Forgot your password?
typodupeerror
Spam

MAPS vs. Gordon Feyck: Who Owns the DUL? 211

Posted by jamie
from the dul-story dept.
etrnl writes "The spam-l mailing list has an interesting post from Nick Nicholas about a recent lawsuit between MAPS, LLC. and Gordon Fecyk, who had arranged with Paul Vixie to host the DUL with MAPS in 1998. Even more interesting is that Nick was the Executive Director of MAPS who hired Gordon at MAPS in 1999. Notable quote from Nick: 'I find it extremely ironic that an organization which is currently soliciting donations to its own legal defense fund would now be using its limited resources to pursue litigation against a former employee.'" MAPS wants a temporary restraining order on two separate copyright claims: first, that Feyck can't use the DUL database, and second, that he can't run a too-similar website (now down). The bone of contention is that Feyck claims he bought back the DUL from MAPS, and MAPS disagrees. Incidentally, the DUL is currently stopping CmdrTaco from directly emailing one of the Slash coders.
This discussion has been archived. No new comments can be posted.

MAPS vs. Gordon Feyck: Who Owns the DUL?

Comments Filter:
  • I know Gord (Score:3, Funny)

    by Kickstart70 (531316) on Tuesday May 07, 2002 @01:03AM (#3475409) Homepage
    And while I know he's a decent guy, he also tends to be a little too hard-headed for his own good (at least he ws a few years ago). I suspect that some communication here between the parties will clear up a lot of what's going on.

    On the other hand, since I know Gordon to be an honest guy, I suspect that the other party is trying to screw him out of what rightfully is his.

    Kickstart

  • by mindstrm (20013) on Tuesday May 07, 2002 @01:13AM (#3475449)
    Here's a problem... with no easy way to deal with it.

    Over the last few years, the Internet provider for Costa Rica has been targetted by anti-spam types as a spam hoster.

    Now.. that's all well and good, but the end result is that

    a) The entire country's IP range is on SPEWS
    b) Internet is a government run monopoly here.
    c) There is no direct way to be removed from SPEWS. You cannot contact them. You cannot explain your situation. (My situation is that we happen to have some IP addresses in this country, and have trouble reaching our customers because of it. We don't spam.)

    Now.. I fully support the fact that the Internet is an anarchy, that each individual is free to decide how their network will or will not accept traffic from others, yada yada yada. On that I am firm.

    But when it comes to an ISP.. we have a problem. An ISP that subscribes to this, sure, it's their choice, but it's awfully hard to explain to the client that they have to instruct their ISP to stop using this service. And the odds of the ISP stopping? Not likely.

    The point is, in theory, it's all fair, in practice, it's a problem.

    • But when it comes to an ISP.. we have a problem. An ISP that subscribes to this, sure, it's their choice, but it's awfully hard to explain to the client that they have to instruct their ISP to stop using this service. And the odds of the ISP stopping? Not likely.
      For most ISP's it's a simple choice. Do you want your service to go down frequently due to overloaded connections and mailboxes, or do you want to loose a dissastified consumer while retaining the rest. It's a simple choice for most ISP's.
    • by yoyoyo (520441) on Tuesday May 07, 2002 @01:50AM (#3475563)
      SPEWS operates on the principle of collateral damage. If an ISP refuses to remove spammers on their system they expand the listings to include non-spammers.

      Basically they want to make it as inconvenient as possible for the ISP's legitamate customers so that the ISP is pressured to change their ways from the inside.

      I agree that you're in a difficult situation, but nothing else works.

      • by mindstrm (20013) on Tuesday May 07, 2002 @02:08AM (#3475610)
        Again.. I don't accuse spews. Spam is a problem, and everyone is free to decide how to deal with it on their own.

        I agree the system works. Unfortunately for anyone doing business in Costa Rica, there IS no competition. You have no choice. None whatsoever, and given the way things work, it's going to take quite a while to actually get changes made.

        The other thing is..

        This isn't just an ISP in the country.. it's the national (and only) telecom carrier. This is more like UUNET being blacklisted because on some level they sell bandwidth to spammers.

        • Pay the extra dollars and get yourself an IP tunnel. Hook the other end up to a non-blackslisted network and voila, no more problems, except that your wallet is a lot lighter and the whole setup is more fragile. But, that's the point after all.
        • Again.. I don't accuse spews. Spam is a problem, and everyone is free to decide how to deal with it on their own.

          I agree the system works. Unfortunately for anyone doing business in Costa Rica, there IS no competition. You have no choice. None whatsoever, and given the way things work, it's going to take quite a while to actually get changes made.

          I guess that just means you have to find a way to put pressure on your ISP to get the spammers removed from your network, otherwise you'll slowly get disconnected from the internet.

          Connecting to my server is not a right, it's a priviledge. If an ISP hosts too many spammers it'll end up in SPEWS and I won't allow connections from it.

          My server, my rules. Your ISP, your money, your rules. If enough ISPs block all trafic from RACSA(sp?) maybe they will find a reason to terminate the spammers. It worked for other ISPs, just google and see how many ISPs already kicked off the spammers now hosted by your ISP.

