MAPS RBL Is Now Censorware (Updated) 656
Media3 has had six of its ClassCs added to the RBL: one in June, and five in November. These 1500 IP numbers are now cut off entirely from the rest of the Internet for any Internet provider who subscribes to the RBL (more on this later).
But making these 1500 IP numbers vanish from the net -- which is exactly what happens for any provider who subscribes to the RBL -- does not stop any spam from getting through. They are not blocked because those servers are sending unsolicited email, or any kind of e-mail for that matter.
Media3's service agreement is more-or-less the same as all responsible, anti-spam providers:
"M3 does not permit the transmission of unsolicited e-mail... Subsequent violations will result in suspension and/or termination of the account without refund of service fees..."
And MAPS does not even allege that a single piece of spam has been sent from any of these 1500 IP numbers. As their press release says:
"Media3 refused to require their Web-hosting customers to stop advertising their Web sites by using unsolicited commercial email..."
Even this fact is in dispute. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate Web sites which promote themselves through spam.
You can check the RBL evidence file yourself. When a MAPS representative spoke with Joe back in June, he told him that he needed to, not tighten up his sendmail rules, but "terminate the Samco [Web] sites and rewrite his AUP to prohibit the hosting of spamware."
Spamware? Yes. Media3 does host Web sites which sell software that sends bulk e-mail and harvests e-mail addresses. Take a look at MarketingMasters.com. Their IP number is 209.211.253.74, which is in the Media3 ClassC which was blocked in June. You can look them up on the RBL at http://mail-abuse.org/cgi-bin/ lookup?209.211.253.74.
Again, the blocking of that IP number, their Web site, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose Web site can't be seen by RBL subscribers.
The problem is that MAPS has put every 209.211.253.x IP number on their list. For example, if you look up 209.211.253.169, you'll see exactly the same message and same rationale.
And 209.211.253.169 is not a spam Web site. It's otherwise known as Peacefire.org, a group of young people who are advocates of free speech rights for teenagers, and -- irony alert -- longtime opponents of censorware.
In fact, if you visit their Web site you'll see many reports about how censorware blocks the good as well as the bad. Their latest, "Amnesty Intercepted," shows that sites like Amnesty International Israel and the American Kurdish Information Network are blacklisted as pornographic by overzealous censorware.
Kind of like Peacefire -- and over a thousand other sites -- are blacklisted by MAPS.
Let's be clear about what censorware does. It does not by itself block content. It "only" rates that content as unacceptable for viewing, and it is up to someone -- your parents? your teacher? your ISP? -- to apply its rules to prevent you from seeing that content.
I don't like spam any more than the next person. But I also don't like censorship, and I take a content-neutral view of these things. If someone delivers a product to be used by Alice to block Bob from seeing website because she doesn't like its content, that product is censorware.
And if that product capriciously, unfairly, and deliberately blocks innocent Web sites, then it's not very good censorware.
In this case, the "bad" Web site sells software which could be used to spam. Frankly, compared to Nazi propaganda or bomb-making instructions, it's pretty tame. But that's not important. Standing up for speech I agree with is easy, everybody does it. If you want freedom, you have to stand up for speech you disagree with.
At least with programs like CyberPatrol, SurfWatch, and Net Nanny, when overblocking mistakes are pointed out, they are corrected. But as MAPS admits in its press release and evidence files, the intent here is not to block the actual Web sites (after all, people who want to buy the software will find a way to buy it).
No, the intent is to get the ISP in question to play ball. The fact that a thousand innocent Web sites are censored is, as far as I can tell, irrelevant.
I don't see much difference between this and any other censorware. One difference is that few other censorware packages are actually free. Another is that fewer are so obviously wielding their power as a retaliatory weapon.
And, there's also the fact that the RBL is used by a backbone provider, AboveNet, whose CTO also happens to be a co-founder of MAPS. Peacefire had no idea that it was being censored until it heard from confused would-be readers. At least with traditional censorware, if your connection to a website is blocked, you have some idea of why. Peacefire's readers naturally had no idea whether their packets were traveling over AboveNet's network, and only knew that their connections were being rejected.
(I contacted Paul Vixie to ask about AboveNet and how it uses the RBL, but he refused comment, sending me to AboveNet PR, who didn't get back to me by deadline time.)
Vixie claimed in 1998 that "MAPS volunteers always contact the owner of a site before it's blacklisted." I'm guessing none of the 1,500 blocked Web sites were contacted.
But then, MAPS also advises Web providers:
"If you host Web sites, we suggest that you use one IP per domain so that if spam occurs for one Web site, we don't have to blackhole you or your other customers to block access to the spamming site."
That's exactly what Media3 does -- and exactly what MAPS did.
Oh, and one more difference. The RBL is more successful than any other censorware package. According to Upside, 20,000 companies that control 40% of all e-mail accounts (and, quite possibly, Web sites); that's up from what ZDNet said in 1998, 2000 ISPs that control 30% of Internet destinations.
I can't find much to argue with in Joe Hayes's summary:
"They [MAPS] are blocking very good educational sites, nonprofit organizations, in their attempts to get us to adopt their definitions in their entirety. They've made no bones about hurting people and while Media3 maintains a policy of not allowing unsolicited e-mails, we do not see completely eye-to-eye on MAPS's definitions because they become very encompassing and very broad. While they have a good tool, and I commend them for their efforts to contain e-mail abuse, they're a good thing gone bad and they have basically become the abuser."
And here's a heavily abridged list of the sites that cannot be accessed via AboveNet, or any of the other providers who use the RBL -- just a few of the sites on just one blacklisted ClassC:
- FulfilledLives.com, "the place for women and girls," about spirituality and relationships.
- DesktopHeaven.com, Windows themes, screensavers, wallpaper.
- TownOfCary.org, the official website for the town of Cary, North Carolina.
- StudioZito.com, yet another Web site-designer.
- Crossalizer.de, a music site which points out (in German) that it's a victim of an anti-spam initiative, and thus has moved to Crossalizer.com.
- StrikeMore.com, bowling tips and schedules.
- NewTechWellness.com: "The total balance of wholeness and wellness within the areas of Mind, Body, Family, Society, and Finances in our lives is our goal," OK, whatever.
- ElaineCoffman.com
and DianaPalmer.com
-- both are authors of romance novels.
And finally, - CraftersCommunity.com. "If you are looking for a fun and easy recipe to do with the kids, try these deliciously simple Winter Cookie Pops."
Update, something like an hour later: If you're planning to e-mail me or post a comment saying I don't know what I'm talking about because the RBL only blocks mail traffic, please take a moment to read this 1997 interview. Excerpt:
SunWorld: How do you defend your policy of Blackholing Web services that host spammers' Web sites -- even if the spam itself isn't going through their service?
Vixie: This is the most controversial thing we do because it's censorship of something that isn't spam. It's me saying to some Web provider, because you are renting space to this person [a spammer] who is doing something completely legal, I am going to Blackhole your butt.
For more on the Border Gateway Protocol implementation of the RBL, see this page (thanks to jeffg for the link); for a description of how it drops all packets to blackholed sites, see this message.
Also, Bennett Haselton of Peacefire reports, at 10:58 PM EST:
I just telnetted in to www.peacefire.org and was able to do "ping www.above.net" and "ping home.cnet.com" and "ping www.infoworld.com" despite the fact that that traceroute on all of these sites shows that they are hooked up via above.net.
