a choice, which does not mean everyone or even most people have that choice or that people not having that choice are a mere fringe.
Your arguments exagerate the harm caused by the so-called "collateral damage." You act as if bounced e-mail from the relatively small number of domains which use SPEWS is a disaster for the senders. It is, at most, a minor inconvenience. Senders who find themselves in this predicament can complain to their ISP, change ISPs (in most cases), or turn to reputable e-mail providers like GMail, Yahoo!, and Hotmail. Those who run a server can usually make relaying arrangements with a third party.
I have said many times that my problem is with the reasoning behind SPEWS. You are right that so few peopel use it that it is not a real problem. It will be when enough people use it to make SPEWS effective however. I intend to have this argument with as many peopel as needed in order to keep things that way.
The 'use a 3rd party' argument somewhat works, but still puts the damage (tho limited) onto people who are not directly involved (eventho you believe otherwise, I think that is where our real issue lies also). And yes, having to inform everyone about email address change can be costly in time, and it is very easy to miss a few people.
I see spam as a major problem economically. It puts a drain on economies throughout the world. It costs businesses and governments huge sums of money that would be much better spent on other things. Organizations have e-mail administrators who spend much of their working day responding to spam complaints, tuning filters, whitelisting domains, blacklisting others, trying to figure out whether blacklist X has become unreliable, dealing with tens of thousands of bounces when they discover that a spammer has joe-jobbed their domain, and so forth.
I have been running smtp servers for the last 14 years, I am aware of all those problems, have been dealing with them for over a decade and for as far as my own domains go, pay for this from my own pocket.
Yes, it is annoying, yes, it even costs some money, but it
You need to recognize that we're talking about Internet access, not food, clothing, shelter, or water.
My abbility to pay my bills depends on it, that is good enough for me. I happen to know quite a few other people for whom the same applies. Of course I could pick another job, but really, spam is annoying, and a waste, but not the biggest evil that mankind faced so far.
So half of the world is just blindly signing up for Internet access without ever having been exposed to the Internet? That's right, people in Darfur living in straw huts without electricity, much less a computer, are jumping on the Internet bandwagon. You keep telling yourself that.
People in many places that have a slightly better economic, political and infrastructure situation then Dafur are indeed 'jumping on the internet bandwagon'. Go visit countries like India, China, Vietnam, Thailand and so on when you get a chance (lots to see there anyway)
I'm 44 years old and have been a computer professional since 1980.
A 'mature' age is no guarantee for mature behavior, which in itself is no news at all.
I own the domain anti-spam.org. I have consulted with a company that produces a high-end spam-blocking appliance and with another company that produces a commercial e-mail (POP/SMTP/IMAP/HTTPMAIL/web-mail) server. I seriously doubt that you have nearly as much understanding about this subject as I do.
You might be surprised, but I'm pretty sure I have at least as good an understanding of the subject matter, and a much better understanding of social dynamics. While a few years younger, I can look back at over 20 years of working as a computer professional, having done development and research for some huge 3 letter computer company, consultancy to government and banking etc on a variety of networking and security related subjects, including email, and currently doing consultancy for a variety of application and acces providers.
At any rate, I do not doubt your technical knowledge, and my comment about you behaving like an angry teenager did not say anything of that sort.
I understand the idea behind the policy of SPEWS, I understand the logic of their reasoning, and I understand why people believe it should work. The ones who lack understanding of arguments here are people like you, who are so fanatic in their fight against spam that they forget that spam is a big and somewhat costly annoyance, but not the devil itself, and hence are blinded for any reasonable argumentation. That my friend is why I said you behave like an angry teenager.
I'm not going to repeat my arguments, if you still don't understand them but would like to, reread my previous posts and ask any questions you like, but try to understand the arguments being made instead of dismissing them outright because they are inconvenient.
At any rate, good luck with what you are doing, if it helps it helps, even if I don't like the methods (and won't participate in them myself).
As a customer of an ISP, you are supporting that ISP with your money. Again, if NAMBLA is the local broadband provider, I'm going with dial-up.
There are people who can select EXACTLY ONE ISP. if you don't believe that then that is testamony to the fact that you obviously never ever left the well provided for area that you live in now. No, they cannot goto dialup, they ARE ON THE ONE AND ONLY dial up provider available to them. Yes, this is in fact a realistic possibility in more then half of the world. If you cannot understand such simple things then you are simply too stupid to have an argument with alltogether.
