Above.net Blackholes, Unblackholes Macromedia 334
This is a sequel to last December's article, MAPS RBL is now Censorware. For the (very) long version of how the RBL works, and how it sometimes fills the same role as "filtering" software, go take a peek.
The short version is that a small group of anti-spam crusaders called MAPS publishes the RBL, which many ISPs subscribe to. Those ISPs block mail to and from addresses on the RBL list.
Some subscribers, notably the backbone provider Above.net, whose CTO is a MAPS co-founder, use the RBL to block not only mail but all internet traffic from IPs listed by RBL. Thus, to cleints of these providers, sites deemed to deliver spam -- or merely deemed spam-friendly -- just drop off the net.
That CTO/co-founder is Paul Vixie, author of Vixie cron and BIND and all kinds of good stuff. He makes some interesting observations about censorship in a 1997 SunWorld interview.
I checked the RBL's servers Thursday night and found that two of
Macromedia's IPs were actually blocked.
postal.macromedia.com was blocked, which makes sense for
stopping spam; presumably that's where the spam emenates from.
But the other IP blocked was www.macromedia.com, which
is of course their Web address. Blocking this address, I would assume,
stops no spam from reaching anyone's inbox.
What it does do is get Macromedia's attention. Because Above.net blocks all traffic and is a major backbone provider, being put on the RBL effectively takes a site off the net for many users. Taking down a big corporation's website is a good way to show you mean business.
(Above.net's abuse department said I would have to talk to public relations, but their PR contact did not return repeated phone calls.)
I spoke with a Macromedia spokesperson both last week and today. She confirmed that "there were two addresses blocked, one of which resulted in users worldwide not being able to access the website." She also repeated several times that they were on the RBL for their email newsletter "the Edge," saying it "does have an opt-in model, that does not spam."
She also pointed out that "worldwide access to macromedia.com has been restored." That access happened sometime Thursday night or Friday morning. Our Slashdot submissions about the downed site came in on Thursday, and I confirmed the IP numbers' presence on the RBL Thursday during the day.
I've contacted several people at MAPS, but they had no comment and (per their policy) refused to tell me how long those IPs had been on the RBL.
The
rationale
for the RBL is that it tries to "prevent ... our paying, in money and
resources and our own time, to receive and process, or relay, traffic
which is nonconsensual in nature." (Their emphasis.) What is
"nonconsensual" about reading Macromedia's website?
Why was www.macromedia.com on the list?
I'm only running this story because it's Macromedia. After all, one it's of the larger sites on the net, home of Flash animation among other things. If it can be quietly removed from a chunk of the net, who can't? (If you noticed Macromedia missing last week, post a comment!)
Take a moment to go read that stealth blocking statement, issued last week. I signed as a member of the Censorware Project; other signatories were the ACLU, CPSR, EFF, and EPIC. We're concerned that, as the statement says:
ISPs that practice "stealth blocking" are violating consumer protection principles and restricting user choice and freedom in cyberspace.
What do you think?
Re:OK, a couple of things... (Score:2)
> confirmation of subscription requests.
Not true. They simply run a mail list in a way Vixie and Dave Rand have decided to define as unacceptable. They have chosen to define what the one true way of mail list administration is, and anyone who doesn't agree with them is a spammer.
MAPs is a very unreliable system -- I've been whacked by MAPs multiple times for relay checks, because I run a mail list that someone attached to MAPS was subscribed to, and because the MAPS system chose to define it as spam, even though it was legitimately delivered and a normal piece of e-mail.
MAPS has no oversight -- who's watching to make sure MAPs doesn't abuse it's power? the MAPs people, of course. Do they report to anyone (like the people who've chosen to enforce RBL) what they're doing? Do people actually know what they're enforcing?
Probably not. Because MAPs is no longer about stopping spam, but about trying to force a way of doing things on anyone who disagrees. Having spent way too much time trying to detangle my sites from MAPs mistakes and uncaring attitude (if we screw up, you get hosed, adn we'll fix it when we feel like it), all I suggest is that people who enforce RBL actually go and find out what they're REALLY enforcing for MAPs. If you still support it once you get that -- great.
but you know what you'll get? "trust us. We know what we're doing". MAPs refuses full disclosure, even to those doing the work for them. Shouldn't that worry you? If they have nothing to hide, they should have full disclosure, and they should have a group of people who enforce RBL as an advisory group on policy and operation.
MAPs is as closed-source on what they do as Microsoft is. But for some reason, nobody's noticed. If they're really okay, what are they hiding? Why won't they work with the people enforcing the RBL to make sure that what MAPs is doing is what the rbl-users want done?
