Paul Graham Describes Dangers of Spam Blacklists 611
CRoby writes "Paul Graham posted an essay describing the danger and corruption of the main spammer blacklists today. It discusses MAPS and the SBL, the blacklist created to try to alleviate the abuses of MAPS, and suggests (maybe) another blacklist's creation."
$article_title by $blowhard (Score:4, Funny)
P.S. (Score:3, Funny)
Definitely a bad idea... (Score:3, Informative)
Re:Definitely a bad idea... (Score:2)
Re:Definitely a bad idea... (Score:5, Insightful)
I'd take all the SPAM anyday vs. not being able to send legitimate emails.
Except that blocklists don't stop you sending email, they merely allow others to decide whether to accept that mail. Or do you think other people should be forced to accept any and every email you send?
Wrong (Score:4, Insightful)
So what (Score:5, Insightful)
Re:So what (Score:4, Insightful)
And that means that you will readily accept someone else's decision on what you should and should not receive? You sound to individualistic for that, so I think you are probably missing the implications of these blacklists.
What if you want to receive email from someone, but their block is in the blacklist your ISP uses? Can you call up your ISP and ask them to remove it? Can you get your friend to change their ISP so they are in a non-blacklisted block? In the past, I've seen people whose ISPs would block, for example, the entire University of Michigan. That made it pretty tough to communicate with them.
You are absolutely under no obligation to accept anything. That's why I run a spam filter myself. But letting someone else's often arbitrary judgement control what you do and don't receive is contrary to the personal control that you (and I) want.
Speaking of which, I'm glad I'm not one of your users.
Re:So what (Score:3, Interesting)
Okay, but I question how you can actually know how much the RBL is costing you.
Millions and millions of rejected messages versus the occasional manual intervention. It's a pretty easy judgement. I can even figure an average spam message size, multiply by the number received, compare that to my ham traffic, weight it against the cost of running my mail service and produce a dollars and cents figure of what RBLs save me (and that's before I factor in the costs associated with users having to deal with th
Re:So what (Score:3, Insightful)
Um, no.
The fact that there's squealing about the effect from non-spammers shows that they don't work.
Comment removed (Score:4, Insightful)
Re:Wrong (Score:3, Insightful)
RBL's don't kill e-mail, bad sysadmins kill e-mail. You're just demonstrating your own ignorance of spam-blocking techniques by saying "BL-supporters" are stupid. RBLs are an incredibly valuable tool. My systems, which process about 30,000 messages per day (60-70% spam), NEVER reject a message based on a single RBL hit. But if an IP is liste
Re:Wrong (Score:3, Insightful)
You're why sysdadmins and blacklists have a bad name. Just because you can do it, doesn't mean you should or even that it's particularly intelligent to do so.
When you're a sysadmin, you have to weigh the flood of penis pills and mortgage scams against one or two people not getting an email because the sender is hosted by someone who can't secure their mailserver. It's really an easy call. Before you start spouting on about giving users the choice of what to receive, there's also the sheer volume of spam
Re:Definitely a bad idea... (Score:4, Insightful)
For example, in order to get revenge on people they believed were spamming, MAPS would blacklist the mail server of the company hosting their site.
The problem with blacklists is that they're human controlled and extremely susceptible to egotistical vigilante-ism. If I'm getting spam from a server, I don't have to block just that server. I could block every server in the headers, for example. What I choose to add to my blocklist can be totally arbitrary, and that's the problem with blocklists controlled by individuals that can block huge IP blocks.
And, in terms of preventing the "sending" of mail, you could consider a blacklist to be a postman who would, whenever he saw a letter from a given return address, he'd destroy it. Any time you got a New Scientist magazine? destroyed, at their discretion. How many companies use a blacklist without saying what's on the blacklist, or making the blacklist easily searchable and editable? Does a user ever get a message on a regular basis "Hello so and so, you've received 274 emails this week from addresses in our blocked address list (which contains mostly spammers; click here to make a change." ? No, they don't provide that helpful information with links to the relevant information.
The mail is just blocked, it disappears into a void. By intercepting it before it reaches its intended recipient you are effectively preventing it from being sent. Because it's not the addressed recipient that decides whether or not to accept the mail according to the blacklist, it's an unnamed middle-man or middle-men. A blacklist allows any server in-between the sender and the recipient to say "no, sorry, your ass is blocked."
I do think people should be forced to accept every email that I send. They shouldn't be forced to READ them all, but they should be forced to accept them. As email becomes more and more prevalent as a form of legally recognized communication (emails are used in court as evidence) it's important to recognize the implications of interfering with that communication without disclosing such interference. Would you like it if I were your postman and every time I saw your electric bill, I took it and destroyed it because I didn't like the electric company and I didn't think anybody should be subjected to their tortures? Would you like me totally interfering with your legal communication and then not telling you, not even sending you a friendly "the electric company is evil, go solar!" letter? Would you like the way that could impact your finances, your credit, your reputation? What happens when somebody adds an obscure credit union to a blacklist and people don't get fraud alert emails from the CU, just because one server in their datacenter was compromised and used to send 10,000 spams? Do you REALLY understand, now? I still don't think you do.
