Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Spam

NSI to be RBL'ed? 152

An anonymous reader, thank his kind soul, submitted the following: "MAPS is considering black holing NSI for its repeated spamming of the 5 million owners of domain names. I don't know about you, but I don't think being spammed is part of the "business relationship" I signed up for when I registered my domains, thus I don't think NSI should be spamming me. But, man it could hurt a lot of people if NSI does get RBL'd. Of course, it could help raise awareness of the issue, and maybe demonstrate to NSI that we don't appreciate being pushed around.". It will be interesting to see how this plays out. NSI certainly isn't making many folks happy these days. Read more for the full scoop.
Date: Fri, 30 Jul 1999 16:02:14 -0700
From: Paul A Vixie
Subject: possible RBL event coming up involving NSI

------- Blind-Carbon-Copy

To: interest@mail-abuse.org
cc: rbl@mail-abuse.org
Subject: possible RBL event coming up involving NSI
Date: Fri, 30 Jul 1999 16:02:14 -0700
From: Paul A Vixie

You are receiving this because you are either an interested outsider, or a staff member or volunteer, or a customer of M.A.P.S., LLC. Note our new domain name, mail-abuse.org. (The old maps.vix.com domain name gave some the false impression that MAPS was not a separate company.)

Today we received the letter below from NSI in response to our repeated attempts to get them to stop sending unsolicited bulk commercial e-mail to all domain holders. In this letter, NSI implies that they will sue us for damages and incite entities like Amazon.com to do likewise if we decide to blackhole them, and then go on to say that they have no intention of stopping the current business practice of these which caused our complaints.

They are pretty much daring us to blackhole them. The board of MAPS, LLC will make its final determination in the next few days, and if we do decide to blackhole NSI it's going to get ugly. As an interested party, we want you all to know what's happening.

=================================

July 30, 1999

VIA FIRST CLASS AND
ELECTRONIC MAIL

Nick Nicholas, Executive Director
Mail Abuse Prevention System, LLC
950 Charter Street
Redwood City, CA 94063

Re: Nomination of NSI for Black List

Dear Mr. Nicholas:

Thank you for the opportunity to respond to your email to me dated July 16, 1999, regarding the Realtime Blackhole List ("Black List") managed by the Mail Abuse Prevention System LLC.

Enclosed is a copy of a letter I sent today to Mr. James Wagner, President of Hypertouch, Inc., the complainant who apparently prompted your July 16 email to me. Network Solutions has removed Mr. Wagner's name from its mailing list. As noted in the letter, Mr. Wagner could have avoided receiving the subject email in the first place had he simply followed the mailing list removal procedure specified in an email transmitted to him on March 30, 1999.

There can be no doubt that Network Solutions has an existing business relationship with the administrative, technical and billing contacts for a given domain name registered with Network Solutions. These people are the principal points of contact through which Network Solutions transacts business with its customers. They have been so designated by our customers in their domain name registration agreements with Network Solutions.

These are precisely the types of relationships that the California legislature wanted to shield from the restrictions contained in its unsolicited email statutes. Indeed, the statute's protection of communications between persons involved in existing business relationships reflects the state's determination that such communications are not "spam," but rather vital catalysts to free and open commerce. We are aware of no law that prohibits companies from communicating with their own customers.

We respectfully suggest that MAPS and any other person involved in the compilation and dissemination of the Black List adopt a definition of spam that is consistent with the principles recognized by California. Any more expansive definition is overly broad and may unreasonably restrain trade. Indeed, it is apparent that Mr. Wagner's principal concern about Network Solutions' emails is the competitive threat they represent to his company's ISP business. Those emails reference Internet companies that are competitors of Mr. Wagner's company, Hypertouch, Inc. It appears Hypertouch, Inc. hopes to shelter itself from such competition by combining with those who control the Black List and its technology to restrain such competition.

If inclusion on the Black List will effectively block Network Solutions from contacting 40% of the Internet, as you claimed in your email of July 29, 1999, MAPS's actions would have severe and irreparable consequences on the company's relationship with its customers. Network Solutions has over 5,000,000 customers. Consequently, if you place Network Solutions on the Black List, 2,000,000 (40%) of its own customers presumably would be unable to receive important information from Network Solutions, including invoices and deactivation notices, possibly leading to the revocation of their domain name registrations. You should be prepared to accept the consequences of your actions should a company such as Amazon.com lose its domain name, and thus its e-commerce business, as a result of having its notices and invoices intercepted and destroyed. It is difficult to believe that MAPS would be willing to take such drastic actions based on the self-serving complaint of Mr. Wagner.

Indeed, MAPS's overly expansive definition of spam exposes MAPS and those who own or control the Black List to, inter alia, civil claims of: (1) illegal combination in restraint of trade violating Section 1 of the Sherman Act, 15 U.S.C. ? 1; (2) unfair competition; and (3) intentional interference with contractual relationships.

Network Solutions will not hesitate to take all actions necessary to protect its rights and ensure that its channels of communications to its own customers remain open. I hope that such measures will be unnecessary and that you will opt not to include the company on the Black List. p

Please advise me of your decision and do not hesitate to contact me if you wish to discuss this matter further.

Very truly yours,
Jonathan W. Emery ==============

This discussion has been archived. No new comments can be posted.

NSI to be RBL'ed?

Comments Filter:
  • These situations are not equivalent. Recipients of NSI's spam are never given the option to say "no" before they get it. Using the censorware analogy: it's the difference between surfing for porn and constantly getting unwanted porn emailed to you. Well, it's my bandwidth, thank you, and I don't want to waste it on NSI's self-promotion.
    --
  • Minor detail for clarification:

    Sites that use the RBL have chosen to deny their customers access to email. If those customers can't receive email from you, it is because their ISP has chosen not to allow them to.

    Guess who pays the bills? (clue- not the SysAdmin) Take another guess who makes more money by limiting traffic to flat-fee paying customers.


  • Here's a better refinement of the "fake e-mail address" idea I mentioned earlier.

    Instead of filling the spam lists with random "chaff" addresses, use this method to put "canary" e-mail addresses on to the spam lists instead. "Canary" e-mail addresses are designed to catch spams, and serve only to receive spam. Automated software attached to the "canary" can then filter spam based on what the "canary" receives. The canary idea is not new, of course.

    A more evil idea would be to attach to the address of the "canary" some software (similar to that found on the web site spamcop.net [spamcop.net]) that traces the e-mail back to the spammer by examining the "Received:" headers. If done in real-time, one could potentially alert an ISP to a spammer's activity in time for them to disconnect a spammer while they were still sending spam.

    The best part is that we use the spammers' own resources (collections of e-mail addresses) to fight spam.

    ---

    The only SPAM I like: www.spam.com [spam.com] (The home page of the canned meat)
  • Right.. like everybody stopped connecting
    to rust.net when became known that sanford wallace got his access there?

  • "It's bad for me, therefore it should be banned" is a corrupt argument: it's the same one that Janet Reno is using to get governments to ban cryptography.

    You knocked that one down real good. Shall I set up another? Would you like it filled with polyfoam, old rags, or the traditional straw?

    Of course, the argument for banning spam is not that it is in some vague sense "bad for me". The argument for banning spam is that it constitutes theft of the recipients' bandwidth.

    If you want to control spam, find a way of passing the cost on to the originator.

    Additional requirements: 1) No added burden on legitimate users of e-mail, 2) The spammer shells out the cash to his victims, not to some cookie jar accessible to politicians and other lower life forms. Extending the junk fax laws to cover e-mail would work, provided that the definition of the prohibited activity is properly crafter.
    /.