Peacefire's IP address is still on the RBL, so it looks like AboveNet has, for the time being, temporarily stopped blocking their users from accessing sites on the RBL.
This means that either:
(1) AboveNet has realized the errors of their ways, and is trying to correct them.
(2) AboveNet is trying to cover up the fact that they ever censored their users' Internet access, and they are temporarily opening up the gateway so that people on AboveNet will be able to access Peacefire and will think it is all a hoax.
Re:A compelling argument... (Score:2)
The problem with this is that you can't keep someone who subscribes to MAPS from sending mail to you! It's a one-way blackhole. Someone on a MAPS-enabled ISP can send mail to someone who is blackholed by MAPS, but that person can never reply. The MAPS using ISP's customers don't know they will never get a response.
Arguing about this with MAPS people will just get you listed in MAPS.
Spam sucks, but there really needs a better way of dealing with it. Leaving it to an autonomous private group who isn't responsible to anyone is just asking for more trouble.
Re:MAPS != censorship. (Score:2)
Censorship can be done by anyone (I censor my own speech on a regular basis so as not to offend).
You have censorship confused with the first amendment -- freedom of speech can only be violated by the government (because only the government is limited by the constitution) but private individuals and corporations can and do censor every day...
right to censor (Score:2)
Re:Just ignore the spam? (Score:2)
10 secs * 356 days * 50 years = 178000 seconds
178000 secs = 2966 minutes = 49 hours = 2 days
Are you willing to let spammers take 2 days from your life? And in doing so, you are doing nothing to help others. I make more of an effort- I file reports with Spamcop.net. I spend about six times the seconds you do, per day.
What right do you have to say that I should have almost two weeks taken out of my life by spammers? I won't get those two weeks again. You won't get those two days again- and do you think it's going to _stay_ at 10 seconds a day? Soon you'll be spending 45 seconds digging through the spam (nine days out of your life) and I might be spending fifteen minutes a day spamcopping (I have a domain...) and that's SIX MONTHS off my life, just dealing with spammers! Already it seems like I spend many minutes a day on the spam, over and over and over in unending repetition. I wish my ISP used the RBL. They are considering some such action. If they go with the RBL I will fully support it even at its most extreme application.
That's no good at all. (Score:2)
I'm trying to get a recording studio [airwindows.com] off the ground (obMusicLink [besonic.com]), and putting a lot of effort into it. I _have_ to keep airwindows.com out there publically and I get all its email, every dictionary-attack spam on the domain- and I need a solid memorable unsurprising email address to give people if they want one- chrisj@airwindows.com.
It's like some of the mp3-fan reactions to the threat of the format being suppressed- I don't care if you can hide mp3s in zips, or hide email addresses in geeky obfuscation or ever-changing 'stale address discard' rules. I don't have that luxury and never will have it- I'm stuck operating on the outside with my domain and my fledgling business (for which I keep all records of income and expense- not gonna hide from IRS either). I have no option but to use email and web resources straightforwardly and unobfuscatedly- and I won't be able to keep up with the load of spam forever unless the spammers are cracked down on. The spamload could easily just keep accelerating exponentially if nothing is done to stop it- as it seems more mainstream, more will do it, and so on.
(random side note- remember how mp3.com changed its agreement and made it evil? Well, a new music site called ampcast.com [ampcast.com] recently changed their agreement- and, get this, changed it to be MORE favorable to the artists! Color me flabbergasted. I'm still happy with besonic, myself, but who knew? Kudos to ampcast, just found out about this today :) )
Re:SERVERS CAN STOP spam EASILY!!! (Score:2)
Re:What in god's name are you talking about? (Score:2)
And that is why many of us dislike MAPS, because that is exactly what they suggest. In fact that is the original method by which they operated - the DNS method you mentioned was added later, and they still advocate the complete BLACKHOLING of all traffic to the sites on their blacklist.
Re:Exactly (Score:2)
I don't see how you can make that distinction. The only way for a user to turn the RBL off is to switch ISPs to one that does not use it. If you consider this a legitimate solution then censorware is perfectly fine too, since you can always move to an internet connection which doesn't use censorware (using one at home instead of the library, for instance).
Re:MAPS != censorship. (Score:2)
To quote from Webster's:
None of the other definitions given apply -- the first is the actual Roman officials after whom the word is named, the third to a general fault-finder and the fourth to a critic. This one, too, clearly misses the mark. MAPS is not given any special empowerment to read content, and (more critically) cannot forbid publication. All they do is publish a list, with no enforcement to back it up; thus, they do not forbid anything.
If a user is being censored by anyone, it is not MAPS but rather the ISP who chooses to use the service without their users' consultation. However, even that doesn't hold water, as the user is not forced to use any given ISP. With no forceful coercion involved anywhere down the line, any claim of censorship is certainly far wrong.
Absolutely not. (Score:2)
I'm pretty damn unhappy with my government; indeed, it's violated its own Terms Of Service (Constitution) -- but if I stop paying taxes in protest, I'll find myself in jail. And if I try starting a competing government here in town, I'll find myself in pretty bad shape.
My ISP can censor me all they want -- there's an econmic mechanism to keep it from being abusive; I'll just switch. If my government tries to consor me, there's no such recourse -- then I get pissed.
Tricky. (Score:2)
But then I went to their website.
My GOD, have you ever seen anything so awful?
So then I turned Java off.
There were still broken images, blinking links, I couldn't read the text...
Could we have a web proxy that blocks UGLY web pages? Becuase I'd blackhole these guys in a heartbeat!
Are they actually trying to run a business? If I saw a "business" site that looked like that, I'd run the other way!
Ugh. Unclean. Please block that site, whatever your reasoning.
---
pb Reply or e-mail; don't vaguely moderate [ncsu.edu].
Innocent victims of *a bad ISP* (Score:2)
However the ISP in question they *did* move their other customers away from the netblock, while reconcidering the case. Thus, only the spammer was affected.
In general, users of ISP's who are both incompetent and refuse to cooperate in the fight against spam *will* get hurt. However, they will be in a position to do something about it, by using a competent ISP.
Irony Alert: DeCSS (Score:5)
Now, spamming software is sick messed up crap, but if we subscribe to maps, then are we as bad as Jack Valenti and his pals in the entertainment industry?
Chris DiBona
VA Linux Systems
--
Grant Chair, Linux Int.
Pres, SVLUG
Is the RBL really being used for HTTP? (Score:2)
It seems much more likely that Above.net and various other ISPs and users are using the RBL to block email from the IPs in question (which would be likely to be used by the website, but might not be). This is also troubling if innocent machines are implicated but much less so and hardly rises to the level of censorware since websites do not typically use email for only a tiny fraction of their content.
--
RBL Usage info - READ THIS (Score:5)
There are three ways that RBL may be used, listed at this address:
http://mail-abuse.org/rbl/usage.html [mail-abuse.org]
ONLY ONE OF THE USAGE METHODS results in blackholing all ip traffic, that is the Subscription via BGP. This option is only available to larger networks with routers which have an ASN (see whatis.com [techtarget.com] if you don't know what an ASN is.)
I know of very very few networks which use RBL in this manner. There must be a few, but it seems like a pain in the ass, and there are negative effects of doing it, as indicated on the RBL description of the service.
Anyone choosing to implement such an esoteric blackholing system for all ip traffic from RBL-listed hosts is likely FULLY AWARE that they will be dropping some hosts, and must consider that an acceptable risk. If you are a client of such an organization, and don't buy into that, then leave. My guess would be that most that have successful implementations of BGP RBL subscription had buy-in from their clients before they set it up.