The blacklist themselves aren't really responsible for breaking any rules, which they believe absolves them of acting responsibly. The fact of the matter is that blacklists are often implemented in the most infuckingcredibly ignorant ways possible, unfortunately. No e-mails as per my suggestion above, no way for the sysadmins that use the blacklist to audit/edit it, etc.
We need a wiki-style collaborative blacklist that has a membership of thousands who all collaborate on this issue. It's just one more example of how giving one person too much power before they're ready to use it responsibly with proper discretion results in a disaster. A blacklist affects too many people to be implemented so willy-nilly at only a few peoples' (poor) discretion. We need a collaboration, a large committee who will not become corrupted by power (as none of the members will individually have any power) but will be a gathering of individuals who maintain their individual opinions and ensure that the system remains fair and balanced.
Re:Definitely a bad idea... (Score:3, Insightful)
I'm with singletoned, and I think it's you that has a problem with understanding.
He(?) claimed that RBLs prevent people SENDING. He is wrong. If you agree with him that RBLs prevent sending, you are also wrong.
Reading the facts isn't enough, you need to be able to manipulate those facts and draw provable conclusions from them
Snicker. Donny Rumsfeld [bbc.co.uk] in da house!
I do think people should be forced to accept every email that I send.
Then you are no different than a spammer. And it's clear from th
Re:Definitely a bad idea... (Score:3, Insightful)
Yes, I know that. They just make a list. I said that, I also said that they believe that "just making a list" absolves them from all responsibility. I also said that blacklists ar
Re:Definitely a bad idea... (Score:5, Insightful)
He is right. That definitely is NOT how SBL actually operates. I have a site that is heavily trafficked (millions per month) and they blocked my email (from my own personal server) that has delivered mail for my site for seven years with absolutely no outgoing spam or relaying having ever occurred in its entire life.
However, a spammer with false credentials faked his way into a hosting account with my colo provider and as a result, SBL blocked multiple entire submnets, rendering my entire site and service useless for almost an entire month (we deal with auctions, meaning nobody was getting closed notices, won notices, outbid notices, addresses to send payment, registration emails, lost password emails - and when they complained, I couldn't respond to help them and explain it to them).
SBL couldn't have cared less. As far as they are concerned, if one IP is a source of spam, they all are. And they'll get to fixing it in their own damn sweet time.
But the defense of SBL fan-boys is typically "well it's VOLUNTARY!".
Yeah. Whatever. Fuck off.
Re:Definitely a bad idea... (Score:4, Interesting)
Anyway, they shouldn't be blocking entire blocks of IPs. That doesn't even make sense. What does one guy on one IP out of hundreds or thousands who spammed for most of a day before he got caught have to do with my server which has run clean and reliable and secure and in good faith (including SPF and everything else) for the better part of a decade?
As Paul Graham already stated, this is just a strongarm tactic to harass as many innocent parties as possible. There's no other explanation for it. Are two spammers really worth denying tens of thousands of (in the case of Paul Graham) Yahoo customers?
There are bad-actors; rogue hosts. It's pretty clear when you're dealing with one who isn't. And if you were quick to put people on the SBL list, then take them down just as quickly. It is unacceptable that it took three weeks after the incident for them to finally remove them from the list.
Re:Definitely a bad idea... (Score:4, Interesting)
You hit the nail right on the head. In fact, a fly on the wall related to me the entire conversation from the morning they decided to set this thing up:
Person 1: I'm bored this morning, how 'bout you?
Person 2: Yeah, me too, dewd. Let's start harassing as many innocent parties as we can!
Person 1: Yeah, dewd! That'd be way wicked cool!
Blame the spammers' money and the greed of the ISPs. It used to be quite common for a spammer to run under his pink contract from an IP address until people got fed up and blocked that specific IP. Certain ISPs would then assign the spammer a new IP address knowingly full well what they were doing with the explicit intent of allowing that spammer to bypass the blocklists from people who were obviously and explicitly taking steps to avoid the spam. Unfortunately as it turned out truly innocent customers were being assigned a dirty IP address that had been previously sullied by a spammer. The moment their email server came online they were already blocked because of what had happened there before. Talk about unfair.
The spam-friendly ISPs forced the blacklisting of IP blocks: there was simply no other way to filter out the spam coming from those netblocks. Other users of that hosting service may be inconvenienced, but the system admin's right to take steps to prevent spam from gumming up the works of HIS OWN NETWORK outweights the right of anybody else to expect email originating from the same IP address used to send out three trillion ads for vgiara the week before to be received with open arms.
Does this catch innocent people in the crossfire? Unfortunately, yes. But with 4,228,250,625 possible IP addresses those who maintain the blacklists can't be expected to personally review each and every email asking to be whitelisted and spend time and effort determining who is telling the truth and who is following spam rule #1.