          • by mindstrm (20013)
            Did you not read what I said?

            I support completely your right to filter out what you want. Absolutely. I also support the right of lists like spews to exist.

            My problem is just that we *can't* pressure ICE/RACSA. There is no competition. There is no way to financially impact them. They don't WANT our money. They have as much business as they can handle already.

            Believe me, if we had a choice, many businesses here would go with someone who does not support spam. We would gladly shop with our dollars, and put pressure on the company.

            But with a government enforced monopoly that is *absolute*, there's basically fuck all we can do to pressure them.

            It's your server, your rules. Feel free to block the entire country.

            And my ISP is not RACSA. It's ICE. (ICE is the telco, RACSA is the domestic ISP., We get our bandwidth from ICE directly)

      • by mjh (57755)
        I agree that you're in a difficult situation, but nothing else works.

        I disagree with this assessment. There are at least two other things that work, and IMHO work better. The first is spamassassin [spamassassin.org], and the second is TMDA. [sourceforge.net] I use both of these in series. And I've not received a single spam in my inbox since January (when I started using them). I used to get 20-30 per day. Now I'm down to zero.

        I don't know how well SPEWS works. But I've used other RBL type systems and they always, at some point or another failed, and could sometimes fail big - where I suddenly start getting hundreds of spam from a non-listed IP. The two systems above can fail, but on a single instance, single email at a time. When they fail, they fail small.

        IMHO, SPEWS, RBL, and any other IP based list systems are antiquated technology in comparison to spamassassin and TMDA. But YMMV.

        $.02

    • by ShaunC (203807)
      Are you talking about RACSA? This [google.com] RACSA? The RACSA that brings up more than 13,000 various spam sightings, complaints, and abuse reports in a Google search? Considering that most internet users have little clue on what to do with spam, and the percentage of clued folks actually posting to the news.admin.net-abuse* groups is extremely small, 13,000 is a big number.

      Do you recognize the name Ralsky? There's less than 6000 Google hits for him. 13,000 is a big number.

      RACSA has a spam problem. They need to fix it. Until they do, they're going to be running what amounts to a big LAN.

      Shaun
      • by mindstrm (20013)
        Actually, I'm not, though it may be confused IP-wise with ICE.

        I deal with ICE directly.. the national telco.
        I am not a racsa customer.

        IF you think spews turns this into a big lan.. you are sadly mistaken. It has an effect, yes, but only a minor one overall (currently)

    • c) There is no direct way to be removed from SPEWS. You cannot contact them. You cannot explain your situation. (My situation is that we happen to have some IP addresses in this country, and have trouble reaching our customers because of it. We don't spam.)

      I'll put it quite bluntly.

      The reason there's no avenue to "explain your situation" is because none of the rest of us on the internet give two shits about Costa Rica's connectivity. Straight up.

      You could launch Costa Rica to the moon, and it would take me 12 years to notice my World Atlas was a little bit lighter.

      The lame argument that "we can't force our [national] ISP to be responsible" is total bunk. Consider all our email blocks to be documentation you can use to explain to RACSA [racsa.co.cr] of why reform is needed. Bad political decisions on your part is not going to make me pay for delivery of more spam.

    • c) There is no direct way to be removed from SPEWS.

      Bullshit. Or are all those SPEWS: messages in news:news.admin.net-abuse.email [news] figments of my imagination?

      From the spews faq [spews.org]

      Q41: How does one contact SPEWS?
      A41: One does not. SPEWS does not receive email - it's just an automated system and website, SPEWS and other blocklist issues can be discussed in the public forums mentioned above. The newsgroup news.admin.net-abuse.email (NANAE) is a good choice, and Google makes it quite easy to post messages there via the Web as M@ilGate does via email. Note that posting messages in these newsgroups & lists will not have any effect on SPEWS listings, only the discontinuation of spam and/or spam support will. Be aware that posting ones email address to any publicly viewable forum or website makes it instantly available to spammers. If you're concerned about getting spammed, change or "mung" the email address you use to post with.

      So sort your spam problem, then post in nane once its sorted. Until then, don't expect a lot of us to accept your crap.

      • Hey Asshole. You just agreed with him. he said "There is no direct way to be removed from SPEWS."

        And your quoting from the SPEWS FAQ confirms that to be correct.

        Then you said, "So sort your spam problem, then post in nane once its sorted. Until then, don't expect a lot of us to accept your crap." But he already told you he doesn't SPAM. The problem is that SPEWS has blocked his entire country because they operate on the theory of putting a bunch of people in the same boat as the spammers with the (completely misguided) hope that someone else will then take care of the spammers.

        This guy works for a company that can't send mail to anyone on an ISP that uses SPEWS, and yet he has no probelm with SPEWS. He just wants them to stop blocking his non-spamming netblock.

        You seem to be under the impression that only spam originating netblocks are blocked by SPEWS. Consider your delusion to be corrected.