  • That's no answer. By the time spam hits your filter, the bandwidth costs have already been incurred (and, thus, your ISP rates are already forced 20% or so higher than they would be if the parasites were purged).
    /.
  • Too true. I've had a couple of mailboxes suffer this. They start getting so much spam that they're not worth using. That's what I like about hotmail.
  • NSI had a time-limited monopoly, much like you get with a patent, which the government granted more-or-less by accident. They campaigned like crazy to keep it, but understandably it got taken away.
  • *blinks*
    I have yet to ever sign up to an email service, nor do I know anyone who ever has, who WANTS to receive advertisements.
    Usually, the longer people have been on the net,the LESS email they want to receive, especvially since many of them are actively part of various email lists which fill their boxes fast enough as it is.
    If I want advertisements, then I'll either hit a search engine looking for company sites on a topic, or watch TV, or, *gasp*, hit the yellow pages. It's worth the effort, not to be bothered by constant spam.
    Once again, some part of my brain is making the mistake of thinking that this should be, in fact, patently obvious...that our societal and utter hatred of junk mail should in some way clue people in that nobody in their right mind (ie, the common consumer) wants and enjoys spam...especially the newbies, who have a low comprehension rate about how they can stop it. This isn't a service. And at least you can, to some degree, cut down on the junk mail by making requests to the post office or the sender. No such service often exists on the net except for buggy filters, which often must be added to each and every day as the spam sender finds yet another email service to sign up with...
    Customers pay for service. Spam does not serve, it extorts. Thus true service protects from spam.

    Todd Erickson
  • You *answer* your phone? :-)

  • The ironic thing is that your message signature (eating an elephant one bite at a time) answers your question about why it's too much of a hassle to simply delete these mails. Spam isn't going away overnight and will probably never go completely away. But every incremental move to oppose major violators eventually will lead close to the seemingly unattainable goal...
  • So? It's not my job to clean their marketing
    mailing list.

    I sent my "remove" request to the MAPS RBL
    team, and I hope NSI is RBL'd.
  • I have gotten plenty of spam from these guys...
    IMHO I think they deserve to be blacklisted.
    They'll back down and stop sending out bulk
    email as soon as their listed.. Either that or
    they drag it out in court forever and that hurts
    even more.
  • Nobody can force any system administrator to receive traffic they don't wish to receive -- the essence of the net is that network administrators have agreed to forward packets from certain places to certain other places, and they are under no obligation to carry traffic if they don't want to.

    Here's a clue for you: A system administrator is not a god. You're not obligated in any way to serve your customers. But you are obligated to disclose that you're blocking your customer's access to certain materials. To do otherwise and advertise that your service provides 'full access to the Internet' is an act of fraud.

    Of course, you may find customers who approve of you doing their spambusting for you. But your 'rights' do not extend to making decisions for other people without their consent.
  • Fine, if you don't like the people you paid to provide you full access to the Internet preventing other people from sending you email, sue them. If they didn't let you know ahead of time that they were blocking your ability to receive mail, have them charged with fraud.

  • It's not your bandwidth if you're making the decision for paying customers. It's your bandwidth if you're running your own little mail server just for yourself.
  • Uhhhh actually, hate to disappoint you, but Justin got this from MAPS. Along with however many thousands of people. He's not getting in any legal trouble whatsoever. Sheesh. AC's.
  • Thing will change hopefully, now that they are scheduled to have some competition. I think the government heard some of the complainst and feel the monopoly is giving NSI an unfair advantage.

    -Joe
  • ... Every single technical, admin, or zone contact
    in the world sent a single polite solicitation to
    Mr. Emery? After all, he claims to have a
    relationship with us such that this is not abuse.

    It is a transformational experience to realize
    that one-to-many is just as abusive as many-to-one.
  • Networks Solutions? I've dealt with them in a technical support capacity: About the most clueless lusers and badly trained monkeys I've seen in quite some time. I could go into detail but that might make me traceable. Let me just say it helps if the monkey you're dealing with knows which OS he's running.
    Don't want to deal with them again.
  • by trims ( 10010 ) on Saturday July 31, 1999 @12:16AM (#1772880) Homepage

    I love lawyers. All they seem to know how to do is threaten and bully, regardless of how empty their threats are.

    As I understand it, RBL is a subscription service. That is, the sites that use the RBL have chosen to participate, and are voluntarily not receiving email from anyone on the list. So, if you can't send mail to me, it's because I've chosen not to listen to you. All the ISP's that I've seen that use the RBL announce this fact, so businesses that use them should be aware of this.

    Secondly, email is not a legally binding (or allowable) method of conducting business. You can't send invoices only by email, and then claim in court that you gave proper notice (at least in the US). Email has no guaranty of delievery, and the courts have not reconized it as a reliable method for transmitting legal/business documents. So NSI's invoice threat is moot. If they aren't sending invoices to Amazon via methods other than email, then terminate Amazon.com for some reason that was indicated in the email, well, guess who's liable for interference of interstate commerce? NSI!

    Dolts.

    I don't like the RBL. I think it's a poor (both technical and political) method of attempting to control SPAM. However, I dislike NSI even more. And if the Commerce Department is now stating that the whois database is it's property (which it is), then I can't wait for them to stick it to NSI for illegal use of government property for private commercial gain.

    NSI sucks hard. They just need to die. Or at least fire all their top management.

    -Erik

  • I don't see why the whole internet community doesn't get behind this lil ole intimidation attempt.

    After all, it's basically Beezelbub versus Lucifer (NSI is Lucifer). They're both equally evil, but one is a lot more powerful. If Lucifer kills Beezelbub, you cheer, even though Lucifer wins a battle, because one demon is eliminated.

    Same here. NSI is rich, powerful, and going to give MAPS a good solid humbugging. Does anyone remember their history? Stealing the "A" server from Postel, actually standing up to ICANN, smiting anyone that crosses them? Do you think they're going to let a bunch of moralistic hackers get in their way?

    In fact, I could imagine a world where the first domain that gets pulled is mail-abuse.org. And that would be good.

    Didn't Churchill say something like "if Hitler invaded Hell, I'd invite the devil to tea?"

  • Am I missing something important here? I'm not an RBL user (yet), but I've considered installing something like it. As I understand, people use RBL voluntarily and knowing that it is indeed used to block some hosts off their mail service. If I restrict connections from NSI to my sendmail or the company sendmail, am I doing something illegal or worth civil claims? If I asked a company sysadmin [ were I not the one :) ] to add NSI to restricted hosts, would one of us be doing something illegal?

    Now if I have chosen to use RBL and they add NSI on it, how is it any different? I could have done the same thing locally, but instead I have trusted RBL admins.

    I think they should concentrate more on keeping the domain system running and less time writing bs. Still waiting for that domain server info to be updated..
  • Don't you understand the implications of this message? MAPS has the power to block whole backbones? And anyone who gets shafted is "collateral damage?" I mean, really. Everyone here is acting as if MAPS is the underdog. These people have the power to bring down the whole net. And they act as an extremely blunt censor. NSI is one of the few gorrillia's bigger than MAPS -- so let them do the fighting for the rest of the net.

    What right to they have to decide that AGIS should get blocked, just because they choose to provide services which someone else misuses. This would be the rough equivalent to ordering all Ford drivers off the roads because a couple of people did hit-and-runs with them. The difference is, IRL, nobody has the POWER to exclude Ford cars. MAPS does. Overkill by an organization that has this much power needs to be stopped by a "600 pound gorillia." Good job NSI.

  • by Anonymous Coward
    MAPS sucks. I dun like MAPS. Spam sucks, but MAPS sucks even more.

    mail-abuse.org is simply a collection of poorly (crappily even) written documents (sounds more like propaganda to me actually) randomly linked in an unorganized manner. It took me forever (so I am a bit dumber than the elite hackers that run mail-abuse.org) to figure out what the RBL was about, and I find that somewhat scary considering the great impact the RBL could possibly have on me.

    Imagine the confusion a poor random user goes through upon realizing his email, for some unknown reason, cannot reach the intended destination and is referred to mail-abuse.org/rbl/. He goes there, and what help does he find?

    "We have not singled you out", you are only 'collateral damage' in the war against spam. Oh well, too bad. If you want to get your email through, go talk to your system administrator.