If widget.qqq has your domain blacklisted then your beef is with the admin of widget.qqq. Period. End of story. Beg him to whitelist you. Buy him a pizza. Send him some free (as in beer) beer. Serenade him at three in the morning. Send three billion statements of character witness. But his network, his gate, his key, his rules on granting admission.
Let's look at this another way: If I am throwing a party and, on the advice of my friend who told me that people who wear Mickey Mouse shirts are boring, I deny admission to people wearing Mickey Mouse shirts from whom will you beg entry and who shall be called nasty names for listening to somebody else?
Of course, that's the solution, isn't it? We must ban any and all people from publishing an opinion regarding the statistical probability that an email from a given IP address is spam.
Re:Definitely a bad idea... (Score:3, Insightful)
Wrong on both counts. Blacklisters are so quick on the trigger, there are no safe providers. And how is a provider supposed to "ensure that they never host another spammer"? They can only act after a user has started spamming. Plus, they have to take some time to investigate spam complaints -- yanking someone's service w
Re:Definitely a bad idea... (Score:5, Insightful)
How is it an incentive for admins to be "responsive" when dealing with spammers if you're going to punish everyone within a certain radius for days or weeks even if the problem was terminated within hours?
What exactly is so wrong with blocking an IP at a time? You do away with the innocent bystanders while still nailing the spammers. Anyway, the reason they block the entire subnet has NOTHING TO DO WITH PREVENTING SPAM. It's merely a way of pissing off enough legitimate people to force the bad person to be dealt with (even if they've already been dealt with or it was an honestly unavoidable situation or what have you).
If you've identified chronically spam-friendly hosts and want to widen your net for them, that's great. But don't take out the entire neighborhood because of one bad neighbor.
You know why they do that? (Score:3, Interesting)
Mine *doesn't* host spammers, and I'm in a contract. I can't pressure them to stop hosting spammers if they don't host any.
I stopped using RBLs/MAPS/SPEWS years ago and have never looked back. Even more interesting is that the volume of spam *did not* increase, but the complaints about being bounced/not getting through decreased.
Re:You know why they do that? (Score:3, Interesting)
That's the biggest problem with RBLs... you have *no* way of knowing how effective they are. Since mail gets blocked at the server, you can't tell how many false positives or true positives there are.
How much spam are you blocking? How much legit mail are you blocking? You have no way of knowing.
Randomly denying 6 out of every 10 emails delivered would probably be
Re:Definitely a bad idea... (Score:3, Insightful)
Except that I have been listed. And I had to go through contortions to fix that situation, which did not occur because of anything I did. What were you saying about acting like a dick?
As I already said, yes, I do assume the role of telling people to fuck off on behalf of my users. And I'm accountable for that. If I choose lists with inappropriate policies, or continue to use a list after its policy has changed for the worst, then I deserve to have my users demand change or my removal. No-one is preten
Re:OK, I'll go first: how is this legal?! (Score:3, Funny)
That makes a defamation / slander / libel suit much easier, not harder.
Re:Definitely a bad idea... (Score:3, Informative)
The point isn't *me* using MAPS/SBL. The point is that others use it, thinking it makes a difference. Your netblock (that is, your ISPs netblock, or your ISPs ISPs netblock, etc) gets included in that list and *bang* you're a casualty of war.
Get it yet?
Re:Definitely a bad idea... (Score:3, Interesting)
Re:Definitely a bad idea... (Score:2)
Must be nice for you.
Home Connectivity ISP != Your Domain ISP (Score:3, Informative)
Re:Home Connectivity ISP != Your Domain ISP (Score:4, Insightful)
Basically, you're just saying "too bad, I'm tired of being screwed over by spam" and I'm saying "wtf, I'm tired of being screwed over by blacklists that can't keep their shit together". Put yourself in my shoes - when a blacklist service becomes worse than spam and the spammers who spam, what does that tell you about blacklists?
Re:Definitely a bad idea... (Score:3, Insightful)
I'm glad you're so flexible. In the real world, most of us aren't.
Re:Definitely a bad idea... (Score:3, Informative)
Re:Definitely a bad idea... (Score:3, Insightful)
Credit bureaus are *heavily* regulated. If they have a file on you you can get a copy of it every few months. If there is an error, there is a defined process to follow to clear it up, and they are forced by law to resend new reports to anyone who accessed your report during the time the error was present.
"Blacklists" are not regulated at all. There is no accountability, no way to protest a listing if you believe it is incorrect. No recourse.
If you can't see a
A few comments (Score:5, Informative)
I assume that what Paul Graham is complaining about must be SpamAssassin, or some other content filter, applying a score to articles containing URLs, which when looked up in DNS resolve to listed IP addresses. This is much less acceptable, since the sender has no way to know that their e-mail may have been classified as spam.