And apologies for going AC here. I have to for two reasons -- one is that I run systems that are at risk of MAPs taking punitive action against me or my company for speaking out, and I fully believe them capable of doing so based on my previous interactions with them. and second, my ISP buys bandwidth through Above.net, so if Above.net decides to attack my home network, I simply disappear without a trace (this ALSO implies that I have no choice about whether or not to do RBL enforcement; it's done for me, without my choice, by above.net) because of their TCP blocking.
I can't afford to get in a fight with MAPs, because I'd lose. And a group like MAPs shouldn't be in a position where they can do that AND NOBODY WOULD NOTICE OR KNOW. but they are.
Just hope they don't get mad at you....
Noticed the problem, didn't notice the reason (Score:5)
<P>
The important part is that I had no idea why Macromedia's site wasn't responding. Presumably due to some kind of legitimate, undesired situation on their end somewhere. I never would have expected this to be the reason.
<P>
All this blocking by MAPS and Above.net resulted in was me, a user who has never received e-mail from Macromedia, being unable to do what I wanted to. Neither my employer or me are Above.net customers, nor are we users of MAPS. We had no idea of what was going on (that it had been blocked due to "spam"), and we were not in favor of the action being taken.
<P>
Nevertheless, we were affected by the actions of MAPS and Above.net, as were Macromedia. That isn't very acceptable to me. Is this supposed to be for my own good?
A bunch of unrelated misc. points (Score:2)
I bet Above.Net's flacks don't ignore phone calls from the local daily paper - even though THAT media outlet has fewer readers, many fewer readers with a clue, and many many fewer readers in decision-making positions.
Free Speech isn't extended to companies (Score:2)
Now call Macromedia again and ask them if their "opt-in" lists verify the address by sending one e-mail to the person, which asks to confirm the subscription. Yahoo! Groups does this. Lyris does this. It prevents annonymous subscriptions, abuse of Macromedia's resources, and, what do you know, a MAPS RBL. If they say they don't do this "double" or "confirmed" opt-in, then they *deserve* to be in the MAPS RBL right next to Real Networks -- and I still have the spam from Real.
Next, call MAPS and get their position on it. They are very open. Aparently, you have not called them. Do so. Now.
Now, if you have any problems with all of this, and you've made the phone calls, write to us at news.admin.net-abuse.email on Usenet. We will give it to you in eazy-to-understand terms.
Remain Calm. Kill Spam. TINLC.
--
WolfSkunks for a better Linux Kernel
$Stalag99{"URL"}="http://stalag99.keenspace.com";
Vixie's world seems synonymous with suspicion. (Score:2)
DNS protocol standardization takes place on the censored namedroppers mailing list. Vixie has had a large involvement in DNS, and I believe he even hosts the mailing list.
Have a read at Dan Bernstein's attempts to raise important issues on this list that are routinely censored:
http://cr.yp.to/djbdns/namedroppers.html [cr.yp.to]
Through a strange coincidence, it seems that plenty of problems I've read about center around or close to Paul Vixie. It's impossible not to have contempt for him at this point. Does he try??
He is involved or responsible for projects which have/had shown significant problems: Vixie Cron (security holes), BIND (security holes), DNS standardization (security holes, censorship, bloated/redundant features), Blacklisting (mis-filtering or abusing filters), etc. This is too weird.
Support above.net (Score:2)
The real solution to spam is (I know the libertarians will disagree) efficient laws. However, without such laws it is up to the citizens (the libertarians will love this) to protect the usefullness of the net by refusing to do business with spammers and anyone who allows spammers access through their site. This responsibility is shared by both individuals, ISP's and backbone sites.
Ande yes, like any boycot or political action, sometimes people get hurt by this. Sometimes, like in this case, it is someone who provide useful survices, and "only spam a little". And sometimes, it is someone who have done nothing wrong except choose the wrong ISP. In these cases, the victims might try to blame the responsible citicens instead of the spammers, and when the audience is sufficiently ignorant of how the net works, like here on
As I said, we need efficient laws. Without those, the choice is to let the citizens protect their own interest in the net (with all the problems that come with that), or to let the net die in the hands of spammers. I can't blame the citizens, especially those with a vested interest in a functioning net, choose the lesser evil.
just because you can doesn't mean you should (Score:2)
If an ISP implements this kind of policy, then those who choose to trust them with their IP packets should know, that is why stealth blocking is dangerous.
--
Alternatives to MAPS/RBL, please? (Score:2)
I've been a user of Brightmail for a long time. Brightmail produces a spam filtering mechanism that works at the ISP level. I love their product! Unfortunately they are discontinuing their Free Brightmail program and are asking their users to move to one of many ISPs (Excite, Earthlink, etc.) who are already implementing their software. Free Brightmail will be No More after 1.June, and they have no plans at this time to sell the service to individuals and/or small companies (our case). Check out http://www.brightmail.com for details.
