MAPS and Experian Settle Lawsuit 313
dbrower writes: "Experian is trumpeting a settlement with MAPS here, where MAPS agreed not to blackhole them without a court order, and agreed that Experian didn't need to do opt-in. Looks like a loss to me."
winners or loosers? (Score:5, Informative)
Do not misunderstand, I am no sympathizer of the spammers. I do not think what they do warrants first ammendmend protection. However, I do not think that MAPS arbitrarily black holing companies who it cannot strong arm with threats really deserves our respect anymore.
A good idea gone awry.
Cheers,
- RLJ
They didn't say there's no opt-in (Score:2, Informative)
access.db (Score:5, Informative)
Here's a list of some other companies not understanding what MAPS is and trying to stop them with bogus lawsuits. I hope they don't accidently wind up in your access.db (or whatever your MTA uses).
yesmail.com
harrisinteractive.com
blackice.com
media3.com
247media.com
experian.com
exactis.com
liveprayer.com <--- accused MAPS of being an agent of Satan
To block these in sendmail, use the 550 5.7.1 error code in your access.db file, like so:
yesmail.com <tab> 550 5.7.1 Spammer suing MAPS.
Re:Double opt-in? What the hell? (Score:3, Informative)
If I signed you up to 100 such mailing lists, would you rather get 100 verification mails that you could just delete, or 10,000 mails from the mailing lists that you'd have to unsubscribe from manually?
The idea of double opt-in isn't designed to make people's lives inconvenient - all it needs is a quick reply. It's pretty easy, I do it all the time. You can even do it from a different e-mail address. However, it does protect those who suffer from massive mailbombing.
History on this case (Score:3, Informative)
Here's some history on this case [dotcomeon.com]. It features articles from various stages in the case. Has anyone found the text of the complaint or injunction? still looking...
--CTH
Re:Double opt-in? What the hell? (Score:2, Informative)
look, MAPS by itself affects no one. It's the ADMINS that make MAPS work. an ADMIN must implement the blackhole list via DNS or sendmail for anything to happen.
don't you think that ADMINS know what's best for the network they control? you obviously know nothing about system administration, go crawl into a hole.
Other filter lists... (Score:5, Informative)
I use
Winning one battle doesn't win the war!
Re:winners or loosers? (Score:1, Informative)
maybe a blacklist would work on a web page (Score:4, Informative)
But these people understand the concept of a "web page". If, instead, something like MAPS were based on a list of domain names found on web pages, I think people would have a much harder time "shutting it down". After all, it would be human readable speech, and if people mine that data for their E-mail programs, well, so be it.
Re:MAPS settled (Score:4, Informative)
P.S. I did not get "flamebaited," I got modded down. Go ahead, mod this down, too. I'm not a karma whore.
Dynamic DNS Services get blackholed too! (Score:4, Informative)
Re:Double opt-in? What the hell? (Score:5, Informative)
In addition to all the random female-depicting porn you're familiar with, I get aluminum market newsletters, British SMS-music-info-service announcements, and some very tasteful Swedish news mailings. Oh, and for a while nop@nop.com was listed as the contact address for a gay personals service ad in Portugal. The letters I got were very sweet, but my wife still thought it was funny...
My favorite is when people buy unlock codes for commercial software, giving my email address. I've got a whole folder full of registration codes that I didn't pay for and will never use....
Oh right, back to opt-in. So here's what's going on.
But I digress again. Here's the summary:
Re:Double opt-in? What the hell? (Score:2, Informative)
The term entered debate when Congress invited representatives of the DMA and MAPS to address a panel. It's been relentlessly pushed by the PR flacks and looks like it might be taking hold in the technical world as cybersquatting did. (Another spin term foisted into use by relentless marketing from the IP lobby.)
The spinless and more acurate term is "opt in with confirmation." It doesn't include the false and spin-driven connotation that people have to sign up twice and it accurately describes what MAPS considers ideal.