The details of the listing can be found at http://www.spamhaus.org/sbl/sbl.lasso?query=SBL279 45 [spamhaus.org].
This is a /32 - i.e. a single IP address. I don't know
why Paul Graham's web site (which has that IP address) has been associated
with textileshop.com, which has a completely different IP address.
The other Yahoo listing on the SBL is also a /32.
I also note in another of Paul Graham's articles http://paulgraham.com/sblbad.html [paulgraham.com] he claims
As any fule kno, the most notorious spam blacklist is SPEWS. ~Re:A few comments (Score:2)
ORBS, and its later reincarnation, ORBZ, also weren't exactly the nicest players on the field. I remember one incident where I couldn't send email to someone from a GMX [gmx.net] account, because GMX - a webmail provider not unlike Hotmail etc., with several million users - had ended up on their blacklists (I'm not sure anymore whether it was ORBS or ORBZ at the point that happened, but it matters little, anyway).
This article [isp-planet.com]on the death of ORBZ has
What IP is the originating mail from? (Score:2, Informative)
Re:A few comments (Score:4, Informative)
In my case, I moved a server to a new colo facility. Most facilities have an IP block, and you get assigned an IP from it. Six months or a year ago that IP might have belonged to someone else. For me, it turned out in February a spammer installed a server at the colo, spammed from that server for a single day before the colo ISP turned them off. That IP got listed in Spamhaus; in the beginning of June I was assigned that IP.
So, I ended up with a Spamhaus listing for my mail server's IP address -- and _I_ can't get it removed. Spamhaus expects the colo operator to contact them (which they did on my request) but even there, if the blacklist operator doesn't like the ISP/colo people, they can ignore the request.
Fortunately Spamhaus listened and I got the record for my IP removed. But this showed me it was trivial for a non-spammer to inherit a blacklisted IP. I've added doing DNSBL checks on colo-assigned IP addresses for future moves to prevent any future issues.
Re:A few comments (Score:3, Funny)
For any serious stuff, don't accept an IP address which was blacklisted in the past few years (is there a service which checks this?) or is close to current blacklist entries, unless you're really really well known.
That would be hard to check (by the ISP as well), and is increasingly rare. It'll have to be outside of 0.0.0.0/0
Re:A few comments (Score:3, Informative)
Um, no. That's not how spamassassin works - spamassassin uses a wide spectrum approach - it can take into account whatever blacklists you want to consult, but an RBL hit in spamassass
Re:A few comments (Score:3, Insightful)
This is great--IF you have the leverage to do it. If you're a large (six figures a year in spending and up) customer, you can get the ISP to jump at your command. Likewise, if you're dealin
Paul is just pissed because... (Score:4, Informative)
...his website is hosted on the same IP address as a spammer (textileshop.com) was on yesterday, and because of that he's seeing some of his mail blocked.
There's certainly a need for thoughtful and hopefully positive criticism of blacklist behaviour. This article is not it.
Whiskey. Tango. Foxtrot. Over. (Score:5, Insightful)
Huh?
Sorry, but that's still bullshit. He states it clearly in his article: You can't screw over innocents just to make the guilty pay. Does the your government put a neighbor family through torture just because you got a parking ticket? No. It's YOUR fault and YOU should be punished. Not some innocent bystander.
Re:Whiskey. Tango. Foxtrot. Over. (Score:2)
It's not like it's difficult to register a domain. With cars... it's a little more expensive and there are several registriations that take place.
So two discern two cars in a particular rental agency is not the same as two domains on the same ip/subnet.
Your comparison is fundamentally flawed.
Re:Whiskey. Tango. Foxtrot. Over. (Score:2)
Or, of course, you can keep doing it, but you're still a prick. (General you, not specific you - I don't know you, so I wouldn't dare make that claim right off the bat
Re:Paul is just pissed because... (Score:2, Insightful)
Re:Paul is just pissed because... (Score:4, Informative)
Actually the IP address that's listed is store.yahoo.com.
Yahoo hosting is riddled with spammers, and store.yahoo.com is where most of them live, and where they accept credit cards for their purchases.
The SBL lists IP addresses that are involved in spam. 66.163.161.45 is involved in a lot of spam. It's not been removed from the SBL because, well, it's still actively being used by spammers.
Because countless spammers register domains on a daily basis, yet point them at the same IP addresses some people choose to resolve the URLs in incoming email and bounce the mail if any of them resolve to particularly filthy IP addresses.
66.163.161.45 is filthy. Blocking mail that has URLs pointing there will stop a fair amount of spam. Not an approach I'd use myself, but certainly a lot more effective (in terms of spam caugh and false positives) than many, many other approaches in widespread use.
Paul chose to host his website there, despite supposedly knowing a lot about the spam issue. That was probably not a good call.
