As the Spam Turns 408
Anonymous writes "The SBL has added Verio's corporate mail servers
to its blocklist which protects nearly 100 million mailboxes, because of the number of spam gangs on the Verio network.
Verio also provides connectivity to AS26212, a collection of 9 of the most notorious spammers netblocks. AS26212 - the new spambone? - is also connected to he.net and bbnplanet.net."
Good (Score:1, Insightful)
This is depressing... (Score:3, Insightful)
Great, more censorship (Score:3, Insightful)
Re:Do so, do not (Score:2, Insightful)
ad nasuem..
Just set up your Baysian Spam Filter... (Score:2, Insightful)
Re:This is depressing... (Score:1, Insightful)
Re:Good (Score:3, Insightful)
Yeah.. legal, probably. After all, it is a down economy. I would not be suprised to see Spamhaus served a cease-and-desist before Verio does the Right Thing and starts punting luser spammers.
The admins & abuse people are the ones at Verio really taking it on the chin. I can only imagine the vitriol pouring in their mailboxes and publicly on forums like nanae.
-fester
Why content filtering is not enough (Score:5, Insightful)
Bayesian filters, SpamAssassin, and other client-side content filters can indeed reduce the amount of spam that you see. As such, they can reduce some major costs of spam for the average Internet user, small site, or business: costs such as annoyance, offense, wasted time, and harm to productivity thereby caused -- that is to say, the end-user costs of spam.
However, they have no effect on the cost of the bandwidth and other resource costs of spam, which are substantial for large ISPs and large businesses -- and for the Internet as a whole. In order to perform content filtration on a piece of mail, you must receive it and store it first, which has its costs. (Consider that large ISPs regularly report that anywhere from one-third to two-thirds of their mail is spam.)
Only forms of spam filtration which do not permit the spammer to send the spam to your mail server can reduce the bandwidth cost of spam. In practicality, that means filters which apply to one or more of the following (in increasing order of cost):
(Note the SMTP envelope is not the same as the mail headers, which are part of the SMTP DATA. An SMTP server is permitted to reject mail before DATA, but is not allowed to drop the connection in mid-DATA. If you do not understand this, read RFC 2821.)
DNSBLs -- such as SBL, MAPS RBL, and SPEWS -- all apply to the IP address of the sending system. Domain-based rejection lists (which are not commonly published) apply to the DNS name of the sending system. RHSBLs, and relay checking, apply to the SMTP envelope.
Keep also in mind that one function of some (but not all) DNSBLs is not merely to filter out spam, but to discourage it from being attempted in the first place. By rejecting mail from networks which have proven themselves to tolerate spammers, we tell network operators that if they wish to be able to send us mail, they must kick off their spammers. It's their choice which they do; they just have to choose which is worth more to them: being able to send mail to sites that don't like spam, or being able to host network-abusers with impunity.
(Incidentally, you will find precious little sympathy for calling spam filtering "censorship". Censorship, as those who have experienced it understand, happens when some party uses violent force to stop a view or expression from being published by its advocates (at their cost). Spammers aren't trying to publish their views at their own cost and being violently restrained from doing so: they're trying to steal the use of others' equipment to publish their stuff.)
Re:Good (Score:5, Insightful)
Luckily, the spamfighting community has a great deal of experience with such misbehavior. The slang expression among spamfighters for a sender of baseless legal threats is "cartooney", as in cartoon + attorney. Spammers send these out by the boatloads when their delusions suggest it will get people to stop trying to block their thefts.
Steve Linford, the operator of the SBL and ROKSO (and known in China as Stiff Linefeed) is a long-time anti-spam veteran, and has a great deal of support from others such. If Verio tries to harangue, hassle, or hornswoggle him into falsely removing them from SBL, he will have dozens of clued and supportive people on his side. If Verio files suit, Mr. Linford will have a substantial legal defense fund faster than you can say "Canter & Siegel".
male oriented spam (Score:2, Insightful)
Re:Great, more censorship (Score:5, Insightful)
(I'd like to point out that the link you provided claimed "0 false positives" which is exactly what I'm talking about.)
