Osirusoft Blacklists The World 947
NSXDavid writes "Earlier today our site mysteriously ended up on Joe Jared's Osirusoft SPAM blacklist which is used by lots of antispam software (like SpamAssassin and sendmail). Since he is currently under a serious DDoS attack, there was no way to appeal this decision. We contacted Mr. Jared by phone who informed us that 'everyone needs to stop using Osirusoft and that he's going to be shutting the service down.' Then he says he's going to blacklist 'the world' (aka, ban *.*.*.*) to get his point across. Later on this evening, he apparently went ahead and did just that. Succumbing to lawsuits and DDoS, a once great blacklist is dead. SpamAssassin is removing it from their config in the next release (rc3) and email admins around the globe are reconfiguring their mail servers."
Blacklists and reality (Score:5, Insightful)
Re:Blacklists and reality (Score:3, Interesting)
Most of the spam I get comes from those domains, or at least it is spoofed to appear its from there.
Re:Blacklists and reality (Score:5, Insightful)
The vast majority of spam is sent with some form of false address. Developing a way to be able to trust the origin of email is the way to end the spam crisis.
This type of action does not surprise me. SPEWS and the other blacklists are poor solutions to spam because they are in effect private censorship with no accountability. They are also single points of failure for the Internet as today's episode proves.
The backwash caused by this event was huge. It wasn't just spews and spews users who were affected, the load on the backbones was causing severaql nets to brown-out repeatedly.
It is just as well that we did not have as many idiotic 'hack-back' schemes in operation as some have been calling for.
Re:Blacklists and reality (Score:3, Insightful)
PGP and S/MIME allow you to trust the origin of email. Both have been around for years
Re:Blacklists and reality (Score:5, Interesting)
That only works if I require them to sign mail they send to me, with my public key.
Possibly having a key system of public keys and private keys. You put your own private key out there, saying you'll accept mail with anything that signs their mail with the public key. You add any mailing lists you want public key, they sign all outgoing messages with their private key. Thus you'll accep their mail.
You can white list on anybody else you're willing, using a Web of Trust from PGP if they are considered "trusted" enough. However, that will lead to problems.
However, public and private keys will suddenly become tokens of value to spammers. Suddenly people will start creating worms, and scripted attacks to pull peoples keys. They will start trying to break into machines. It'll create a black market for trusted keys the world over. They'll just be new attacks, and new problems. Creating a large scale web of trust, won't work. A worm can easily go steal the tokens of trust, and then start using them to spam with. It'll just be another arms race.
Now letting forcing people to sign with your key is probably the most doable, but it also means that running mailing list software is a real, real CPU intensive application. I'm not particularly thrilled with that.
The only way to stop spam is to make it stop being cost effective, that involves causing e-mail to be an expensive operation if it involves untrusted e-mail servers.
Kirby
No, THEIR KEY (Score:4, Informative)
You got it wrong: by signing with your public key you, and only you can verify that it was intended for you. That is not what you want, what you want is email signed with their private key, so you can use their public key to verify who sent it. If I sign all my email with my private key, everyone in the world knows that it is me who sent it, and I cannot deny it. If I sign outgoing email with your public key (because I can't know your private key) then only you can verify it, and then all you know is I inteded for you to read it. To a Spammer that may cost enough CPU that it isn't worth it, but it does nothing to help you track down who sent it. (Since much spam is for illegal things tracking down who sent it would be very useful)
Re:Blacklists and reality (Score:4, Insightful)
It was a private list, maintained by a private entity who released this information to the world. Nowhere does the government enter into it.
I really hate starting this debate up again, but we need to be clear on what is censorship and what is not. If I restrict people from voicing their opinion on my network, that is not censorship. It is only censorship when the government does. I think the theory is that a government is supposed to represent all of the people, so therefore all of the people are supposed to have an equal voice (yeah, there's theory and reality and never the twain, yada yada). But a private entity is allowed to restrict content whenever and wherever they choose within that entity.
Re:Blacklists and reality (Score:4, Insightful)
Censorship is the act of censoring, which is defined as surpressing or deleting anything objectionable. It's mostly done by governments, but that's not a requirement. (Religious organisations often censor their own holy texts.)
As such, any entity or organisation relaying information between the producers and consumers of that information has the capability of censoring this information.
If an ISP blocks or alters emails (to remove virusses), it is censoring email. This censoring is done with the consent of the recipients; the recipients can move to an other ISP if they don't like the censorship policy. This is the big difference with government censorship: you have a choice of getting your information from somewhere else.
In the workplace, an employee is in agreement with his employer to only recieve emails relevant to his job, so there is an issue of consent also. If the employee doesn't like it, he's got the choice of quitting his job.
So it's definitely censorship, but it's on a voluntary basis.
Libertarian Newspeak Doesn't Negate Censorship (Score:5, Insightful)
That is a fucking myth, and I am sick and tired of hearing people parrot that nonsense. Saying a business can't censor because it isn't a government is akin to a black man saying he can't be racist because he is black. These are both examples of the same logical fallacy: just because a behavior is traditionally associated with one entity or group doesn't mean it is impossible for another entity or group to begin behaving in exactly the same behavior.
Obviously, anyone of any ethnicity is capable of becoming a racist, just as anyone with any power or influence over others is capable of engaging in censorship.
Responsible parents routinely censor what their kids see and hear. We as a society, by and large, find this to be an acceptable form of censorship.
Many religions routinely censor what their congregations are and are not allowed to see and hear (the Catholic church has had a censorship office for centuries, but they are hardly alone. The Mormons censor what they deam inappropriate for their membership, just as the Jehovah's Witnesses do, and I really don't need to cite example after example for Islam, do I?).
And finally, yes, many, many companies engage in censorship, both the obvious 'media' companies that bury stories they don't like or can't be bothered with, as well as other more subtle businesses (like Monsanto pressuring Fox News into not running a news story on how their hormone saturated milk was actively harmful to the health of children, an action that resulted in Fox News firing two reporters who refused to disavow their story, and said reporters winning a lawsuit against Fox News under Florida's whistleblower laws).
Anyone with any form of power over another, be it parental, religious, corporate, or governmental, has the power in some capacity to censor information available to those less powerful. It is a telling, and appalling, commentary on our culture to observe just how common this sort of censorship is, and how eager we have become to silence those with opposing viewpoints, rather than to argue the counterpoint (as I am doing here, for example).
