Spam Blackhole Lists Redux 329
tsu doh nimh writes "Are spam blackhole lists good, bad or indifferent? That appears to be the question they're tackling in this Washington Post story. It has some interesting back and forth between supporters of the lists and those who claim they condone censorship."
J adds: Brad Templeton recently
offered some comments
on the most extreme pro-blacklist position.
Uhh, no. (Score:3, Informative)
SPEWS' WHOIS record isn't really hiding anything when you ask the right server: Whether or not that address really exists, I don't know - but I doubt SPEWS is about to put obviously bogus information (e.g. not@available.org) in their WHOIS record. The spammers would just file a complaint with ICANN.
Spam blackholes are flawed (Score:3, Informative)
Mr. Carmack (the spammer) was arrested today. (Score:2, Informative)
Re:What is is with the Spam??? (Score:3, Informative)
Of course, the biggest problems are with web sites that display email addresses. I've had my private email address ruined because I did some volunteer service and the web site owner posted my email address to thank me...arrrggghhhhh!!!!
BTW, you can sometimes find if your email address is on a web page by entering your email address in Google.
Free Speech (Score:5, Informative)
Re:Counter to the spirit of the Internet (Score:2, Informative)
This idea is discussed in Larry Lessig's [stanford.edu] Code and Other Laws of Cyberspace (which was actually reviewed here on slashdot, according to the cover). Subscribors to this myth often say that the architecture of the Internet doesn't permit control, that the ability to anonymously browse the Web, to trade files and information without oversight or responsibility to the authorities, guarantees that the Internet will always be free.
"This is the fallacy of 'is-ism'" writes Lessig, "to confuse how something is with how it must be." Lessig claims that encroaching commerce, as much as legislation, can and does change the architechture of the 'Net to permit control (and in some of his other works points to this as the means of strong intellectual property controls, privacy invasion, and the like).
Lessig seems to see this as largely a bad thing (certainly the Passport vulnerability teaches us the risk of such designs), but clearly the flip side is that if digital certificates became the norm and senders had to take more responsibility for their emails, we would combat spam more effectively. This is not the only benefit; digital certificates would help deal with fraud on auctions like EBay and permit greater security across the 'Net.
I personally agree that the 'Net should be less regulated and should be a free exchange of ideas; if a nation with especially strict rules attempts to limit its part of the Internet, all of us are affected. But clearly the 'Net can be regulated, and there may even be situations where it should be so.
On another note, from the standpoint of Constitutional law, it is fairly innacurate to compare commercial speech like spam to political, individual, or artistic speech, which all earn strong First Amendmant protection and for which strict scrutiny must be met to limit those freedoms. Limitations to commercial speech, in contrast, must only meet intermediate scrutiny (a reasonable governmental interest rather than a compelling one), as evidenced by FTC regulations on advertisements and the like, regulations which would not stand against political activism and the like.
Forget RBLs - active whitelisting is the future. (Score:3, Informative)
If you feed your inbox/archives into your whitelist, 99% of people who e-mail you won't even notice the system is running.
I used to get about 200 spams a day. I tried RBLs, I tried spamassassin. None of it worked reliably - RBLs were only catching about 20% of my spam and spammers now get around spamassassin by looking at the rules when they craft e-mails. False positives were also a problem - sure, it's quicker filtering suspected spam into a spam folder for batch-checking, but it's still a serious hassle with >80 dubious borderline spams a day, and tens slipping straight through the spamassassin/RBL net into your inbox.
Happily for those of you running your own mail servers (or sitting on a *nix box which delivers mail locally via procmail), you can get a program which will do this for you for free. It's called Active Spam Killer, it's written in Python, and you can get it here [paganini.net].
Blackhole/blacklist is wrong approach (Score:0, Informative)
If you understand that point then you can see why all the collateral damage occurs unnecessarily. You're shooting down the wrong target. We're doing it now because it's easier (blackhole IP, bandwidth saved) but the consequence is too great to ignore: we're fracturing Internet-wide communication more and more every day!
We should focus instead on content-based spam filtering, and share that knowledge to improve efficiency. Accuracy skyrockets and collateral damage virtually disappears! You can use intelligent software like spamprobe [sourceforge.net] to classify mail as spam, for instance. There's also the Distributed Checksum Clearinghouse [rhyolite.com], which lets mail servers around the world determine what's spam based on collective mail data.
A million mail servers sharing with each other what they know about the appearance of this week's spam would be killer. I'd love to see that.
Re:You'd get better results... (Score:3, Informative)
Re:Yes but what about re-assigned IPs to new perso (Score:3, Informative)
To the best of anyone's knowledge, SPEWS' approach is this:
1) Set up spamtrap addresses, seed them on Web and USENET
2) Receive spam: complain to ISP.
a) If spam stops, stop.
a) If spam continues, blacklist.
3) If spam still continues, expand blacklist by stages until the entire ISP is blocked.
4) Keep blacklist in place until
a) the ISP notices its problem and stops the spam
b) the ISP goes out of business
c) the Universe undergoes a heat death
Note that this is a LOT better than the alternative, where every mail admin runs his own blacklist. Such lists are virtually impossible to get out of, because nobody has the time to check for removals. I believe that a great deal of what was once AGIS IP space is still blocked at many sites, and that block is a 4c 'heat death' type.
Re:Uhh, no. (Score:2, Informative)
I worked for a vertical market ISP that was reselling UUNet/WorldCom. And I can tell you for a fact that SPEWS is not in fact "reasonable". They blocked the entire subnet that we had 8 ip's on because *one* user on another segment of the subnet sent out spam. Their response was 'too bad, handle it with UUNet, not our problem'.
We had nothing to do with sending spam or any spammers, we we're just deemed 'collateral damage'. We eventually had to change subnets which cost us time and money. Was this fair?
Reasonable? SPEWS? No.