A temporary fix (Score:3, Insightful)
I honestly believe that the only way to free ourselves from spam is intellegent filtering. Making it illegal will only cause the spammers to move overseas, if they even notice the law at all. The internet is far too large an entity to make a difference by blocking the IP addresses of spam-friendly domains. It won't put a dent in the real problem.
Re:This is depressing... (Score:3, Insightful)
I've had people sign up to get info from a site i run, and upon receiving the first e-mail that they explicitly requested, write back in all caps "HOW DID YOU GET MY ADDRESS??? STOP SENDING ME THIS!!!"
Couple that effect with vigilante spamblock operations (whose haughty tone assumes EVERYONE reported to them is evil) and you have people being slimed who are doing legitimate business on the web.
Yes, I agree people who forge headers or don't properly cull lists are negligent. They are buffoons who should be blocked. But hey, what are you going to do, block yahoo.com?
Re:Great, more censorship (Score:2, Insightful)
Breaking things is not fixing the problem. (Score:3, Insightful)
We need a new solution folks, and blocking large portions of the net will not fix the problem. If you want to make *all* spam to go away, you need a different form of a solution because you can't block everyone who might want to legitimately talk to you. This decision will certainly block a whole slew of legitimate users from speaking with each other.
I'm thinking SMTP needs to be entirely rethought. Unfortunately, this isn't practical either as it'll have the same effect as deliberate breakage during the transition. (hence the reason we don't have ipv6 yet either).
Re:Good (Score:2, Insightful)
I define commercial use as trying to sell a product on the Internet and communicate with customers. You send one single email to an unconfirmed email address and you can be blocked for days. Do that enough and you are out of business.
I wish the Internet could be a commerce-free zone sometimes. But it is an incredibly easy way to communicate with people and offer products and services to them. However, the spam blockers want to make sure that email cannot be used to send anything that is considered to be "unsolicited". If it has the word "sale" in it, it must be unsolicited - who would ask for something like that from a friend?
You purchase something and we send a confirmation to the email address supplied. If it happens to be a joker that gave us a "spamtrap" address, we're blocked. Don't bother saying it doesn't work that way - we just got unblocked from that happening.
Re:Good (Score:5, Insightful)
No, I don't. I define it as the use of the Internet for commerce, which is to say economic activity between consenting traders and investors -- what my left-wing friends would call "capitalism". I don't consider your sending of unsolicited advertisements to "an unconfirmed email address" (how many was it really?) to be commerce. I consider it to be spamming.
You admit sending commercial email to an unconfirmed email address (how many addresses?), which turned out to belong to someone who had not solicited your message. By the usual definition of spamming as "unsolicited commercial email", that means that you admit to having spammed.
The techniques for operating confirmed mailing lists are not new. Mailing list software to operate confirmed lists has existed since well before the "e-commerce" boom. Thousands of businesses use such software. They operate confirmed, solicited commercial mailing lists ... and they don't get listed as spammers.
It sounds to me, from your description of the situation, like you failed to do due diligence, failed to take advantage of the information resources available to you -- and as a result, you spammed. In that case, the folks who listed you as a source of spam were telling the truth, weren't they?
Hey, I'm just working with what you give me. If you'd like to point to a published record of your exchange with the list operators, please do so. A Google search link into NANAE, if that's where the exchange took place, would be more than adequate.
How many addresses did you spam, again?
Re:Good (Score:5, Insightful)
The goal of the blockers is to eliminate commercial use of the Internet.
This is absolutely untrue. The goal of the blockers is to stop spam and abuse of the network and reclaim it from those who think that merely having and email address is an invitation to get spam.
dave
Re:A temporary fix (Score:4, Insightful)
Yeah, it's cat-and-mouse, but eventually the mouse will run out of places to hide. There are a finite number of backbone providers in this world.
Re:Viro when did you lose your way? (Score:3, Insightful)
They have 1 center on the west coast, and another on the east in Virginia (in the tech corridor near DC). I've been to the one in Virginia and to the one in NYC, since my employer provides services to them.