    • Now.. I fully support the fact that the Internet is an anarchy, that each individual is free to decide how their network will or will not accept traffic from others, yada yada yada. On that I am firm.


      Actually, I would characterize the Internet as more a "community" than "anarchy". It works via a network of relationships. It does have standards - but they are really more related to technical issues and ensuring the continued functionality of that community. The community is always open to new members. But if one member wishes to behave in a way that goes against the community's standards, they will find themselves eventually ostracized. And they have only themselves to blame.


      But when it comes to an ISP.. we have a problem. An ISP that subscribes to this, sure, it's their choice, but it's awfully hard to explain to the client that they have to instruct their ISP to stop using this service. And the odds of the ISP stopping? Not likely.


      The ISP shouldn't have to stop using this service. You're putting effort in the wrong direction. The direction to go is YOUR ISP. Government or not, your challenge is to collect some references and explain the situation. Get them to understand that their actions are effectively cutting themselves off from the Internet.


      You are the one with the sociopath in your family and its your problem to deal with. Not the community's.

  • The post? (Score:2, Funny)

    by rainmanjag (455094)
    Anybody have a URL to the post on spam-l? And thank you to those who explained the acronyms to those of us not familiar with them or the dramatis personae...

    -jag
  • If 'the DUL' or, rather, someone utilising the DUL, is preventing him from emailing a second person, that must mean that Taco is using a dialup and has no smtp server of his own to access? That seems more than a bit improbable.

    • by billstewart (78916) on Tuesday May 07, 2002 @04:40AM (#3475890) Journal
      Taco's probably using a Linux system, with some popular Mail Transfer Agent like Sendmail or Postfix or [3 or 4 others] that are smart enough to be able to deliver mail without needing help, like just about any other Unix machine since we started using domain names in the mid-1980s. If you're on the DUL, your main net connection is probably dialup or DSL or cable modem, so you're a MERE LUSER instead of owning a T1 all your own, but so what? You've got a computer with a Real Operating System, and there's no need to pretend you're a Windows-using couch potato that's running a mail client too dumb to deliver its own email - even if you are running a dumb client, sendmail on 127.0.0.1 fixes that problem.

      In other words, Taco does have an smtp server of his own to access. On his own machine. Like he should. If you're a dialup user, it's beneficial to have an inbound mailbox server somewhere that's always connected, whether it delivers the mail to you by SMTP or POP/IMAP. But no need to do that for outbound.

      The reason the DUL is helpful for blocking spammers is not because there's no legitimate reason for a dialup user to run SMTP - it's just that many of the popular clients use a relay so they don't have to handle error messages or hang out trying to deliver to slow servers or delay delivery on temporarily unavailable servers, and that many spammers abuse cheap disposable dialup accounts, but they get booted off of their ISPs' mail servers too fast to make them practical, or rate-limited, so they deliver their own email so they can reach more suckers before being squashed.

      Some ISPs block outgoing Port 25 that doesn't go through their servers - really annoying if you've got more than one ISP account, and don't like having to reconfigure your machine just because you're dialing in from work or on the DSL at home instead of the other dialup.

  • Not personally knowing any of the participants, but aware of the issues involved, I had always been willing to give them the benefit of the doubt. Blacklists [dmoz.org] are a good technical solution to the social problem that is spam. While I knew there was some animosity between the old MAPS and the old ORBS, I had always assumed that regardless of egotism, they were doing basically the right thing. Certainly, when ORBS was sued by that spammer I was sure the judge had screwed up. [or was it MAPS that got sued? I forget; it may have been both of them] But this current action really leads me to question the motives of MAPS. Spam is only helped when someone who has spent so long fighting it is prevented from using his tools and from developing more tools. It seems that egotism or something very like it has now caused MAPS to do the wrong thing, and that's very unfortunate.

    later,
    Jess

  • by Dwonis (52652) on Tuesday May 07, 2002 @01:28AM (#3475499)
    Incidentally, the DUL is currently stopping CmdrTaco from directly emailing one of the Slash coders.

    Sigh. No it's not. (How many times does this need to be said.) The mail server CmdrTaco is trying to email is stopping him. The DUL is just a listing; it does no blocking.

    • Jeez, read between the lines! 'Directly Emailing', 'Direct marketing by email' what's the difference?
      • Jeez, read between the lines! 'Directly Emailing', 'Direct marketing by email' what's the difference?

        Well, there's the obvious, "marketing"... I.e., Direct marketing by email necessarily involves marketing (and by extension, most if not all spam goes here). Directly Emailing is a superset which includes the previous category, but if I work at a company with a T1 and send an e-mail to my friend, chances are I just Directly Emailed him, since my company's SMTP server connected to my friend's SMTP server. So you're reading way too much between the lines.

    • Unfortunately Dwonis, we keep having to say it. I get really frustrated when some user thinks we're filtering their mail for them and they want me to stop. I always reply with the same piece of information. I tell them how many pieces of spam I've filtered from reaching their inbox since the beginning of the year. That always works. You'd be surprised how many there are per person. Oddly enough I've been using this same account for years and post it everywhere. I only get a tiny handful. The spammer's must have a "don't fsck with these people" list of something. ;)
    • Cancer, gunshots and drowning doesn't kill you.