Re:Paul is just pissed because... (Score:5, Insightful)
Let me reword your justification of of this behaviour so others can see the flaw in it more clearly:
[66.163.161.45 is a filthy neighborhood. Lots of criminals live there. So, a group of vigilantes randomly started machine gunning people walking the street. Not something I'd do myself, I prefer to use a shotgun, but certainly more effective then using the court system. Paul chose to live there, and he should have known it's a bad area. If he gets shot at random, well, too fucking bad, he should have known better. Living there was probably not a good call.]
Some days it's hard choosing between deleting 400 spams a day and dealing with the exsistance of "spam blocking" groups. Then I read a comment from an "anti-spam" person and I think I'll be safer choosing to work that delete key.
Re:Paul is just pissed because... (Score:2)
I'd say this neatly demonstrates the problem with blacklists. I agree that the style is marred by the emotional state of the author, but then it's an essay on the guy's personal page.
If you want some analysis, start with a personal exmample of mine: an ISP in Israel my parents used to use would occasionally get blacklisted. Since I'm behind company-level spam filtering there was nothing I could do about i
Vigilante it ain't (Score:4, Insightful)
For some reason, journalists keep calling blackmail lists "vigilantes". But there's something they don't understand: nobody forces email system administrators to use those lists.
These lists are provided by people for free. They decide to list bad email servers, but they may as well include any server they want. After all, who's to force them to provide quality of service?
The real problem, of course, is that blacklists are needed in the first place. If ISPs did their jobs a little better (aol, hotmail and the likes), the amount of spam would already decrease significantly. And don't speak to me about chinese ISPs, since most spam comes from the US.
Re: (Score:2)
Re:Vigilante it ain't (Score:2)
I meant blacklists of course...
Re:Vigilante it ain't (Score:5, Insightful)
- No, but the non-spamming sites that end up on it would certainly disagree with you, they didn't do anything to merit the block.
-
These lists are provided by people for free. They decide to list bad email servers, but they may as well include any server they want. After all, who's to force them to provide quality of service?You seem to be confused about what a vigilante is, dictionary.com gives me this: "One who takes or advocates the taking of law enforcement into one's own hands." Note it doesn't say anything about them forcing others to agree with their views or take part in them. If you decide to take legal actions in your own hands, then you are, by definition, a vigilante. So it does apply here, just because they don't force anyone to use their lists doesn't change that.
- TFA's point was that these lists start out listing just IPs/hosts/sites they know are sending spam, then later the power corrupts ("power corrupts, absolute power corrupts absolutely") them and they start using the power they've gained by their blacklist being used by many people to start trying to force ISPs to comply with them by blocking bunches of innocents at the same ISP. That indeed has happened, although I'm really not sure if it's happened here or not. The risk of it occuring is pretty high, humans are, after all, only human and it's hard to resist that temptation, especially when you're a strong enough anti-spam advocate to run a blacklist.
The real problem, of course, is that blacklists are needed in the first place. If ISPs did their jobs a little better (aol, hotmail and the likes), the amount of spam would already decrease significantly. And don't speak to me about chinese ISPs, since most spam comes from the US.So basically if we can solve how to get people to stop being, well, people and giving in to baser instincts we can stop spam. Of course we'd also stop crimes of all sorts as well and we've not managed that in hundreds of years so I'm not holding my breath for it to happen.
Re:Vigilante it ain't (Score:4, Insightful)
What law enforcement activities do the blacklists take into their own hands?
Calling a spade a spade (Score:2, Insightful)
To be honest, I like his other analogy for blacklist maintainers -- terrorists. It's much truer to the point. Vigilante in my mind at least implies an attempt to go after the bad guys and protect the innocents thanks to the pop culture influence of TV, movies, and superhero comics.
This doesn't describe blacklist maintainers.
Bl
Re:Calling a spade a spade (Score:3, Interesting)
The point is still a good one. Is it morally reprehensible to target innocents for the purposes of shaping institutions of power? Is this not fundamentally the definition of terrorism? If you agree on both counts, then MAPS is an opt-in terrorist network dedicated to the destruction of spammers.
Re:Calling a spade a spade (Score:3, Insightful)
No. That's the defining characteristic of murderers. There are other ways to commit acts of terror. Kidnapping (without murder), rape, sabotage, etc. all can be acts of terrorism if intended to shape someone's opinion or vote. Really, the place where the analogy fails is that terrorism is inherently violent, where spam blacklists are not.
However, the core issue of spam bla
Re:Vigilante it ain't (Score:3, Insightful)
A Paradox? (Score:4, Insightful)
Personally, I find the need to disable more and more RBL's, because today a user might come thru OK, tomorrow, they're stuck in SORBS and considered a HIGH risk.
Re:A Paradox? (Score:2)
I forsee a split between the www 'wild, wild, west' and private networks that you pay real cash money and have a smart card with certificates on it to play (or some variation on the military theme you see here [osd.mil]), just so the wheat is available, and you can surf the chaff if you want to.
One wonders if some marketing twit won't tie these ideas to IPv6, as a forcing function to sell that technology to an otherwise indifferent market.