My guess is that 95% or more of RBL subscribers use the "Direct usage via DNS lookup by mailserver" method of applying RBL blocking. This method has ZERO IMPACT on http, ftp, dns, ICMP, or any other type of traffic other than SMTP.
This Slashdot article was written by someone who does not understand the nature of the Internet and the RBL on a detailed level, and who is obviously dipping into conspiracy theories a bit... his little diatribe on above.net sounds like the manifesto of a lunatic. To the author: Get over it, sir. You don't understand the technology, and you don't understand the decisions made by ISPs who implement the RBL. I wish you well in your career, but this isn't going to be the ground-breaking story you thought it was. Feel free to write me if you'd like to speak to me further.
Sincerely,
~Acheron
Re:RBL Usage info - READ THIS (Score:2)
Unfortunately, I am behind Above.net which I believe does subscribe to the BGP RBL-- not something my ISP (Capu.NET) can change... During 1999-2000 MAPS RBL blocked Steve Forbes' campaign website so I couldn't get to it from home, something I found highly dubious. I've known that MAPS RBL has been Censorware for a long time now.
Whatever good MAPS RBL could have acheived has been lost with its Ivory Tower administrators who slash and burn netblocks with no accountability. "It's to fight spam" sounds more and more like "What about the children!?" to me from the MAPS people. They have made it an excuse to fuck with people's livelihoods. Pardon mon Français. That's how I feel.
_______
computers://use.urls. People use Networds.
Re:MAPS != censorship. (Score:2)
Where on earth has everyone got the idea that, for the government to fail to actively support something is equivalent to the government prohibiting it?
--
Why the Hell Not? (Score:2)
(NOTE: this is called sarcasm. I am actually a philosophical pacifist, violently *ahem* opposed to violence.)
--
drawbacks of negative feedback (Score:2)
Also, with the current pace of mergers in the telecom sector, it is becoming increasingly the case that many people simply don't have the luxury of choosing their internet provider. Punishing innocent sites by mere association in this case is a cure worse than the disease.
The problem is the innocent victims (Score:3)
Such a gaffe might be understandable if the IP addresses in question were dynamic, but they're not. They're static. There is no need for MAPS to list peacefire.org in the RBL.
Re:Huh??? (Score:5)
There are many forms of the MAPS RBL subscription.
One form that appeals to some network providers is the MAPS RBL Subscription via Multihop eBGP4 [mail-abuse.org] . This subscription option involves configuration within border routers of a subscribing network provider. Any traffic that passes through a router configured to peer with the MAPS RBL feed will null-route packets destined for any host or network listed in the MAPS RBL. This includes ALL internet protocol traffic -- not just mail.
If a network or host is listed in the MAPS RBL, and a router between you and that host or network is configured to use the MAPS RBL BGP feed, you will be unable to browse a website located there, you will be unable to ftp to them, and yes, you will be unable to send them mail. And they will be unable to send you mail, or browse your web site. Again, any traffic passing through a router configured in this way that is destined for an IP in the MAPS RBL will be null-routed -- for all intents and purposes, dropped on the floor.
Asymmetric routing and inadequate coverage on the border can be a noted hole, but in cases such as these, the MAPS RBL BGP feed isn't really working anyways.
Re:services like this (Score:2)
Thanks
Bruce
Re:A compelling argument... (Score:2)
Again, I am not getting routes blackholed through Above.net today. I can click on those links and see them. Traceroute tells me I'm going through above.net .
Bruce
Re:Exactly (Score:2)
Bruce
Re:services like this (Score:2)
Thanks
Bruce
Re:RBL - What a hosed concept (Score:2)
Thanks
Bruce
Oops. Big oops. (Score:2)
Re:No, you don't have the right (Score:2)
Thanks
Bruce
Re:Exactly (Score:2)
Thanks
Bruce
Re:That violates John Stuart Mill's liberalism max (Score:2)
Thanks
Bruce
Re:Exactly (Score:3)
Bruce
Re:This isn't right (Score:3)
1 dnai-com.perens.com (216.15.108.185) 21.416 ms 0.832 ms 0.703 ms
2 dnai-216-15-96-1.cust.dnai.com (216.15.96.1) 22.975 ms 12.134 ms 16.915 ms
3 fe3-0-br-1.sjc.dnai.com (207.181.193.1) 22.722 ms 7.364 ms 7.759 ms
4 main2-249-152.sjc.above.net (209.249.152.3) 20.723 ms 9.060 ms 7.091 ms
5 core5-main2-oc3.sjc.above.net (216.200.0.205) 23.190 ms 7.470 ms 7.776 ms 6 core1-core5-oc48.sjc2.above.net (216.200.0.178) 23.403 ms 7.579 ms 7.755 ms
7 ord-sjc-oc12.ord.above.net (207.126.96.117) 67.590 ms 67.780 ms 68.573 ms 8 POS12-0-0.GW2.CHI6.ALTER.NET (157.130.111.89) 70.829 ms 69.470 ms 69.189 ms
9 112.ATM3-0.XR1.CHI6.ALTER.NET (146.188.208.186) 69.099 ms 67.905 ms 69.813 ms
10 291.ATM2-0.TR1.CHI4.ALTER.NET (146.188.208.250) 94.485 ms 95.112 ms 93.882 ms
11 106.ATM7-0.TR1.TOR2.ALTER.NET (146.188.142.74) 95.481 ms 102.600 ms 99.372 ms
12 299.ATM7-0.XR1.TOR3.ALTER.NET (152.63.129.149) 103.557 ms 98.535 ms 98.082 ms
13 190.ATM7-0.GW1.TOR3.ALTER.NET (152.63.129.233) 98.190 ms 100.049 ms 98.933 ms
14 205.150.221.230 (205.150.221.230) 114.641 ms 100.628 ms 103.484 ms
15 mediamasters (204.101.215.149) 102.729 ms 101.457 ms 101.752 ms
So, it's not happening here.
OK, I'm a dunce. (Score:3)
Bruce
Re:OK, I'm a dunce. (Score:3)
Thanks
Bruce
I have to agree. (Score:5)
It happens that if you write me and I'm not at home, I get your mail via Palm VII wirelessly. Whoever you are. Even if I've never heard of you. And sometimes, that matters to people.
Spam really is a problem on the Palm, because it takes time to download it, there's only 2MB RAM so there's no space for it, and so on.
So, I want to filter spam, and I want to deter spammers because deterrence is more effective than a filter. The RBL has been a positive force for me, it's kept the S/N to the point that I can read your mail.
Thanks
Bruce
Re:can MAPS/ORBS be advisory to users? (Score:2)
I don't know if this is a specific qmail issue, but the way the server works is to accept the mail if it for a local domain, queue it and then figure out what to do with it in terms of the user to deliver to, since there may be aliases and so on involved, which it doesn't want to spend time resolving when accepting the mail. In the case where the spammer is just guessing usernames en masse with a domain name on the end, all the 'misses' become bounces. If spammers were at least halfway decent and mailed address known to exist, the load on mail servers from spam would probably be considerably reduced.
So the difference is that the ISPs mail server will then spend a large chunk of time generating bounce messages (which will typically also bounce back, as the return address of spam is often faked), rather than refusing to accept the single connection in the first place (a single connection can spawn hundreds or thousands of queued items - a large BCC list effectively).