      You die when your heart stops and oxygen stops getting to your brain.
  • by Seth Finkelstein (90154) on Tuesday May 07, 2002 @01:31AM (#3475509) Homepage Journal
    Date: Mon, 6 May 2002 14:40:12 -0700
    Sender: Spam Prevention Discussion List
    From: Nick Nicholas
    Subject: COURT: MAPS Sues Former Employee and DUL Founder, Gordon Fecyk

    I have been a strongly outspoken supporter of MAPS for many years.

    When I was at pacbell.net I nearly had a heart attack when Paul Vixie called in 1997 to warn us that we were about to be listed in the MAPS RBL for running unsecured mail servers. But I supported his actions even then. Indeed, his call was very helpful in speeding up the bureaucracy at pacbell.net and getting the unsecured mail servers closed to relaying even more quickly. I appreciated Paul's willingness to work with us on resolving our problems.

    I wanted pacbell.net to use the MAPS RBL, but instead I was instructed by management to compile my own list. I felt my meager efforts could not compare to the quality of the RBL made available by MAPS, but, unfortunately, my own wishes were overruled.

    When Paul offered me the opportunity to become Executive Director of MAPS in December 1998, it was an offer I simply could not refuse, and for the next year and a half I was one of the leading cheerleaders for MAPS.

    Even though I left MAPS in August 1999, it was an amicable departure. Soon afterwards I was hired as Chief Privacy Officer for a company in the direct marketing industry, and I still continued to defend MAPS against its many critics in that industry.

    Last year I decided to write a book about the history of MAPS. My intent was to focus on the companies that sued MAPS and abused the legal system in order to prevent MAPS from exercising its legitimate free speech rights. I wanted to portray Paul and Dave Rand as beleaguered but slightly flawed heroes.

    However, my opinion of MAPS was forever changed this past April when it decided to sue DUL founder, Gordon Fecyk, after Gordon attempted to exercise a December 1998 contract he entered into with Paul Vixie in his capacity as MAPS CEO.

    My overview of this matter, as well as copies of court documents filed in the case, can be found at the following URL:

    http://www.lawsuitinfo.com [lawsuitinfo.com]

    It seems that MAPS has learned a great deal from the lawsuits brought against it by Harris Interactive and others, and has adopted the same slimy tactics. In particular, the affidavits filed by Margie Arbon and Anne Mitchell are full of factual errors and material misrepresentations. I will add my commentary on these affidavits at a later date.

    A hearing will be held in the Manitoba court tomorrow (5/7). We will add additional info as soon as possible.

    Gordon may have to sell his car in order to pay his not inconsequential legal bills. Is anyone interested in making a contribution to help Gordon with his legal expenses? If so, please send your contributions to Gordon's attorneys at the following address:

    Cassidy Ramsay
    385 St. Mary Avenue, 2nd Floor
    Winnipeg, Manitoba R3C 0N1
    CANADA

    Checks or money orders should be made out to Cassidy Ramsay

    Be sure to include a note with your contribution stating that it is on behalf of Gordon Fecyk in the Mail Abuse Prevention System v. Fecyk case.

    All contributions will be placed in a trust fund by the law firm and used solely to cover Gordon's legal expenses.

    Contributors will receive an acknowledgement from Cassidy Ramsay. However, all contributions are covered by attorney-client privilege, and thus the identities of contributors will remain anonymous. Information about contributions *cannot* be obtained by MAPS through the discovery process.

    I cannot describe how much it saddens me that it has become necessary for me to bring all of these disturbing facts to light, but I think it is essential for the Internet community to be aware of what MAPS has become. MAPS is no longer devoting its energy to fighting spam and co-operating with others in that fight, but instead is suing a former employee who attempted to exercise his legitimate rights pursuant to a contract with MAPS. I find it extremely ironic that an organization which is currently soliciting donations to its own legal defense fund would now be using its limited resources to pursue litigation against a former employee.

    Regards,

    Nick

  • Go on, laugh.
  • by Seth Finkelstein (90154) on Tuesday May 07, 2002 @01:40AM (#3475543) Homepage Journal
    Information about the SPAM-L list can be found at:

    http://www.claws-and-paws.com/spam-l/ [claws-and-paws.com]

    Search and archives are at:

    http://peach.ease.lsoft.com/archives/spam-l.html [lsoft.com]

    But you have to be a subscriber to use the above.

    Sig: What Happened To The Censorware Project (censorware.org) [sethf.com]

  • by jwiegley (520444) on Tuesday May 07, 2002 @01:51AM (#3475566)
    I've used the MAPS tools in the past to check that my mail servers are properly configured to reject relays. But for actually stopping the 20-30 spam articles I get per day nothing has worked. (We all know what those dreaded "unsubscribe" "features" really do. don't we?)