The DMA doesn't like "opt in with confirmation" because it polls much more favorably than "double opt-in" and they'd rather people used terms that favored their side of the debate.
Re:Advertising is Pollution (Score:3, Informative)
EXACTIS SUIT AGAINST MAPS DISMISSED October 3, 2001 - REDWOOD CITY, CA - Mail Abuse Prevention System, LLC (MAPSSM) announced today that Experian Emarketing, Inc. (formerly Exactis.com) has dismissed all of the claims which it had previously filed against MAPSSM. "A settlement has been reached in which Experian has committed to requiring their clients to provide them with lists which contain only those email addresses for which they have obtained the addressee's permission to send them email", explained Anne P. Mitchell, Esq., MAPS'SM Director of Legal and Public Affairs. "They have further committed to address and resolve any complaints and concerns which may arise as a result of any mailings they do for either themselves or their clients."
Re:Other filter lists... (Score:1, Informative)
The osirusoft.com and orbz.org lists by themselves are awfully good ad excising unwanted UCE content.
rbl.maps.vix.com
orbs.dorkslayers.com
or.orbl.org
inputs.orbz.org
outputs.orbz.org
relays.ordb.org
relays.osirusoft.com
bl.spamcop.net
spews.relays.osirusoft.com
ipwhois.rfc-ignorant.org
The rblcheck package, now at sourceforge is a bit out of date, and you'll want to patch new DNS based filters into the source.
Re:Other filter lists... (Score:2, Informative)
(The parent has not been modded high enough yet as of this post)
Regardless of the legal dispute, MAPS should have their implementation for filtering spammers removed from all MTAs. This is a frustrating problem, and is a major time-eater for diligent admins and an even bigger one for end-users on networks not overseen by such admins. Sendmail has removed MAPS support, reaffirming my commitment to stick with it since Sendmail's [sendmail.org] security record as been much improved over the past 3 years and it is great free software. A bitch to configure, but hey; when you run Slackware you know what you're getting into. I found it very alarming and frustrating when I decided to put a stop to what appears to be a significant increase in spam lately by finally getting around to implementing MAPS, only to discover the new fee-based implementation of MAPS. This pricing/policy change is completely antithetical to what anti-spam software should stand for! They started out as this "crusader" organization making software to rid the 'Net of the filth that proliferates as spam, then stick you with a fee? Quite unsamaritan and anti-community for a service that purports to assist the community, only to later suck you into payments once they've garnered enough of a following. Exploitative in the vilest sense.
ORDB [ordb.org] is a godsend! I put this on my servers 2 days ago and spam has all but ceased. 10 trickled through the first day and were added to the list. ORDB's policy is effective, efficient and fair and it doesn't bog down the server or the network in any noticeable way. It's a quick 30 minute configure for a moderate sendmail admin, and yields immediate results. Granted it doesn't provide known spammer protections, but how can you do that?
The onus on stopping spammers is on ISPs through their AUPs. Once they make it crystal clear that using their network services for stupid things like Spam, port scanning, and defacing web-pages is going to immediately ban them from that service, the Spam and other useless 'Net activities will stop and these idiots will quietly go back to the middle-high school where they once worked and pick up their green weenies, Mr. Clean, and get those toilets clean and those hallway tiles shiny again, where their skills/socialization are most appropriate.
Clearly, we can't count on our Congress to improve the Spam sitation... [zdnet.com]
Re:MAPS settled (Score:2, Informative)
When I contacted MAPS about it to find out what happened and how to fix it, the bottom line was this: MAPS lied to me about what they did and how it worked.
My experience with them is that they're extremely honest, that they bend over backwards to avoid listing someone, and they'll remove you from their list at the first sign that you've done something to fix the problem. However, they're overworked, and occasionally make mistakes.