The way I understand it, Brightmail's filtering works with context heuristics rather than lame IP address blocking. It's been very efficient for us, and it had the option to turn filtering on/off in case a legitimate message got caught by mistake. You could define the heuristics for such messages to get through. Their operational model was similar to the anti-virus services out there: It relied to a degree on spam being reported by the Brightmail users. They have other mechanisms that I can't discuss now (NDA) but you get the idea.
Does anyone in this forum know of a similar service (free or paid) that will provide filtering?
Thanks in advance,
ERe:People need to pull there head out.... (Score:4)
Readers said the same thing last December; go check the story MAPS RBL is now Censorware [slashdot.org], its updated section, the information about the BGP and so on.
Trust me on this. I read it very carefully in December: some ISPs use the RBL to block all traffic, not just mail. Not all ISPs. But one ISP is enough, if that ISP is a major backbone provider [above.net].
Jamie McCarthy
Re:RBL getting out of hand... (Score:5)
I did. I saw documentation of one statement of one incident from one person alleging spam from Macromedia. Perhaps there were more somewhere, but I did not see them. I would really like to go back and read exactly what it said, but when I asked MAPS if I could link to it or just read it for myself, they said no.
MAPS removed their documentation from public view when they took the site off the RBL -- and in several communications with them, they made it clear that (although they presumably had this information archived somewhere) they would refuse to let me look at it again.
Correct. This is because Above.net and MAPS were unavailable for, and refused to, respectively, comment.
I am not sure why you say that. Thursday, I checked the RBL and these were the only two IPs that were blocked (I spot-checked up and down from those two to see if others nearby were blocked; nope).
As Bennett Haselton wrote me when I asked him about this:
Jamie McCarthy
Re:OK, a couple of things... (Score:5)
You completely missed the point. Macromedia's mail server and web server were separate. Their mail server was blocked for alleged spam, OK, fine. But their web server, on a totally different IP number, was deliberately targeted for blocking anyway.
postal.macromedia.com 216.35.148.39
www.macromedia.com 216.35.148.103
Since (presumably) no spam comes from the webserver, the only point of putting it on the RBL is to annoy Macromedia by having the BGP-subscribed backbone providers like Above.net cut off their web traffic.
-1, Redundant :)
The submittor sent that in, I didn't edit it, we generally do very light editing of submissions (grammar and spelling, if anything).
Jamie McCarthy
Re:OK, a couple of things... (Score:2)
> referencing 'nazis' in your first paragraph
Um, that's not jamie's first sentence, that's the reader submission. And regardless of how you may feel about the word, that's pretty much what they are. Would it make it better for you if I said instead of that Above.net was like a couple of Mafia thugs who run around the Internet kneecapping anyone who doesn't 'pay up' to their standards of Netizenship? No 'nazi' in there
> without requiring confirmation of subscription requests
OK, but what you're describing is a double-opt-in scheme, where I opt in, then I have to opt-in to the opt-in choices that I just made. I don't defend spam, but single-opt-in is what most things are right now. I rarely have to confirm that I've signed up to get my inbox blasted with crap.
> but not 'stealth' in any way
Due to the nature of the Internet, I expect that I should be able to get to every site, or be told that I can't get to the site. Masking machines behind DNS failure is stealth blocking, because I never know that the site is blocked. If you've managed to hack your DNS to take RBL sites, then redirect them to a "520: AboveNet Block" error page or something, but quit playing like a three year old who took his bat and ball home because he didnt' get his way. And if you debate this point, let me point out that the RBL, when configured in the recommended way, does indeed send errors back to the mail sender if you match an RBL host. So RBL mail blocking is not stealth, just RBL DNS.
> their mailing practices still suck
Why, because you don't have to reply to 15 Emails before getting a newsletter you didn't read through enough fine print to avoid getting? Is it bad PR to guerilla spam us by using thing like un-opt-in checkboxes (Check here if you wish to receive no email from...)? Hell yes. Should we require double-opt-in? Maybe, if you're too dumb to read, you deserve to get spammed. But are they doing anything technically wrong? No, they aren't.
> This is not a censorship issue
I don't defend spammers, but what exactly do you call it when a company blocks your access to Macromedia? The end justifies the means, so it's not censorship? That's what the French government says about Nazi paraphanalia (there's that 'nazi' word again) - that there is no good reason for anyone to ever see it. History be damned and who cares if we can't learn from those mistakes because we don't even know they're there.
Re:Double opt-in my ass! (Score:2)
Is that legal in most states in the US?
</SARCASM>
That may be precisely what email confirmation is meant to ensure, but then you need to tell your respective representatives that you want double opt-in confirmation, because checking a box, then responding to an email is more than basic opt-in. And lest you think this is just me, every advertising company out there will use this definition too.