Not like people get all radical about it... (Score:5, Interesting)
Oh, ok. Nothing like over reacting a bit.
Re:Not like people get all radical about it... (Score:5, Interesting)
What's the alternative? Having some centralized, international spam cop whose job it is to clean up every ISP on the planet? If ISPs get a completely free pass on spam and don't have to care whether their subscribers are abusing other people or not, where is their incentive to prevent the abuse? The way you avoid the tragedy of the commons is by getting people to see their individual stake in the issue.
Certainly the quote that you're pointing out isn't the most diplomatic or effective way of putting it, and I doubt this kind of thinking is behind that quote - it probably is the knee-jerk reaction that you're identifying it for. Still, the idea might have some merit.
This is ONE Single IP Address that's blocked. (Score:3, Insightful)
But this is different - this is ONE IP address - the SBL record identifies it as a /32. Virtual Hosting means that it's possible to have multiple domains all usin
Pure and simple... (Score:5, Insightful)
Her ISP uses SpamBag for their blacklist. SpamBag? ScamBag is more like it.
No wonder my sister is disenchanted by email. Her yahoo account got spammed to no end, then she can't get emails from most of her friends since they get bounced back by her ISP's stupid blacklist.
Blacklists are fine and dandy in principle, but practice has shown them to be useless. IT managers, just drop them. They're more annoying than anything.
-Jellisky
Re:Pure and simple... (Score:2)
I had the misfortune to cross his path a number of years ago about an issue with Courier I believe or something else, I can't quite recall, and I will never forget it. He is one of the most vitrolic, annoying, moronic individuals I have ever come across. I'm amazed he was able to produce something as nice as the Courier MTA package, but I guess idiot savants like him can do good things. It's ju
Re:Pure and simple... (Score:3, Interesting)
The reason for the block? All Charter IP addresses have been put into a "residential" blocklist by one RBL nut that decided such a list was a good idea. Everyone knows that you should have to buy a T1 to send email. This is because people who really ne
Re:Pure and simple... (Score:3)
I would have thought firing the admin who left the relay open and hiring someone competent to fix it instead might have been a good thing to do. What on earth was the $20k suppose to be for?
Comment removed (Score:5, Insightful)
Re:Wholehearted Agreement (Score:3, Informative)
I'm sure this seemed like a good idea at the time. (Score:2)
Happens to all blacklists (Score:2)
Pay and you get removed (Score:5, Interesting)
Interesting: The company won't say who they are. [admins.ws] They say this was approved by local authorities, but this is bullshit. Local authorities can not brake federal law in Germany.
Oblig. Simpsons Reference (Score:3, Funny)
Lisa: If you're the police, who will police the police?
Homer: I 'unno, Coast Guard?
Who watches the Watchers? (Score:4, Insightful)
Blocklists are made by people for others to use if they see fit. When they become unusable, they're no longer used. Personally, I use none. The cost to me of one false positive is greater than 1000 spams that leak through. No list is that good.
Paul Graham updates his blog (Score:3, Insightful)
Why exactly is this a Slashdot story ?
Re: (Score:2)
There is a problem with blacklists (Score:5, Insightful)
The solution to blacklists is to use an AOL model in which dynamic IP blocking is used. When spam is noted from an IP that IP is automatically blocked for 24-36 hours after the last spam comes in. That way the innocents are not being blocked and the spammers email doesn't make it through. There are a couple blacklists which do this but more should.
Compare this to the opposite blacklists like BLARS which requires a thousand dollars for "him" to investigate whether an IP should be removed. I have never seen an IP which is not listed with BLARS.
Re:There is a problem with blacklists (Score:3, Insightful)
I have been the victim of the formmail exploit, and been RBL'd as a result. It was not difficult to get un-blocked. Yes, it was a hassle, but I suspect those that complain about being RB
What's the real story? (Score:4, Insightful)
"As of this writing, any filter relying on the SBL is now marking email with the url "paulgraham.com" as spam."
Whisky Tango Foxtrot? *BLs block IP address ranges, not URLs.
"Because the guys at the SBL want to pressure Yahoo, where paulgraham.com is hosted, to delete the site of a company they believe is spamming."
1. Given that Paul's mixing up URLs and addresses of mail servers, I'm not prepared to take at face value the statement that SBL is blocking Yahoo's mail servers to pressure Yahoo to drop a "site", rather than (say) mail services Yahoo is providing the spammer.
2. If Yahoo is providing services to a spammer and Yahoo refuses to deny those services to a spammer, than Yahoo is being "spam friendly", no matter what their reputation is, and they may well be depending on the many legitimate lists they're hosting to avoid responsibility for their actions. That's exactly the situation that John Reid is referring to in Paul's quote.
I don't know what alleged spammer this is referring to, but what Paul's written is clearly not anywhere near the whole story.