Generally innocent web sites only get blackholed when they're on the same netblock as a bunch of spammers. The idea is that blackholing each of the spammers' addresses is having no effect, so the host must be profiting from the spam: and MAPS blackholes the entire block to try to get the host to act more responsibly. If you happen to be innocent and in the same block, then you're obviously not going to be too happy about it, but you shouldn't have been dealing with sleazebag spam supporters.
I'd like to hear the details of what went wrong in your case. What did they tell you that was a lie?
Re:I don't get it! (Score:3, Informative)
Vixie (who runs MAPS) is the CTO of a backbone internet provider (abovenet) which just happens to be one of those who "seek information". They have a regular history of blocking traffic... of course without explicit permission (and usually without even the knowledge) of downstream ISPs and their unsuspecting customers.
This is quite a bit different than end users making an informed decision to subscribe to the "service". Likewise, some ISPs subscribe to MAPS on their user's behalf, sometimes without informing them, and other times while leading them to believe the service doesn't impact non-spam messages.
That database expresses an opinion: in the opinion of MAPS, the networks listed in the database are suspected of passing through or generating spam.
This is true. ...at least true if "passing through" includes lots of unsuspecting non-spam businesses and users who simply connect to those spamming-suspected networks.
The lie is in much of the promotion regarding how accurate these opinions are, and the lack of disclosure regarding the non-spam users who are also intentionally blocked. It's quite questionable how well MAPS blocks spam [cnet.com]. At the same time, there is no question that MAPS has been responsible for disrupting non-spam communication time and time again.
For a good taste of the deceptive nature of MAPS, check out their Realtime Blacklist Policy Page [mail-abuse.org]. They claim four there are four ways to become blacklisted:
What that MAPS policy page doesn't clearly explain (or really explain at all) is their regular practice of listing large netblocks, which contain large numbers of non-spammers. It isn't explained that MAPS uses this strong-arm tactic to pressure ISPs that are hosting some spammers by blocking not only the spammer but all of the ISP's unsuspecting non-spam customers.
MAPS's policy page also doesn't explain that there is no notification to these innocent and unsuspecting bystanders that their communication is being intentionally disrupted simply because some other customer at their ISP is sending spam.
MAPS's policy page doens't state that they will refuse to stop discrupting messages to non-spammers when it is brought to their attention that a non-spammer has been affected by a netblock that also contains a spammer. (yes, believe it or not, Vixie/MAPS has a long history of refusing to un-block non-spam users when they complain that they are blocked) It certainly doesn't state that it is their intention to block messages to non-spammers and spammers alike, if they happen to be hosted at an ISP that (in MAPS's rather extreem and un-accountable opinions) isn't working hard enough to stop spam.
Sure, MAPS is entitled to their opinions, and they have the free speech right to share those opinions. Where the line is crossed (IMHO) is:
Re:I don't get it! (Score:3, Informative)
Even without the words "have been proven", this is an bold faced LIE. MAPS has a regular practice of blocking large groups of IP numbers (often an entire ISP), with the intention of disruption to the spammer and many non-spammer customers at that same ISP.
When these non-spammers complain to MAPS that their IP numbers, which certainly don't originate spam and don't facilitate the spammer's activity, have been blocked, the response from MAPS it that these non-spammer need to seek a different ISP.
To even get close to the truth of how MAPS really operates, perhaps it should read:
Of course, there's no requirement to tell the truth in a press release... but this lie is about as blantant as Microsoft's recent press releases claiming IIS is attacked because it's the market leader (when apache is the #1 web server by a considerable margin).
Re:Dynamic DNS Services get blackholed too! (Score:2, Informative)
The RBL is for servers known to be relaying or originating spam and is generated by testing of the server in question.
The DUL is for IP ranges that ISPs submit as "dial-up". This encourages their dynamic IP customers to utilise their SMTP server.
For a better explanation of the difference compare these two descriptions RBL [mail-abuse.org] and DUL [mail-abuse.org].
marty