    That is nothing worked until a few days ago. I recommend anybody that has spam problems, can run procmail or is in charge of a mail server running sendmail check out the "Distributed Checksum Clearinghouse" (DCC) at http://www.rhyolite.com/anti-spam/dcc/

    It took me some time to get the dcc sendmail milter dccm working correctly but, since I did, this has become my new best friend. Its catching 100% of spam targeted at me and rejecting it.

    From what I know about MAPS I think its a needed service to keep ISPs in check. But it seems targeted at attacking the delivers of spam and doesn't seem to provide much to directly protect the recipients of spam mail. DCC is the only solution I've found that accurately prevents spam mail from even being delivered to myself or users. I think this is necessary because if nobody actually receives spam the spammers will starve.

    So If you're like me and think spam is a rashy plague that you can't get rid of their is a cream available and it is named DCC. Check it out.

    • Also checkout spamassassin [spamassasin.org]. It scans all emails and applies heuristics to the email to decide whether or not it thinks it's a spam. Each heuristic has a score. By default, any total score above 5 marks the email as a spam.

      But here's the cool part. Spamassassin doesn't do anything with it. It simply marks it as a spam. Then you can use something like procmail to decide what to do with it. Me, personally, I store it into a folder called SPAM. I then configure my imap server (courier imapd [inter7.com]) to treat that mailbox as a trashcan, and automatically delete anything in it older than 14 days.

      This allows me to check if there are any stragglers that get through, but also allows me to forget about it for a couple of weeks at a time. Spamassassin has been tuned to avoid false positives. I've been using spamassassin for months. During that time, I've not had a single email that was not a spam get marked as a spam. I've had emails that were spams get marked as non-spam (false negative). Which, if there's going to be an error, that's the kind I want. I'd hate to call a real email spam, have it sent to my SPAM mailbox and automatically deleted before I read it. The good news is that not a single false positive has occurred, although a few false negatives have occurred.

      So I've started using another tool to help deal with spam. It's called TMDA [sourceforge.net]. It's somewhat more complex to setup and use than spamassissin. But a brief description is that it acts like an email firewall. Outgoing messages can be replied to, but incoming messages require that a person prove that they are a person. After which they'll be allowed unrestricted access to send me email.

      TMDA is much more exact than spamassassin, which is mostly complicated guessing. It successfully blocks every spam that spamassassin lets through. However, TMDA is also much more complex from an end user perspective. So it might not be for everyone. For example, I only use spamassassin on my wife's account - not TMDA because she's made it clear to me that she doesn't want to learn how to use it. I personally use both of them at the same time, and I've been 100% spam free for months. I used to get 20-30/day.

      $.02

    • I want to keep spam from even so much as entering my server. How can DCC help in that case? I don't see how, being as I don't have the content to check against DCC with. Now if this check can be done during the SMTP delivery of the content, and be used to force a failure of delivery, well maybe that would work. Is this doable? Last time I looked at the DCC site, it wasn't even close to this.

  • [This joke will only make sense to people following the spam jargon]

    The bone of contention is that ...

    Would that be a chicken bone? [spamfaq.net]

    Sig: What Happened To The Censorware Project (censorware.org) [sethf.com]

  • Anyone who has worked with / for / against MAPS knows that they are primarily interested in fighting. Their original purpose was to fight spam, but they're just as into fighting folks they don't like and each other. As far as I can tell, they really don't care *who* they fight, as long as there's lots of name calling and moral outrage involved.

    MAPS is a joke. A classic case of the old saying about the pavement on the road to hell, and also a classic case of people thinking there's a technical solution to a social problem.

    -b
    • So very very very true. Wish I had moderator points to give you your props, brooks_talley.

      I had an email exchange once with one of em, and I've never seen such animosity before or sense. It was terribly disturbing. I'm glad this is coming out and the community is reacting with disgust.

    • Really, this is the most insightful post I've ever seen regarding these people. I was planning to post nearly the exact same thing, and I certainly didn't mean for it to be funny.

      Just try dealing with these people, or the many others doing the same thing, and you will understand exactly what I mean.

      I don't even want to talk about my dealings with them... just don't feel like talking about it...

  • Fecyk quotes [chickenboner.com] a PGP signed agreement. Unfortunately, he (or perhaps his mail client) has stripped off the signature itself.

    The signature on the argument would carry more weight if he left the signature intact so others could verify it from themselves.
    • The message sent by vixie says that a contract will be drawn up, and outlines some of its features. It is not a contract in itself. Unfortunately, it is very easy to not worry about such things when a business relationship is starting up because everything is fine and you don't want to make the other party feel you don't trust them. Unfortunately if things go bad, all you have left is PGP signed vague emails instead of signed and notarised contracts. IANAL.
  • "Incidentally, the DUL is currently stopping CmdrTaco from directly emailing one of the Slash coders."

    um, no - in this case, use your ISP's mail server.

    Problem solved.