As a customer of an ISP, you are supporting that ISP with your money. Again, if NAMBLA is the local broadband provider, I'm going with dial-up.
No way to know for those people without having net access to get information on this, not to mention that as already mentioned, this is no option in more then half of the world, stop thinking that your particular situation applies to everyone, chances are almost 100% that it doesn't.
If you support a spam-friendly ISP with your monthly subscription, you are part of the problem. So don't play innocent bystander when your e-mail bounces.
You know what, you keep playing the angry clueless teenager, and I'll continue using some ani spam measures that are hugely more effective without the needless damage that SPEWS brings with it.
Please come back for an argument the day you understand that your situation is most likely not identical to that of others, and that the options you have may not apply to others.
I voted for Gore and Kerry, why should I be blamed for Bush? That would be like punishing Earthlink users because you got spam from MSN.
Because it doesn't really matter which one won, you still support that system by voting, and that system results in stupid presidents. You could decide to not support it and move somewhere else.
Translation: They obey the law. There's no law requiring you to use a spam-friendly ISP. The analogy still fails.
Paying tax is still a privilege, resulting from having a high enough income and living in the wrong country. GO move to Monaco or something.
Yes, you do have the choice to not pay tax, and that can even be legal.
Not to mention the fact that some 80%+ of the population of the USA did support their current government in polls not too long ago, so even if you didn't vote for this specific president, the statistic likelyhood is that you did support him.
So... get better informed, you do have options even if you are not aware of them, and even when not all those options are really viable for you.
As with regards to your Nike example, nicely thought up but completely flawed for the simple reason that Nike has a responsivility for what they sell to others and how they obtained that, while as a customer of an ISP you are not selling to others and do not have that same kind of responsibility. (read carefully, I DO agree with you that people have an obligation to not support things they think are bad, ie spammers or spam supporting ISPs, but they do not have the same kind of responsibility as Nike has simply because they do not have customers themselves. This is LEGAL as well as moral responsibility)
Not to mention...
If people are going to pick an ISP to connect to the Internet, how exactly are they going to find that information on the net you keep talking about before they got their connection?
Don't you think that you are being slightly silly here?
Nope. SPEWS is quite mediocre for blocking spam. But when used properly, it can get results (aka ISP shunning of spammers) in many situations when nothing else has worked.
When enough people would use it, which isn't the case now, and which I honestly hope will remain that way.
This all just ignores the fact that the large majority of spam does not come from IP blocks rented by spammers on a pink contract, but from zombies and spambots, which makes that even if enough people would use it, SPEWS would still be pretty ineffective in actually doing something about spam.
Making sure that virtually no spam makes it to its destination, and that circumventing this will take enough efford for each individual message makes spam unproffitable and useless (to the sender). This really sounds like a much more effective way to go.
Yes, a public 'shame' list of ISPs that knowingly allow spammers on their networks IS a good idea. Using that as an rbl is in virtually all cases a bad idea, esp. when such a list is not open for discussion and it is very difficult if at all possible to verify how something got listed, or how to remove somethign that is incorrectly listed.
No, because you don't know how each of them voted.
They voted, they pay tax, thereby they actively support the system that creates their government, and thereby also their government.
A customer of some ISP usually has no clue whatsoever that that ISP allows spammers, and as such did not have a choice to begin with. Arguing that such people do willingly support an ISP that allows spammers is stupid beyond belief.
Let's not forget that it's completely legal for someone to publish a list of spam-friendly ISPs and for someone else to refuse e-mail from those ISPs. I know of no place where it is legal to kill people with improvised explosives or to behead them because you don't like their government's policies.
Never did I claim it to be illegal, I claimed, and still clai,m that the reasoning you and other suppoerters of SPEWS are using with regards to 'collatoral damage' is flawed. That has nothign whatsoever to do with if your actions are legal. Is that so difficult to understand?
I'm not sure. To continue with your analogy, terrorism is often a very effective lobbying technique for an unpopular cause. The fact that no American ISP will openly associate itself with SPAM is proof of how effective the anti spam crusaders have been.
Ah yes.. that would not have anything to do with the fact that people strongly dislike spam, and all with the activity of a rbl like SPEWS?
Really, often the easier explanation is also the correct one.
Go talk to a lawyer.
If you're giving money to that ISP, you are involved.