Your Libertarian Newspeak definition of censorship is plain wrong. You may have the right to censor what comes across your network, and you may chose to excersize that right, but don't think for a moment you aren't engaging in censorship, or think you can convince the rest of the world (a few gullible moderators aside) you are not simply by trying to spin your verbiage.
And lest there be any doubt as to what censorship is:
censorship
n.
1. The act, process, or practice of censoring.
2. The office or authority of a Roman censor.
3. Psychology. Prevention of disturbing or painful thoughts or feelings from reaching consciousness except in a disguised form.
censor
1. A person authorized to examine books, films, or other material and to remove or suppress what is considered morally, politically, or otherwise objectionable.
2. An official, as in the armed forces, who examines personal mail and official dispatches to remove information considered secret or a risk to security.
3. One that condemns or censures.
4. One of two officials in ancient Rome responsible for taking the public census and supervising public behavior and morals.
5. Psychology. The agent in the unconscious that is responsible for censorship.
tr.v. censored, censoring, censors
To examine and expurgate.
(source: dictionary.com)
You will notice, that with the exception of historical references to Rome, none of these definitions presuppose governmental authority over just plain authority, indeed, quite the contrary.
Re:Libertarian Newspeak Doesn't Negate Censorship (Score:5, Insightful)
Now, that being said, the Government is in no way OBLIDGED to reward "free speech" either. If the government gives an art museum $1,000,000 in grants a year to showcase art through the National Arts Endowment and then the bigwigs there see a statue of the virgin mary covered in blood and feces displayed as art, they are well within their rights as a governing body to NOT renew the grants. This is not censorship. The government is NOT required to reward behavior that it doesn't find acceptable, regardless of whether that behavior is legal or not.
The same way the Lesbian, Gay, BiSexual, Transgender Association on here on campus had a "SexFaire" and "CuntFest" a few years back that "promoted safe sex and raised awareness of students inherant sexuality". About 200 of the university's 45,000 students went to it, but it became a big deal cause they handed out condoms, gave kissing lessons, and other stuff that escapes me at the moment. The state government heard about it and decided to cut the universities funding because the groups that put on these events used campus funds. Were the censored? No. They were no longer rewarded for their behaviors. The money was given to them for free before and they lost that priviledge.
"Don't bite the hand that feeds you" comes to mind.
-Ab
Re:Blacklists and reality (Score:4, Informative)
In another recent thread [slashdot.org], a suggested enhancement is for DNS to publish "allowed sender IP" addresses. The structure for this information [pobox.com] is already there.
What is needed is for more people to opt in, in protecting their domains in this way, and for people to unilaterally start using that information. If any one of yahoo, aol or netscape opted into this approach I could well imagine it would cascade to comprehensive success overnight, forcing spammers to more obscure domains (such as my own - currently victim to a 12 month "Joe Job" [everything2.com]).
Because this is distributed information, it is not easily modifiable by spammers. Ultimately this sort of approach is the only one that can work.
Ultimately, I would be able to set spamassassin to add +5 for any e-mail coming from a domain that didn't publish this information, or -5 for any one that did.
And I would not be receiving 1000's of bounce messages for messages from spammers using my domain name.
Yes please. I want it.
Re:Blacklists and reality (Score:5, Interesting)
It's going to be functionally impossible to fix the problem of spammers opening an account and pumping email through it until it gets closed, but the transmission of email could be hardened by changing the SMTP protocol from 'call-up' to 'call-back'.
The SMTP protocol is set up to allow a host to contact another host and dump mail to it; there's no validation that the originating host is who it claims to be in the SMTP transaction. If you change the setup for the mail transfer connection to use the following mechanism:
This would establish a traceable chain of resolved hosts from the point at which the email entered the SMTP routing to its destination. Putting an email message into a mail transfer agent would still be vulnerable to the use of hacked or temporary accounts, but the upload would still require a trackable username and password for an account on the MTA. From that point, getting an MTA to accept an SMTP connection from a bogus host would require hacking the DNS server chain so that, when the receiving MTA host received the request, the IP address the passed hostname resolved to pointed back at the spammer's machine -- otherwise, you'd get a mail transaction sequence that looked like this:
Not a panacea, but it would make the mail hop path trustable until you start seeing hacked mail daemons that would mangle the mail hop path of any mail going through it -- but that would still leave the host with the hacked daemon having to identify itself, from which it could be blocked.
Re:Blacklists and reality (Score:5, Insightful)
Re:Blacklists and reality (Score:5, Interesting)
They already get through whitelists... a few months ago a person I provided free webspace for got a nasty porn spam with my address in the *from*. She was rather concerned. When she contacted me, I found that I had in fact recieved the same spam "from her." What's more, her address was a special purpose address that was only listed on the website I provided for her. A few lines lower on the site was a "Thanks to Scott Walde for providing this webspace for free" with a link to my email address. The only reason I can see for using email addresses found near each other this way is to get through whitelists. (software or human... I often scan the "from" to decide which emails to read.)
--srw
Re:Blacklists and reality (Score:5, Funny)
Re:Blacklists and reality (Score:5, Insightful)
Re:Blacklists and reality (Score:5, Interesting)
Alternatives are confiriming the email (respond with this specially crafted string as subject) or running some computationally expensive operation For example, postmasters of well adminstered machines may run a number factoring service: to prove that a non-whitelisted message isn't spam, they are willing to spend their computational resources to factor a largish number for you.
The idea for both of these is that the main difference between spam and legit mail is that a legit sender will have just a few recipients but many messages, and thus can afford a one-time-per-recipient hassle to get on a whitelist, while a spammer cannot.
Neither address distributed compromised senders, which is effectively a way for spammers to make others pay to get on whitelists. If whitelists become wide-spread, a worm-based mass-compromise is the only option left to spammers.
Re:Blacklists and reality (Score:5, Interesting)
This is exactly why I think that SoBig is the perfect spamming mechanism. AFAICT, it essentially gets around nearly every non-content-based spam filter (ie Bayesian and SpamAssassin et al).
By sending spam from an amazing depth and breadth of compromised networks, it forces blacklist operators to go into "block everything" mode, which is so draconian that users of the blacklists will disable them.
As I posted in another story, if ISPs start blocking outbound port 25, the next iteration of the worm simply uses the Outlook SMTP settings to relay through the official MXs of the ISP. Given the flood of abuse reports, many ISPs (especially larger ones) are simply going to /dev/null abuse reports; they can be reasonably sure that their servers aren't going to end up in blacklists used by a lot of people (because heads will start to roll among the admins who use the blacklists).