    I find that very irresponsible. We all know the frustration of calling some big company and having your call juggled between two departments. This is exactly what is happening here. MAPS is simply pushing the responsibility for blacklisting an IP and taking a passive role in solving the problem.

    "If we made a mistake, oh well. We'll just wait until someone notices that they've been fucked and contacts us, then we'll try and push the responsiblity on their system administrators, and wait a bit more. And since we usually fix things up within minutes, the system administrators are the ones responsible for the users wasted time".

    RBL is overkill. It keeps unsolicted email away from those who haven't solicited it, but it also keeps everything else away too.

    Here's an interesting situation:

    What if I love recieving spam? What if I WANT to recieve 'spam'? What if what you consider unsolicted email is actually what I like to read? Are you now able to decide what emails I can recieve, and what emails I cannot?

    Just my two cents, but the solution to spam is not to censor everything.

    Anyway...that was a fragmented rambling and messy opinion piece. If you understand it and realize that MAPS sucks, great. If not, well..I was never a good writer anyway.

    unsolicited flames sent to lgrimani@hotmail.com will get reported to MAPS!
  • "You cant stop us because we're already too big." ..What horseshit. The MAPS board should treat NSI the same way as any other. If you abuse, you pay. I'd bet you five bucks to a donut that NSI would shut the hell up in a *hurry* if MAPS' board came back with an order to RBL them.

    I'm all for it. NSI doesnt own the net. They just want you to believe they do.

    Bowie
  • Don't you understand the implications of this message? MAPS has the power to block whole backbones? And anyone who gets shafted is "collateral damage?" I mean, really. Everyone here is acting as if MAPS is the underdog. These people have the power to bring down the whole net. And they act as an extremely blunt censor. NSI is one of the few gorrillia's bigger than MAPS -- so let them do the fighting for the rest of the net.

    First of all, MAPS' RBL lists mail servres which get blocked, and it does it in a surgical manner. It is very slow and careful about which servers it blocks. Take Real Networks. It only has ten servers on the list -- the spam spewing servers. Normal communications not using those servers is unaffected.

    Second, the RBL only blocks mail servers and the SMTP service to those who subscribe to it. Since these are hard-core spammers, isn't it worth while?

    I volunteer to subscribe to MAPS. I also subscribe to RRSS, the Radparker Relay Spam Stopper. A similar system, but blocks relaying servers which are broken. The RRSS is similar in design to MAPS RBL in the case that it manually checks each report before throwing it in the listing.

    What right to they have to decide that AGIS should get blocked, just because they choose to provide services which someone else misuses. The right given to them by the owners of all the servers which got spammed by the downstream. AGIS turned a blind eye to the downstream repeatedly after many complaints. Heck, it had to disable ICMP pings because too many individuals were flooding their routers trying to see if CyberPromotions was still up.

    Because of repeated ignoring of complaints, it was thrown in for a while. And it repented.

    MAPS is a last resort tool. And NSI isn't letting up. Throw 'em in.



    ---
    Spammed? Click here [sputum.com] for free slack on how to fight it!

  • As an ISP that hosts a couple of hundred domains, if we didn't get the mail from Internic, it would be very difficult to explain to customers. We are a user of RBL and if they do eventually put Internic on RBL we would have no choice but to turn RBL off. Especially since they re-established the email invoices. It's not that we don't want to but to keep the bills paid we *have* to.
  • Don't you experience this as guilt by association?


    Indeed, might I say, even double guilt by association. First the ISP is punished for associating (doing a simple business transaction with, which won't be eliminated if you hurt the ISP, just moved) with the spammer. Then the innocent customers are punished for associating with the ISP. In the AGIS incident, we can call it quadruple guilt by association. They punished AGIS for dealing with cyberpromo, then punished AGIS's clients for dealing with AGIS, the punished those client's users for dealing with their ISP's.


    Now HOW can those users make the connection between "hey, my mail doesn't get through" and "I better agitate to get cyberpromo censored."


    It's simple bullying. Now, you may have a "right" to do so, legally or whatever. But that doesn't make it justified.


    Think of it this way. AGIS is on the backbone, right? Carries huge chunks of traffic on the net, right? What if AGIS decided to stop dealing with the ISP's who subscribed to MAPS, to stop carrying their traffic? And what if they got all the other big deal folks to do so as well? UU.net, etc. etc. etc. Would you feel that was, how shall we say, bullying?


    And why can't the ISP's block spammers their own damn selves?

    1. That would make it easier for the ISP's to determine who should get through.
    2. That would provide an entity for the customers of the ISP's to complain directly to, when they can't get their mail.
    3. That would result in less total censorship, because some ISP's on MAPS right now might not bother to read the list, so may block something they might leave open, where if something they want to block is left open, they can do so.
    4. That would make for less concentrations of power.


      Is that not a good thing?


      MAPS is a last resort tool. And NSI isn't letting up. Throw 'em in.

      I totally agree. The surest way to check a bully is for the bully to try and push around someone even bigger.

  • What the hell is this about? Granted I've only had my domain about a week, but I haven't had any spam other than my daily "Get a free college degree - no classes required!" yet. And in my experience with XOOM and GeoCities, the spam starts the first day :)
    I think you can figure out how to email me ;)
  • Fine, if you don't like the RBL, don't subscribe to it. The whole point is that it's voluntary. Nobody can "decide what emails I can recieve (sic), and what emails I cannot?" And if you actually examined the RBL instead of expressing your prejudice against it, you'd find that it blocks very few hosts. They're very conservative of who they add. By policy, then only add someone after attempting to contact them by email and telephone. You can verify this for yourself. Try getting a host added to the RBL.
    -russ
  • I find this part of Paul Vixie's mail disturbing:

    "They are pretty much daring us to blackhole them. The board of MAPS, LLC will make its final determination in the next few days, and if we do decide to blackhole NSI it's going to get ugly. As an interested party, we want you all to know what's happening."

    Is Paul an attorney? I don't think so. Interpreting Emery's email as a "dare" strikes me as a somewhat juvenile attitude. The real danger of a weapon like RBL is, the more time and effort spent on creating such a weapon, the greater the temptation to resort to it. In other words, you spend years and ten thousand bucks training your Rottweiler attack dog, you naturally want to sic the dog on something to see how all that work paid off.

    The additional danger of the juvenile attitudes of both Emery and Vixie here is the dick-measuring element. Without a doubt a lot of unsuspecting people will be confused, inconvenienced, and possibly hurt by an NSI blockade -- this would amount essentially to conviction without trial IMHO.

    And when it comes down to it, I own many domains and I get the NSI spam, and is it SUCH a hardship to delete it? What kind of a geek are you if you can't figure out how to operate your own bloody mail filters?

    Wax-On dudes.
  • by tgd ( 2822 ) on Saturday July 31, 1999 @06:30AM (#1772894)
    That was FUNNY.

    I wonder if they really thought anyone would give a flying fsck about some non-existant risk of Amazon suing them. If I was Amazon.com, and my ONLY billing invoice was set to be e-mail, and I lost my domain, there's three things I'd do:

    1) Sue Network Solutions for removing my domain because of a lack of a response on a non legally-binding communcation medium.

    2) Fire the admin who set up the domain not to have postal billing notification

    3) Contact anyone I could to have said admin "disappeared" ;)

    Personally, I don't understand why someone would set up e-mail notification in the first place. I mean, come on! Sure, most clients are that stupid, but most ISP's should have the brains to point out to the clients the problems inherant in doing that.

    Blacklist them. Serves them right. As has been said many times before, Network Solutions do not own the Internet, they're just unfairly utilizing an inappropriate monopoly situation created by a US Government that repeatly shows itself to be the premier organization of cluelessness and idiocity in the world.

    Maybe the Government should be blacklisted to, just on general principle. :)
  • That the network 'belongs' to those that administer it (and the people they administer it for) and that any guardianship of domain names is simply that and nothing more.

