Osirusoft Blacklists The World 947
NSXDavid writes "Earlier today our site mysteriously ended up on Joe Jared's Osirusoft SPAM blacklist which is used by lots of antispam software (like SpamAssassin and sendmail). Since he is currently under a serious DDoS attack, there was no way to appeal this decision. We contacted Mr. Jared by phone who informed us that 'everyone needs to stop using Osirusoft and that he's going to be shutting the service down.' Then he says he's going to blacklist 'the world' (aka, ban *.*.*.*) to get his point across. Later on this evening, he apparently went ahead and did just that. Succumbing to lawsuits and DDoS, a once great blacklist is dead. SpamAssassin is removing it from their config in the next release (rc3) and email admins around the globe are reconfiguring their mail servers."
Blacklists and reality (Score:5, Insightful)
Well, fine, but... (Score:4, Insightful)
The non-communication only breeds rumours.
Sweet, Sweet Justice. (Score:5, Insightful)
Re:Blacklists and reality (Score:5, Insightful)
Re:Sweet, Sweet Justice. (Score:5, Insightful)
If an ISP has 5000 customers and 3/4 of them are unable to email family at AOL or Yahoo because they're being blocked due to ISP having a spammer or two, the spammers tend to get dropped.
There are exceptions to this, but by and large, collateral damage works.
And like I said, I think it's piss poor policy.
Re:Sweet, Sweet Justice. (Score:5, Insightful)
Well, (Score:3, Insightful)
Garbage (Score:5, Insightful)
Oh, I forgot, the standard propaganda line from these SPEWS.ORG type anti-spam fundamentalists is "we didn't block your email, the ISP using our service did, blame them."
Re:Sweet, Sweet Justice. (Score:5, Insightful)
Yes, this is indeed a poor policy. SPEWS exists so that the people who are violently against spam can pass the burden of fighting it onto the innocents who aren't as bothered by it.
SPEWS was shit (Score:1, Insightful)
Assholes.
Re:Blacklists and reality (Score:5, Insightful)
The vast majority of spam is sent with some form of false address. Developing a way to be able to trust the origin of email is the way to end the spam crisis.
This type of action does not surprise me. SPEWS and the other blacklists are poor solutions to spam because they are in effect private censorship with no accountability. They are also single points of failure for the Internet as today's episode proves.
The backwash caused by this event was huge. It wasn't just spews and spews users who were affected, the load on the backbones was causing severaql nets to brown-out repeatedly.
It is just as well that we did not have as many idiotic 'hack-back' schemes in operation as some have been calling for.
Re:Blacklists and reality (Score:2, Insightful)
Server level for business contacts. e.g. client@companyA.com, consultant@companyB.com
It should be easy enough to whitelist all of your friends. Phone contacts are very easy to perform for business.
Re:Blacklists and reality (Score:5, Insightful)
Re:Sweet, Sweet Justice. (Score:5, Insightful)
No, it is different. This one is shutting down, and this is how the operator is making sure that everyone knows it is no longer functional.
It is a public service, of sorts. He is guaranteeing that no one is using the blacklist. That way it can't be misused by someone hijacking it, or just left in place by someone who doesn't care. It is shut down. And everyone will know it.
trusted signing of mail servers (Score:4, Insightful)
Re:blacklists -- bah! (Score:4, Insightful)
That has been a consistent development since MAPS RBL became d***less. Every single blocklist that followed another one that went down, was more strict than the one it replaced.
Whoever is doing the DDOSing the nameservers of SPEWS and osirusoft is pretty achieving nothing in the end.
NNTP (Score:4, Insightful)
I'm willing to bet the big news carriers would give an account to any legitimate operators of such a service. Sign every post from trusted list creators with a public key to ensure validity, and it would be nearly impossible to ddos the service.
Ooooh... what about making the list itself a p2p app? Perhaps this could be a great excuse to motivate some big corps to install some freenet nodes...
Re:perhaps this is a lesson that needed learned (Score:3, Insightful)
How about, instead of contacting your ISP to get you off the list, you contact them about not allowing spammers on their networks in the first place and/or terminating their accounts before the spammer lands the ISP and their customers on a blacklist?
Monopoly (Score:5, Insightful)
They want you to get flamed to death as further punishment.