About 2/3rds of the Spam I receive at home is from Verio or Exodus. Both are VERY cash strapped, although expect to see Verio doing a little better since they consolidated their hosting faclities. Although 99% of my spam is now cleanly filtered out before I read my Inbox, I know it must be taking a toll on my provider. Twice in the last week the mail server has ran out of disk space and quit accepting mail.
The major problem with these "opt-in" marketing programs is that you might agree to signing up to one list, and then they automatically sell your information to illegal spammers, who pound you with email and won't quit. I think its pretty obvious that tradional advertising doesn't work, but instead of laying off for a while, they either go the illegal route, or pervasive route. (ok, both are pretty pervasive) Advertising works to a degree, but at what point do you stop? Is there no means that a company will not go to market a product? This is obvious fodder for a discussion in ethics in business.
Re:Why content filtering is not enough (Score:5, Insightful)
"If we close the open relays, spam will go away" is actually what a lot of spamfighters thought five years ago. A common opinion then was that spam was basically a technical problem, like a security hole or smurfing [netscan.org], and that applying the appropriate technical fix to mail servers would prevent it.
Unfortunately, that hasn't worked. First off, open relays are not the only technical problem that makes spamming easier. Open proxies [monkeys.com] are just as common today -- and worse, since they hide the tracks of spammers. (They're also used by all sorts of other abusers.) Moreover, open proxies are harder to get people to close down, since blocking access from them to mail servers doesn't usually affect their legitimate users -- and thus doesn't draw their attention.
Second, it has been increasingly realized by most spamfighters that spam is a social problem, not merely a technical one. The problem isn't just that there are abusable resources, but that there are people who are willing to abuse them for profit, and other people who are willing to aid and abet those abusers in order to reap a share of that profit.
As a parallel, consider burglary. Sure, it is good to employ technical means such as deadbolt locks and alarms to block or deter burglars -- but nobody thinks that burglaries are solely technical problems, and that we should pursue only better locks rather than the arrest of burglars. Burglary is a social problem; specifically, a problem caused by some people's willingness to violate others' rights. We call those kind of problems "crimes".
Spam is a particularly frustrating crime since anyone who considers the proprieties of the situation can recognize it as lawless, but few legislatures have chosen to formalize its criminality in statute. It's lawless because it defies the property rights of mail server owners, alienating their resources for the spammer's use without permission. That's often covered by statutes regarding theft of service, computer crimes, or various sorts of tort, and there have been a number of cases wherein spamming was recognized by judges and juries as such. However, in many jurisdictions there's no statute to point to that says "spamming is a crime".
Third, there's also an social-technical problem. There's a small number of crooks who can profit themselves greatly by finding means of sending spam. Each of them has a much greater incentive to locate these means than any individual spamfighter does. This is a social problem in a different sense: insofar as spamfighting relies on discovering paths for spam propagation and getting them shut down (e.g. closing open relays) the crooks are always going to be several steps ahead.
By targeting organizations and persons known to be sources of spam, rather than the victims they exploit to send that spam, we can get around that problem. The number of large-scale spammers is actually rather few. Steve Linford's ROKSO [spamhaus.org] (Registry Of Known Spam Operations; same guy as the SBL) lists around 100 organizations which have been thrown off of ISPs three or more times for spamming.
Fundamentally, I agree with you that the problem is one of education. However, it is not merely the education of ISP technical staff that must take place. It's the education of everyone involved -- technical staff, their managers, mail software authors, spammers, the legal system, spam recipients, and businesses that might consider spamming. Everyone needs to wise up about spam.
Re:OT: spammer's human rights (Score:2, Insightful)
Sure, if spammers believe that they get sexually assaulted when they go to prison and if it will actually stop them from abusing the network, then great! Less spammers. Goody.
If a spammer was sent to prison, they _might_ get sexually assaulted. The probability of this happening is probably a little bit higher than getting sexually violated or mugged at night if you strolled into some $dark_alley in $some_big_city.