  • You miss a very distinct difference. "Us geeks" want to receive the information we request (singal). But we also must filter out information that we do not request (noise). Life is too short to live with low signal-to-noise ratio... a musician such as yourself should understand that concept.
  • Either ya allow the censorware morons out there censor any page with a naughty wordy-word or ya don't censor anyone that spams

    Most of the people upset about censorware is that they miss many naughty words, and censor other sites that have none.

    Then there's the fact that RBL really is reviewed by human beings, and tries to work with the site that is about to be black holed (censored) to give them a chance to avoid the action.

    They are both opt-in agreements. No one has to be apart of that arrangement if they do not wish to be.

    RBL is opt in. Most censorware providers are actively involved in efforts to require censorware for schools and libraries. In that case, there is no 'opt' at all. Part of their involvement is to 'assure' legislators that every site is checked and re-checked by human beings (patently false).

    That's the difference you're looking for. That and that RBL actually works.

  • You indicate in your post that NSI spam is not a hardship for you. That's absolutely fine! No one forces you to participate in RBL.

    Before accusing others of being too stupid to operate mail filters, you should consider how ridiculous you look as you accuse voluntary RBL participants of being "unsuspecting." Yes, in case you didn't realize it, participation in the RBL requires active effort and is necessarily voluntary.

  • If someone were forcing you to subscribe to the RBL, then you might have a case. But no one is so forcing you. Participation in RBL requires active subscription (i.e., you have to add nontrivial configuration to your MTA to pull it off).

    In short, no one who loves receiving spam will ever have anything blocked by RBL, simply because they would not be subscribed to RBL.

    As for mails we send to your personal address, I doubt that such a mail would be a bulk mail. As such, it would not fall under the definition of spam, "Unsolicited Bulk Email."

  • Certainly. Customers are entitled to know exactly what they're getting, and if they're getting what they paid for/agreed to. Administrators who don't run ISP's will obviously have more or less discretion depending on their position within an organization or public entity; increasing numbers of "admins" are running their own private networks for themselves and/or a close circle of family and friends.

    Regarding the original matter, how about (say) a "blacklisted" webpage the ISP puts up detailing who's gotten on it and why, and inviting open discussion on the ISP's newsgroups by its users?

  • I read this exact complaint on Slashdot two months ago, and I'm posting the exact same response (more or less).

    Censorship, by definition, operates on the content of the message. Spam, on the other hand, is defined by its volume, not by its content. If you send unsolicited bulk email, your email is spam, no matter what its content. Contrariwise, if your email is solicited, or not bulk, then it's not spam, no matter what its content.

    The fact that spam is characterised by volume, and not content, is the single most important difference between spam filters and content-based censorship.

  • the letter says you can ask them to not send their spammy stuff - do they ignore the unsubscribe request?

    anyway, just reading NSI say they have 5,000,000 customers pisses me off, since they deserve about 3% of that.

  • Clearly this is a no-brainer. This is what MAPS exists for. NSI not only refuses to change their policy on spam, they are threatening MAPS with what will happen if it does its job for its subscribers.

    Black hole them, MAPS. I'm sure if you are worried about legal fees, plenty of us will be glad to chip in for your defense. Set up a web page for that now if you haven't already.

  • by schon ( 31600 ) on Saturday July 31, 1999 @07:55AM (#1772907)
    .. is that MAPS has gone up against bigger companies and won...

    Anyone remember when Microsoft was RBL'ed?

    They poised, and they threatened, and then they backed down... MS is bigger than NSI could ever hope to be, and they have WAY more money to throw at lawyers.

    AOL, also was blackholed as well; with the same results; denials, threats, submission.

    If MS couldn't win, then what makes NSI think they will? This letter just shows exactly how clueless they are. Someone should send them a wake-up call. Paul Vixie doesn't back down.

  • clifyt wrote:
    What the fuck is this different than the subject that showed up two days ago (RE:Censorware...)??? Ya'll complain when someone censors your account for no apparent reason, threating to take action and use the law, but when you want to do this, its perfectly legitimate.
    You're absolutely right. There's nothing illegitimate about my using censorware to filter out some piece of the Internet. Though most people I know wouldn't use the stuff, since the particular sort of filtering it does seems unnecessary and amusingly inept.
    This is no different than any other self-regulation. Either ya allow the censorware morons out there censor any page with a naughty wordy-word or ya don't censor anyone that spams you. They are both opt-in agreements.
    It's different for those people who have not opted in. If I am an ISP user and my ISP is performing some sort of filtering with which I disagree, why, I can change ISP's. If I am a 13-year-old trying to get information at a library and I have no other access to the Internet, I have not opted into whatever inept filtering scheme is used, and yet I am stuck with its effects.

    This is more of a problem with censorware, because it often blocks useful information people are actively trying to get, and rarely a problem with spam email, since it is unsolicited.

    No one has to be apart of that arrangement if they do not wish to be.
    This is clearly untrue in the cases cited.
    I am opposed to both spam and censorship, but unless we pass laws, then there is no way to deal with both...
    There's no need to pass laws to prevent either spam or censorship. To prevent spam, clearly the RBL works nicely. One good way to prevent censorship is to keep the government from passing laws requiring it in the first place.
    ...oh yeah, I forgot, geeks don't get involved with politics unless cryptography is involved.
    Cryptography is another case where there would be no problem if government hadn't gotten involved in the first place. ;)
  • by tgeller ( 10260 ) on Saturday July 31, 1999 @08:19AM (#1772909) Homepage
    There are two weaknesses in NSI's argument:

    1) NSI's definition of "customer" is bogus. Yes, a company has certain rights to communicate with its customers (see below). But the status of "customer" implies the meeting of a willing buyer and willing seller. Because NSI has had a monopoly these past few years, we can't assume "willing buyer". Who knows how many people would have gone to a different source for TLDs had one been available? I know I would have. Therefore, we as buyers are in an *enforced* customer relationship, and NSI shouldn't assume that the usual privileges apply.

    2) Even if we were truly NSI's "customers", opt-out bulk e-mail is still not part of the "usual privileges" package vendors earn from such a relationship. I've seen the e-mail in question -- it's a pure sales pitch, *not* administrative. It's not central (or even related) to the functioning of the relationship, and one has no opportunity to opt-out at the time the relationship is started. In short: appallingly bad marketing. But what moves NSI from the world of Bad Marketing and into the sphere of Theft is the cost-transference nature of e-mail.

    --Tom

  • by Tackhead ( 54550 ) on Saturday July 31, 1999 @08:26AM (#1772910)
    > ...poorly (crappily even) written documents...
    > ...I am a bit dumber than the elite hackers that run mail-abuse.org..
    > ...unsolicited flames sent to lgrimani@hotmail.com will get reported to MAPS!

    Opens with ad hominem arguments and ends with moot threats. I think I can see why it got flamebaited.

    That said, the AC who wrote the article did have some good points, which probably bear repeating:

    • The RBL and similar blackholing technologies are distressing and confusing for newbies. While using the RBL is voluntary at the ISP level, the newbie typically has no idea that his ISP is using it. (He just wonders why his friends on ISPs that don't use it are getting 50 spams a day to his 5-10 :)
    • If an ISP lands itself on the RBL, there is collateral damage,
      and consequently,
    • The RBL is a very heavy mallet to swing at a site. Whether or not this constitutes overkill, of course, is left as an exercise for /.

    One problem, though - most of these concerns are valid only for situations in which an ISP is RBLed, and customers of the ISP wonder why their mail is blocked. For a blocking of NSI (or RealNetworks' mail servers), only those machines would be blackholed - and thus, only users on those spamming machines (in this case, presumably just a mailing 'bot) are likely to suffer collateral damage.

    An RBL for an ISP is different - it passes the support load from the newbie customers of the ISP on to the support department of the ISP. On the other hand - when all else, including the efforts of the RBL team to resolve the situation peacefully, has failed, maybe that's the only option left. If an ISP chooses to harbor spammers, its customers will suffer, and leave.

    Maybe that's fair, maybe it's not (and it's certainly a valid subject for debate), but that's not what we're talking about here.