By pretending to come from an address that has at most two degrees of separation from the recipient, they will get around a fair amount of whitelisting (this is exploiting the greatest flaw in TMDA and the like: trust of the From: address).
Re:Blacklists and reality (Score:3, Informative)
Unfortunately, spammers already cracked this one, too. Any information used to get past filters will ultimately be presented in the header (otherwise is illegal). Get a sample, run some numbers and bam: you have an algorithm.
I need not go further into the explanation for most to know how they did it. Probably don't need much more proof either, for many recieve
Re:Blacklists and reality (Score:3, Interesting)
Challenge-response using a machine-unreadable image.
Personally, I don't use whitelists as my primary spam defense, I use an aliasing service (spamgourmet) that allows me to automatically create any number of email addresses with a limited life span. Once someone appears trustworthy they get my main email address (spamcop). Since no one is supposed to know my real email address, it can be changed at a moment's notice -- like the night before last when it was fi
Re:Blacklists and reality (Score:5, Insightful)
Yes, let's kick blind people off the net! If they can't parse your machine-unreadable image, screw them. Right?
Me, I do pretty well with Bayesian spam filters.
Re:Blacklists and reality (Score:3, Informative)
public key encryption is a good model
Re:Blacklists and reality (Score:5, Insightful)
Let's pretend I'm a business. I WANT you to send me an email.
I WANT emails from every single person in the world that isn't a customer yet.
I NEED to accept every email on the chance that one of them might be a sale. (Yep. This means I need to look at the ones that include *details* in the subject.)
Whitelist doesn't work here.
I do NOT want a phone call from you as first contact. A one minute email response is now a 40 minute phone call explaining that "Yes you must turn on your computer first if you want to actually use it"
White-list is unworkable for business, because everything must be "whited" by default.
Challenge-Response is unworkable because I/we (as a small to mid business) simply could not keep up with that. Sure. One of the real programmers we have (i'm not one of them) could come up with an auto-bot to respond to challenge-response, but then we end up back where we started, don't we?
I don't have the answers. But I do know what the answers aren't. And Whitelist/Challenge-Repsonse aren't it
Just my 3 cents worth of rant for today.
Re:Blacklists and reality (Score:4, Insightful)
You could say I shouldn't enlist on such things, but development on open source stuff pretty much demands that you give your mail address to the general public in order to receive patches and whatnot.
So, we have to live with the spam, or try really hard to blokc it. Losing this dns based blacklist is a shame. And I think blacklisting the world is just an antisocial thing to do. He could have just shut down the DNS server and have stuff time out or fail (NXDOMAIN). If he just killed his nameserver, we wouldn't have this problem with mail being rejected.
Well, fine, but... (Score:4, Insightful)
The non-communication only breeds rumours.
Re:Well, fine, but... (Score:5, Informative)
$ host -t TXT IP.relays.osirusoft.com
IP.relays.osirusoft.com text "Please stop using relays.osirusoft.com"
Sweet, Sweet Justice. (Score:5, Insightful)
Re:Sweet, Sweet Justice. (Score:5, Insightful)
If an ISP has 5000 customers and 3/4 of them are unable to email family at AOL or Yahoo because they're being blocked due to ISP having a spammer or two, the spammers tend to get dropped.
There are exceptions to this, but by and large, collateral damage works.
And like I said, I think it's piss poor policy.
Re:Sweet, Sweet Justice. (Score:5, Insightful)
Yes, this is indeed a poor policy. SPEWS exists so that the people who are violently against spam can pass the burden of fighting it onto the innocents who aren't as bothered by it.
Re:Sweet, Sweet Justice. (Score:3, Insightful)
SPEWS exists so that admins who don't want e-mail from crime-ridden ISPs can reject it as they see fit.
SPEWS does not force anyone to use their lists for filtering. If you don't like SPEWS, don't use it to filter your mail.
Re:Sweet, Sweet Justice. (Score:5, Insightful)
The fact that "innocents" are caught up in the block is unfortunate, but unavoidable from a practical standpoint. SPEWS doesn't list netblocks because they have a spammer or two present.
Idiotic rambling like this is exactly why spews was accepted at all in the first place.
When you post on NANAE and say "Help, i've been blacklisted but my company has nothing to do with spam!", Everyone replies with "Sorry, SPEWS is run by mighty space robots from the future who have travelled back in time to stop it SPAM from destroying the world. Unfortunately, we have no way of contacting them. Your only hope is to talk your isp into kicking off their spammer clients, or change isp's. Maybe the robots will unblacklist you then."
SPEWS doesn't consider the innocents being caught up as unfortunate, they consider them the target. The collateral damage is where they're trying to affect the internet.
If it was about blocking spam and ISP's they'd strategically blacklist ISP-critical machines and the spammers. There's no reason to blacklist the innocents. ISP's won't listen to them about not hosting spammers, and have you tried to find good decent hosting that doesn't rip you off? Especially if you're a larger site.
The "Collateral Damage" is the main damage spews hopes to cause, to try to get innocent people to fight their battles for them.
The usual glib criticisms of SPEWS (Score:5, Insightful)
Please tell me more about these ISP-critical machines that don't affect innocent users. But then why are they critical?
As for narrowly listing spammers, it's been tried. Sleazy ISPs move the spammers around to evade such blocks.
Re:Sweet, Sweet Justice. (Score:3, Insightful)
Because terrorists don't "hurt innocents," they engender fear and terror. They blow up bombs in crowded areas. They send horrible, infectious diseases through the mail. In one, your email doesn't get read. In the other, men, women, and children generally die agonizing deaths.
I hate it when people use the w
Re:Sweet, Sweet Justice. (Score:5, Insightful)
You try running a mail server, even at a small ISP, and see how much crap you have to deal with.
I've done it. My point is that while blacklisting can have it's uses, there's two big problems with spews:
a) They blacklist people specifically to cause harm.
b) USING ANY BLACKLIST AS A CATCHALL IS STUPID. Nobody should be doing this, and anybody who is should be fired for incompetence. It takes more than 'Some group of people who have nothing to do with us have decided that there's a small chance that this could be spam' to efficiently block spam.
SpamAssassin seems to have this down; give everything a score, and if it has a high enough score, then you can block it. But trusting a single source whose purpose is to hurt spam rather than to efficiently block it and only it, and using that as a sole source, like so so so so so many people do, is just plain fucking idiotic.