Obviously, the time spent by the mail server clearing queues of bounce messages and double-bounces is time spent not delivering customers incoming and outgoing mail.
Personally, I agree with the RBL in it's DNS form, but not the BGP version - blocking routing to IPs and especially IP ranges completely is extreme and harms much more than the intended target.
Of course, if you like the idea but not the politics, you could reasonably easily set up a competing service - it's just DNS data. Maybe make it group-moderated in some way - slashdot for spam-prevention. *shudder*. I believe there are at least a couple of similar things for usenet spam (can't remember the names though).
Re:I definately do not agree - (pro-MAPS) (Score:3)
Just some corrections of your correction. :)
1. The Spamhaus list is here [spamhaus.org].
2. Not a single one of the IP numbers listed there sends spam. Let me repeat that: you could drop every one of those IP numbers off your network and it would not stop a single piece of spam from reaching you. Those are websites. Spamhaus and MAPS don't like ths products those websites are selling and that is why they (and over a thousand other websites) are blocked.
3. Media3 has 42 Class C blocks, which means that 0.2% of their IP numbers house websites which sell spam-friendly software (but, again, those IP numbers are not sending spam). I would not say 0.2% is a "high percentage."
The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial [holocaust-history.org], but standing up for free speech means standing up for speech I don't believe in.
This situation is no different (except that, on my scale of evil, spammers aren't even close to those who want to rehabilitate Hitler).
Jamie McCarthy
Re:Neural Net Spam Filtering! (Score:2)
Also, while the neural network source is available, the java source code isn't, so this is not an open-source application.
I think this kind of technology has a lot of potential, and I hope to see this implemented in a manner that can be used in a secure manner in the real world.
- Sam
Re:MAPS != censorship. (Score:2)
Censorship is the deliberate attempt to block a flow of information. If you don't let your 8-year old watch hardcore porn at home, you're censoring his or her viewing. (Note that this is appropriate censorship, IMO)
Look up "censor" in a dictionary. Look up its origin -- show me where it means "an act committed by a government". I, as a consumer, by buying a connection from someone who uses the blacklist, am authorizing them to act as censor. Yes, it's voluntary, but it's still censorship.
If a public library doesn't carry a book, that's censorship because the library is supposed to carry everything, not because the library is a government entity. A private library operates under a different charter than a public library does. They're different entities with different purposes.
Likewise with an ISP. The blacklist is perfectly legal, and I do have the choice of going to an ISP that doesn't use it, but the question is about what the ISP is chartered to do, and what we believe an ISP should do. Does the ISP provide information or access? If it provides information, censorship is appropriate. If it provides access to information, then censorship is inappropriate.
The real issue is consumer education. When I buy a connection, and I'm told that it's spam-proof, I might like that. Unfortunately, there will be information I will be denied access to and I might never know that I'm being denied. I thought I was paying for a data pipe, and protection against unsolicited email, but how will I know that I'm paying for protection against entire sections of the net that hold no threat?
Re:Fuck off, Commie Pinko (Score:2)
Actually, you got it backwards. It's your thesis that it closer to the socialist ideal.
Private companies choose to use the RBL to filter their incoming mail. This is analogous to paying someone to throw out junk mail before you get to it. It is a business choice they choose to do in order to lessen the load on their business.
You as a private individual have the right to choose to do business with that company or not. But nobody has the right to tell that company that they can't block certain traffic from coming into their networks.
Whether or not you agree with spam is irrelevent. The RBL is totally in line with a free market. If you don't believe the RBL should be allowed to do what they do, you are essentually saying that someone shouldn't be able to kick unruly people out of their place of business.
- Jeff A. Campbell
- VxReality (BETA)
Re:RBL is for Mail-Abuse you Fools!! (Score:2)
People seem to keep saying that RBL is optional, well what about the situation, where someone is using it on a backbone, as was the case in the article? I dont see much choice in the matter then.
---
Maybe not, but who are we to tell anyone how they should treat the data flowing through their networks?
It's a free market - if enough customers of enough ISPs complain, those ISPs will move the issue up the chain and market pressure may change their mind. It's your right as a consumer to choose who you do business with, and your ISP's right to choose who they do business with. It's really quite simple.
---
One thing, it does seem that a lot of people are mistakenly thinking that it would block the website as well, but it will only prevent mail, however some companies may rely on this for their ordering system.
---
Maybe, but if I control a significant amount of bandwidth, isn't it my right to allow that traffic to flow over it on my terms? Especially if the product of that bandwidth is using CPU and drive space on my servers?
I'm not necessarily saying that I agree with the somewhat over-zealous ways in which MAPS operates (I'm in a position to utilize the RBL, but choose not to), but I agree that they have a perfectly legal and ethical right to offer their service if they wish. There is nobody forcing anyone to use them.
- Jeff A. Campbell
- VxReality (BETA)
Re:Fuck off, Commie Pinko (Score:2)
not if the ISP has a monopoly on a certain section of your neighbourhood. thats a bullshit argument that M$ was using in their anti trust trial.
---
A monopoly in your neighborhood? What are you talking about?
You can't extend the definition of 'monopoly' to any company you don't like - even if they don't happen to have competition in your area. Microsoft didn't get the smackdown because they're merely a monopoly. They got in trouble because they allegedly used their monopoly in order to illegally squeeze out any potential competition.
It is not illegal if there is only one provider in your geographic area. It's quite possible that no real competition has even attempted to penetrate your local market, or it's just not worth bothering with for various business reasons.
And to be honest, in these days of Earthlink, Sprint, GTE.net, AOL, etc. I kind of doubt very many people are stuck with only one provider. This is a market segment that very clearly does not have a single monopoly controlling it. The argument is a bit of a joke.
Face it: If you don't like the policies of your provider, you can feel free to open up a competing provider or search for another. Under our current (decidedly non-Communistic) system, you don't have a right to force the existing players to do something with their own resources.
Of course, you can always vote with your wallet. If enough people agree with you, it's quite likely you'll find success. Unfortunately more people seem to think avoiding spam is more marketable.
...
Either way, my original point was that the guy saying that supporting the RBL was 'Commie' had it all wrong and was talking out of his ass. Communism would be more likely to support right control over the ability of people to make things like blacklists.
Regardless of whether you are for or against strong 'market regulation', you have to know that stopping MAPS from publishing their list is just like banning Consumer Reports. This is definitely not in the spirit of our free market system.
- Jeff A. Campbell
- VxReality (BETA)
Re:RBL Usage info - READ THIS (Score:2)
Anyone choosing to implement such an esoteric blackholing system for all ip traffic from RBL-listed hosts is likely FULLY AWARE that they will be dropping some hosts, and must consider that an acceptable risk. If you are a client of such an organization, and don't buy into that, then leave. My guess would be that most that have successful implementations of BGP RBL subscription had buy-in from their clients before they set it up.
I do agree with what you're saying... for a end-user ISP. But, if you are a backbone provider (as above.net is) and you are dropping packets that are passing across your backbone -- not from your direct customers, not to your direct customers you are WRONG.
You don't have the choice. (Score:3)
Re:"Press time"? (Score:2)
This is standard practice. For all that you know, Jamie contacted AboveNet 3 months ago, and still hasn't heard back. It's reasonable for him to contact them, say that there's X days until he's running a story, and do so if he hasn't heard from them. Surely you don't think that media outlets should fail to run stories if the subjects won't talk to them?