Don't complain about the definition of what you're asking for, ask for the right thing to begin with.
Re: (Score:2)
Now wait a minute... (Score:2)
But the other IP blocked was www.macromedia.com, which is of course their Web address. Blocking this address, I would assume, stops no spam from reaching anyone's inbox.
That's only true if mail never comes from www.macromedia.com, which is an assumption on your part.
It seems possible that "spam" was sent out from the host "www.macromedia.com" and as such, that machine was also in the RBL.
But if you're using the RBL to block ALL traffic from those hosts, then that's your problem, right? That's not what the RBL was designed for. If "www.macromedia.com" made the list, then sysadmins who choose to use the RBL will not accept mail from www.macromedia.com.
But that shouldn't mean that HTTP traffic is shut off.
What am I missing?
Re:People need to pull there head out.... (Score:2)
You obviously didn't read it at all. The RBL is supposed to be only for mail, but Above.net likes to use it to block EVERYTHING.
Re:network integrity reasons! (Score:2)
The difference is, you couldn't go to macromedia.com for a while if you routed via above.net. And before that, peacefire.org.
Re:RBL is opt-in (Score:4)
Consumers have the choice of moving to a provider that doesn't opt-in if they desire to.
Someone always raises this. This would be fine if this was just mail blocking, but this is total IP traffic blocking if you happen to route via above.net. Usually you have little choice as a consumer on who your ISP routes through, and your ISP often has little choice too -- what if above.net is a backup route, and ___Net is down today, so you get filtered IP access? In addition, most ISP's are loathe to disclose routing information, so you have to get what you can from traceroute, and have no idea if above.net is a backup route.
You are missing the whole point in your post -- probably due to not reading the whole article -- in this case, it wasn't just a matter of RBL blocking email. It was a matter of censored access to www sites.
"common carrier" status lost (Score:5)
Re:RBL goes against the spirit of the internet (Score:2)
The problem with the above is that average users wouldn't likely know why the site they were trying to reach (in this case, Macromedia) is unavailable. The user does not receive an error message stating that the site has been RBL'ed; instead, the user merely cannot connect to the host. Without a clue as to the nature of the fault, the consumer can only chalk it up to a problem somewhere on the Internet and leave it at that.
The ideal consumer in a capitalist system is a well-informed one. Unfortunately, the tight-lipped nature of MAPS works against the process.
-W-
"Is it all journey, or is there landfall?"
Re:I think.. (Score:3)
No, you did not think.
So, you believe that your ISP can freely, and clandestinely block anything from you without your permission?
So, you'd be fine if they started secretly blocking slashdot, and didn't let you know right?
If you had _read_ the issue, you would know that the issue is NOT the blocking, but the clandestine blocking, that is the issue. if an ISP wants to say 'we blovk all traffic from the foo domain', that is just fine (and was NOTED IN THE ARTICLE).
Why? Because they told their customers about it. if thay had not done so, that woudl be bad. in this case, Above.net was doing it _SECRETLY_.
Try strapping your legs down so your knees don't jerk them around like that so much.
And backbone providers should _never_ do the blocking. Let the final ISP do it.
In this case, Above.net's policy is to block their own customers before confirming. but there is nothing on their site about blocking websites of cmpanies not hosted by them, or their customers.
now, it seems that hey are NOW trying to cover their arse, and have a 'new' policy in the wings.
Which tells you they will block other providers whenever they see fit to.
http://www.above.net/new_anti-spam.html
current/old one at:
http://www.above.net/anti-spam.html
note that they don't just block the mail traffic, they block ALL traffic. And since they ar enot _Just_an_ISP_, this effects more people than their customers. This is wrong. period. What about the poor sap that unknowingly gets routed through above.net's network?
This type of censorship is viral, for it goes beyond the provider's own network. Thus, the requirements and standards should be higher.
MAPS is so draconian that they could, by their rules, block anybody and everybody. Read their rules.
The net, just as government, should follow the Principle of the Least Rrestrictive. this means you block only the service causing the problem. Their tyrannical policy of refusing to say just how or why a given company, service or address is antithetical to their alleged goal.
I, as an administrator and potential subscriber to the RBL deserve to know how macromedia managed to get into the list. You, as a individual who may do business with Macromedia deserve to know as well. Say you don't like doing business with spammers. Say Macromedia got on the list without their having done anything wrong. You will never know, because MAPS has no real interest in decency. They are a single minded group of people who block more than is necessary, and refuse any responsibility or accountability for their decisions or actions.
They may try the claim of "We just list, we do not block". That is horseshit; they know full well how many places do block based upon their lists 9after all, they have subscriptions which cost quite a chunk of change, and require that you indemnify them), and the impact of even 24 hours of being listed unfairly. They have the arrogance to claim that UCE/UBE is more detrimental than lost connectivity.