  • by Anonymous Coward
    Brunner Went Down to Florida
    By: Gordon Fecyk
    Inspired By: Kostadis Roussos' "Devil went down to Sunlab"
    Parody of Devil Went Down to Georgia by The Charlie Daniels Band (BMI) Brunner went down to Florida,
    He was looking for an ISP.
    He was in a bind, 'cause he's off line
    And was willing to pay the fee.
    When he came across John from MegaPOP
    With bandwidth real hot,
    And Brunner jumped on the Popsite bench and said,
    "Boy, let me tell you what!" I bet you didn't know it
    But I'm the king of spam and spew.
    And if you care to take a dare
    I'll make a bet with you.
    Now you run a pretty good server, boy
    But give the devil his due.
    I'll bet Avalanche Pro against your soul
    'Cause you can't stop 'Spamdrew.' The boy said, "My name's Johnny
    And it might be a sin
    But I'll take your bet, your gonna regret
    'Cause I'm the best that's ever been." Johnny, lock your dial-ups and start working them real hard
    'Cause hell's broke loose in Popsite
    And the devil deals the cards
    And if you win you get to stop his new Avalanche Pro
    But if you lose, Brunner gets your soul! Then Brunner opened up NT and said,
    "I'll start this show."
    And fire flew from his fingertips
    as he watched his Avalanche load. And he sent his spew across the 'net
    But it was blocked with "5-5-6".
    Then a band of Chickenboners joined in
    And it was blocked again, like this... (instrumental) When Brunner finished Johnny said,
    "Well you're pretty good ol' son!
    But we work with the Dial-up User List
    let me show you how it's done!" Avalanche dead, run DUL run.
    Devil's running NT Workstation.
    Chickenboner spam spew 5-5-0.
    Stop the Devil's junk mail, Go DUL Go! (fiddle solo) And Brunner bowed his head
    Because he knew that he'd been beat.
    And he tossed his Avalanche Pro
    in the trash, and cried "Lawsuite!"
    Johnny said, "Devil, just come on back here
    If you ever wanna try again.
    I done told you once,
    You son-of-a-bitch,
    I'm the best that's ever been!" He mailed: Avalanche dead, run DUL run.
    Devil's running NT Workstation.
    Chickenboner spam spew 5-5-0.
    Stop the Devil's junk mail, Go DUL Go! (solo finale)
  • I can't help but look at these databases as a
    too-little, too-late patch to a broken
    system. My long term average for spam is now 7.2
    spams/day -- EVEN with working to try and
    prevent it. Why should I have to pay some
    company more to track people who spam?

    Can someone please present a way to overhaul
    the email system so that it works the way it
    was intended? Call it something else --
    something new -- direct, personal, intentional
    communication. (Cripes, they even have
    spambots now on IRC and IM too.)

    I'm groping here -- but what are the real
    steps we can take so that end users
    don't need to spend the money/time to defend
    against unwanted commercial mail?

    I'm thinking along the lines of new rfps for
    the way mail servers transport and
    authenticate mail / requiring digital signatures
    from your ISP / elimination of mail from
    spoofed IPs / elimination of all anonymous mail,
    even...

    where is the hangup in making (i.e. forcing
    technologically, not leagally) spam
    nonexistant?

    • I don't think there will ever be a truly viable technical solution to spam. Spam is not so much a technical problem as it is a social problem. And we all know about trying to cure social problems with technical solutions. It's the same as with digital piracy--implement some new system or some new restriction and those that it was intended to take care of will be the ones that find a way to get around it.
    • Can someone please present a way to overhaul the email system so that it works the way it was intended?


      I think the email system is already working the way it was intended.
      Near instant delivery at near zero cost.

      What you probably want is a system that overhauls email so that it works the way you want.
      I.e. you only get email that is of interest to you.
      Although there are several things that improve on the current situation, (Spam Wolf [spamwolf.com],
      Spam Assassin [spamassassin.org], Vipul's Razor [sourceforge.net]...)
      IMO, the only long term solution is digitally signed email to identify friends,
      and a large fee for unknowns.
      The fee could be real cash, or hash-cash, or a donation to charity,
      or held in escrow, but the principle is the same -
      make it cost a lot to send email to people you don't know.

      -- Spam Wolf, the best spam blocking vaporware yet! [spamwolf.com]
  • From my understanding of the Feist decision, it is quite possible that this list is not even copyrightable. Unfortunately it would take a lot of money to make such an argument, as it would establish new case law. IANAL.
  • Quick summary (Score:3, Interesting)

    by enigma48 (143560) <{moc.modffej} {ta} {hsals_wen_ffej}> on Tuesday May 07, 2002 @04:08AM (#3475828) Journal
    MAPS might have a few good points but in my wholly uninformed point of view, they seem to deserve to lose.

    To sum up 3 years:

    Gordon Fecyk: Hey Paul, here is the DUL - I'll even indemnify you of any damages because of the list.

    Paul Vixie: Great - I'll make you the maintainer of the DUL and we'll draw something up saying you can regain ownership of the DUL for $10 (the contract minimum in the US at the time). MAPS will take the good and the bad - all the publicity and all the legal trouble associated with it. When you want to leave, you can take the DUL back for $10.

    forward 3 years

    GF to Dave Rand/MAPS: I'm leaving. Here is $10. I have a recent copy of the DUL. I own it. You can use it free for a little while and we'll work out a contract after that. I'll even let you have first change to negotiate for it.