I understand that this is indeed the opinion of SPEWS and their supporters.
Following that line of reasoning, since most Americans over 18 voted, shall I hold each of them responsible for voting in what I consider to be a rather bad president? Do they become a valid target when I happen to violently disagree with their government?
I know that this is something on a completely different scale with a different kind of consequence, but really, the reasoning is exactly identical, and maybe you can see the problem with that reasoning when it is applied to something else then spam.
America is a democracy and thus the people at large are responsible for the policies of the American government.
Yes, that is the exact type of reasoning I am pointing at.
So, following the type of reasoning of SPEWS, should I hold every American responsible for the actions of their government? They do support that system by voting you know.. so if I have an issue with what their government does every American becomes a valid target?
You see, that is why I have been arguing that while the actions are completely different and not comparable, the reasining is exactly the same as what terrorists use to justify their actions, and is as fundamentally flawed.
The large majority of people don't like spam, and it is indeed a good idea to try to involve them. By making them a victim of anti-spam measures, you turn a potential ally into a likely enemy.
At any rate, I think we are in agreement about the basic idea, maybe not in our judgement of it, but that is a matter of personal opinion really.
I do however believe you are being unfair to the SPEWS people they were aware of the consequences they just considered them within reason.
I'm sure they were aware of the consequences. Those consequences are an important part of the 'plan' and the primary means for putting pressure on ISPs.
The price is always payed by others, and as a result is reduced to mere statistics for those who want to put on the pressure. Considered? maybe.
When considered, the 'price' is often 'reasoned down' by claiming that the victims are in fact supporters of what is being fought (or non believers or whatever else can be used to paint them black for a bit), even if their involvement is at best accidental.
I must say, I am amazed by your ability to selectively ignore things.
At any rate, no, you are most likely not doing anything illegal by not receiving mail from IPs that are listed on SPEWS.
For example, I hear that Gmail is the "in" thing these days
Yeah, and hotmail used to be 'in', and tomorrow it will be someone else. let me tell you what, since the last 2 years I have been running my own little webmail service on a rented server because I want webmail and I don't want to deal with Yahoo, Microsoft, Google or any other such company for that, which costs money but hey, thats my choice.
Regardless, there is a big difference between specifically blocking IPs that send spam, and blocking ranges when one or some IPs in that range send spam. If an ISP allows spam to pass through their outbound smtp server, I see no issue whatsoever in blocking that smt server. I do see an issue in blocking the entire IP range of that ISP. When a customer of an ISP is sending out spam, I don't see a good enough justification to hinder all customers at that ISP by blocking the IP range. Does it put pressure on an ISP? I guess it does, but as said, I do not see that as a strong enough argument because of the damage it causes to people without a direct involvement.
'Ah, but they can just go use another service' is helpfull for those affected, but does not change the fact that this causes damage. Changing to another service, ifnorming everyone of the email address change, canceling all mailinglist subscriptions and moving them to the new account etc etc can take quite a bit of time. This is all still damage.
Reasoning that those other customers are involved because of having a subscription at the same ISP is just silly, and seeing how this is a known and explicitly allowed 'side effect' (or should we say the primary means to apply pressure?), it cannot be said that damage to them is accidental.
As I said before, the actions are completely uncomparable, but the underlying reasoning behind this type of 'bullying' and the type of 'bullying' that some 'terrorists' attempt is exactly the same one, and is stupid and misguided for the exact same reasons. The reasoning is that involving as many people as possible by making them a victim of your actions is a valid way to put pressure on some entity. (note that the 'making them a victim of your actions' part is extremely relevant and any argument saying that this is not how you reason has to address that, ie, this does in no way at all compare to organizing people for a protest action or such)
So they live with dial-up. If the only provider of cable television in my area is NAMBLA, then I'll live with the seven local broadcast channels rather than give NAMBLA my money.
THat is fine, television is virtually purely entertainment anyway. For quite a few people, having an internet connection is a requirement to get their job done, so you can't exactly compare the 2.
Then, you might want to realize that this thing called the Internet is not exactly limited to the USA, and that there are many people on this planet (which again is bigger then the USA) that simply do not have such a choice.
That's not what the OP said. He said "bullying ISPs into shutting down spammers after the event" as if the fact that it was done after the spam was sent was somehow the important point.
I think the 'bullying' part was actually what was important... That it is supposedly after the fact just makes it a bit worse.