-Waldo
Re:Huh??? (Score:2)
2) Listing the website IP and blocking mail from that IP doesn't prevent anyone from seeing the Peacefire webpage, does it? No.
Jamie wrote:
Again, the blocking of that IP number, their website, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose website can't be seen by RBL subscribers.
Any questions?
Re:Sounds like the role of the RBL has expanded.. (Score:2)
UseNet has something called NoCeM (pronounced No See 'Em), which is essentially "advisory cancel messages". Instead of cancel messages being sent to control by usenet admins, it has advisories sent to the newsgroup itself in periodic postings, with the message id's of messages that get killed by a compliant newsreader (such as gnus). These messages are PGP-signed to authenticate the issuer.
It still requires a provider that doesn't itself honor NoCeM messages on the spool, as some do, but the nature of usenet makes this somewhat more feasable than it is with mail. The mail server I use (CommuniGate Pro), has support for RBL, but sends all such mail to blacklist-admin, which I can connect to a script that simply tacks on a "X-RBL-Listed" header and sends it on to its recipient. It's a new site right now, so it hasn't received any mail yet, much less spam.
And if I find my ISP, the phone company, is using the BGP RBL, I'll have the PUC on their asses ASAP
--
? stay of the inet if you don't like censorware? (Score:2)
In reply to:
i[If you use an ISP that has MAPS, it is your choice. Only ISP in the area? Then stay off the net if it offends you. They are running a private business and feel that the reduction in spam outweighs the complaints of some users who don't like MAPS]i
Re:Huh??? (Score:2)
Maybe, but a backbone provider does. ABOVE.NET Read the article.
get YOUR facts straight (Score:2)
burn the witch! (Score:2)
Re:Irony Alert: DeCSS (Score:2)
It's okay to go after tools which can ONLY do "bad things", particularly if that's all they're designed to do. But if there's significant "good things" which can also be done with the tool, such as with DeCSS, then it's wrong to stop those good uses, and so instead you go after those who choose to use the tool to do "bad things".
Then, as always, you just have to worry about your definition of "good things" and "bad things".
Re:Sorry, Jamie, you are way off base (Score:4)
You don't need to. Just block the spammer's website. This still cuts off the money - the spammer will get less, since they've been RBL'd, and if the spammer goes elsewhere, then the ISP loses their money - but not at the (unnecessary) expense of other customers. Repeat the process with wherever the spammer goes next.
That's how MAPS should work, by blocking the bad stuff so that RBL users just don't see it. There isn't any need to punish innocent sites who happen to be on the same class C. MAPS should concentrate on blocking spammers and their sites, not trying to twist ISPs arms.
If MAPS successfully got Media3 to shut down the spammer's site, then MAPS WOULD be dealing in censorship, wouldn't they? They'd no longer be this optional advisory guide you could use, rather, they'd be going around getting websites they don't like shut down. If that's not censorship, I don't know what is.
MAPS seems to want to have it both ways - to the public: "Oh, we're not censoring anyone", but to M3: "Shut this site down now, or we'll punish you by blocking lots of your sites". I'm sorry, but to me, that's just terrible.
jamie has a point. (Score:4)
Arguments about whether or not RBL is a censor because it doesn't wield the power of a government are sort of missing the point. The point is if it provides a useful list. Censorware is censorware because it provides a very unuseful list. The fact that schools and libraries use it is almost irelevant to its name.
From what jamie has said, it sounds like RBL isn't so much trying to block spam as trying to apply political pressure to get an ISP to do what it wants.
Essentially, they're using the fact that hundreds of ISPs suscribe to them and trust them to help them block spam as a club to beat other ISPs into doing what they want. That doesn't seem like a terribly wholesome thing to do to me. I don't want my subscription to be used that way. I simply want them to tell me what sites send spam.
Re:This is exactly what we want them to do. (Score:3)
No. There's one little flaw in your analogy, but it's important.
It's not like locking up the people who made the photographic paper. It's like choosing to not do business with the people who made the photographic paper, and telling them that you will remove your boycott if they stop selling photographic paper to the kiddy pornographer.
Nobody's rights are being infringed. Nobody is having force used against them. There's a huge difference between locking someone up and boycotting them.
---
You've totally missed the point... (Score:4)
ASN is NOT required (Score:4)
You can use RBL w/o an ASN. You just have to run BGP4 and peer with the RBL eBGP4 server and let it route to your black hole address. You then default route everything else out your single backbone connection. No other BGP peering is needed. Since you're not announcing routes (and RBL certainly isn't taking them) you can use a reserved ASN to configure your router.
can MAPS/ORBS be advisory to users? (Score:3)
Re:Irony Alert: DeCSS (Score:5)
Pornography is bad, to some people. To some others, it is ok. And still others appreciate it.
DeCSS is bad, to some people. To some others, it is ok. And still others appreciate it.
We here at slashdot tend to view a given subject only from the perspective which best serves our own interests. We are as selfish, prejudice, maliciously reactionary, and sublimely manipulative as any of the MPAA, the spamware folks, or the extremist portion of the Christian Right.
Rather than attempt to remain reasonable and retain even a hint of impartiality, we react viciously to anything deemed to be infringing upon on our rights, with absolute disregard to the rights of any others who might be in the way.
We do this as we sit high upon our assumed intellectual high horse/flimsy house of cards, shouting banters about freedom, goodness, and The Right Thing To Do; cries which typically fall upon deaf ears.
Witness our views on DeCSS, Censorware, Spamware, MP3 encoders, MP3s themselves, the iOpener, or TiVo's 'exploitation' of the Linux kernel, and try to visualize the other parties' justification (which, in these cases, is -always- legitimate) for whatever it is that they have done to offend the horrid, arrogant, nonsensical beast that is slashdot. In other words, put yourself in their shoes.
Those who are unwilling to do so are simply afraid of finding that said shoe fits their own foot perfectly, and that they'd hence not be able to remove it from their mouth. This is an obviously unacceptable outcome, given the clear superiority of the average slashdot user (let alone the top 5 percent).
With such bigotry abounding en masse, it's no wonder they can't hear us.
Choose your enemies carefully, because that is who you will become. --Lao Tzu
censorware. (Score:4)
Re:This is exactly what we want them to do. (Score:4)
And, in fine Usenet fashion, the discussion is now over!
According to S.P.(U.T.U.)M. (Score:4)
First, we must translate the Five Spheres (or Rings) of the enemy system into modern Net.War counterparts:
- Sphere 5: Fielded forces-- throwaway AOL accounts, hired consultants, dedicated spam domains
- Sphere 4: Population-- Spam-related customers, support employees (secretaries, etc.)