"Switch ISPs." So if a major residential cable modem ISP's mail server gets blacklisted, then how is anybody in any of the towns serviced by that cable company supposed to send e-mail to users of ISPs that use SPEWS?
Re:Sweet, Sweet Justice. (Score:2, Insightful)
This means even more legitimate mail is being bounced or dropped than normally is by mail servers stupid enough to use SPEWS. SPEWS sucks and needs to disappear.
Although I don't agree with the tactics of a DDos, I am happy they are getting a taste of their own medicine.
SPEWS is all about getting other people to fight their battles for them. The are a bunch of fanatics that don't care who they stomp on and anyone who trusts their services should have their head examined.
Good riddance...
Re:Blacklists and reality (Score:3, Insightful)
PGP and S/MIME allow you to trust the origin of email. Both have been around for years
Re:perhaps this is a lesson that needed learned (Score:3, Insightful)
SPAM is a tough problem, but that doesn't mean the solution is to blame or attach --which is what you are suggesting-- anyone.
Re:Sweet, Sweet Justice. (Score:3, Insightful)
Spews was an excellent solution. It wasn't perfect and a few mistakes were made. The fact that the real operators had to remain secret due to all the lawsuit threats did make it difficult to provide feedback to make corrections. I predict SPEWS will be back, but in a different form, possibly as a distributed file of sites to block ... which will make it even harder to get removed since it will then not be operating as a live database.
Much of the problem was because a lot of people didn't understand that the purpose of SPEWS went beyond just blocking spammers (which will not accomplish stopping spam), but actually blocking the ISPs that allow spammers to continue to operate and continue steal resources from networks and mail servers. This was in effect a boycott of that ISP, and it was intended to drive customers from that ISP to other ISPs that do not harbor spammers. In many ways it was working because it clearly got a lot of spammers upset, and a lot of ISPs upset as well. I even believe it is possible that the DDoS attack on OSIRUSOFT was caused by many of these ISPs.
My question to you is, did you understand that SPEWS was blocking whole ISPs, not just spammers? You don't have to agree with that method or principle ... just understand that others do think it is right, and understand why they do.
Re:perhaps this is a lesson that needed learned (Score:5, Insightful)
Here's the deal I am willing to make: if you are going to block an entire C block that I am part of, send me an email and let me know and then I will happily complain to my ISP until I am red in the face. I am willing to make that promise.
But... if you want to just slam me on a list without any regaurd for the costs it will incur for me, then don't expect me to be a happy little soldier. It's just not going to happen.
I get 90% spam, and I'm not sad to see them go (Score:4, Insightful)
Now, let's continue to turn our attention towards methods of stopping spam that don't involve dropping 100x as much legitimate mail.
Re:Sweet, Sweet Justice. (Score:5, Insightful)
Email used to be one of the most reliable means of communicating on the net. You were always guaranteed that your message would either arrive, or you would hear about it (bounce). But with all of the email worms Microsoft has written (you have to admit these email worms/viruses practically write themselves), and the idiotic attempts at stopping the SPAM problem, email is becoming practically useless. mail admins are using blacklists and just dropping mail, which is effectively breaking the mail system. SPAMers may be the cause, but what is the point in destroying email all together. I would rather receive 100 SPAMs a day that loose one legitimate email that was intended for me. Sort of the same reason I am against the death penalty.
As blacklists go, SPEWS is the worst of them. They block entire netblocks so that innocent bystanders will fight their fight for them. If my IP gets blocked even though I haven't sent any SPAM, I am expected to bitch to my ISP and/or move to another ISP, and then maybe in a couple of months my IP might get removed from the list.
Reminds me of the way things work in the middle east. Pick either side, and they are using the same tactics. The Palestinians are blowing up civilians in the hope that the civilians left alive will do something about their problems. And the Israelli government is firing missiles into crowded cities to kill some suspected criminals and anyone else who happens to be within 100 meters of these guys...
Guerilla tactics like SPEWS employ won't work in the long run, and I am happy that SPEWS is getting hit hard.
SPEWS is claiming that the SPAMers are hitting them with this DDos, but I wouldn't be surpirsed if it was some disgruntled and innocent bystanders who were hit by the SPEWS "Collateral Damage" misile.
waah! waah! (Score:3, Insightful)
blocking the world is what happens to clean up the idjits who are still using a DNSBL weeks or months after it's been announced that the list is shutting down.
jeez.