Their hosts, they say, will _change_ the DNS entries of certain, routing them to their 'black hole'. THis practice is wrong because it violates what sanctity DNS has. They have noauthority to alter information regarding domains they do not own. how would you feel if the postals ervice, or FedEx, or whomever is in your area, decides to just stop delivering the mail you sent out?
What if you had no choice in the matter?
withte consolidation of ISPs that is currently underway, there will be less and less opportunity for indivudal users to select alternative ISPs. And those that did select a more decent ISP, may get screwed when that company sells to an ISP they left, or chose to not patronize.
They way to stand up to places like abive.net, and MAPs is to stop using them. For this to happen, people need to be told the reality of the situation. MAPS' claims are like the 'for the children' pleas from those who have no real justification for their proposals.
MAPS preference woiuld be a non-usable internet, rather than one that had spam. yeah, that's generlly called 'cutting off your nose to spite uour face'.
Re:I think.. (Score:2)
Full disclosure. (Score:4)
No shit, Sherlock?
http://www.above.net/anti-spam.html [above.net]
Gee whiz, that is even linked from their home page.
---
Re:"common carrier" status lost (Score:5)
above.net has nothing to lose. The notion that ISPs are common carriers is an urban legend. You do not become a "common carrier" simply by proclaiming yourself to be one. The common carrier status is something that has to be explicitly granted by the FCC, and it comes with stringent standards and regulations. Neither above.net, nor consumer ISPs are common carriers. There is some confusion whether or not ISPs operated by RBOCs (Verizoff, USWorst, PacHell) are common carriers, or not, but that's about it.
And just to clear up another popular misconception: above.net does not have any legal obligation to uphold anyone's First Ammendment rights. The 1st Ammendment only applies to the government. Unless above.net is a federal, state, or local, government agency, they are under no legal obligation to carry anyone's packets.
Although I am not familiar with the details of this particular situation, I strongly support above.net's right to firewall anyone and everyone they choose to firewall for any reason whatsoever. What those pseudo-libertarians around here who are shaking with righteous indignation, right now, are failing to realize is that civil liberties go both ways. If you would like to have your civil liberties respected, you'll just have to respect everyone else's civil liberties too. Blocking network traffic to/from netblocks that you don't want to route traffic to is conceptually identical to not being able to tell people to stop driving on your front lawn. This is above.net's network, their private properties, they have every right to tell anyone that they cannot use it, just like you have the civil right to tell anyone that they cannot drive on your private property too.
---
Re:Don't use Above.net (Score:3)
using BGP blackholing of RBL sites, at all.
I fully support that. Less spam for me, for one.
For two, I fully support the efforts of the RBL,
and know that only struggle and effort on the
part of system and network admins like me, against
the voices of the idiot users who don't see the
full picture, keeps the world as spam-free as it
is. Spammers are winning the battle- They are the
enemy, not the MAPS people, who are providing a
service, and dare I say, a damned fine service,
to the system and network administrators that are
intelligent enough to use it.
Even worse than the spammers are the people who
support spammers and spamming in general, and
the end users who just write off spam as a necessary evil. It is NOT, but if you give up on
anti-spam measures, all is already lost.
-Kysh
Re:I think.. (Score:2)
If some city were the origination of massive numbers of phone connections that was depriving people of the use of their phones, and the telco in that city was not acting effectively to prevent the problem, then by all means they should drop said city until the problem gets corrected. They should not only be allowed to do this, but required to.
Of course this is less likely to happen for phone calls than for internet spam, due to the pricing and charging structures involved. But if it did happen, that would be the analogy. If the ISPs that allow spam to come from their customers had to pay for it, you can bet they would suddenly "find" a means to stop it (or else extract the cost for said customer).
Re:I think.. (Score:2)
Then you need to do 2 things:
- Choose an ISP that doesn't block places on the net.
- Choose an ISP that doesn't do the kinds of things that would get themselves blocked.
Now if you happen to be a spammer, you're not going to be able to succeed with the 2nd item.Re:I think.. (Score:2)
Get a T1. You know you want it.
Re:I think.. (Score:2)
That's fine if you live in New York City, and have lots of options. What if you live in Podunk, Utah, and there's only a couple of ISPs operating locally? If all those ISPs have the same policy, then you have a great business opportunity to offer a service to all the people that don't give a shit about the spam they get and only care for total access to everywhere.
Re:I think.. (Score:2)
How do you define a major backbone? And what makes you think a major backbone somehow isn't paying the cost of the spam bandwidth and having to charge that bandwidth cost back to their customers?
Your analog presumes that it is possible to identify what city someone comes from, but is otherwise unable to tell if they are a speeder. The circumstances needed to make that analog match would be so bizarre that I don't think anything else would be realistic.