    MAPS to GF: Lawsuit.

    MAPS argues in the lawsuit that GF doesn't own the DUL and even if he did, he couldn't maintain it properly on his own, it causes legal issues with MAPS (privacy issues), saying that he owns it hurts MAPS, etc.

    If I was MAPS, I'd be protecting my income sources as strongly as possible. Not having followed the MAPS project/organization much and seeing they still accept donations, I would be worried too.

    The right thing to do would be to honour the agreement between Paul Vixie and Gordon Fecyk. If it bankrupts the organization, it is a sad thing but something could be worked out. (eg: cheap licencing - Gordon seems *very* reasonable)

    The wrong thing is to fight for your life and not even try to do the right thing first.

    Then again, if the DUL is a major source of income for them, I can't seem them caring much about doing the right thing. Morals are nice but survival comes first I suppose.

    My morals suggested I check google for a cached version of the DUL and post the link but it looks like google didn't get it in time. Anyone have links?

    Jeff
  • by TekPolitik (147802) on Tuesday May 07, 2002 @04:09AM (#3475830) Journal
    It's quite clearly a pre-contractual negotiation. It clearly doesn't even contemplate acceptance in those terms. If there's no written contract, the thing Gordon points to as a contract would be evidence of what the terms are, but not conclusive evidence. If there's a written contract somewhere else, then unless those terms are in it, Gordon's out of luck.
    • Of course there's more - there doesn't appear at any stage to be a transfer of ownership to MAPS, so it appears unlikely that MAPS *ever* owned the DUL. It appears what they got when they hired Gordon is his services plus the use of the DUL.

      So here's what needs to be shown: (1) by MAPS, an unequivocal statement by Gordon assigning ownership of the DUL to MAPS; (2) by Gordon (but only if MAPS can show (1)), a contract granting him the option to buy back.

      Neither of these things appears to have been shown.

      I think Gordon should make a counter-claim for the $10 as money paid under a material mistake of fact.

  • Incidentally, the DUL is currently stopping CmdrTaco from directly emailing one of the Slash coders.

    That's because he's trying to connect to the coder's ISP's SMTP server directly to send the mail. That SMTP server sees that Rob is coming in from a dialup pool and refuses the mail, as it bloody well should.

    Solution: Rob should be using his ISP's SMTP server.
  • by WIAKywbfatw (307557) on Tuesday May 07, 2002 @07:47AM (#3476182) Journal
    Incidentally, the DUL is currently stopping CmdrTaco from directly emailing one of the Slash coders.

    Lucky Slash coder. That's one less email sender who's message he'll have to decipher from proto-Pigeon English to the real thing...

  • http://web.archive.org/web/20010619203232/http://w ww.orca.bc.ca/dul/ [archive.org]

    Fun to see the name change from ORCA.BC.CA DUL to MAPS DUL in progress.

  • I believe some day MAPS and DUL will make the major ISPs monopolies of email delivery.

    ISPs are consolidating into larger and larger groups of users under a smaller and smaller set of companies.

    ISPs help out by blocking port 25 from regular users.

    MAPS knocks out the dial in users.

    As one message notes, entire countries are blocked from sending email.

    MAPS, while a good idea in a growing thriving ISP world, is not a good idea in a shrinking ISP world.

    MAPS will destroy the email internet as we know it in a few years.
    • Actually MAPS is on it's way out. It lost a lot of support when it started charging and this lawsuit isn't likely to win it any friends.

      SPEWS is the current favorite because unlike MAPS it doesn't pussy-foot around trying to "educate" spammers and their hosts.

      Beyond any of this though, MAPS only blocks those who spam and (in the case of the DUL) those who are trying to use their dial-up lines to send e-mail directly (rather than going through a mail server on a static IP). While MAPS has in the past shown favoritism towards large companies (giving them ridiculous amounts of time to clean up), they don't block small companies because they're small.

      So no, Chicken Little: The sky is not falling.
  • CmdrTaco (Score:2, Flamebait)

    by macdaddy (38372)
    This isn't in response to the actual article. This is in response to the comments made about the DUL stopping CmdrTaco from mailing one of the slash coders. It really pisses me off when some dumb son of a bitch thinks they have the right to directly send an email from their dialup account. People seem to think that their providers MTA is there for looks. People don't understand that a significant amount of spam can be blocked by only allowing one providers MTA to talk to another. Frankly I think there should be a mandatory MTA registration process like there is for DNS servers. You must register your MTA before you can mail. This would require valid abuse contact information and things of that nature. The 'Net isn't meant to be plug and play. I block 100,000 pieces of spam per week at an ISP I consult with (give or take usually 10k depending on the time of year). I use 6 different DNS blacklists and a lengthy Sendmail access list of spamming domains and netblocks to do this for me. About 2 years ago the DUL was blocking by far the most spam of all the blacklists (for me). Then raping of open relays became really popular and the hits on the RSS rose dramatically. Now the DUL gets on average about 3000 hits per week. Every so often that number will sharply increase because some spammer decided to direct-to-MX spam us. Well we're one of many providers that doesn't take that shit. Hence the DUL. I'm getting sick of ranting here, so I'm done.
    • Where do I register my DNS server? It's at 192.168.192.8
    • It really pisses me off when some dumb son of a bitch thinks they have the right to directly send an email from their dialup account

      It really pisses me off when some dumb son of a bitch thinks he has the right to tell me what to do with my computer.