Re:Sweet, Sweet Justice. (Score:5, Insightful)
The fact that "innocents" are caught up in the block is unfortunate, but unavoidable from a practical standpoint. SPEWS doesn't list netblocks because they have a spammer or two present.
Idiotic rambling like this is exactly why spews was accepted at all in the first place.
When you post on NANAE and say "Help, i've been blacklisted but my company has nothing to do with spam!", Everyone replies with "Sorry, SPEWS is run by mighty space robots from the future who have travelled back in time to stop it SPAM from destroying the world. Unfortunately, we have no way of contacting them. Your only hope is to talk your isp into kicking off their spammer clients, or change isp's. Maybe the robots will unblacklist you then."
SPEWS doesn't consider the innocents being caught up as unfortunate, they consider them the target. The collateral damage is where they're trying to affect the internet.
If it was about blocking spam and ISP's they'd strategically blacklist ISP-critical machines and the spammers. There's no reason to blacklist the innocents. ISP's won't listen to them about not hosting spammers, and have you tried to find good decent hosting that doesn't rip you off? Especially if you're a larger site.
The "Collateral Damage" is the main damage spews hopes to cause, to try to get innocent people to fight their battles for them.
Re:sad news, but there are alternatives (Score:3, Insightful)
Re:Sweet, Sweet Justice. (Score:2, Insightful)
I love these people who assume that the problem can be solved if all ISPs just used blacklists like SPEWS.
Re:perhaps this is a lesson that needed learned (Score:3, Insightful)
Did it ever occur to you that a spammer does not walk up to an ISP an annouce that they are a spammer? What exactly would you suggest an ISP do? Background checks? Get a note from the spammer's mom? This may come as a surprise, but spammers sometimes tell lies.
And again, how fricking presumptive of you to think that you can fight your war at any cost, including costs you force upon me. The big problem with spammers is that the email they send costs the world way more than it does themselves. The ironic thing is, the same goes for the blocklists.
Re:Bad for any RBL! (Score:3, Insightful)
If major blacklists can be sued... (Score:3, Insightful)
Idiots need to learn that no one is obligated to allow others unrestricted use of their private resources. You don't have a legal right to tie up MY CONNECTION and MY HARDDRIVE with YOUR CRAP.
Can't send an e-mail to my server because I blocked your domain? Too f-in bad. Contact your "customer" with a letter or by phone. The first amendment doesn't override my ability to mark you as trespassing on my property if you attempt to tell other people who reside on my property how you like to suck on a horse. In fact I have a right to ban people who wear funny hats from my property if I so choose. It's MY PROPERTY. I CHOOSE who can be on it.
Blacklist == restraining order.
Last I checked those were still legal. You don't have a first amendment right to talk to your ex wife who you beat and banned you from comming near her.
People who try to pretend the first amendment grants them some kind of right to my resources needs to go back to kindergarten and start the educational process all over again.
Ben
Re:Blacklists and reality (Score:5, Insightful)
Yes, let's kick blind people off the net! If they can't parse your machine-unreadable image, screw them. Right?
Me, I do pretty well with Bayesian spam filters.
Re:Garbage (Score:2, Insightful)
If that's his concern, unplug the fucking wire. Change DNS resolution for relays.osirusoft.com to a blackhole address. Change the IP.
Personally Call each and every ISP that uses his lists? Remember, he can't use the net to do this, because some dipwad jerk is DDoS'ing the crap out of him and other anti-spam sites.
Obviously, the box in question is able to return DNS query responses, so it's not DoSed off the wire. Since the blocklist is typically queried by SMTP servers, by logging the IP addresses which query, he has an instant list of all the SMTP servers of people who use the service. He can then reverse-lookup these, and send an email to postmaster@whatever, CC:ed to root and whomever else. He can use a separate machine and IP to do so so this traffic is not affected by the DoS.
There, that's a responsible way of dealing with the problem, and if you'd like I can write a script to do it automatically. The way in which he dealt with this is not responsible, given that he chose to run a blacklist service which he knew was being used by administrators to block email. He was well aware that by doing this, he would affect innocent people.