Even backbones are businesses who can choose who they take on as customers and who they peer with. And there are choices.
Re:I think.. (Score:2)
The first 2 are a matter of law, so businesses can't just choose to ignore the law.
In the 3rd example, they actually do have this right. A trucking business certainly has the right to not carry goods to or from Montana.
Re:"common carrier" status lost (Score:2)
Spam is a network integrity reason. If it isn't stopped or controlled, it will expand beyond the limits of network capacity and deny services to legitimate customers, or increase their costs.
Re:RBL goes against the spirit of the internet (Score:2)
Then, as they say, choose another ISP. And if there isn't one, start one. Do you think there are enough customers to make it float? Ask around. Maybe there are. If your ISP pisses off enough people, you'll have investors clamoring for your technical skills in making it work.
Re:Sure there is... (Score:2)
Suing you is too much trouble. Adding your server to RSS would be easier if it were mine to control. Oh wait. It is. Sorta. I have a shadow zone of my own for RBL/RSS/DUL zones. Wow, I have the power. I can block anyone I want. I can open up anyone I want. So actually I don't have to choose just between all or nothing. I can block you if I want. Or I can let you back in if RSS blocks you.
Have you made sure you're not an open relay? I've heard it's not trivial to do with old sendmails. I abandoned sendmail back around 8.8 or so, when it was too much trouble to keep hacking sendmail.cf to keep all the tricks of the spammers out, and now run Postfix [postfix.org].
Why I don't respect the RBL anymore (Score:2)
Yet ABOVE.NET routinely add competing black hole lists (ORBS) to the black hole list without cause.
For these reasons, I don't respect the RBL or MAPS anymore. They are clearly no longer independent entities, but have been subverted to serve corporate interests.
--
Re:How do you avoid this? (Score:2)
The catch with Akamai is that there has to be one point at which Macromedia's site is accessed, even before it turns you over to Akamai's caching network. If you knew to access Macromedia through http://macromedia.akamai.net/3/24/99/00/www.macrom edia.com (that doesn't work, I made it up), you could get to Macromedia's site. But if you had to go to www.macromedia.com (IP 111.11.111.11, in our fictional example) through Above.net's network, and Above.net had said "make IP 111.11.111.11 disappear" to its routers, you'd sitll be out of luck.
---
I think.. (Score:2)
I think private companies can carry or drop whatever internet traffic they want to for any reason they want.
Pretty simple, actually.
Re:RBL and routes (Score:2)
I think you're on the right track, although I wouldn't have used quite so much sarcasm myself.
Personally, I despise the `guilty by default' that the DUL applies to email; I don't spam folks and I don't expect my IP# to be blocked. However, I do use the RBL in a filtering capacity within exim, just about everywhere I implement it. That works fine by me; I can configure procmail and/or my MUA to drop mail with an RBL-Warning header into the appropriate bit-bucket.
As for extending it to routing... well you have to weigh up the trust you have for the folks who put stuff in the RBL against the chances of you losing any legitimate traffic and against the crime (in a moral sense - go sort your laws out if you disagree) of sending spam.
Me, I also despise Flash and all these other poxy plugins; the web is a content-dissemination medium, so if a site requires me to watch some constipated frog spinning in a blender, it can just bog off.
ProxyBlock macromedia.com
is my fwend(TM).
~Tim
--
Re:RBL goes against the spirit of the internet (Score:2)
Re:People need to pull there head out.... (Score:2)
The deep web (Score:2)
Apparently only 1% of the web is indexed and 99% is not!!! The 99%, which is referred to as the "deep web" is only there if you stumble into bits of it, or utilize any of the specialy engines or indices that touch upon it.
in other words... (Score:2)
if you think this has something to do with free speech, you can stop over exercising that poor hampster for a minute. that argument only comes into play when the government is involved. the isps have no such obsticles holding them back while administering their network.
if you signed up and it says somewhere in your contract that you will have access to "all" publically available internet sites then you might have a case.
use LaTeX? want an online reference manager that
Re:RBL goes against the spirit of the internet (Score:2)
Hogwash. Membership is voluntary.
So what? If I disagree with what MAPS decides, and somewhere upstream is a MAPS member, then I have no choice but to go along with what they say I can or cannot see. That is totalitarian in this context. And moving to another ISP is unacceptable for the simple reason that that should't be required. The Net was founded upon open access to all IPs, with no central authority deciding what users can or cannot see. Period.
- Rev.RBL goes against the spirit of the internet (Score:4)
It pains me to say this, but the RBL has become something to be abhorred, not loved. The purpose was (is!) noble, but for all practical purposes we have a few elites who are controlling a significant amount of traffic on the internet, based upon their own personal judgment calls. There is no system of checks and balances to make sure that mistakes like this do not occur, nor is there any recourse for someone to take if they do not believe they fit the classification of spammer and have nevertheless been blacklisted.