    An RBL for a spam-spewing mail server in a single domain inconveniences only the ability of that server to spew spam. If the server exists solely as a spam hydrant, then the collateral damage is essentially zero.

    Finally, in MAPS' defence, it's hard to get a site on the RBL. Writing Nick (Nick Nicholas, former pacbell.net abuse god :) and saying "I mailed abuse@isp.com and they ignored me" isn't enough. A history of abuse must be established and documented, as well as attempts by phone as well as e-mail to resolve the situation. The MAPS team then goes out and attempts to resolve the situation themselves. Their decision to place a site on the RBL isn't an everyday occurrence; it's a last resort reserved for the most brazen of offenders.

  • NSI is spamming non-registry info. Specifically, 2 weeks ago they spammed out an ad for discounted Verisign certificates to all tech contacts.
  • Anyone remember the previous email from Paul Vixie? Had a line something like "this could well be the big lawsuit we've been waiting for".
    They want to be sued, preferrably by a large well-known company, so that they can establish a precedent.
  • > We are a user of RBL and if they do eventually
    > put Internic on RBL we would have no choice
    > but to turn RBL off.

    No, just add them to ACCESSDB (/etc/mail/access)
    as OK.

    Any time the RBL blocks someone, you get an
    easily parsed log message. If you're worried
    about losing mail, make RBL return a 45x rather
    than 55x; the sender's server will retry.

    In a year of using the RBL I don't believe we've
    inconvenienced more than a handful of
    non-spammers. The only case that comes to mind is
    an open relay at UPenn -- 99% of what the RBL
    delayed from that relay was spam, but there might
    have been some legit users too. And then they
    fixed the problem.

    MAPS doesn't go off half-cocked like ORBS. They
    only add to the list after the site has had ample
    opportunity to respond. It's not really
    "realtime."
  • I wouldn't be surprised if NSI themselves subscribe to RBL to prevent being from spammed. You think?
  • Well.. won't it? NSI will no longer be THE company to do domain registrations. If NSI becomes known as a spammer, no one will use them. They will realize. Even though, hasn't anyone been smart enough to figure out to have to email accounts, one for buisness that you randomly give out and one for real use?
  • Since it looks like the Inbreds are going to get UCITA passed in some form or fashion, it might be interesting to take a look at this scenario. Would NSI have an arguable case in a court (that place where the moon is made of cheese and pigs fly by fart power) if UCITA is already in effect?
    Does UCITA legitimize spam in general, if a customer "agrees" to it?

    NSI would have grounds, under UCITA, to disable a domain if a domain owner signed up with spam-blocker, if it is specified in the service agreement (or equivalent) that the customer must go through NSI to end the spammage. Actually, that's a scary damn thought, because it could apply to any electronic service (incl. telcos).

    (I read a draft after the /. story, and it's looks like masturbatory verbage to me, which is probably just where those inbred lawyers want it.)
  • The problem here is what people can get used to- and the potential of that to cause damage.
    Maybe you personally don't object to deleting spam. I, myself, don't especially mind sorting known-good email into special mailboxes and then having the inbox be the spamtrap, sometimes meaning that cmd-A delete is all I need to do. I've discarded good messages because I thought they were spam, a couple times, and it didn't cause me too much trouble, just a bit of ribbing from my boss who'd got his message deleted by mistake.
    However, I fully support these draconian measures against spammers, because the problem is the 'I could do that' factor. There are a certain number of new spammers every day, and many of them noisily advocate spamming to others, and some of the spams are themselves for spam tools. It's a recipe for 'meltdown'.
    Even a fairly humble linux box can saturate a T1. If any concessions are made to spamming, and it gains any sort of acceptability, it's a 'tragedy of the commons' situation but will happen so fast it'll make your head spin- and suddenly, the networks will be saturated, ISPs and backbones collapsing under the weight of one person in a hundred, or one in ten, deciding that 'it doesn't cost anything' to send their advertising note to, well, heck, how about sending it to everybody? There's this neat program a spam pointed them to, and it can run 24/7...
    I get spams authored in Frontpage using some non-English language that might be Japanese or some 2-byte language. I've been getting quite a few of those, more and more. Why be restricted to 'customers' who can read your language? Why not just send email to everybody on the internet and then those who can't understand it should just throw it away- or 'opt out'? Let's _everybody_ do that. Then each of us will only have to throw away 1 email/day from everybody in the world. No, that's silly, call it one in a thousand. So each of us will only have to throw away or opt out of several million spams a day...
    Hell with that. RBL 'em. The net is not necessarily a safe place. In particular, spammers don't have rights to network access, and have no reason to expect fairness.
  • Nobody makes the decision for paying customers but the paying customers. Each ISP has their own suite of blocking tools. Some of these are the null set, some are the RBL, some are custom.

    The customers decide what mail they do or don't want blocked via their choice of ISP. It's called the free market. Home Depot doesn't carry Nelson's sprinkler products, so if I want to buy them, I go to a competing chain.
  • The "Information Sciences Institute of the University of Southern California"

    http://www.isi.edu/us-domain/
  • Actually, let's just spam NSI back. Send out masses of email to NSI offering yourself as a free target for commercial email from NSI. I'm sure NSI's servers are capable of handling the /. effect in terms of http, but how about blowing out their SMTP servers? :-)
  • NSI is way too arrogant.

    People subscribe to the MAPS RBL to help them
    identify networks and companies that have
    good UCE practices.

    If NSI doesn't have good UCE practices, they
    should be in the RBL.

    With competition, if I find that I can't
    do business with NSI because they are in the
    RBL (which I subscribe to), I'll find another
    registrar that has UCE practices I find
    acceptable.

    Cheers,

    - Jim
  • I don't know that it would be effective since:
    (1) NSI would be in breach of contract (IANAL tho)
    (2) There would be huge publicity advertising MAPS
    and RBL to all kinds of people that have never
    heard of them before
    (3) Even if they do delete the vix.com domain, you'll
    note that this still wouldn't stop the use of RBL
    by any domain which slaves the rbl.maps domain,
    since you configure bind with the IP's of the
    master's for the zone.
  • "You should be prepared to accept the consequences of your actions should a company such as Amazon.com lose its domain name, and thus its e-commerce business, as a result of having its notices and invoices intercepted and destroyed."

    Um, reality check. Let me get this scenario straight:
    • Amazon.com joins the realtime black hole list.
    • Amazon's technical contact doesn't realize that NSI got put on the RBL (despite the fact that just the news of the possibility is making its way into every technical contact's internet news feed).
    • Amazon's domain is suddenly revoked by NSI -OR- Amazon's business, technical, and administrative contacts all forgot about that small part of the contract that says it has to be renewed.
    • Amazon loses their domain name and doesn't realize it in time.
    • Poor little Amazon and 40% of other e-commerce sites go out of business. (accordingly, NSI loses 40% of its business)
    • To recover losses, Amazon and the other 40% of e-commerce sites who go out of business are going to sue the pants off MAPS (not NSI).
    Now that would be funny!

    "...do not hesitate to contact me if you wish to discuss this matter further. "

    From what I've heard, Slashdot never hesitates. For those of us that are technical contacts, how can we contact you directly?
  • Last time I checked, there was no option to
    decide whether you get email or snail mail
    notifications.
    I seem to have gotten snail mail.
  • Scenario:

    - MAPS blackholes NSI
    - NSI starts deregistering domains - perhaps starting with MAPS' own.
    - Network connectivity starts to go to hell.
    - One or more alternate registries set up root servers and publish the old domains' data, along with new registrants. They have essentially all the domains while NSI, having deregistered many, has fewer. (Use of their services, of course, is strictly voluntary.)
    - Sysadmins reconfig their named.root to pick up the new registries in preference to NSI's, in order to retain maximum connectivity.
    - The net is now migrated to competitive registries.

    NSI's misbehavior and the (entirely appropriate) blackholing of NSI thus create a Shelling Point for the migration of the net away from the NSI monopoly.