Then again, to the spews.org crowd, anyone who doesn't devote their life to their single minded pursuit of purifying all email traffic is a guilty party.
Oh, I forgot, the standard line from these spews.org haters is "I don't care if my ISP is letting spammers hijack relays and fuck up the net, I Want my EMAIL WHAWHAWHAWHA"
This is precisely what we recite at the beginning of every regional meeting of The Spews.org Haters Association; how did you find out?
Re:Sweet, Sweet Justice. (Score:5, Insightful)
You try running a mail server, even at a small ISP, and see how much crap you have to deal with.
I've done it. My point is that while blacklisting can have it's uses, there's two big problems with spews:
a) They blacklist people specifically to cause harm.
b) USING ANY BLACKLIST AS A CATCHALL IS STUPID. Nobody should be doing this, and anybody who is should be fired for incompetence. It takes more than 'Some group of people who have nothing to do with us have decided that there's a small chance that this could be spam' to efficiently block spam.
SpamAssassin seems to have this down; give everything a score, and if it has a high enough score, then you can block it. But trusting a single source whose purpose is to hurt spam rather than to efficiently block it and only it, and using that as a sole source, like so so so so so many people do, is just plain fucking idiotic.
OH boo hoooooo (Score:5, Insightful)
I'm an anti-spam nazi, and SPEWS gave us all a bad name. I'm glad SPEWS is dead, and it needs to stay dead. It did nothing good for the anti-spam movement, only exacerbated the situation. With no appeal process and the total lack of caring for innocents leaves me with nothing but happiness to see this travesty of justice get blown into oblivion.
Sometimes, the enemy of my enemy is my friend...
Goodbye Spews... we won't miss you, you hulking piece of ill-thought out crap. Let me wave goodbye with my middle finger.
Now, maybe System Admins without a clue will be forced to take real steps to protect their users from spam, instead of playing the lazy asshole and taking the Hail Mary approach that is SPEWS and hoping for the best.
I feel greasy, now... to have agreed with spammers. I think I'll go take a shower.
Re:blacklists -- bah! (Score:3, Insightful)
Not at all, it depends how you use them. You have 3 choices:
1. Use them to block at the server or
2. Use them to tag incoming email or (the one I favor)
3. Use them as part of your spam scoring system.
The last is a built-in feature of SpamAssassin and works well.
Re:Blacklists and reality (Score:4, Insightful)
You could say I shouldn't enlist on such things, but development on open source stuff pretty much demands that you give your mail address to the general public in order to receive patches and whatnot.
So, we have to live with the spam, or try really hard to blokc it. Losing this dns based blacklist is a shame. And I think blacklisting the world is just an antisocial thing to do. He could have just shut down the DNS server and have stuff time out or fail (NXDOMAIN). If he just killed his nameserver, we wouldn't have this problem with mail being rejected.
Re:Sweet, Sweet Justice. (Score:3, Insightful)
SPEWS exists so that admins who don't want e-mail from crime-ridden ISPs can reject it as they see fit.
SPEWS does not force anyone to use their lists for filtering. If you don't like SPEWS, don't use it to filter your mail.
It matters not... "Son of SPEWS" will rise... (Score:5, Insightful)
One important point to remember is that Joe Jared himself was NOT SPEWS. No one ever knew who they were (at least no one that will admit to it). He merely acted as a reflector for their listings.
Another thing to remember is that a DDoS attack -- ANY DDoS attack -- is a criminal act. If the release of the recent incarnations of the SoBig worm and the DDoS attacks against SPEWS are indeed related, then it only proves that spammers are indeed criminals.
For my part, I've already seen an increase in spam as the result of losing access to the SPEWS DNSBL. I've had to update our local blocklist six times today, and that's really unusual for my setup. I suspect I'll be fairly busy over the next couple of weeks, doing a little of the same each day.
Spammers may have won a battle today. They're a LONG way from winning the war.
Re:Sweet, Sweet Justice. (Score:3, Insightful)
Because terrorists don't "hurt innocents," they engender fear and terror. They blow up bombs in crowded areas. They send horrible, infectious diseases through the mail. In one, your email doesn't get read. In the other, men, women, and children generally die agonizing deaths.