I hate spam as much as anybody, and hope for a gooey death for all of them. But MAPS is heading towards becoming a de facto totalitarian organization, deciding who gets to see what on the net. This is a dangerous thing, and don't think that there aren't governments out there who will take MAPS' tactics and apply them in even more unsavory ways.
- Rev.Re:RBL goes against the spirit of the internet (Score:2)
Re:Now wait a minute... (Score:2)
RBL and routes (Score:3)
Tell me something. What kind of idiotic netadmin would use something like the RBL to block routes on a router? That is the most assinine thing I've ever heard of. What happens if your provider's mail server gets listed? Whoops. What happens if the mail server of your DNS registrar gets blacklisted for whatever reason? Whoops. Gee I sure hope we don't need to update any of our records or renew a payment on our primary domain. Good thing I have that Yahoo address for when things like this happen. Oh darn, did the RBL just list keiko.ebay.com and the CEO missed an outbid notice on a gift for his wife. Well he should know better than to rely on such tempermental things as email from a very well known company like ebay to be on time and accurate.
I don't mean to sounds sarcastic but... Wait, I take that back. Yes I do mean to sound sarcastic. I mean to sound very sarcastic. Using the RBL to drop routes on a router is one of the dumbest things I think I've ever heard of. It's even more dumb than the time my super asked why we couldn't just turn off spanning tree in our flat-as-Calista-Flockhart's-chest network. And to think that people actually get paid to be this dumb. I use the DUL and RSS and greatly enjoy the assistance they give me in filtering out eroneous and illegitimate mail. I've even considered the use of RBL or ORBS from time to time. I have to have a certain degree of trust with a group that puts something like RBL or ORBS together. I trust them to filter out mail servers of spammers, spam friendly hosts, or misconfigured/compromised machines acting as an open relay. That doesn't mean that I want to drop all traffic to and from those hosts. I just don't want their damned spam. Does anyone else feel that RBL and routing just don't mix? My views may be skewed coming from an ISP and a university standpoint (separate thoughts and jobs) but this just doesn't make sense to me.
Ok, I just thought of an analogy that describes my thoughts on this. Using the RBL to drop routes at your border routers, hence dropping traffic that someone else deemed to be bad, is like the DMV or DOT using road spikes at on ramps to prevent all vehicles using Firestone tires from getting onto the highway. Someone else said they were bad tires and you automagically believe them and prevent all of them from entering onto your section of the highway, no matter what you tax-paying county/state residents want. That's a good business plan. Make them pay their dues but don't give them any say in what they get in the end.
In all honesty, using the RBL or any other such list to decide my filtering rules goes against every belief I've ever had as a network and/or security professional. Security. I haven't touched on that. It's late and I need my beauty sleep so I'll leave you with this one last thought. Consipiring with others to submit bogus RBL nominations or lightly compromise a machine enough to spam from it to get it on the RBL is one helluva DoS attack, don't you think? It's like probing ports of a machine that's running portsentry (set to drop routes) with their gateway of last resort, mail server, DNS servers, etc... addresses. That makes for a nice DoS attack too. Not only would this make them fall off of the face of the 'Net, but it would quite easily cast the shadow of guilt onto MAPS for accepting the bad nominations, or at least off of your trail for some time. It's an interesting thought...
--
Me? I think that (Score:2)
Re:RBL is opt-in (Score:2)
As said before blocking IPs from routing affects people who do not opt in, personally, I think they should only decide what there end usrs get not everyone else.
James
Re:RBL goes against the spirit of the internet (Score:2)
I for one would love to have my ISP use rbl's blacklist but I'm forced to use just their email filtering database.
I can see it... (Score:2)
I can stand RBL because, as Paul says, it does not (or claims not to) make a subjective judgement of the *content* of the spam. If it was unsolicited, it's spam. Whether somebody wants to give you money or send you a picture of the virgin mary with dung on her face, it's still spam. Secondly, at the bottom of the spam problem is that it is a denial of service, or at least degradation of service. It wastes bandwith, mail queues, and *my* time. That big sites, or innocent people, get hit once in a while is the price for an organic system like this. And I do consider it a more "organic" system than the typical censorware here-is-the-"thou-shalt-not"-list approach.
Yes it may be mean. But it's a necessary evil (oh, no I'm compromising my principles! put on my asbestos pants). If you think of the internet as an organic, ever-changing system, then you'll have to accept organic solutions that err once in a while, but most often get it right.
What do I think? (Score:2)
Not quite (Score:2)
Assuming that your link is to your broadband connection, I don't buy it. There may be only one company the provides cheap high-speed connections in your area, but I'd bet you can get cheap low-speed connections or pricey high-speed ones.