If major blacklists can be sued... (Score:3, Insightful)
Idiots need to learn that no one is obligated to allow others unrestricted use of their private resources. You don't have a legal right to tie up MY CONNECTION and MY HARDDRIVE with YOUR CRAP.
Can't send an e-mail to my server because I blocked your domain? Too f-in bad. Contact your "customer" with a letter or
Re:If major blacklists can be sued... (Score:3, Interesting)
Wait until your customer sues your ISP for tortious interference and false advertising. Wait until they sue you the admin personally for a million or so and force you to either pay $250,000 to settle or endure a year with a major yellow flag on your credit record (thanks to having attachments on your assets).
I'll be laughing my ass off when that happens.
Re:If major blacklists can be sued... (Score:5, Informative)
But if YOU are my ISP, and I'm a paying customer with an inbox, I expect that I will receive mail that is sent to me. If this is not the case, you need to specify that to me so I can decide whether I want to use your service.
By blocking mail to my inbox, which I've paid for, you could possibly even be considered in breach of contract.
Of course, if you're just running your own server, you're free to do what you want with it.
Re:Sweet, Sweet Justice. (Score:5, Insightful)
Re:Sweet, Sweet Justice. (Score:3)
It's pretty much not useful to anybody. Thing is, if anyone on your network has even looked at a spammer in real life, your isp is considered guilty, as charged, and you stay blacklisted under spews. And if that ever happens, you basically can't get unblocked. you can probably get the listing lowered t
Re:Sweet, Sweet Justice. (Score:5, Insightful)
No, it is different. This one is shutting down, and this is how the operator is making sure that everyone knows it is no longer functional.
It is a public service, of sorts. He is guaranteeing that no one is using the blacklist. That way it can't be misused by someone hijacking it, or just left in place by someone who doesn't care. It is shut down. And everyone will know it.
Re:Sweet, Sweet Justice. (Score:5, Funny)
Then they blacklisted the open relays...
Then they blacklisted the ISP dialup subnets....
Then they blacklisted everyone...
Re:Sweet, Sweet Justice. (Score:3, Insightful)
Spews was an excellent solution. It wasn't perfect and a few mistakes were made. The fact that the real operators had to remain secret due to all the lawsuit threats did make it difficult to provide feedback to make corrections. I predict SPEWS will be back, but in a different form, possibly as a distributed file of sites to block ... which will make it even harder to get removed since it will then not be operating as a live database.
Much of the problem was because a lot of people didn't understand that
Re:Sweet, Sweet Justice. (Score:5, Insightful)
Email used to be one of the most reliable means of communicating on the net. You were always guaranteed that your message would either arrive, or you would hear about it (bounce). But with all of the email worms Microsoft has written (you have to admit these email worms/viruses practically write themselves), and the idiotic attempts at stopping the SPAM problem, email is becoming practically useless. mail admins are using blacklists and just dropping mail, which is effectively breaking the mail system. SPAMers may be the cause, but what is the point in destroying email all together. I would rather receive 100 SPAMs a day that loose one legitimate email that was intended for me. Sort of the same reason I am against the death penalty.
As blacklists go, SPEWS is the worst of them. They block entire netblocks so that innocent bystanders will fight their fight for them. If my IP gets blocked even though I haven't sent any SPAM, I am expected to bitch to my ISP and/or move to another ISP, and then maybe in a couple of months my IP might get removed from the list.
Reminds me of the way things work in the middle east. Pick either side, and they are using the same tactics. The Palestinians are blowing up civilians in the hope that the civilians left alive will do something about their problems. And the Israelli government is firing missiles into crowded cities to kill some suspected criminals and anyone else who happens to be within 100 meters of these guys...
Guerilla tactics like SPEWS employ won't work in the long run, and I am happy that SPEWS is getting hit hard.
SPEWS is claiming that the SPAMers are hitting them with this DDos, but I wouldn't be surpirsed if it was some disgruntled and innocent bystanders who were hit by the SPEWS "Collateral Damage" misile.
Whoa (Score:3, Interesting)
Well, (Score:3, Insightful)
Good riddance to bad rubbish (Score:5, Interesting)
I believe in fighting spam, and I think that blacklists are a good idea to a certain degree, but I've always felt that SPEWS was too draconian, and had no option for recourse for those of us who were (as they put it) "collateral damage".
I posted to the referred newsgroup a few times, and got nothing but venom from the locals.
I'm not sad to see them go.
Re:Good riddance to bad rubbish (Score:3, Insightful)
SPEWS starts out with a listing of JUST the IP address that is spamming. It gets wider only if abuse reports are repeatedly ignored. It takes many steps to get as wide as you are describing. I suspect you are greatly understating the magnitude of the spam flowing from your ISP or the upstream prov
Monopoly (Score:5, Insightful)
They want you to get flamed to death as further punishment.
"Switch ISPs." So if a major residential cable modem ISP's mail server gets blacklisted, then how is anybody in any of the towns serviced by that cable company supposed to send e-mail to users of ISPs that use SPEWS?
Re:Good riddance to bad rubbish (Score:3, Interesting)
I take that approach a step further: every week, I remove networks that have behaved for a certain period of time from the list.
sad news, but there are alternatives (Score:5, Informative)
bl.spamcop.net
one of the best blacklists, it catches a huge % of incoming spam, and virtually no collateral damage.
blackholes.easynet.nl
almost as good as spamcop, and seems to nail a lot of the spam hauses
dynablock.easynet.nl
nukes a lot of the dsl and dialup spammers
argentina.blackholes.us
south american country, what more needs be said ? : )
brazil.blackholes.us
ditto
cn-kr.blackholes.us
china and korea, what more need be said ? : )
turkey.blackholes.us
whole lotta spammers here
sbl.spamhaus.org
a bit too conservative for my tastes, but gets a lot of spam gangs, and has very low collateral damage
bl.reynolds.net.au
if you want to use the spews list, this provides a feed for it
malaysia.blackholes.us
another spammy asian country
wanadoo-fr.blackholes.us
one of the worst european isps
hongkong.blackholes.us
another spammy asian country
do not use bl.spamcop.net for blocking (Score:5, Informative)
http://spamcop.net/bl.shtml [spamcop.net]
You should
Spamcop list on a statistical basis, based on headers of spam reports they receive. This means they also blacklist the upstreams of regular spamcop users (because if all of spamcop user X's mail comes to him via ISP Foo, then ISP Foo's mail server will be in all of user X's spamcop reports).