I hate it when people use the word "terrorist" to describe something that is totally unrelated. It belittles the word, and cheapens it. Much like "Nazi" was before 9/11.
Slight correction... (Score:4, Insightful)
Spam is always theft of services. They're just doing it more blatantly now.
Re:Good riddance to bad rubbish (Score:3, Insightful)
SPEWS starts out with a listing of JUST the IP address that is spamming. It gets wider only if abuse reports are repeatedly ignored. It takes many steps to get as wide as you are describing. I suspect you are greatly understating the magnitude of the spam flowing from your ISP or the upstream providers.
I can't email several friends
Email them from somewhere else and ask them to whitelist you. If they are on an ISP that doesn't support whitelists, then either they have to move, or you have to move.
Re:Blacklists and reality (Score:5, Insightful)
Let's pretend I'm a business. I WANT you to send me an email.
I WANT emails from every single person in the world that isn't a customer yet.
I NEED to accept every email on the chance that one of them might be a sale. (Yep. This means I need to look at the ones that include *details* in the subject.)
Whitelist doesn't work here.
I do NOT want a phone call from you as first contact. A one minute email response is now a 40 minute phone call explaining that "Yes you must turn on your computer first if you want to actually use it"
White-list is unworkable for business, because everything must be "whited" by default.
Challenge-Response is unworkable because I/we (as a small to mid business) simply could not keep up with that. Sure. One of the real programmers we have (i'm not one of them) could come up with an auto-bot to respond to challenge-response, but then we end up back where we started, don't we?
I don't have the answers. But I do know what the answers aren't. And Whitelist/Challenge-Repsonse aren't it
Just my 3 cents worth of rant for today.
The usual glib criticisms of SPEWS (Score:5, Insightful)
Please tell me more about these ISP-critical machines that don't affect innocent users. But then why are they critical?
As for narrowly listing spammers, it's been tried. Sleazy ISPs move the spammers around to evade such blocks.
Re:Bad for any RBL! (Score:3, Insightful)
In order to stop the traffic he has to *force* people to deconfigure.
Does it seem more logical now?
Re:sad news, but there are alternatives (Score:5, Insightful)
BTW, what have you done to fight abuse in the US?
To me personally, spam blacklisting is a much bigger problem than spam itself because many organizations abroad (like some departments of my former Uni) with whom I sometimes have to communicate (I live in the US right now) blacklist all major US ISPs (MSN, AOL, Yahoo, AT&T) and justify this behavior with the arrogance of US sys-admins that tend to block all foreign mail. This tit-for-tat behavior does not benefit anyone and if anything pisses me off it's the arrogant attitude of sys-admins who for some reason forget their place and think they have absolute power to decide with whom the people in their organization may communicate with and with whom they cannot.
Re:Blacklists and reality (Score:4, Insightful)
It was a private list, maintained by a private entity who released this information to the world. Nowhere does the government enter into it.
I really hate starting this debate up again, but we need to be clear on what is censorship and what is not. If I restrict people from voicing their opinion on my network, that is not censorship. It is only censorship when the government does. I think the theory is that a government is supposed to represent all of the people, so therefore all of the people are supposed to have an equal voice (yeah, there's theory and reality and never the twain, yada yada). But a private entity is allowed to restrict content whenever and wherever they choose within that entity.
Re:perhaps this is a lesson that needed learned (Score:3, Insightful)
Re:Sweet, Sweet Justice. (Score:3, Insightful)
Your "innocent bystanders" aren't innocent, they're giving their money to a spamming ISP. Which means, they're contributing to the problem that there are irresponsible ISPs who send out spam.
Hurga
Bigots and censors? (Score:1, Insightful)
Your job to administer the systems given unto your care. Using SPEWS kind of list is lazy. If you need such a list to do your job I will pay for it. Meaning you will be expected to prepare it your self or I will purchase it for your use. Other wise I am paying for the bandwidth. This is a service company. We rely on email from all over the world to stay in that business. Your use of this list precludes our making money from addresses you block when using this kind of list.
Do your fucking job or find another.
The Boss.
Re:Blacklists and reality (Score:1, Insightful)
Hey, you have to wonder which is more important - blocking spam, of the few non sighted people who get blocked - Which is the greater good?