    (For those not aware of them, Shelling Points are those moments in history where a large bulk of people, without explicit advanced agreement, realize that "This is the moment for action X, and everybody else knows it too." The British attempt to sieze the colonists' arms was a Shelling Point for the American Revolution. The acquittal of the policemen accused of beating Rodney King was the Shelling Point for the L.A. Riots, and so on. With a Shelling Point a mass of people can act in concert to great effect - for good or bad. Without one people must forge an agreement on timing, "go off" according to individual thresholds which don't match, or be boiled like a frog in a slowly heated pot.)
  • NSI is behaving in the manner of any long-standing institution, who's demise is eminent.

    Like all other long-standing institutions which are facing eminent demise/change. It's sad, because we all remember nsi.. we've know them since our youth. We now have to watch, red-faced, as they cry like babies who are made to eat instead of bottle-feed. Can't they just accept the change gracefully?

    Especially with the spamming, good-riddance.. The last use I had for them was to register domains I knew I wanted but didn't have the $$ for at the time, that's gone so I might as well go with a service that doesn't stand for beauracracy, but for a newer company.. that is seperate, not independent of a central organization (wasn't the arpanet originally designed for the sole purpose of a non-central based network that can't be taken out by nuclear attack? to stay true to those goals, you just can't have any sole entity on-line for such an important service)

  • Are you going to sue the police because they keep burglars from entering your home?
    -russ
  • By any chance are you someone who makes money from spam tools?

    I have seen the "What if I love spam?" argument before, repeatedly. But I have only seen it from anonymous posters or identifiable spammers.

    As for MAPS, the only time I looked at their web site I had no trouble finding instructions on how to get off the list - even using Mosaic for a browser. The first link on the index page is "MAPS Realtime Blackhole List". Hit that and you get a page with a list of resource links:

    End User information on the RBL
    Our rationalle for the MAPS RBL
    Reporting spammers to the MAPS RBL team
    How to get into the MAPS RBL
    How to get out of the MAPS RBL
    How to use the MAPS RBL to protect your network
    Some of the sites that use the MAPS RBL
    Look up an entry on the MAPS RBL
    Trace the route from the RBL server to someplace else.
    An explanation of "greeting-card spam."
    RBL in the news

    How hard is it to figure out that "How to get out of the MAPS RBL" is the one you want?

  • Not to mention that Vixie sits on the Board of an opt-in Email Advertising company, Whitehat.com, a subsidiary of the direct marketing service bureau American Computer Group, one of the largest opt-in email advertising services on the internet.

    I think that Vixie is wearing hypocricy very well. The action against Real was just testing the water to go after companies like Netsol. Now they are flexing their muscles again, to see just how far they can push their power.

    I hope they do Blackhole NSI, and that NSI sues them, joined by any other company that has been affected by the overly broard definitions that MAPS has been using of late.

  • You said:

    "What if I love recieving spam? What if I WANT to recieve 'spam'? What if what you consider unsolicted email is actually what I like to read? Are you now able to decide what emails I can recieve, and what emails I cannot?"

    I work for an ISP. We block sites like popsite.net because the ONLY E-MAILS we EVER get from them are SPAM. Spam costs us lots of $$$, for these reasons:

    1. We have to have a netabuse team (several people) who do NOTHING ALL DAY except watch the mail and news servers for crackers and spammers. Believe me, they are seldom idle!

    2. Our sysadmins have to keep an eye on the mail, news, and other servers as well.

    3. Our network operations center has to spend time contacting the various networks when Abuse is either saturated with tracking all the jerks and assholes, or out for the evening. You may have noticed that it's kind of expensive to call the office of another network provider (or anybody else for that matter) 2,500 miles away...

    4. We have to add huge amounts of extra disk space to handle news and e-mail. Much of this is occupied by spam. This costs us MONEY that SHOULD be spent on building/leasing POPs, hardware/memory upgrades, etc. Instead, we have to spend our member's money defending them from crackers and spammers. It's not fair to us, and it's REALLY not fair to them!

    5. This is kind of off on a tangent, but it bears saying. When someone unloads a ton of spam onto our servers, WE SEE IT. We have an algorithm that checks the mail servers' syslogs for repetitive instances of text in the headers, etc. When it sees this, it notifies us. Think you can get away with it? We'll call your provider, have them knock you offline, and then forward them the logs so that you get CANCELLED. Same if you try to crack our systems or initiate a DOS attack against anything we own. We'll get you kicked off and we'll also do everything we can to get you cancelled from whatever ISP you're coming from. And since most dialup gear keeps a record of your phone number, we might even call you and demand to speak to your mommy at 3AM. B3W4RE, SKR1P7 K1DD135!!! Whenever you try to spam or crack us, WE SEE IT. Don't think that a dynamic IP makes you anonymous, because every ISP in the world logs what IP was used and at what time. They have to for legal reasons.


  • Prelude: This is going to ramble a little, as I've been jumping around the net getting more info from ICANN, IANA, NIS, etc. Bear with me.....

    My first though was to reply to this with an "Amen". NSI is not, has never been, and will never be the "Internet Authority" (Patent Pending [or so they think]).

    Aside from the other officially sanctioned registrars, I seem to recall reading about a volunteer organization (probably on /.) offering to provide DNS services without the value-added BS of NSI. Anyway, with more registrars being accredited, I'd say its time to put NSI behind us completely.

    While considering the implications of all this, I was perusing www.iana.org [iana.org] and was delighted at the prominent notation:

    Please note that this transitional site presents both initial steps and currently accepted practices that are subject to input by the international Internet community and approval by the Board of Directors.

    If you go to their site, there is a forum for public comments. /.'em with honest, frank, unflaming input on why the agreement with NSI should be terminated.

    Now, if you want to be horrified, go to www.internic.net [internic.net] to read about the coming changes in Domain registration. First, you'll notice that you're really at networksolutions.com. But wait! If you read really, really slow (just leave the window open), you will be automatically forwarded to the NSI front door.

    Going deeper into the ICANN FAQ [icann.org], I found Ammendment 11 [doc.gov] to the Dept. of Commerce/NSI contract. An excerpt regarding existing NSI customers:

    • Commencing upon the Phase 1 deployment of the Shared Registration System, and for a period of 18 months thereafter, NSI shall permit any customer with whom it has a contract pursuant to which NSI provides registration services that is either facially or effectively exclusive as to registration services, to terminate the registration provisions of such contract (following payment of all amounts due up through the time of such termination) and obtain registration services from other registrars; provided, however, that NSI may enter into agreements pursuant to which NSI's counterparty agrees not to utilize proprietary intellectual property or confidential proprietary information provided by NSI to the counterparty pursuant to their agreement.
    Now, I wonder why NSI has been putting up such a forcefull argument that the info in the WHOIS database is "proprietary intellectual property". As far as I can see, you can change registrars by giving them the same contact information you originally gave NSI. It may be proprietary in their database, but it is not when it's your personal information on an application form.

    If I'm reading that right, anyone registered with NSI can switch to another registrar, with a pro-rated refund of domain fees.

    Back to the original topic: Putting NSI on the RBL would be a serious wake-up call that without the participation of each and every transport provider on the 'net, they are worthless (Ok, MORE worthless).

  • To any NSI grunt that may read this: you jack-asses are sore loosers. You take a government contract and expect to be able to claim that the information you obtained during that contract actually _belongs_ to you? Kiss my ass you f**king morons! That's my tax dollars you're talking about. That data belongs to me and every other American that uses the internet. A lot of people, including myself starting back when there was no public access to the 'net, have busted their asses to make the 'net what it is. For you to pull the kind of stunts that you have lately is a disgrace to us all, but more so to yourself. I really do hate socialism, but fair is fair. Cooperate or get off the bus!!!

    Dumb asses....
  • Most of the people upset about censorware is that they miss many naughty words, and censor other sites that have none.

    So, if I were to create the technically perfect Web censorship software, Jon Katz would not be annoyed at its use? "Most of the people" who usually complain would not? No.