My point: I don't condone or celebrate in-jail sexual abuse. Presenting someone with the prospect of being sexually assaulted in-jail is just as an effective scare tactic as telling kids there is a monster under their beds that will devour them at night while they sleep. But still, I couldn't resist adding that to add a lighter note to my posting.
In short: heck, it's just my twisted sense of humor. Get over it.
NB: if you are going to post something off topic, please have the courtesy to post _WITHOUT_ your +1 posting bonus. Thank you.
Re:Why content filtering is not enough (Score:2, Insightful)
Fundamentally, I agree with you that the problem is one of education. However, it is not merely the education of ISP technical staff that must take place. It's the education of everyone involved -- technical staff, their managers, mail software authors, spammers, the legal system, spam recipients, and businesses that might consider spamming. Everyone needs to wise up about spam.
Exactly. I couldn't have said it better. I urge the moderators to mod this posting to +5 insightful.
The law problem is a sticky one due to them being enforced (or not) locally. With locally I mean per country/state. If one state/country outlaws spamming, spammers will just move to a place that doesn't enforce or have spam laws. Maybe what people in high places aren't realizing is that it's a global social problem.
The people that are actively providing devices (DNSBLs, content filtering, etc.) to fight spam are fighting a worthy cause. I benefit from them. My mailboxes would be unusable if it weren't for them. The problem is that _I_ am technically adept enough to set these countermeasures up for myself. The technical have-nots in my direct neighborhood drool at my efficiency of killing spam, but if I explain them how I do it, their eyes glaze over. It must become easier to use the tools out there. I'm all for ISPs taking initiative to e.g. tag spam (like my upstream ISP does). The spam filtering offerings in mainstream software (like Apple Mail, Mozilla, etc.) is a good thing.
On a side note: I wonder when MS will finally put this in their MUAs (hey, a new technology' to embrace and extend), or if such a filter is available for LookOut from a third party.
Unless the government runs the ISP (Score:2, Insightful)
Private property and private, open ended, signed contracts mean that your option is simple: Phone up another ISP and ask them if they will let you receive all the spam you can eat.
You can then transfer your account. No doubt your old ISP will be satisfied that they don't need to pay a developer to add a disable feature (that won't be used by anyone except yourself and one or two other users) rather than get the measly amount most home users pay for internet (about $1-$2 margin per user per month). And your new ISP will be out of business within a year or two as the rest of the ISPs in the world implement filtering and the ones that don't lose users.
But wait! You still have the freedom to get the spam! Just buy a $700/month T1 for your house and again, you have all the spam you can eat.
I'll stick with $20/month internet and run SpamAssassin until my ISP implements filtering for me, because I've never had a false positive from SpamAssassin, ever, except for morons who send HTML-only mail, and I often can't read their crap anyways, and so I summarialy ignore/request ASCII anyways.
Now, if you're in an area with only one ISP, or a government controlled ISP, then I feel for you. But, IMHO, this isn't very common in most free countries (or at least in my corner of the world).
Re:male oriented spam (Score:3, Insightful)
Re:There ought to be a law... (Score:3, Insightful)
Are you on crack?
The whole thorny issue with spam is that it's hard to stop. If it were as simple as requiring that "spam" have a special identifier it would have been done long ago. There are three major problems with this:
What you're suggesting is equivalent to making a law that any pool-shark warn the people he plays that he's a pool-shark. What would happen? Would pool-sharks actually start telling people "I'm a pool-shark, and I'm required to warn you of that before we play, still want to play?" No! They'd just find a way around the law by becoming "secret pool teachers" or "very lucky players".
Re:Breaking things is not fixing the problem. (Score:4, Insightful)
What if the someone that wants to talk to you just wants to sell your something? Or what if they want to convice you to change your opinion about something. Or what if they want to just reply to your Slashdot posting privately? How are you going to tell these apart?
The problem with spam isn't really the message. If I were to get in my mail box precisely and exactly the information I was interested in, I wouldn't have any problem with it. Maybe I would be interested in visiting just the right kind of porn site. Maybe I really would like to enlarge my penis. Maybe my printer really has run out of ink. Maybe. Maybe NOT.