- Sphere 3: Infrastructure-- Primary non-rogue ISPs, Websites, ftp sites, cgi scripts, mail relays, reputation
- Sphere 2: System Essentials-- Money, bandwidth, telco access, computers
- Sphere 1: Leadership-- the SpamBoy himself, his partners and business associates
By alliances, we mean those reciprocal relationships the spammer has formed with: news media (Cyber-Clueless First Amendment activist newbie journalists, for example)- other spammers
- ISPs, whether rogue or non-rogue
- hacker consultants
- fringe associates (Meowers, Kook Cabal)
- banks, business organizations, and other sources of economic power
- politicians
We must then examine our assumptions. If our Spammer runs his own ISP, then attacking an AOL account he controls (by complaining to abuse@aol.com) will be of negative value-- a waste of our time and resources. If his ancillary server is somehow "taken down", but his primary SpamServers keep pumping out ECP spam via open NNTP ports worldwide, what will we have gained? If he is (like Gr*bor or our own deeply psychologically troubled Doktor Funway) only marginally rational, abuse and punishment that would persuade a reasonable Yeti to leave the field of battle may only enrage the Bull(shitter) like the pricking of a picador. Finally, if we do not have the necessary intelligence to pinpoint our enemy and her crucial Strategic systems exactly, our efforts will either be wasted entirely, or increased by orders of magnitude over what they could have been with accurate and timely information. In our final strategic translation matrix, we shall endeavor to identify what we mean by a Spammer's Political, Economic and Military powers; as well as the proper role of the semi-tautological Net.War attribute of Information.- Political power: news media (online and traditional), lawmakers, friends and acquaintances, usenet Kooks
- Economic power: cold hard cash earned both legitimately and by Spam; frivolous lawsuits (to tie up opponents' assets/time)
- Military power: Net.war capabilities of spammer's own systems (mail bombs, Usenet binary bombs); hired gun hackers; open NNTP and mail servers ripe for exploitation
- Information: Positive and Negative--> Positive: Spammer's ability to gather intel on foes; ability to adapt to changing laws, standards, and software affecting/enabling internet communication; ability to slander and defame enemies and thus provoke them to rash deeds;
- Negative: the ability to cloak himself in anonymity, pseudonymity, and false faux-open identities, thus denying his enemies that first prerequisite of strategic analysis: identification.
Freely stolen from: http://www.radix.net/~revjack/snotwad/snotwad3.htRe:Irony Alert: DeCSS (Score:3)
It's NOT ok to "go after" tools, because it doesn't solve anything. If someone wants to do something, they're going to do it. You can make it difficult by trying to remove a tool that makes that end easy, but two things happen:
1) A new tool takes it's place.
2) The general populace stays ignorant of why the end is "bad". All they learn is that the tool that does it is bad, which we've already pointed out to be wrong.
Re:MAPS != censorship. (Score:5)
It's not quite that simple, though. Common carriers, although private organizations, don't have the choice to carry or not carry based on content. Now a local dialup provider is hardly a common carrier, but I would say that a tier one provider really should be a common carrier. After all, a local dialup in Peoria can't reach Bangladesh without crossing some backbone provider's network.
itachi
MAPS != censorship. (Score:3)
If a government library refuses to cary 'Hucklberry fin' because of it's content then that's censorship. However private organizations should not be forced to carry or not carry a given item. You cannot compel me to carry a slashdot bumper sticker on the back of my car claiming that if I refuse I am 'censoring' your right to free speech.
By the same token you should not be able to force a private entity such as an ISP to carry traffic they choose not to carry, i.e. traffic identified by the MAPS RBL. If you don't like MAPS then don't use their service or use the services of ISP's who do.
This also carries over to 'censorware'. Government institutions should not censor internet content through manditory filtering. However it's morally acceptable to me for a parent to by some software (that arguably does a poor job) to filter the content on their privately owned computers.
-- Greg
Re:I definately do not agree - (pro-MAPS) (Score:5)
-- Greg
This is exactly what we want them to do. (Score:3)
Those who host websites for spammers even after its brought to their attention that they're spamming deserve to be blackholed--I praise the RBL for their continued action in this regard.
Should they wish to rejoin the RBL using net, they may terminate their spammers and tighten their policies. For those who cry about "free association," remember that subscribing to the RBL is voluntary, and using an ISP that subscribes to them is voluntary. If individuals want their subscription fees to support spam and their packets to be dumped, they're free to subscribed to an RBL'd provider.
Re:Thats not what its for... (Score:3)
//rdj
Re:Sorry, Jamie, you are way off base (Score:5)
That couldn't be further from the truth. What's happening is that I decide that someone else has sufficiently similar opinions to mine about what I don't want to see, and ask them to do it for me. That's not censorship, it's outsourcing. Well, I guess you could always call it "self-censorship by proxy" or something equally convoluted.
Now if the RBL isn't what it advertises to be, that's a different question. But that wouldn't be censorship either, it'd be false advertising.
Sometimes, the best thing to do is nothing. (Score:3)
Incest happens, one way around it is to require that everyplace that allows children is tape recorded to catch the bastards. A simpler and cheaper alternative is to kill all children.
This is my solution.
Sometimes, when the only way to stop an evil is to do an even greater evil, the only sane thing to do is nothing.
You totally miss the point. (Score:3)
But, this article is about the fact that MAPS uses a very broad brush to paint its spammers. In its zeal to stop spam, it is hurting people and organizations that have never done anything wrong. MAPS has been accused before of being arbitrary with its power, and this is some pretty compelling backup to those accusations.
Frankly, I wish that a more moderate group than MAPS had taken the lead in writing a blackhole list. I find their definition of spam to be to far-ranging. I find their tactics to be abominable. I find their superior-that-thou attitude to be offensive.
I hope that press like this will lead an alternative list-group to form, and more press will steer people to it.
MAPS can hide behind "free association" for a while. But if they continue with practices and policies like this, I suspect that they will find few willing to associate with them.
As I read the %2 article (Score:4)
Additional data (Score:4)
Spamhaus.org's ranking of spam supporters [spamhaus.org]
Media3's list of active spamhausen [spamhaus.org]
OK, on three, let's have a great big "Awww" for poor widdle Media3.
1....2....3.... BPPPPPPT!
Sorry, Jamie, you are way off base (Score:5)
Now, what can we do to end the spam?
No, you follow the money: the spammer makes his money when morons go to the web site and by the spamware. Kill the web site, kill the cash flow, kill the spammer's business.
Now, places like Media3 will say "But we aren't spamming!" No, but they are giving aid and comfort to the enemy. So, what do you do to get Media3 to close down the spammer?
Follow the money
You make it unprofitable for Media3 to host the spammer. You do this by driving business away from Media3. You do that by blackholing enough of their customers that Media3 says "We are losing money doing this. Let's not do this anymore!"
Rememer Spamford Wallace, the uberspammer? Ageis communications was providing cyberpromotions.com with bandwidth, and by God they weren't going to stop. Then they got blackholed, and many of their customers left. Faced with losing money, they dropped Spamford like a hot rock.
Remember: follow the money. It's always about the money. If somebody says it's not about the money, it's about the money.
I say, "GO MAPS GO!"
I will continue to use MAPS RBL (Score:3)
It's slandering the innocent (Score:4)
It's not about whether it's reasonable to twist the arms of the hosting companies, it's about misrepresenting what it is you're providing. If a censorware package included a category that said "anti-filtering sites or redirect services", and said you better leave it turned on, that wouldn't be a problem. But when they list all the anti-filtering sites, babelfish, anonymizer and so-on in every category, that's misrepresenting what you're doing.
I read some of MAPS site and it implies that it's pretty hard to get on the list without doing something you shouldn't be. But this isn't the case. "A site being advertised as a target on multiple spam messages may be placed on the MAPS RBL. We assume that the site knows that it is being advertised in this manner". That's a pretty big assumption when you go blocking class C's. I can't find any mention of using the RBL for punishing ISPs as they seem to be doing in this case. Do all their subscribers know they are using it to punish ISPs? Would those subscribers continue to use the RBL if they knew it was blocking large numbers of sites that have no connection to spam other than having the same ISP?