Do not use spamcop DNSBl for blacklisting - use it tagging or scoring.
Re:sad news, but there are alternatives (Score:4, Informative)
Re:sad news, but there are alternatives (Score:3, Insightful)
Re:sad news, but there are alternatives (Score:5, Interesting)
Dont like it?
Then be part of the solution and start fighting network abuse in your country. Or you can whine like the rest of the plonked spammers and watch a boatload of mail admins nuke south america. There was an informal poll held in NANAE (network.admin.net-abuse.email) on how mail server admins block all of 200.0.0.0/8. And dozens if not hundreds of people replied they do block all of it. How long before it becomes thousands of networks block your country for spam abuse?
Re:sad news, but there are alternatives (Score:5, Insightful)
BTW, what have you done to fight abuse in the US?
To me personally, spam blacklisting is a much bigger problem than spam itself because many organizations abroad (like some departments of my former Uni) with whom I sometimes have to communicate (I live in the US right now) blacklist all major US ISPs (MSN, AOL, Yahoo, AT&T) and justify this behavior with the arrogance of US sys-admins that tend to block all foreign mail. This tit-for-tat behavior does not benefit anyone and if anything pisses me off it's the arrogant attitude of sys-admins who for some reason forget their place and think they have absolute power to decide with whom the people in their organization may communicate with and with whom they cannot.
Garbage (Score:5, Insightful)
Oh, I forgot, the standard propaganda line from these SPEWS.ORG type anti-spam fundamentalists is "we didn't block your email, the ISP using our service did, blame them."
Re:Garbage (Score:4, Funny)
So what DO we do? (Score:5, Interesting)
One idea I've had (or maybe I've heard it somewhere else, I can't remember) is authorization. Change the protocol, or maybe just implement at server, so that before anyone can send you an email they have to request permission. In that request they would identify themselves, and before they start emailing you stuff you would have to send them back permission. Anyone that is in your contact list would automatically be given permission. If it turns out to be spam you could revoke permission. Also analyze the email header and do reverse lookup to see if the domain names resolve properly. If a domain is spoofed, deny it automatically.
Perhaps this has been done before, and I'm sure there are flaws, but I am tierd of hearing about how big a problem this is, without hearing any good ideas about fixing it. Any other thoughts?
Re:So what DO we do? (Score:3, Interesting)
You mean like TMDA? From their freshmeat description:
The Tagged Message Delivery Agent (TMDA) reduces the amount of SPAM/UCE (junkmail) you receive. It combines a "whitelist" (for known/trusted senders), a "blacklist" (for undesired senders), and a cryptographically-enhanced confi
Bayesian Filtering (Score:5, Interesting)
Re:Bayesian Filtering (Score:4, Interesting)
Please don't bother your Congressmen or Senators proposing legislation that might not work 100%. Just keep on filtering the spam I send you, I know you would have never bought from me anyway. That you can filter legitimizes my business and my waste of your bandwidth.
P.S. To be sure of not getting a false positive, be sure to send all filtered mail to a special folder. Waste your storage space storing the mail until you manually go through every piece to be sure you didn't accidentally filter something important. Of course, this will take exactly as much effort as it would have to just check the e-mail when it first came in, not to mention the extra effort spent in setting up the filters and the extra space for storing your incoming spam folder, but what the heck. If you think that you can scan e-mail for false positives faster this way you are just fooling yourselves, if you are scanning faster e-mail that you expect to be all spam, you will miss the very false positives that you think you are looking for. And any fales positives that you do catch will have been delayed, perhaps days or more. You geeks enjoy wasting time this way, and I certainly appreciate it. It makes the work of all us spammers much easier. After all, slashdotters like Moderation abuser [slashdot.org] tell you that Bandwidth is cheap, disk is cheap, CPU is cheap , which is good, because at the rate spammers like me waste it the costs still adds up. I am gald I never pay for it, and I would just as well that everyone else takes the additude that all of the resources I waste are cheap than band together and pass laws against us. No one should care about spam because Bandwidth is cheap, disk is cheap, CPU is cheap and it is your job to filter it.
Think you've seen this before? Don't complain. Just go through lots more work to set up special filers on your computer so that you will not see it again. You should have to do that. It's the true geek solution, and I would really like it if you did.
Re:Bayesian Filtering (Score:3, Interesting)
No, the real solution is to have a trained monkey personally sort through your mail beforehand.
I've already seen Baysian filetering defeated. (Score:4, Interesting)
Now, you could flag this message as spam, but then you slowly destroy half of what makes Baysian filtering work: The list of words that are not in spam.
Baysian filtering will probably be effective for a year at best.
perhaps this is a lesson that needed learned (Score:5, Interesting)
The IP address of my server happened to fall a few dozen numbers away from that of a spammer. As a result, it cost me thousands of dollars in lost time and expenses to track down the issue, contact my isp and have them contact whoever it is on Mt. Self-Righteousness that takes you back off the list. Getting on the lists takes day(s), while getting off the lists takes weeks.
Blocking entire IP blocks is nothing short of techie-terrorism. In other words, you can't convince the real wrong doers to stop, so you harm the innocent bystanders to try to get them to revolt.
SPEWS and those that support them point the finger at the ISP while purposely hurting innocent small businesses like mine. It's time they take responsibility for the tools they provide, and in this way, they are no different than Microsoft.
Re:perhaps this is a lesson that needed learned (Score:3, Insightful)
How about, instead of contacting your ISP to get you off the list, you contact them about not allowing spammers on their networks in the first place and/or terminating their accounts before the spammer lands the ISP and their customers on a blacklist?
Re:perhaps this is a lesson that needed learned (Score:3, Insightful)
SPAM is a tough problem, but that doesn't mean the solution is to blame or attach --which is what you are suggesting-- anyone.
Re:perhaps this is a lesson that needed learned (Score:4, Informative)
Once again, the wrong target is attacked. Your ISP was negligent, that is why they were listed in SPEWS. Had they booted the spammer when it was first reported, there would have been no problem. Contrary to the lies of anti-SPEWS whiners, SPEWS does not list an entire ISP's IP range the nanosecond after a single spam run.
Re:perhaps this is a lesson that needed learned (Score:4, Interesting)
It's a matter of the ISP trusting abuse reports. SPEWS does not identify itself when contacting an ISP -- they just send a standard abuse report like anyone else would.