Re:Blacklists and reality (Score:4, Insightful)
Censorship is the act of censoring, which is defined as surpressing or deleting anything objectionable. It's mostly done by governments, but that's not a requirement. (Religious organisations often censor their own holy texts.)
As such, any entity or organisation relaying information between the producers and consumers of that information has the capability of censoring this information.
If an ISP blocks or alters emails (to remove virusses), it is censoring email. This censoring is done with the consent of the recipients; the recipients can move to an other ISP if they don't like the censorship policy. This is the big difference with government censorship: you have a choice of getting your information from somewhere else.
In the workplace, an employee is in agreement with his employer to only recieve emails relevant to his job, so there is an issue of consent also. If the employee doesn't like it, he's got the choice of quitting his job.
So it's definitely censorship, but it's on a voluntary basis.
Re:Spews was really effective (Score:3, Insightful)
While quite a few people actually used spews, mailadmins whom i've spoken with pretty much didn't want the headache complaints generated both spammers and legit users attempting to get e-mail out.
Libertarian Newspeak Doesn't Negate Censorship (Score:5, Insightful)
That is a fucking myth, and I am sick and tired of hearing people parrot that nonsense. Saying a business can't censor because it isn't a government is akin to a black man saying he can't be racist because he is black. These are both examples of the same logical fallacy: just because a behavior is traditionally associated with one entity or group doesn't mean it is impossible for another entity or group to begin behaving in exactly the same behavior.
Obviously, anyone of any ethnicity is capable of becoming a racist, just as anyone with any power or influence over others is capable of engaging in censorship.
Responsible parents routinely censor what their kids see and hear. We as a society, by and large, find this to be an acceptable form of censorship.
Many religions routinely censor what their congregations are and are not allowed to see and hear (the Catholic church has had a censorship office for centuries, but they are hardly alone. The Mormons censor what they deam inappropriate for their membership, just as the Jehovah's Witnesses do, and I really don't need to cite example after example for Islam, do I?).
And finally, yes, many, many companies engage in censorship, both the obvious 'media' companies that bury stories they don't like or can't be bothered with, as well as other more subtle businesses (like Monsanto pressuring Fox News into not running a news story on how their hormone saturated milk was actively harmful to the health of children, an action that resulted in Fox News firing two reporters who refused to disavow their story, and said reporters winning a lawsuit against Fox News under Florida's whistleblower laws).
Anyone with any form of power over another, be it parental, religious, corporate, or governmental, has the power in some capacity to censor information available to those less powerful. It is a telling, and appalling, commentary on our culture to observe just how common this sort of censorship is, and how eager we have become to silence those with opposing viewpoints, rather than to argue the counterpoint (as I am doing here, for example).
Your Libertarian Newspeak definition of censorship is plain wrong. You may have the right to censor what comes across your network, and you may chose to excersize that right, but don't think for a moment you aren't engaging in censorship, or think you can convince the rest of the world (a few gullible moderators aside) you are not simply by trying to spin your verbiage.
And lest there be any doubt as to what censorship is:
censorship
n.
1. The act, process, or practice of censoring.
2. The office or authority of a Roman censor.
3. Psychology. Prevention of disturbing or painful thoughts or feelings from reaching consciousness except in a disguised form.
censor
1. A person authorized to examine books, films, or other material and to remove or suppress what is considered morally, politically, or otherwise objectionable.
2. An official, as in the armed forces, who examines personal mail and official dispatches to remove information considered secret or a risk to security.
3. One that condemns or censures.
4. One of two officials in ancient Rome responsible for taking the public census and supervising public behavior and morals.
5. Psychology. The agent in the unconscious that is responsible for censorship.
tr.v. censored, censoring, censors
To examine and expurgate.
(source: dictionary.com)
You will notice, that with the exception of historical references to Rome, none of these definitions presuppose governmental authority over just plain authority, indeed, quite the contrary.
Re:Libertarian Newspeak Doesn't Negate Censorship (Score:5, Insightful)
Now, that being said, the Government is in no way OBLIDGED to reward "free speech" either. If the government gives an art museum $1,000,000 in grants a year to showcase art through the National Arts Endowment and then the bigwigs there see a statue of the virgin mary covered in blood and feces displayed as art, they are well within their rights as a governing body to NOT renew the grants. This is not censorship. The government is NOT required to reward behavior that it doesn't find acceptable, regardless of whether that behavior is legal or not.