DUL (Score:2)
Guideline, not a rule (Score:5, Interesting)
If you're sending a ton of mail, i.e., spam, little of it gets through. If you're only sending one or two messages, ie, likely legit mail, it goes through just fine.
Combined with more specific stuff further back (bayes, et. al), it's been quite effective at reducing the amount of spam sent, and the amount of mail that gets scanned.
The problem isn't blacklists, its how people use them.
spam blacklist blackmail? (Score:2, Insightful)
Loss of email hurts more too.
"Power-hungry weenies" (Score:5, Interesting)
Interestingly enough, the owner of the acme.com domain who was recently featured in a story due to his getting more than a million spam mails (well, attempts to send spam) a day, agrees:
(from http://www.acme.com/mail_filtering/shame_frameset. html [acme.com])
Re:"Power-hungry weenies" (Score:3, Insightful)
That being said, I think his comments about blacklists pretty much hit the nail on the head. Think about it: what you're ultimately doing is give some complete stranger near-complete control over what email is or isn't accepted by your system. Blacklists are something that might seem like a good idea in theory, but when
What a clusterfuck (Score:4, Interesting)
By allowing the abuse it's outcome becomes a certainty. We're going to have to bite the bullet and dump open SMTP. And I think we're going to have to do this quickly. The levels of SPAM continue to rise. I often see ten to twenty times as many spam connections on my mail servers than legitimate connections, and this is a constant, flowing, amount of SPAM 24/7. Even with RBLs, spamassassin, etc, SPAM still gets through. The solution will not be found with another bandaid. It's time to dump SMTP and move to something that demands cryptographic authentication for users and hosts before allowing the transport session to complete. --M
'Terrorism' my behind... MAPS' side of the story (Score:3, Informative)
Here [online2000.net] is the link, that responsible editors would've offered in a story like this...
Maybe Paul Graham should look up "hyperbole" (Score:3, Insightful)
No. No... No, there's just something not right about that. I'm pretty sure that the definition of terrorism includes the idea of terror somewhere...
Ahhh. That's more like it: Terrorism: the unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons.
Yeah, violence should induce terror. Not being able to send emails to my girlfriend, as hair-raising an idea as that might be, just doesn't seem to be in the same league.
And just in case Mr. Graham is too lazy to find a dictionary to look up hyperbole for himself: hyperbole - n : extravagant exaggeration
non-mail server in SBL, what about mail server? (Score:3, Insightful)
Also, for what it's worth, I've found the SBL incredibly reliable (except recently, when I've found it's been increasingly unreachable at peak times), but I check it as one of many spamassassin rules -- I don't mark e-mail as spam just because it's in the SBL, though the way I have spamassassin score things, it doesn't take much more...
Stopping spam is easy. (Score:3, Funny)
Distributed List (Score:3, Interesting)
Suppose a "distributed" blacklist were created. I could blacklist the whole Internet, but I'd be the only one, so it wouldn't mean a thing. On the other hand, if 75,000 people have blacklisted an IP, there might be something there.
It needn't be totally distributed, I don't think. A community-run site, where, whenever you get obvious spam, you post the originating IP, could work. You'd post it, and that IP would have, say, 10 "points." The rating would "decay" by one point a day, so a site listed, but that went clean, would quickly leave the list: in ten days, each rating would be down to zero.
You could then simply query the site for a given IP, and it'd return the "points" a site had. This also allows you a lot more customizability: if you were obsessed with blocking all potential spam, you could block anything with more than 5 points. If you wanted to be careful, you might set it to, say, 1000 points.
Unless the people running the site keeping track of the ratings begin blatantly making up ratings, this idea means that a blacklist is much less immune to being "bad." And it allows IPs to "fade" out of the list over time.
Private blocklists. (Score:4, Funny)
Here is my very own private /etc/mail/access blocklist which I use on my own mail server:
Load of FUD by Paul Graham, competitor to Spamhaus (Score:5, Insightful)
Gentlemen,
You do realize that Paul Graham is in the business of pushing Bayesian anti-spam filtering, which he claims as 'the best' solution to spam. For a long time Graham has been spreading FUD about other anti-spam solutions, in particular blocklists. We're well used to hearing utter bollocks about blocklists spread by him.
Yesterday we listed on the SBL an IP of a spammer which as luck would have it is being shared by Paul Graham. We of course can not simply give the spammer carte blanche to spam our users because Paul Graham is also using the same IP. Graham has no concern for the fact he's sharing his IP with a spammer, and rather than contact his ISP to ask what a spammer is doing sharing his IP he simply sees a PR oppurtunity to bolster his "blocklists are evil, bayesian is good" campaign. I'm only surprized this actually made Slashdot.