    I and others who are bothered by censorship are usually bothered because censorship implies a power of control. Control of ideas, in fact, which is one of the most powerful forms of control.

    The RBL presents the same danger, but the original poster was incorrect in assuming that that danger can be acted upon. Because the RBL is voluntary (and in fact is only the most popular of several such efforts, some of which are more technically sound, but have a higher barrier to entry) it can never have the same impact as, say, the V-chip which is required in every television set in the US.

    I have a problem with some of the applications of the RBL, however. For example, WebTV applies the RBL to your mail whether you like it or not, and that's exactly the problem with things like the V-chip (granted, this is WebTV's problem, not MAPS').

    NSI is not being censored, they are being refused access to the pockets of millions of consumers because of bad business practices. The consumers do not have to deny access (except as noted above), but they WILL because they don't WANT unsolicited EMail. If NSI wants to put those messages on their Web site, and slam out ad banners to every major Web portal on the planet, there's nothing wrong with that. BUT, it would cost them money, and NSI doesn't want to have to spend any actuall money! Therein lies the rub. Spam costs money, but not to the sender. Thus it is refered to as theft. NSI is commiting theft, and what's worse, they are doing so because of their relationship with the US government that gives them a monopoly over one of the most important communications technologies in history.

    Let me repeat, this is not a censorship issue, this is a simple case of abuse. NSI is abusing their customers, and their customers are not pleased (that includes me).

  • Dude if i were you i wouldnt be so fast to support ICANN, the group seems a little shady and non-transparent if you ask me.
  • "It's bad for me, therefore it should be banned" is a corrupt argument: it's the same one that Janet Reno is using to get governments to ban cryptography.

    There are good arguments why spam is bad: mainly because the burden of cost is not on the sender and therefore there is no negative feedback mechanism to control it. Arguments that try to dictate what a person can or cannot receive are superfluous, and always unfair to someone or other.

    If you want to control spam, find a way of passing the cost on to the originator. In this hugely dynamic free-ISP scene, blocking the output is a fool's game that doesn't cure the disease at all.
  • Your response to this forgets one important thing. Your customers PAY you to provide them with email, and if that means the ability to receive advertisements, that is what is includes. If you need more hard drive space to provide the email service your customers have contracted you with, and this doesn't fit your budget, then you have poor planning with regard to your pricing structures.
  • First let me say, there was SUPPOSE to be a SMILEY attached to my last comment, meant as a light ending -- but without the smiley I came off looking like a self-righteous asshole -- SORRY! :o) :o) :o) Ok, repeat after me... RBL is not a government, nor is it a law, nor is it implimented by either of the above. The Black-holing of NSI will be a public action taken by the public.

    This is exactly what I'm talking about - doesn't this seem precisely like mob lynching?

    --

    I would actually like to pose a question to clarify a point here:
    Suppose my ISP was an RBL "member." I go to NSI to try to register a new domain, and those of you who are familiar with the registration process know that you have to send an email based on their template.

    Normally, the NSI automails a response indicating the success/failure of your registration request.

    But if NSI was blocked, I would not receive this confirmation. Is that correct?

  • I would imagine that several thousand of us own our own domains.

    How about all of the domain holders amongst us send an email as follows:

    To: hostmaster@internic.net
    Subject: NOT INTERESTED IN BUSINESS

    As a resgistered domain contact for , I would like to notify you, and Mr Jonathan Emery, that I have no desire to conduct a business relationship with NSI. At the first opportunity I will be seeking to conduct my business with an alternative vendor. I have not CHOSEN to be an NSI customer, I simply wish to have a domain.

    As a result of this notification, any future emails or postal mails sent to me by NSI, not relating to the function, administration, status or billing of my domain, are demonstrably unsollicited.

    Spread the word (and the email) to anyone else you know to be a domain name owner.

  • I've never heard such a clueless person working for an ISP. I hope dso's cusomters become aware of their ISP's spam-friendly staff and either get rid of that staff or switch ISP's, putting dso out of business. I don't even think AOL has such a clueless stance on spam.
  • As others have pointed out, email is not a legal communication in the eyes of the court (Any court, AFAIK). If NSI does not want to send snail-mail invoices, they should use a FAX.
  • Illiad has NSI pegged with this one...
    Sunday's User Friendly [userfriendly.org]
  • Jon Katz would not be annoyed at its use? "Most of the people" who usually complain would not? No.

    Most of them would not complain if it was opt-in as well. I was perhaps not explicit enough that censorware would have to be both accurate and opt-in to be acceptable to most'geeks'

  • XOOM isn't spamming you. You pay for the services you get by the email you receive. Receiving email is part of the deal.

    NSI, on the other hand, gets paid by your money. Accepting their advertising at my expense is not part of the deal. I never agreed to it anyway.

    -russ

  • Well, NSI will get a nice bounce stating that the mail was not recieved. So they know you didn't get the invoice.

    If they continue and remove the domain, take them to court.
    (Might be hard to win since NSI's seem to have no employes except lawyers.)
  • Let me see, they require an email address, but the contract terms do not require that you actually receive email at that address. Seems to me that if NSI cuts off a domain solely because attempts to contact it by email have failed, NSI is in breach of contract.

    And yes, I've gotten the NSI spam, and no, they have no right.
    -russ
  • I love lawyers. All they seem to know how to do is threaten and bully, regardless of how empty their threats are.

    This is the idea. They don't want 2 million customers to just go bye bye. They like sending out worthless email for whatever reason (probably cause it is a lot cheaper than sending normal mail) Can you imagine the funds that they are raking in from not sending out the mail USPS? They wouldn't be quite as rich otherwise. ;-)
  • If MAPS is trying to make a point of a taking on a large company, they should just makes sure that the win, otherwise the gesture is more than useless, it discredits thier cause.
  • by JamesHenstridge ( 14875 ) <james&jamesh,id,au> on Saturday July 31, 1999 @02:33AM (#1772957) Homepage
    I am surprised that they didn't try the more effective "if you blackhole us, we will delete your domain". It would be more effective, and its legal footing would be just as shaky
  • The sooner on the blacklist, the better. What right does NSI and every joe business have to spam me? Did I pay NSI $70 for their service of providing my information so they can own it and spam me some abuse with it? If vigilante justice through the RBL is not allowed, then its time for baseball bats. One way or another, I'm going to get relief!
  • According to the lawyer's letter, there are instructions in NSI's emails for being removed from the mailing list. Is this true?
  • Doesn't matter if it's true or not. If you trespass on someone's property, "but I would have left if you'd only asked me" is not a defense.
    -russ
  • The same could be said about alot of industries that get away with it. I often find myself ranting "Do I pay $50/month to my phone company to have them send me junk mail and sell my name to mailing lists?" "Do I pay $60/month to my cable company who then sells advertising on those channels?" etc...
  • There is possible to make exceptions to the RBL filters.

    If NSI gets blacklisted, and you still want to receive mail from them, you should be able to add their mail server to the RBL filters exception list. Check your mailserver or filter documentation.
  • Trespass?
    Different rules where I come from. You can trespass on my land, and all I can do is tell you to leave, use minimum force to make you leave, and eventually call the police and have them remove you. In real space this rule makes a lot of sense (not least because property boundaries are less than obvious). If you don't want people wandering onto your land, build a damn fence.
    However, that said, the same rules can't be applied on the net. Trespassing in real-space uses up a lot of the intruders time, and there's no obvious advantage to it. I don't see any serious problems with individual trespass (mass trespass is illegal) where I live, but I do (did) have serious spam problems until our SMTP servers were configured to use RBL-like tactics.

    Nick.
  • "They are pretty much daring us to blackhole them. The board of MAPS, LLC will make its final determination in the next few days, and if we do decide to blackhole NSI it's going to get ugly. As an interested party, we want you all to know what's happening."

    Is Paul an attorney? I don't think so. Interpreting Emery's email as a "dare" strikes me as a somewhat juvenile attitude.