I hardly think that someone bouncing your e-mail is akin to killing people. Now you're just being silly.
As I said, the actions are not comparable, the underlying reasoning is.
You're also missing something important: It's not illegal for me to refuse your e-mail at my server. I can refuse it because your IP address is on SPEWS, because I don't like your ISP, because your sysadmin "dissed" me in a newsgroup, because your IP address has a prime number in it, or because you tried to send the mail during the witching hour. You don't have a legal right to deliver your e-mail to my server.
No, and I ws nowhere claiming that a blocklist is illegal, I was claiming that the specific reasoning that SPEWS follows is bad and shortsighted.
On the other hand, SPEWS contributers do have a Constitutionally guaranteed right (free speech and freedom of the press) to publish a list of address blocks which they believe are spam sources. There is nothing illegal, immoral, or unethical about doing that.
That right is only guaranteed within the borders of the USA (and in those places that have similar provisions).
The fact that it is not illegal and that you have a constitutionally guaranteed right to do something does not make it moral or ethical to do it.
That you do not believe it is unethical to cause collatoral damage that you could easily have prevented is well, your thing, but I believe that to be unethical and immoral.
The intention of listing an ISP on SPEWS is to 'bully' that ISP, and regardless what way you turn it, that is and will always be bullying. The fact that you can refuse any mail you like at your mailserver has zero to do with that because you explicitly list something with the intention that as many people as possible block them, not just to block them yourselves.
Do I have a better idea? Well, I have a few possible 'improvements'..
How about only blocking specific IPs that cause spam instead of blocking entire ranges?
How about creating a kind of organisation that is transparant enough so it can be held accountable for its actions?
At any rate, Spam not being caught by my spam filters is a huge exception (far below 0.2%), non-spam being blocked by it has not happened at all in the last 2 years for what I am aware of. I do not use SPEWS, but I do use a variety of other lists with more sane policies combined with content analysis and when available sender verification (spf, domain keys, sender-id).
From monitoring what SPEWS would do to my mailflow (checing and logging the result, but not actually rejecting based on it), SPEWS would not come anywhere near this result at the cost of a number of false positives.
At any rate, I don't really care about SPEWS, they can do things as they like, but I won't use them because I think their ideas about how to run such a thing are misguided, not to mention that I have no need for their service to begin with.
What I do care about is people who proclaim it to be the ultimate solution to killing spam and their argument that any collatoral damage this causes is not something to try to prevent.
By "innocent bystanders," do you mean people helping to finance an ISP which caters to spammers?
Or who have no choice with regards to ISPs because there is only one active in their area?
So you would prefer that the ISPs not shut down spammers?
Stupid argument, not agreeing to using 'collatoral damage' to force things onto an ISP is not the same as not wanting those ISPs to remove spammers.
As long as you and other SPEWS proponents cannot see that difference, you will by most be seen as bullies and as doing more damage then good.
So how do you fight against such practices? You blacklist the ISP's IP blocks. That means that "normal" users will find that the ISP cannot reliably deliver e-mail. Those users will pressure the ISP into not writing pink contracts and not tolerating spamming. A blacklisted ISP will not be able to survive on pink contract revenue alone and, thus, will be forced to stop writing pink contracts in order to remain solvent.
Hmm, you do not see the similarity to the reasoning of those who justify killing innocent bystanders in order to put pressure on the USA to change its policies? What other means do those have to fight this?
Ah, but your goals are actually 'good' and theirs are not so this analogy is flawed? Your goals are good in your eyes (and those of many others), but so are theirs (most people in the west just don't share their point of view, but that in no way means there aren't people who do)
No, the goal does not justify your means with disregard of the consequences, and as long as you do not understand that simple fact, your behavior is by far not as bad as that of a terrorist, but your reasoning is exactly identical, and is wrong and actually amazingly stupid for the exact same reasons.
Well, in an ideal world, the local vendors would see the loss of sales, and do something about it.
Nope, in an ideal world the problem would not exist to begin with.
Oftentimes, even for a geek, it's difficult to see how one more expensive service is worth the extra cost.
Fixed IP, no data limit, approx yearly doubling of my bandwidth without extra cost, allowed to run servers, and a helpdesk that actually keeps track of which customers have previously shown to know what they are doing and skips the normal stupid list of questions..
Nah, not that difficult in my case at least.