Steve Linford, CEO, Spamhaus
Unsolicited Plug (from me) ... (Score:4, Insightful)
Considering how much my spam has been reduced by the SBL (anywhere from at least 50% up to 75%) I'd like to just say:
The mail servers under my control have always subscribed to the SBL-XBL (well, more accurately, before the XBL was established it was the SBL and cbl.abuseat.org. The latter is dedicated to short-term [72 hours, as I recall] blocking of e.g. spammers operating on DSL or cablemodem lines who are likely to appear on an IP address once or twice and then get kicked off. The CBL is now also represented in the XBL). I have so far, in the last 3-4 years or so, only been able to confirm 1 and 1/2 "false" positives in that entire time - one was from a person in China who was using a confirmed spam-haven ISP, the "1/2" from a company that, after an informative response from the CBL people, I believe were listed for appropriate reasons. In any case, the latter case cleared itself up when they were automatically re-removed from the CBL [they'd been there before] and the email lost WAS an advertisement anyway...)
I have noticed the numerous stories of overzealous blocklists, which are obviously a bad thing, but I can't think of a way to reasonably put the SBL in that category...
Besides, bayesian filtering only works AFTER the spammer has been allowed to tie up my mail server's bandwidth (and then allows them to tie up your mail server's CPU time with the bayesian analysis). I prefer to cut off known spammers before that point whenever possible. THEN I pass the remaining messages through SpamAssassin. Back in the early days of spam, I used to actually go to the effort of picking apart the mail headers and looking up the abuse addresses for the ISP whence the mail came AND the hoster of the spammers website (and on one or two occasions, even the registrar for the spammer's domain name, when I could confirm that the information was falsified). It's been a long time since I was able to keep up doing that with the volume of spam coming in, but I still can't stand the thought of allowing spammers to take ANYTHING from me that I can prevent...
Terrorism? Hardly. (Score:3, Insightful)
Graham has written some insightful and well thought out stuff, but this is just sloppy:
I find it amazing that blacklists which mail servers must opt-in to use are somehow terrorism. Are you suggesting that these innocent people have some fundamental right to contact my mail server and send mail? They certainly don't; it's my mail server. I can use any methods I like to filter out mail, including chosing to rely on one of the IP blacklists. This can only be terrorism if random people have some sort of human right to send mail to my machine. I hardly think that's a right.
Come to think of it, apparently organizing against tangentally related people to stop another problem is terrorism? By that strange standard you could call advertiser boycotts terrorism: you're trying to influence some media outlet by negatively influencing advertisers on that outlet. They often have the same claim of innocence ("I didn't know that they would run that article! I just buy bulk advertising rates.")
(Now there are problems with blacklists, perhaps most significantly that many ISPs use them without informing their subscribers or allowing them to opt out. Blacklisting unaware users who happen to share a machine with a spammer's website is definately a complex question.)
Speaking of blacklists (Score:3, Interesting)
I find myself doing for example a lookup of ad.marketingscum.com followed by a whois lookup of the IP address. If I find that they own a larger network like
NetRange: 216.73.80.0 - 216.73.95.255
CIDR: 216.73.80.0/20
NetName: DOUBLECLICK-NET
I enter the complete network into my blacklist. Are there any realtime blacklists for this purpose? This would be quite useful, wouldn't it?
Re:In soviet russia (Score:2, Funny)
Re: (Score:3)
Re:today? (Score:3, Interesting)
You're right. The correct words are 'overreacting assholes'.
Most RBLs are run by assholes who have no concept of how to properly manage something as complex as a RBL.
And no, I've never been blocked by one and I weight RBL positives very low.
Re:Abuse my hind end (Score:5, Insightful)
What else do you feel strongly about?
There are websites, I am sure, that describe in detail how to commit murder and get away with it. Some readers may find those sites, and using that knowledge, go commit violent crimes -- just as some readers of spam sites may purchase email harvesting software and then go commit the crime of sending bulk email. I assume you would support blacklisting ISPs that host violent-crime advice, since surely everyone agrees that murder is worse than spamming.
There are ISPs that host neo-Nazi propaganda calling for the murder of all non-whites. Do you think that's better or worse than offering spam software for sale? Should those ISPs be blacklisted?
Escort services? Simulated rape porn? "The Anarchist's Cookbook"? A list of abortion providers' addresses? Al Qaeda recruitment and propaganda? I want to know which of these you think is equally as bad as, or worse than, hawking a CD with a million email addresses on it. How many things do you think merit blocking all of an ISP's innocent websites?
You have your list. Others have their own lists -- and, frankly, there are a billion people who think porn is vitally important and your fixation on spam is stupid. Do you really want the internet segmented? Do you think advancing your pet cause is worth walling off the internet into warring quarters? Do you really want to wield a censor's black pen?
Collective Punishment (Score:3, Insightful)
Now here's the fascina
Re:Abuse my hind end (Score:3, Interesting)
If you suggest I move... that's rediciulous. Let's all just up and move to a different town each time a spammer comes by. Sure. Maybe if you're Bill Gates.
It is NOT easy to change ISPs, nor is it necessarily even possible. Oh, it's my fault for living here. Well excuse me - get the hell off your high horse. It's people like you making e-mail unuseable.