      It really pisses me off when some dumb son of a bitch thinks his personal pet peeve (here: spam prevention) is so much more important than everything else that the whole world has to be changed to accomodate his wishes.

      And finally, it really pisses me off when said dumb son of a bitch not only entertains all these delusions but also fails to think what kind of internet he creates in pursuit of his goals, with second class citizens under strict and draconian ISP rule.
      Frankly I think there should be a mandatory MTA registration process like there is for DNS servers
      There is no such thing as a "mandatory DNS server registration process". Whoever pays you for consulting is royally wasting his funds.
  • I've been fighting SPAM for years. I've complained to numerous ISPs, I've done untold numbers of traceroutes and the like to identify parent networks, and the whole gig.

    But MAPS just seems too draconian for my taste! I've never liked the idea, as it's just too much of a shotgun approach to the problem. We need something more surgical.

    SPAM filtering results in false positives. It's like having emails deleted for you at random.

    Then, I discovered ASK (Active Spam Killer) [wiw.org]. This thing ROCKS!

    ZERO false positives. ZERO false negatives. (so far, out of hundreds of junk mails)

    In order to use it, you pretty much have to sit at the command prompt on your mail server as a local user, but it's effectiveness is (so far) flawless!

  • by Ark (7744) <.moc.renragk. .ta. .renragk.> on Tuesday May 07, 2002 @11:47AM (#3477537) Homepage
    Incidentally, the DUL is currently stopping CmdrTaco from directly emailing one of the Slash coders.

    No, its not DUL preventing our fearless leader from sending e-mail, its the admin of the box using DUL.

    This is why I hate things like DUL and MAPS that block everything and are prone to false positives that keep you from even seeing the mail. Stuff like spamassassin can take MAPS and DUL into account and add "spam" score based on that, but at least with spamassasin the mail isn't completely toss away, you at least have the filter it to a "spambox" you look at like once a week for the false positives and/or you can put CmdrTaco on your white list, so he doesn't ever register as spam.

    Spamassasin is a much better solution, IMHO.

  • MAPS RBL was assembled from user contributions. It would be nothing without the data submitted by thousands of users over the course of several years. I contributed reports to it.

    When they got a fat enough database, they changed their tune and wanted to charge me to use the data we researched and gave to them, thinking we were benefitting the whole community. How wrong we were. That was the first death-wheeze as far as I am concerned. This story is just the latest labored breath by what will soon be the corpse of MAPS. And good riddance. They won't be missed.
  • "The DUL" isn't stopping you from mailing anybody. The thing stopping you from emaling your unnamed slash coder is the fact that his ISP has chosen to block mail based on the DUL. If this is such a pain in the ass, one or both of you should vote with your dollars and feet: either he should move to an ISP that doesn't use the DUL, or you should stop being a cheap bastard and trying to run a mail server from a dynamic IP address.

    Why is trolling a bad thing when done in comments, but apparently entirely acceptable when done by editors in story submission addenda?
  • I unwittingly caused a flame [winehq.com] on WineHQ because of the DUL - my ISP had implemented filtering, and I did not know it, and one of the other users of WineHQ tried to contact me and got rejected.

    I would say that IF you are filtering with the DUL, you should
    1. Tell your users
    2. give them a chance to opt-out
    3. Set up a (properly secured) webmail form to shunt around the block
    4. set your mail server to send the URL for that webmail in the rejection message


    However, I do agree that the best solution is to use your ISP's mail server, and have your box set to forward the mail to your ISP's server - they (by definition) have better connectivity than you do, and their mail server can be trying to deliver the mail while you are installing a new kernel or whatever would cause your machine to reboot.

    Ideally, distros would have this be a part of the normal setup - when you install any MTA, it should ask you if you want to forward your outbound mail to a different server.
  • by tweakt (325224)
    Incidentally, the DUL is currently stopping CmdrTaco from directly emailing one of the Slash coders.

    No, the slash coder's ISP is stopping Cmdr Taco's email from being delivered. It's *NOT* the DUL/MAPS thats doing it. Don't blame the blacklist for blocking people, blame people who use the blacklist to block people.

    Here's a novel idea... use your ISP's smtp relay to send email. DUL tracks blocks of dialup/customer IPs. Normally emails DO NOT originate directly from these addresses to the final destination unless something fishy is going on, or the customer runs their own mail server. At either rate, simply route your outbound mail through your ISPs smtp server and your fine.

    Wow, how hard was that?

We can predict everything, except the future.

Working...