But this is a hard thing to work out when you are dealing with content. For example, I often post on mailing lists or USENET and for many, I do get private replies (and spam, too). It's reasonable to assume that if you post, you've invited a reply (unless you say otherwise). But a "reply" to a posting about what I think should be in the next version of some standard should not be asking me if I need more golf balls. That's just plain off topic. Still, I have gotten replies that are completely ON topic, yet are sent by someone that is a total moron and not worth reading and a total waste of my time.
The real problem with spam isn't the content at all. The real problem is the way it is delivered, and the way it is determined to whom it is delivered.
TV commercials, radio spots, newspaper ads, and web banners, are what I call gatewayed advertising. What that means is that someone (the TV station sales department, the newspaper advertising department, or CmdrTaco while trying to get more revenues for Slashdot to keep it alive and pay for the kind of bandwidth that would create a Slashdot Effect on most web servers) is the "gateway" into the media where the advertising is presented. You don't get to put a TV commercial on without paying the TV station for the time. As much as I dislike most commercials (some I do enjoy the first time around), I also know they pay for, or in some cases at least help pay for, what I am receiving. But the whole point is, it's not going to get out of control because there is someone acting as the gateway. TV stations know they will lose viewers if there is 50 minutes of commercials every hour. CmdrTaco knows it would ruin Slashdot if every page were plastered with dozens of banner and box ads totally obscuring the content. And even if they did do the wrong thing and ruin it, I can change the channel or go to another site. There isn't a scaling issue here for these media.
But with spam, you can't change the channel. You can't choose to visit another site. And worst of all, it's not paying for a damned thing you receive.
We can make a comparison of spam with telemarketing and fax ads. Neither of these really pay for anything you receive. While it may be argued that telemarketers keep the cost of phone service down by providing more revenue for the phone company, this isn't really true. Most telemarketing actually takes place at the peak times that phone networks are busy, so the phone companies just have to scale up to that level of business. They aren't getting new revenues, and you can be damned sure that telemarketers are not paying an extra premium to the phone companies to help lower your phone bill (there are plenty of scumbags in that industry that would find ways around that).
Another comparison is with ads you get in snail mail. It doesn't really pay for anything you receive (they get huge discounts from the Postal Service for bulk packaging them so the delivery guy doesn't even have to check the addresses). But while these are annoying and a bit of a problem, it's not something that's going to grow exponentially from here because there is a "gateway" of cost. Those leaflets you get on your windshield are much the same. It's a pain to have to reach over and grab it and throw it away, and again, it hasn't paid for anything you receive. But like bulk snail mail, there is cost and someone has to roam around sticking them on.
The problem with spam isn't the content, it's that so much can be delivered so fast and to so many people that there is in effect NO GATEWAY to this. And as bandwidth gets cheaper and cheaper, and servers get faster and faster, you and your delete key will have to just work harder and harder to keep up. No wonder people are working on automating things to delete spam. And it just escalates.
So yeah, we do need to be able to continue to communicate, and this also needs to include advertising where appropriate. But there needs to be some kind of "gateway" to control it, to make sure it doesn't get out of hand, and to make sure the decisions about how much to send and to whom to send are decided on properly. And this also includes making sure it is sent to the proper email address for those of us with many (if you own a domain and have set it up so that any name on the left of the at sign works, raise your hand).
There will always be those who think it is their right to communicate with everyone. But, yet again, the issue is not about the message, but instead is about the methodology. Email is not a broadcast medium and should not be treated as such. It is a one to one communication medium. And I translate that to being a person to person communication medium. So if you want to communicate with me, you need to at least be a person, and not a machine running some spamware. Maybe SMTP needs a rethought. Or maybe not. I've thought about it and don't really have any answers (yet). But I do think the ultimate solution is going to end up having to be something that proves that it is a person who communicates with me, and gives me as much of their time in sending me the message as it takes from me to read it or listen to it. We need to find some way to communicate that does not allow the sender to automate it without that message being tagged as automated. That is the real problem with spam ... it's so impersonal ... it's all automated.