    The use of the word "dare" was perhaps unfortunate, but isn't NSI simply calling MAPS' bluff? If MAPS doesn't follow through with their stated MO, isn't this going to weaken MAPS' ability to impliment such Spam-reduction in the future? Perception is key, here.

    The additional danger of the juvenile attitudes of both Emery and Vixie here is the dick-measuring element. Without a doubt a lot of unsuspecting people will be confused, inconvenienced, and possibly hurt by an NSI blockade -- this would amount essentially to conviction without trial IMHO.

    Ok, repeat after me... RBL is not a government, nor is it a law, nor is it implimented by either of the above. The Black-holing of NSI will be a public action taken by the public. The equvalent would be a newsletter that displayed picutres of salesmen that stick their feet in doors in order to give a sales pitch. The newsletter does not lock people's doors. It simply gives them a good idea of when that might be appropriate. In the case of the RBL, there are automatic ways to have your door lock, but that doesn't change the fact that the public recipient of the hostile sales pitch (yes, Spamming is textbook hostile sales) is the one shutting it off, and they can choose not to.

    The case that keeps getting pointed out is where an ISP uses RBL and will be blocking NSI mail to all of their users. This is much like the case where an office building management company does not let hostile salesment into the building to see the tenents. The tenents are going to get grumpy at some point, and say "hey, I wanted to see that guy, he's selling widgets that I need". This is what has already been mentioned where some ISPs will stop using RBL based on the NSI blackhole. This is a Good Thing(tm). It demonstrates that these ISPs are willing participants, and they can and will leave if and when they feel that it is no longer appropriate.

    What kind of a geek are you if you can't figure out how to operate your own bloody mail filters?

    What kind of geek are you if you don't create a way for non-geeks to do the same thing.... Gee, that would be RBL!

    -AJS

  • I'm sorry im not high up enuf on the teirs to have registered a domain yet. Whats this about a CD with everyones email on it? could someone elaborate, thank you.
  • I'd have to pretty much agree with you. MAPS/RBL seems to be fairly responsible.

    ORBS, on the other hand, sucks. I've had a bunch of my own mail get bounced by ORBS for various reasons, either because the mailserver I was using was open-relay or because the ORBS people happened to be in a bad mood.

    I find the cure, in that case, worse than the problem.
  • I used to answer those calls that the caller ID listed as "unavailable." It seems like any long distance service change or getting ISDN would get me on every credit card company marketing list. I sleep days. I get very cranky when I answer the phone to some telemarketer wanting to sell me a credit card. I give them insults about their job, their ability to father children, etc... They have even retaliated against me for venting by conviently cancelling my long distance for "fraud." It pisses me off to no end to have some stranger interrupt my sleep, then to interrupt my utilities. Its gotten to the point where I will try to hunt the person down! I've gone mad!
  • The only way for Amazon.com, or anyone else, to have their domain registration-related E-mail traffic disrupted would be if amazon.com willingly subscribed to the MAPS RBL feed.

    NSI is whistling through their ass here. MAPS RBL is a purely voluntarily blacklist. If someone does not wish to have their mail to/from NSI blocked as a result of the RBL, it will take approximately five seconds for them to disable RBL filtering on their mail server/routers, or provide an exception for NSI's IP address space. Someone should ask the Looney Tune who wrote that letter whether or not he would have any objections if someone were to have him sign up to a few thousand mailing lists, on a condition that every one of them will have a working remove address. According to this Looney Tune, as long as there's a functioning remove address, there's no problem, so he will have no reason to object.
    --

  • As a fairly long time subscriber to the RBL service I find that it does the job nicely. I look at my log files and find several spam messages blocked and the quantity of that crap that appears in my mailbox has been reduced noticeably.

    There are some key words that have to be recognized. One, I am a subscriber. They created their own list. I, as an administrative decision, chose to use their list. Two, they make it abundantly clear that, or at least they did when I signed up for the service, that RBL is not perfect, that you have to be willing to occasionally throw out the baby with the bathwater. For me, spam had gotten so bad that I finally relented and enabled RBL. I've been happy ever since.

    As for the NSI debacle. It comes down to one key point. I haven't seen their spam message (well, not the most recent one). If I use the whois database to mine for email addresses and send SPAM, NSI will try to (1) sue me?, (2) block my access to the database, (3) who knows what else. Yet, they are doing the exact same thing.

    Bottom line. I used them as a registry service. I created a business relationship with them as a registry service. As such I suppose I would get some spam from them as a registry service. However, if they started spamming me with messages about hosting, or non-registry issues -- that that most definitely is SPAM. Look at it this way. Let's say magazine publisher XYZ Corporation publishes magazines on 50 different topics ranging from Apples to Zebras, and you subscribed for a magazine on wireless data. Your now on their mailing list. You've created a business relationship with them. Would you be upset if you got junk mail from XYZ Corporation encouraging you to subscribe to adult mags?

    The line between spam and acceptable commercial email is getting slimmer and slimmer. In a way, depending on what information is being sent out, NSI does have a valid business relationship with people in their database and can send email to them. They've learned from all those that mined the whois database for email addresses just how valuable such a targeted list of names can be.

    NSI could have avoided all of this by 'announcing' in their first SPAM message "You are receiving this from NSI because you have at least one registered domain name in our database. You have been included on a list which will send you periodic updates on new services and features available from NSI. If you do not wish to receive these messages, here is how to remove yourself from this list. If you take no action, you will automatically receive news on any new and important services and features available from NSI."

    That first message would not have advertised anything, yet it would have alerted everyone on the list of what was to come and could have avoided this entire problem!
  • by sjames ( 1099 ) on Saturday July 31, 1999 @04:35AM (#1772999) Homepage Journal

    NSI: We're a 600 pound gorilla, and we intend to behave as badly as we want to. Get in our way, and we'll squash you.

    If RBL is to mean anything, they really have no choice but to blacklist NSI at this point. MANY people have complained about SPAM from NSI.

    NSI, because of their special monopoly position, has a higher obligation than most companies to not spam. It's not as if most of the people on their list could have chosen another registrar that doesn't spam (at least not when they gave NSI their email address).

    For those who will have problems if NSI is blacklisted, there are several options. Tell NSI to send invoices by snail mail, de-configure RBL, or go to another registrar. I suggest the latter if at all possible.

  • by strredwolf ( 532 ) on Saturday July 31, 1999 @04:45AM (#1773001) Homepage Journal
    The MAPS RBL is the last resort in blocking spam from spewers such as NSI and Real Networks (which got thrown in earlier this month). The process starts off that: Someone on news.admin.net-abuse.email gets repeatedly spammed by a domain, gets repeatedly refused by a domain to stop spamming or the spammer, or sees on a spam a site that is never taken down. (RBL is used for spammers and the servers that others provide for such spammers) Next, after repeated phone calls and evidence gathering, an RBL request containing all the information is sent to MAPS. Nick (in the e-mail) calls the company to work things out. If nothing happens (and they're very flexible to work with), the servers in quesiton get thrown in the RBL until the company who owns those servers repents.

    The MAPS RBL has blocked whole backbones before (AGIS, for the Cyberpromotions fiasco they had). Real Networks got thrown in, even after they sent a legal threat to MAPS. MAPS has not received any orders against the listing.



    ---
    Spammed? Click here [sputum.com] for free slack on how to fight it!

  • Comment removed based on user account deletion
  • > If you do not wish to receive these messages, here is how to remove yourself...

    Make that "If you wish to receive these messages, here is how to add yourself" and I could concede the point - provided they put a checkbox in their signup form for new registrations and/or gave the instructions in their signup confirmation mail, and only sent the above, ONCE to OLD accounts.

    We consider it spam if somebody repeatedly sends mail to everybody on a list he buys unless they opt out. Why should it be different for a "somebody" who just happens to have had a government mandate to monopolize the internet registry?

"Everything should be made as simple as possible, but not simpler." -- Albert Einstein

Working...