Further, if SPEWS behaved irresponsibly, there would be evidence. Someone would be able to point toa SPEWS listing that was inaccurate, not a spammer. Despite many whiners claiming that such listings exist, no one has pointed to a single specific example.
Re:perhaps this is a lesson that needed learned (Score:5, Insightful)
Here's the deal I am willing to make: if you are going to block an entire C block that I am part of, send me an email and let me know and then I will happily complain to my ISP until I am red in the face. I am willing to make that promise.
But... if you want to just slam me on a list without any regaurd for the costs it will incur for me, then don't expect me to be a happy little soldier. It's just not going to happen.
Re:perhaps this is a lesson that needed learned (Score:3, Insightful)
Did it ever occur to you that a spammer does not walk up to an ISP an annouce that they are a spammer? What exactly would you suggest an ISP do? Background checks? Get a note from the spammer's mom? This may come as a surprise, but spammers s
Re:perhaps this is a lesson that needed learned (Score:3, Informative)
Re:perhaps this is a lesson that needed learned (Score:3, Informative)
In some cases blocking whole IP blocks was justified. I prefer spamhaus as a whole due becaue it makes my life easier making a valued judgement whether or not to block a whole block.
Spews does not seem to acknoloage the fact that they practice a form of censorship by encouraging others to censor out specific site
Online intimidation... (Score:3, Informative)
This could turn into the same sort of gang-induced protection rackets as in meatspace. What would a company or individual do if a cracker group sent them an email saying, in effect, "Do $this or you're off the net."
It's hard to see a good technical solution for this. It's a tort--and possibly assault---like any other physical intimidation tactic, and will probably only stop if legal means are brought to bear.
Unfortunately, tort suits are hard to press across continents.
trusted signing of mail servers (Score:4, Insightful)
Re:trusted signing of mail servers (Score:5, Funny)
Oh that's just fscking great. And to register a trusted mail server will no doubt cost $1000/year for a Verisign "trusted" certificate. Screw that. If you can do the same thing but make it open source then I'd say go for it, but if I have to be ass-raped by Verisign for another minute I'll give up on the entire god damn Internet.
NNTP (Score:4, Insightful)
I'm willing to bet the big news carriers would give an account to any legitimate operators of such a service. Sign every post from trusted list creators with a public key to ensure validity, and it would be nearly impossible to ddos the service.
Ooooh... what about making the list itself a p2p app? Perhaps this could be a great excuse to motivate some big corps to install some freenet nodes...
My Postfix Logs (Score:5, Interesting)
Additionally Postfix is a smart enough MTA so that during the RBL downtime it didn't reject any mail - the default behavior is to deliver if the RBL can't be contacted.
How *do* we fight spam? (Score:5, Interesting)
The problem is that many people, for a variety of reasons (geography being one) can't change ISPs, and many ISPs (mine included) did nothing in response to my complaints (because they knew I wasn't going to move). So what does this do? It certainly doesn't help anyone!
I hate spam as much as the next gal, and I think that the SpamAssassin approach (which is to label mail as spam depending upon certain criteria) is a much, much better approach than blacklisting.
Oh, that's great (Score:5, Funny)
This shutdown seems to be in response to a several-week-long DDoS attack on Osirusoft,
They guy is dealing with a huge DDoS attack and we link his page from the front page of /. ??
I guess we can't make things any worse, but come on. Give the guy a break.
temporary SpamAssassin fix (Score:5, Informative)
Re:Important Addition (Score:3, Informative)
score RCVD_IN_OSIRUSOFT_COM 0 0 0 0
because all those X_OSIRU_* rules add on to the score of this base rule.
This have anything to do with changes at Spamhaus? (Score:3, Interesting)
Date: Wed, 6 Aug 2003 18:42:07 +0100
From: Steve Linford
To: nanog@merit.edu
Subject: SBL soon only from sbl.spamhaus.org
If you currently use the SBL by querying the master zone
sbl.spamhaus.org then you can ignore this message.
If you are using the SBL via 3rd party composite DNSBLs and not
directly from sbl.spamhaus.org, then please read this as the
following change affects your DNSBL setup.
For a long time the SBL has been available either directly from
Spamhaus (as sbl.spamhaus.org) or via 3rd party composite zones such
as relays.osirusoft.com (as spamhaus.relays.osirusoft.com) and
blackholes.easynet.nl which import SBL data from Spamhaus. This
distribution is now changing. In order to better manage SBL
logistics, DNSBL zone and query traffic, from Monday 11 August 2003
the SBL should only be available from sbl.spamhaus.org.
The fact the SBL was available from multiple DNSBLs was causing some
confusion, plus other small factors (such as the different zones
having different build times - which for example meant that we'd tell
someone an IP had been removed, but they'd contact us a few hours
later to say it was still blocked), plus the likely emergence of
further composite lists which may add confusion, meant that it was
time to make a change now rather than in a year or two.
So, if you are not using sbl.spamhaus.org but would like to continue
using the SBL, please add sbl.spamhaus.org to your mail server's
DNSBL list.
--
Steve Linford
The Spamhaus Project
http://www.spamhaus.org
I get 90% spam, and I'm not sad to see them go (Score:4, Insightful)
Now, let's continue to turn our attention towards methods of stopping spam that don't involve dropping 100x as much legitimate mail.
Spammers: BRING IT ON (Score:5, Interesting)
I have got to say. I sure do like the Unix's. Linux, BSD, OS X -- doesn't matter. A little thinking, some *shell* scripts, and even a few hack job "vi" scripts. Version
I've tried spamassassin, this filter, that filter. For me, my way seems to be working _very_ nicely. I use it at home (Linux), at work (Linux & BSD) and for a few architect friends/clients (OS X). Years ago now (right after the lawyer's emailed me
Those are my harvesting address'. Nobody should EVER email them, realistically. Oh the spammers like to try dictionary type attempts/attacks. Thanks -- I added those to the alias database as well for future attempts.
A couple of hacked up scripts (I'm working on it in C for even FASTER speed and some learning
Can it scale? Sure -- I'm figuring between 3-500 messages a _second_ isn't a problem. More will simply get queued and then I may notice a "lag" on my server. Bring it on. 1 IP and I whack the entire
It's the
Sure -- sometimes somebody will in inadvertently get blocked. The bounced message directs them to a web page explaining what to do next. BEST solution is to call me. You know me right? Heck, you probably have my 800 number... Oh, you DON'T? Piss off then.