Re:There ought to be a law... (Score:3, Insightful)
Am I on crack? Not to my knowledge. But is this a crazy idea? Absolutely. Remember the Niehls Bohr quote "We are all agreed that your theory is crazy. The question which divides us is whether it is crazy enough to have a chance of being correct."? Hell, if there's any place to place crazy theories, it's slashdot.
Eh, I wasn't attempting a Megan's Law type of approach (the law which requires sex offenders to notify those in their neighborhood of their crime, conviction, and where they live). Changing labels is tough to deal with. Here's my approach:
If there were a blanket law, it should be that ISPs must deal with any user which has more than X unique complaints concerning spamming by either cancelling the account, forcing a P=S flag onto all their outgoing email, or making sure the user stops spamming by other means left to the ISP. This really only leaves the ISP with two options, and forces users to either not spam or spam with a P=S flag if they're using one of the ISPs under the jurisdiction of the law.
Now this does two main things. 1) It shoves enforcement to the ISP, after all, it's the ISP's user which is spamming, and what the ISP can do is clearly outlined by the law. Just dump the user if you don't want to deal with their spamming, you are allowed by law. 2) It would set up "rouge" ISPs which don't adhere to the law. If you know which ISPs allow spamming, they're easy to block, so this really isn't a large problem.
But here's my problem with the method: it feels too much like the Scarlet Letter. The circumstances are a bit different, but forcing someone (or something, even email) to have a unique identifier so you can identify it as something you might want to avoid is a very sketchy idea. It's also probably not constitutional (equal protection... even for spammers?).
That said, I think there is something to be said for my idea. It is flawed in certain areas (I still haven't given a good answer about enforcement of the laws/rules). It still lets spam flow freely (which I feel is a good thing) but gives people the ability to quickly filter it out. It still only affects spammers under its jurisdiction. If it worked, I'd be willing to be that somewhere between 70 and 85 percent of spam would be marked as such. And even if those numbers were lower, it would drastically reduce the amount of unwanted spam people got, as well as making it much easier for spam to be dropped at routers all over the internet (thereby alleviating the costs incurred by spam on so many systems).
Hell, it's just a crazy idea.
Re:This is depressing... (Score:3, Insightful)
How about facing this fact.
ISP's that don't do something to combat spam are going to have customers leave over it.
There are other ways of maintaining the list. I have heard the arguements many times, but fundamentally, its up to the sender to be certain that the recipients want to receive the email.
First of all, is the sign up process a Double Opt-In [everything2.com] process? A pita to implement if it isn't done already, but good luck keeping an accurate list without it. It also helps establish a trust with the people who want the mail. 99% of the spam I still get claims that at some point in time I signed up for this list.
Secondly how active is the list? Someone signing up for a list that doesn't generate any traffic for 6 months is a sure way to have people think your spamming them, even if they did actually ask to be on the list.
As far as the spam lists, I've had to deal with there overzealous behaviour as well. They block mail servers that have an open relay hole in them very fast. The more zealous the site, the less likely I am to use the list. No ISP is doing their customers a service by using lists that are ready to block every IP out there and damn them to hell for ever.
Comment removed (Score:4, Insightful)
Re:Good (Score:4, Insightful)
No. Email has _never_ been completely reliable. There is nothing in the RFC [livinginternet.com]s that guarantee delivery of every email.
Spam on the other hand, makes email _more_ unreliable because of the unwanted volume of it. Spam blocking is a means of reducing that volume.
No. Consensual commercial email usage is preferred. Unsolicited and unwanted email in volume is what we seek to eliminate.
Funny how you need your services blocked before you actually take responsibility for your mail server. Now had you been a competant and responsible administrator, you probably wouldn't have been on a block list in the first place.