The same way the Lesbian, Gay, BiSexual, Transgender Association on here on campus had a "SexFaire" and "CuntFest" a few years back that "promoted safe sex and raised awareness of students inherant sexuality". About 200 of the university's 45,000 students went to it, but it became a big deal cause they handed out condoms, gave kissing lessons, and other stuff that escapes me at the moment. The state government heard about it and decided to cut the universities funding because the groups that put on these events used campus funds. Were the censored? No. They were no longer rewarded for their behaviors. The money was given to them for free before and they lost that priviledge.
"Don't bite the hand that feeds you" comes to mind.
-Ab
being black and your list (Score:3, Insightful)
Wouldn't this fail if it became common? (Score:3, Insightful)
After all, if spammers saw a lot of it, wouldn't they just learn to send the same spam several times at one hour intervals?
Re:sad news, but there are alternatives (Score:3, Insightful)
There was an informal poll held in NANAE (network.admin.net-abuse.email) on how mail server admins block all of 200.0.0.0/8. And dozens if not hundreds of people replied they do block all of it. How long before it becomes thousands of networks block your country for spam abuse?
From all appearances, those on NANAE are seen as grouchy, stubborn, drunk-with-power, vindictive nerds by most of those outside the list. Don't go thinking you're going to impress anybody with informal polls or whatever done by them.
Re:Blacklists and reality (Score:2, Insightful)
[1] Sorry, not all AOL users are like that, but YKWIM.
[2] The things are also people.
Re:perhaps this is a lesson that needed learned (Score:3, Insightful)
What I have a problem with are the system admins and management of ISPs that are making the decision to use these blocklists to bounce email for all of their customers, including the ones that don't want their email blocked. Yes, it is easy to say that the customer should simply change ISPs, but in many areas, especially when it comes to high speed options, there are no other ISPs available.
Additionally, many of my clients have been with the same local internet provider for years and only recently has that provider started using the block lists. The cost of changing internet providers can be tremendous. Consider simple things like emails addresses printed on business cards and letterhead (they had their internet provider long before they had their own website).
I think many responses that put spam block lists in a positive light are not considering the huge costs they place on actual real businesses. Often times the effects are worst on small businesses that simply cannot afford the additional costs of trying to figure out how to get off the lists.
So I wonder, if you were working for a company that was struggling a bit, and was affected by inaccurately being placed on SPEWS list, costing them thousands of dollars, how would you feel about taking a partial pay or time cut to make up that money? Would your reverence to the list stay so high? The reason I ask is because, as a business owner, I had to take a pay cut, at least temporarily, as a result of inaccurately being placed on SPEWS' list.
If an ISP wants to use an IP blacklist, fine, but they need to take responsibility for its use, use it in an intelligent way, and really consider the quality of the list that they are using. SPEWS has a reputation for being far from the highest quality list, and that reputation has grown from their own actions.
Re:Sweet, Sweet Justice. (Score:3, Insightful)
They have not killed anyone or attempted to kill anyone (yet).
The basic mindset is very similar, you will comply with our demands or else we will hurt you, you will force others to comply with our demands or else we will hurt you.
Very few ISPs take any notice of SPEWS, at this point they are irrelevant because they are completely indiscriminate. Any ISP who uses SPEWS as a blacklist is guilty of negligence in my view. I would not switch ISPs because an ISP was listed in SPEWS but if they filtered my mail using SPEWS I would drop them immediately.
There is no point in responding to SPEWS demands for the simple reason they will not bother to respond to you.
Re:How *do* we fight spam? (Score:2, Insightful)
Or in many cases the spammers are paying the ISPs far more per month than the $19.99 dial up guy who's complaining about spam.
Who do you think they're going to bend over backwards to serve?
Re:Sweet, Sweet Justice. (Score:2, Insightful)
By using this type of guerilla warfare, blacklisters delude themselves with the fervent hope that innocent civilians such as ourselves will enter the war on their side in order to punish the offending ISPs.
Why they think that by screwing us, we would ever be inclined to help their cause defies understanding.