I'm really curious what MAPS contract looks like. They don't have it up on their webpage, and it's the only thing that would exactly address what they claim their service is. Personally, I'd love it if sites would cancel an account if it's at all connected to spamming, even if it isn't where it's sent from. I know geocities does because I've forwarded a few pieces of spam to abuse there. I don't think I'd want the "feature" of being prevented from viewing the sites of anyone hosted on a server that is also used by a spammer.
Mission Creep (Score:3)
The main problem is that this level of blocking goes far beyond the original intent [mail-abuse.org] of the RBL. The Blackhole was only supposed to block known current sources of spam. Over the years it has experienced mission creep [cnn.com] and now goes after spam accomplices (e.g. affiliated web pages & email boxes) as well as accessories [nolo.com] (e.g. email harvesting software). That is too many tasks for a single list!
RBL's original mission is a good idea, and could even be palatable to major backbone providers. For example, imagine if Verizon [slashdot.org] and UUnet [slashdot.org] were subscribers to the more-focused version. Millions of people would be better off instantly. Within months, RBL would put itself out of business -- anyone on the list would scramble like mad to get off or else go out of business from lack of traffic.
MAPS has already implemented multiple parallel lists -- RBL, RSS, DUL, etc. It's time to break up the RBL into 3 separate components with appropriately narrow targets.
Bullshit (Score:3)
By your logic, the United Nations should start killing Iraqi men, women, and children until Sadam Hussein steps down. Hey, it would work. Once all the citizens are dead, Sadam will have no one to rule over, and will thus no longer have power.
By your logic, it is perfectly reasonable for the RIAA to shut down Napster. After all, Napster is harboring far more copyright infringers than Media3 is hosting spammers.
By your logic, if I go on a shooting rampage and kill 14 people in my dorm, not only am *I* to blame, but so is everyone else in the dorm, as well as the dorm supervisor, the University of Minnesota, my parents, my friends, and, hell, Slashdot even.
I mean, I've seen double-standards, but this is rediculous. And you got score 5, even. Huh.
------
Power, unchecked, corrupting as usual (Score:5)
(2) How much is enough? Should MAPS block every single IP address that the provider has, just to force them to stop hosting the software seller? How many innocent sites have to be taken down in the name of shutting down the spammers? And do you really think people looking for spamming software won't be able to find it because you shut this down? When these software sellers move, should we shut down a thousand more? Will you feel the same when its YOU?
(3) No one ever stops to think how insidiously powerful MAPS has grown. As their filters have become useful, it has gone far beyond good sysadmins using them to protect their users -- it has gone corporate, with millions of addresses obeying the filters MAPS dishes out. What happens when it is abused?
Think that won't happen? Wrong, it already has. MAPS blocked 209.211.253/24, because it hurt a lot more than just blocking 209.211.253.68-89, or even 209.211.253.64/27. I shouldn't need to repeat it, Jamie made a great point: Paul Vixie said MAPS contacts all blocked websites before blocking them. Ah, but that must date back to before MAPS was so powerful, such an icon of internet protection, with supporters lining up to buy them lawyers.
(4) MAPS is tied far too closely with AboveNet. The fact that Vixie was an Abovenet VP (who knows what he is with Metromedia, who bought Abovenet), should absolutely chill people. There's something absolutely creepy about the power to block email to 40% of addresses being thus controlled. I'm sure the small-time sysadmins would remove MAPS configs from sendmail if it were abused -- but would corporations be so quick to follow? With change control procedures, possibly even total apathy?
At this point, a lot of these points have been intentionally sensationalized to provoke a bit of thought. I think that MAPS has just selected an overbroad block to filter this time -- and I agree with filtering spam software sales. You support spam, down you go. But I also think that the cheerleading, here and elsewhere, and the lack of concern over the fact that MAPS has run roughshod over so many innocent sites, shows that people have a tendency to follow net luminaries far too blindly. If you're going to run MAPS filters, then you're handing that project power. Best keep an eye on that, if you don't want to contribute to the abuse of that power.
moderate parent up (Score:3)
However I can not fault them for selling spamming software. The right to create and distribute software is a sacred right. I get so frustrated at the people who don't treasure this right.
I believe that no one has the right to tell someone not to create a piece of software. Patents that stop people writing software are evil. Laws that stop people writing software are wrong. People that stop people from writing software are wrong.
I get frustrated by reading the comments about software sometimes. A month ago someone created a visual basic clone for Linux and people complained about it. Not that it was poorly written but just that they didn't want a visual basic clone. People complain that Mozilla have been goofing off adding features instead of just working on gecko. Someone today said that Open Source was making software suck more because now 20 year olds were writing software and his post got moderated to a +4 interesting?!?
The truth is that behind all the laws stopping people from writing software there is a person writing the law. In the end it's always a matter of PEOPLE stopping people from writting software.
On the other hand, I have to laugh everytime I read somewhere that open source software will never be able to do this thing or that thing. People didn't think Linux would scale. People didn't Mozilla would ever get finished. People don't think that Linux will succeed on the Desktop. I have to laugh because I know that someone is going to go out and do the things that were thought imposible. The fact is it is so much easier for some one to program something than to stop every other person from programming something. This means that when I say Linux can never run on a Ti93 I'm almost certain to be wrong because it's easier for someone to make linux run on a ti93 than it is for me to stop them.
For a technical problem there is a technical solution. There are more effective ways to block email than MAPS. If you think visual basic is not good then write your own better replacement. If you don't like the features in mozilla then use kmeleon (http://kmeleon.org). If you don't like open source programs because they were written by 20 year olds then write your own. Gnome wouldn't be better off if people stopped writing KDE apps and KDE wouldn't be better if people stopped writing gnome apps.
The solution is not to try stop software from being written. That's just playing hit the mole. The solution is to write MORE software that fixes the problem. More KDE apps. More Gnome apps. And if you agree with the +4 guy then you want more software written by old people.
Writing software is sacred right and an excersize in free speech.
Re:Irony Alert: DeCSS (Score:3)
If they just block people with misconfigured routers or people who spam that's not censorship.
But when people want to get spamming programs or email addresses and they can't because MAPS is blocking it that's censorship. Email addresses are private information and I don't mind them trying to censor that. I think it's pointless but I don't mind. I mind that they are trying to block people from getting to software though. And I mind that they are hurting inocent web site at the same time.
Basically censorship is when you block two people who want to communicate from doing so based on the content of what they are talking about. Sometimes that's not a bad thing to try do. But mostly the internet routes around censorship.
Re:Exactly (Score:3)
No offense to your grandmother, of course
I just want to hear Paul Vixie say (Score:3)
Media3.net is Guilty as Sin (Score:3)
--
Re:Horay! (Score:4)
Apparently AboveNet also failed to inform its customers, or prospective customers via its website, that portions of the Internet would be dark to them because of an action by an intermediate provider (AboveNet) against another intermediate provider (Media3). This ain't the way it's done, folks! As much as I hate spam (and I use the RBL, DUL and RSS to block on port 25) this breaks the Internet.
IMHO, even though it seems that AboveNet has stopped BGP blocking of RBL-listed sites, at least for the moment, they owe an apology and explanantion to their customers, Media3's non-spamware customers, and to the Internet community at large.
Re:A Better Analogy (Score:5)
Fine, lynch 'em. Tar and feather! The bastards deserve it!
In fact, bust down the doors of all their neighbors, yank those folks off their couchs and their kids away from their game consoles, and lynch them too.
They're living in same appartment complex (Class C IP address range), so let's crucify everyone in the surrounding area, so that the apt complex managers who tolerated the porographers will lose money and noone will move back in.