Re:Great, more censorship (Score:3, Insightful)
By the time the Bayesian filters are engaged, it's already too late. The bandwidth has already been wasted, and should some legitimate mail be rejected, your mail server is now obligated to return a bounce message which means tons of spam bounces will sit in the queue. The right time to block spam is when the SMTP connection first arrives, but before any mail is actually sent. I won't be doing it any other way.
Re:Breaking things is not fixing the problem. (Score:3, Insightful)
Client-side filtering is NOT the solution (Score:3, Insightful)
While you may only check your mail from one machine, not everyone does. And most people don't have the luxury of setting up an IMAP server so they can access their post-filtered mail remotely. (I do, but a cable modem connection isn't the most reliable, so I often find myself having to read raw unfiltered spam-laden mail.)
Also, wireless access to email from cell phones (either "dumb" WAP browsers or "smart" integrated PDA/phone solutions) is becoming more common. Have you tried downloading 100 messages over a 14.4 connection, only 5 of which weren't spam? Have you tried sifting through 100 subject lines on a cell phone screen. (It's painful even on a Palm PDA screen like my Kyocera 6035's). Thanks to the proliferation of spam in my inbox, I cannot even THINK about using my wonderful phone for email, something which it would normally be excellent for.
It doesn't matter how good client-side filtering is (mine is a manually maintained blocklist, plus a few rules to detect malformed HTML that is always spam and fake Yahoo/Hotmail/Netscape addresses not coming from their servers.), the client still must pay for bandwidth, and in the case of wireless users, per-minute download time at 14.4 (Or in 2.5G systems like Sprint Vision and Verizon Express Network, per-kilobyte.)
Simply put, it costs the user money to receive spam, therefore something needs to be done about it before it reaches them. Server-side blocking reduces user costs in:
a) Download time/bandwidth for the mail
b) Storage costs on the ISP server that are passed on to the user in the form of higher fees.
These are both costs that cannot be negated with client-side filtering.
Re:This is depressing... (Score:3, Insightful)
When spammers pay me for the privelege of advertising in my box, then we'll talk business.
Rich
Re:100 million mailboxes protected? (Score:2, Insightful)
I see you're in the "SPEWS is Evil" camp, while you have the Constitutional Right to be wrong, I wonder as to your motives.
Subscribing to SPEWS, SBL, or any block list is done at the ISP level, and is part of their terms of service. Don't like it? Go elsewhere. The problem with public block lists is that it opens up the owner to a lifetime of harassment by these spammers.
For example, in the last month and a half, SpamCop has been joe-jobeed (ie, somebody sent lots and lots of email purporting to promote services at SpamCop in an attempt to get their account kicked off their ISP) 8 or 9 seperate times, and now is being DoS'd. Others have to face barrages of legal threats with no substance, designed to eat up their day.
SPEWS doesn't face any of that. They do not accept mail, they don't promote any service.. they just say.. "Here's a list of ISP's we consider untrustworthy, because they refuse to kick off their spammers".
Sure it can block folks from the same ISP (or the same
However, you can whitelist on the individual w/SPEWS letting individual emailers or even whole ISP's out of the blocks.
The thing is, it can be described two ways.
1) A surgeon cutting off the limb (the ISP w/the spamming vermin), to save the patient (E-Mail as a whole).
2) If you know "Crazy Willie" is really a front for stolen property, you won't do business with him, will you? Well.. by condoning (ie, ignoring abuse reports) the spammers, they are condoning the spammers illegal use of unsecured and open proxies worldwide, jacking up prices (for bandwidth and abuse staff) at the ISP's who actually give a damn.
Sure, we can filter it at the client side.. but by then, it's too late for the bandwidth (all the transit) and storage. Here's a stat for you. Last year, spam (in its various stages) was 8% of email.
This year it's 36%.
All SPEWS, SBL and other blocklists are trying to do is keep Email viable and not the latest way for advertisers to reach you, at your expense.
Re:Viro when did you lose your way? (Score:3, Insightful)
Personal information has become a cash commodity. Company's are doing whatever they can (legally, illegally, and pseudo-legally) to stay afloat. This just proves how bad capitalism really is if left unrestrained.