Heck, I even spell out a completely external email address (@Mac.com) that you can forward the blocked message to
Ever wonder what those MAILER-DAEMON messages are all about? The Windows user's machine _starts_ the transmit of the message and disconnect. Your mail server sits there waiting for data from them to a local user -- which becomes un-deliverable and drops a note to whatever you use for the postmaster (can't publish THAT anymore, can we?).
Re-routed now. Thanks, got ANOTHER IP subnet to black ball.
I've racked up a large chunk of the Internet already -- and the stat's only seem to be increasing. Of course I've "white-listed" specific IP's of ISP's mail servers as needed. 3 so far I think. Most ISP's will put their mail server on a different subnet than their assigned IP's. Thanks. 1 white-listing was for a dedicated single IP user who's neighbor turned out to be a spammer. He had words with his ISP -- the spammer was kicked after that turned into conference call.
Sure -- some loser ISP will see more money from the spammer and side with them. We all know those ISP's -- and I've seen the same IP ranges in their listings as mine. I doubt the legit customer will remain there for long as I know I'm not the only one blocking them. Ultimately $$$ talks and the spammers are going to run dry eventually. They're now resorting to theft of services since they can't find legit connections anymore...
REJECT(S) TODAY: 482
Subnets Blocked: 434210 (110289340 total hosts in the
Percentage: 2.834% (3906250000 Internet addresses' [~3.9 BILLION] Served
Subnets TODAY? 142 (36068 total IP's)
Harvested: 49 messages
URL Lookups: 0
That's 49 messages today to some dummy account. No hits for the right web page (from a blocked message) in the logs... 142 IP's (now complete subnets
Slight correction... (Score:4, Insightful)
Spam is always theft of services. They're just doing it more blatantly now.
Not a smart idea. (Score:4, Interesting)
Blocking *.*.*.* is a way to get people to stop using the server very quickly, though.
Anti-spam goals do differ and complicates things (Score:4, Interesting)
There are actually two different anti-spam goals. A few people have both of these goals, but quite many people have only one or the other:
The first goal includes such things as making sure children and sensitive adults don't see porn spam. But lots of people are simply offended by the spam, especially porn or body part enlarging spam. And others are simply offended by someone assuming they were interested in a great money saving offer for something they have no need for. This first goal seems to be what most people have, and what the current political rumblings are about.
The second goal is one a lot of people are not aware of, or don't understand. yet it is as serious a goal, if not more so, by certain groups of people. This involves reducing the network bandwidth and server processing resources used by the spam, or stopping it entirely. These things cost money, and it costs about 10 to 40 times as much money to receive (delivered) spam as to send it. It still costs 5 to 10 times as much just to take the SMTP connection, carry out the talk, discover it's a spammer, and refuse the spam.
In other words: the spam problem is not solved by blocking spammers ... just reduced in cost a good bit.
Solutions that involve scanning spam content for the nature of what spam looks like does not help reduce the costs at all. In fact it increases it because all this extra processing is now done by the server, and the network bandwidth is used to send the content that might otherwise not have been sent.
To those, like myself, whose goal is to reduce costs, SPEWS was a great tool. It was very effective in blocking spammers, plus it forced quite a number of ISPs to terminate the spamming scumbags that slipped into their networks under the guise of legitimate customers. In that way, it worked; it did what it was supposed to do. Too bad a few other ISPs were too stubborn to deal with the problem, and too many customers of spammer harboring ISPs whined more about why SPEWS was targeting them, and making excuses why they could not switch to a decent ISP (excuses that didn't apply in 99.9% of cases). Unfortunately, quite a lot of people simply never "got it" as to what the purpose of SPEWS was. The SPEWS web site was more geek/admin talk, and not well enough written for the average person to understand. I was starting to work on my own "how to get out of SPEWS" document, but I just haven't had time to put in on it.
There are a lot of things people say as to how to stop spam. The one I hear most often is that if people would just delete the spam, or if network admins would just block only spammers and no one else, then spammers would cease making money and would stop. This is simply not the case. First, not everyone will do this. We see from these recent worms and virii that way too many people don't patch their computers anyway. There will always be gullible people who respond, and there will always be spammers to take their money.
The real way, and I think possibly the only way, to stop spam, is to treat all spammers as equivalent to cyberspace terrorists. Take no prisoners, and take no excuses.
Remember, spammers don't care what people who will never respond do with the spam they send. They don't care if you press delete, or filter it out with SpamAssassin, or even block them. They don't care because you aren't going to make any difference to them anyway. And if you do block it, you won't be complaining to the spammer's ISP, and hence, they get to spam even more. To a spammer, someone who blocks their mail is better than someone who gets their ISP account terminated. This is part of why just blocking spammers is actually making the problem worse.
Global RE: people who are glad osirusoft is down (Score:4, Informative)
Many mail admins (including myself) consider spam to be network abuse and liken it to a criminal offensive. Simply blocking the IP of the spammer itself has been shown to not work very well or for long as the spammer jumps to a different ip addy, often in a different
In response to isp's shuffling the spammer around, more agressive blacklisting was done by the above mentioned blacklists. This instantly got a lot of the isps to pay attention and clean out their spammers. It also pissed off a lot of "innocent" users as well.
I say "innocent" because technically they are not pure white innocent, but more of a gray color innocent, because directly or indirectly, they ARE supporting spam. How so? Imagine the following.
Your next door neighbor is an islamic terrorist (spammer). Definitely a criminal. And his landlord (isp) (who is also your landlord) knows he is a terrorist and continues to willingly provide housing from him. In response, the FBI (the blacklists) blocks off your entire street (/24) (which the landlord owns all the housing on) and conducts house to house searches looking for terrorists. You complain when your house is searched. "But I am not a terrorist (spammer)". After finding out your landlord is housing terrorists, you continue to live there and pay rent to him, even though he is harboring terrorists and refuses to remove them off his property. As a result of you continuing to support your landlord finacially, your house keeps getting searched every so often (you stay on the blacklists with the spammer).
Now what do you do? Do you keep paying the landlord and supporting terrorism indirectly? Or do you move out and get a better landlord ?
Thats why you guys are on blacklists. Its not that you've done anything directly wrong, but your supporting spammy isps. The quickest way to find out if your isp is a spam haus, go here.
http://www.spamhaus.org/sbl/isp.lasso
Er, clueless (Score:5, Informative)
Second, were you aware that by consuming fossil fuels, you are funneling money the middle east, which produces almost all terrorist threats to the United States? That's supporting terrorism. I don't see you volunteering to stop buying fossil fuels until the OPEC countries clean up their terrorist problem.