MAPS is not censorship; SPAM is censorship (Score:3)
An equally effective way is to drown it out with your own message.
And that is precisely the effect of spam. It overran Usenet years ago, rendering newsgroups which had functioned nicely for years useless. It's now overrunning the mail systems of ISPs, individuals and organizations in the same fashion.
Moreover, some companies/individuals have chosen to profit from this unethical activity, and in have in fact lent their active support to it. These companies/individuals should not be surprised when the community attempts to defend itself from their actions by barring their traffic.
So let's be clear on who the enemy are:
1. Spammers
2. Those who hire spammers.
3. Those who write spamware.
4. Those who provide hosting, connectivity, mail, or other services to 1-3.
These are the entities responsible for the floods of spam that clog mailboxes and mail servers; it is with them that the problem lies, not with the valiant attempt by MAPS to address it.
What in god's name are you talking about? (Score:3)
INFORMATIVE:
The MAPS RBL is used for blocking spam. There are rulesets you can add to sendmail to make it check a reverse DNS lookup if you'd like to verify reverse entries exist. You can change it just slightly to make it query something like 40.182.65.207.mail-abuse.org, and, depending on the result, allow or reject the mail. And that's how the MAPS RBL database works. It works via DNS.
TROLL:
This only blocks SMTP ****MAIL****, not websites. What kind of bullshit is that? "They can't go to their websites" blah blah blah, some more stuff i made up, blah blah blah.
INFORMATIVE:
I suppose it would be possible to alter bind to double-query and check the MAPS RBL for the ip and then return HOST_NOT_FOUND if it's blacklisted by MAPS, but what's the point? This is just pure punishment, not even on the same track as trying to cut down on spam. I seriously doubt many (if any) ISPs are actually resorting to something like this. And if MAPS is actually promoting doing this, then they really need a slap in the face, or a rude awakening or something.
TROLL:
So I believe this is when you update your article, say enough people convinced you you had absolutely no clue what you're talking about, and you remove the text of the article, and then you put it back up later because people bitched at you for taking it down because they wanted to see what everyone was making fun of you for and maybe get it on the action.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Re:What in god's name are you talking about? (Score:3)
Look, I use MAPS, and before I even thought of using it, I went to their webpage, and yeah, I researched it. I read a lot of stuff there before deciding to use the MAPS RBL on our mail server.
I never once saw the multihop eBGP4 while reading the info there. In fact, the whole time I spent there, the ONLY information that was all over the page was about blocking SMTP mail, and nothing else. Never once did they even IMPLY that there was another method of using the RBL. There was absolutely no information that I read that suggested otherwise. It looks like they've changed the site around since I was last there several years ago.
If that makes me ignorant, fine, whatever.
In any case, using MAPS in this way is just plain wrong. I support only blackholing via mail, not anything else.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Neural Net Spam Filtering! (Score:5)
A friend and I wrote a neural net spam filter using the UCI Machine Learning Database (on spam), that gets 90-95% accuracy on classifying a message as a spam or not-spam. It's integrated with the mail delivery system via procmail, so you can set it up to deliver all Good mails to one mailbox and Spam mails to another.
It is available (free + open source) at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.tar
The README is at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.REA
For Solarius/Linux only, Windows users need not apply. The system works pretty darn well for a simple neural net, and can be greatly improved, so if anyone is interested in modifying our code, drop us a line!
William Kerney
UCSD
Horay! (Score:4)
Pavlov's dogs love the meaty taste of SPAM! (Score:3)
Someone should inform Pat Robertson or James Dobson about this phenomenon. They're not having as much luck as they'd like in pushing the use of censorware that covertly blocks sites with political content they don't approve. Imagine how happy they'll be when all they have to do to shut down the ACLU's web site, or the Democratic Party's, is set up a bogus spammer haven on the same subnet and then turn themselves in anonymously.
Hey,for that matter, why not skip the subterfuge and set up a MAPS-like service openly advocating censorship? All you'd have to do is control one decent-sized ISP by purchasing it or packing its board of directors, block its users' access to everything you don't like, and then threaten all the other ISPs with blackholing if they don't block your list of censored sites too.
Let's start with everyone's favorite hot button, kiddie porn. I'm sure with enough public relations noise we could convince AOL or some other large ISP to block every IP number in the same subnet as some site with questionable pictures of minors. From there, we could just let the blackmail flow.....
Re:Non-censoring anti-spam solutions are available (Score:3)
Hooooowwweeeeee! Boy, did they take me off their list, and a few of those sites seemed to be unavailable for a day or so.
Hopefully that prevented those last few people from hearing about those great money making schemes that are making everyone rich these days. Don't want those fantastic secrets spreading too far!!
A Better Analogy (Score:3)
So, it isn't like just providing the photo paper and ink to the kiddy porno makers... it is like providing the building, cameras, film, video-feed and streaming servers for kiddy pornographers - knowing full well what they are doing - and then being surprised when people are upset with you.
Software DESIGNED to spam (Score:5)
Sendmail could be used to spam. This website sells software that is DESIGNED to extract email addresses and then stealth email them, most likely through hijacked mail servers with forged headers and from addresses.
What I don't get is why Media3 isn't happy to change their AUP and dump the site. Afterall, the bulk email software is probably being used against Media3's own mail servers by spammers using the software. Kinda like a gun shop selling a gun to a guy who tells them he's going to rob the gun store with it.
Re:This is exactly what we want them to do. (Score:3)
They're not harboring spammers!! This is about someone who makes a piece of software that can be used to spam. This is the difference between locking up the kiddy pornographer and locking up the people that made the high quality photographic paper and the ink used to create the images!
This is not right.
Re:This is exactly what we want them to do. (Score:3)
WRT the replies: The analogy between paper makers and these guys may not be 100%, and I completely understand you not liking the fact that this software is available, and I agree technically that you have a right to block anyone you choose, and that the RBL is just a list of people who have done a set of things. An 'advisory'.
Hell if you want to blackhole Yahoo for some screwball reason, there's nothing stopping you. Except your own customers and clients abandoning *you* yourself!
But I will strongly argue with people who want to make 'certain software' illegal or unobtainable, where 'certain' can be a nice big fuzzy thing on the slippery slope to who the hell knows where. (Do you also RBL people who host databases of actual viruses? Why not? Oh, just the once that you decide have 'evil' intentions at heart, eh? That's nice and clear cut!) After arguing philosophy with you and trying to persuade everyone else listening in, the next thing is to apply the similar pressure to you that you are applying to them.
At this point I'm dropping RBL, and I won't deal with anyone who is using it. This is no longer "prevention", nor "applying pressure", this is extortion, not simply against the person who owns the building where handguns are made, but also the other 1000 people that live in other buildings owned by the same landlord. After handguns, then what? Hunting rifles? Cars? Baseball bats? Big ugly dogs?
"That was the line back there, and you stepped over it..."
Re:A compelling argument... (Score:5)
people, read the article (Score:3)
sig:
I don't get it.. (Score:3)
So what gives? Does it work, or not?
As for MAPS, the low hit rate is because it's based on DNS, and the number of unsecured mail servers approaches infinity. You just can't catch 'em as fast as they pop up, you really can't. Searching the text of the email (as your program does) is a better solution but one that can only be adequately implemented in a highly distributed way (i.e., at the client or possibly mailserver level). If you're an ISP and deal with 3 million SPAMs a day, processing the text isn't computationally desirable.
_________________________________