Third, the idea behind spam prevention is to make email MORE USEFUL for legitimate users. SPEWs does not meet that criteria, because it causes more problems for legitimate users than gain. Moreover, it hides the true cost because few people are fully aware of what spews is doing and why. Even most email admins using spews are NOT AWARE of how it operates. They should publish their philosophy everywhere related to it. If every SPEWS doc had said, "We block enormous blocks of legitimate users, trying to use collateral damage to force ISPs to take action against their tiny fraction of spamming users", SPEWs would be irrelevant today.
Finally, spews is horribly non-responsive and error prone. I still have a colocated server blocked because some ISP on a block that's not even in the same
OH boo hoooooo (Score:5, Insightful)
I'm an anti-spam nazi, and SPEWS gave us all a bad name. I'm glad SPEWS is dead, and it needs to stay dead. It did nothing good for the anti-spam movement, only exacerbated the situation. With no appeal process and the total lack of caring for innocents leaves me with nothing but happiness to see this travesty of justice get blown into oblivion.
Sometimes, the enemy of my enemy is my friend...
Goodbye Spews... we won't miss you, you hulking piece of ill-thought out crap. Let me wave goodbye with my middle finger.
Now, maybe System Admins without a clue will be forced to take real steps to protect their users from spam, instead of playing the lazy asshole and taking the Hail Mary approach that is SPEWS and hoping for the best.
I feel greasy, now... to have agreed with spammers. I think I'll go take a shower.
It matters not... "Son of SPEWS" will rise... (Score:5, Insightful)
One important point to remember is that Joe Jared himself was NOT SPEWS. No one ever knew who they were (at least no one that will admit to it). He merely acted as a reflector for their listings.
Another thing to remember is that a DDoS attack -- ANY DDoS attack -- is a criminal act. If the release of the recent incarnations of the SoBig worm and the DDoS attacks against SPEWS are indeed related, then it only proves that spammers are indeed criminals.
For my part, I've already seen an increase in spam as the result of losing access to the SPEWS DNSBL. I've had to update our local blocklist six times today, and that's really unusual for my setup. I suspect I'll be fairly busy over the next couple of weeks, doing a little of the same each day.
Spammers may have won a battle today. They're a LONG way from winning the war.
At Last! (Score:5, Funny)
RBL Consequences (Score:5, Interesting)
About a month ago Earthlink decided we were sending out spam and cut us off. So, despite the fact that we have no relationship at all to spam, we were unable to communicate with any of our customers who use Earthlink. After appealing, they realized the mistake and removed the block. How did it happen? Seems that if an Earthlink customer just accuses you fo spam you can end up on the list. Thankfully cooler heads prevailed at Earthlink and the matter was resolved quickly.
We were blocked by AOL once too. How ironic since we use to be their #1 3rd party content provider back-in-da-day (remember hourly?). They should have know about us. (grin) Fortunately that was resolved too.
Then, of course, today we got hit by SPEWS and that lead to our phone call to Mr. Jared. The poor guy was frazzled, and rightly so. But we had a legit beef...
Our business is entirely web based. We have to deal with a heavy volume of customer feedback, all of which want fast responses. Any hickup and we can get really far behind. But when we get blocked, we're almost helpless. We get an email "Hey, my character got killed by a ravenous bugblaster beast from trall!" And we write back, "Oh my, let me restore your character!" only to have it be filtered out by some shotgun blacklist. They get no response and start flaming us for "not responding". A day or more of this and things get really messy.
You start to feel like you are at the mercy of some so-called "authority" that could not care less about your guilt or innocence. If he or she wants to, they can just take you out. We've participated in opensource, contributed back, done the good netizen thing... yet this real-time blacklist thing hangs over us. We never know when something else like this is going to bite us. And maybe next time there won't be any appeal.
I'll dance on their grave (Score:5, Informative)
The online checker repeatedly told me that my server would be scheduled for more tests, and would then be removed from the blacklist.
But this never happened. No further checks were made. My server was never removed from the blacklist. And what's more, Osirusoft refused to reply to any of my e-mails. They refused to even explain why they were blacklisting, despite the fact on several occasions I politely requested either removal from the blacklist, or an explanation as to why I was on it. Ultimately I had to get a different IP address for the machine in question, which was exteremely inconvenient.
I'm strongly opposed to spam. However, any company that offers services to block spam have to accept that they will sometimes accidentally cause problems for legitemate users, and they have to have mechanisms in place for such users to sort the situation out. Ignoring people who have legitemate complaints against you is not the way to do it.
greylisting (Score:5, Informative)
Time again [slashdot.org] to discuss greylisting [puremagic.com]?
Looks to me to be an elegant, viable alternative to traditional black/white -listing, both of which require lists be maintained -- and well maintained. Sometimes very large, very centralized lists, which have ugly consequences when they fail.
From the Greylisting Web site [puremagic.com] (with bolding from me):
The Greylisting method is very simple. It only looks at three pieces of information (which we will refer to as a "triplet" from now on) about any particular mail delivery attempt:
From this, we now have a unique triplet for identifying a mail "relationship". With this data, we simply follow a basic rule, which is:
If we have never seen this triplet before, then refuse this delivery and any others that may come within a certain period of time with a temporary failure.
Anybody know where we are as far as a working implementation of this idea goes?
Re:blacklists -- bah! (Score:4, Insightful)
That has been a consistent development since MAPS RBL became d***less. Every single blocklist that followed another one that went down, was more strict than the one it replaced.
Whoever is doing the DDOSing the nameservers of SPEWS and osirusoft is pretty achieving nothing in the end.
Re:blacklists -- bah! (Score:3, Insightful)
Not at all, it depends how you use them. You have 3 choices:
1. Use them to block at the server or
2. Use them to tag incoming email or (the one I favor)
3. Use them as part of your spam scoring system.
The last is a built-in feature of SpamAssassin and works well.
waah! waah! (Score:3, Insightful)
blocking the world is what happens to clean up the idjits who are still using a DNSBL weeks or months after it's been announced
Re:Bad for any RBL! (Score:3, Insightful)
Re:Bad for any RBL! (Score:3, Insightful)
In order to stop the traffic he has to *force* people to deconfigure.
Does it seem more logical now?