If you're only willing to pay for low-budget, you shouldn't expect a lot of control over the outcome. At a fancy restaurant, they'll make whatever you want as long as they have the ingredients. At McDonald's, you only can order what's on the menu.
yes, opt-in (Score:2)
Even if all ISPs used the RBL today you could go out and start your own ISP [pbs.org] tomorrow that didn't use it. And given that above.net is, AFAIK, the only major ISP to use it for blocking anything other than mail, you're safe so far. And given how much outrage it seems to cause, it looks like there will always be a market for ISPs that allow non-mail traffic to RBL-listed sites.
I'm afraid your analogies don't really match up. Microsoft doesn't count; it has a monopoly, and above.net doesn't. The encryption of DVD is more a cartel, but the RBL doesn't have one of those, either. And leaded gasoline and smoky flights were both outlawed by the government because they were health hazards. Even in Paul Vixie's wildest dreams I doubt the feds will be mandating RBL usage anytime soon.
This is a frog-in-the-pot argument...
Not really; that would require that the RBL were somehow quietly infectious. Even if you, playing the role of frog, wake up to realize that the sinister anti-spam forces have assimilated some ISP other than above.net, it looks like their are plenty of cooler puddles to hop to.
Re:Not quite (Score:2)
There are few guarantees in life, bucko. But a quick swing by traceroute.org will suggest that above.net does not yet have an iron grip on connecting to macromedia, much less the whole of the internet.
Saying that the alternative to accepting censorship is to create your own multinational corporation is not a strong argument.
Luckily, I'm not saying that, for two reasons. One, this isn't censorship. Censorship is the suppression of speech based on the content. Above.net says that they won't deliver packets to anybody who the RBL lists as spam-friendly; spamming is a behavior that is content-neutral. And two, in practice there seem to be lots of ISPs that don't use above.net for transit to macromedia. So unless you have some reason to believe that they are likely to get a monopoly shortly, maybe you could cease to whine about problems that exist only in theory?
But your restaraunt analogy points out that there are some aspects of a service that we consider to be essential, not optional, and businesses that fail to provide them should be shut down.
Exactly. Note that McDonald's is obligated to provide food that is sanitary, which is a restriction that applies equally regardless of the type of food. But McDonald's is not obligated to provide you with any kind of food you want, and they are certainly not obliged to provide food that is nutritious or good for you. The government makes no determination about quality, taste, or value. Other than minimum safety standards, the government lets people vote with their wallets.
The bigger point is that getting access to web sites is not an optional service for a web provider.
That's not obviously true, at least not for all web sites everywhere. That may be what *you* want out of a service provider. Heck, that's probably what i want out of a service provider. But non-techies (i.e., 99% of internet users) may not feel that way.
During one of the big email worm scares, a number of providers shut down access to a range of IP addresses that the worm was using to report stolen passwords and possibly to propagate, which included legitimate web sites. Is this a denial of service that Jamie would probably rail against? Sure. Is it a judgement call the ISP gets to make? Sure. Are most of the ISP customers happy having the ISP deal with this? Again, yes.
From the point of view of above.net, this is no different. Spam is network abuse. They don't want to talk to known recalcitrant spammers ever, and have delegated the power to make that determination to MAPS. I would like MAPS to be more transparent about how they determine this stuff, but I think the people at Above.net and the people who buy services from Above.net are adults and are allowed to make their own minds up about how they run their businesses.
Offtopic? Troll? (Score:2)
When Jamie calls somebody a Nazi, I think it's fair to bring up the Jargon file's entry about that. And I meant the comment as a funny way of making a serious criticism of Jamie's over-the-top editorials disguised as news pieces. My previous posts on Jamie's stories bear that out. Ergo, no troll, either.
Re:you're missing the point (Score:2)
With most internet-related issues, I strongly advocate a laissez-faire attitude, but I have absolutely no tolerance for network abuse (DoS, spam, etc). I say, if an entity is spamming, or its mailing-list subscriptions don't require a double-opt-in, then that entity should be kicked off the internet and forced to take netiquette classes.
I just really don't like network abuse, because it hurts everyone. I like to see spammers (including those whose laziness encourages spam) get nailed hard.
------
Re:RBL goes against the spirit of the internet (Score:2)
To get on the RBL, Macromedia must have been lazy in setting up their mail servers. It's actually fairly difficult to get on the RBL, and really easy to get off it. This is exactly what the industry needs. We need publicity like this, that says spamming on the internet is an implied no-no; it's simply not an option.
If this happens a few more times, the internet could be spam-free within a couple of years. Wouldn't that be marvellous!
------
Re:"common carrier" status lost (Score:2)
------
Actual RBL Entry? (Score:2)
------
Re:"Consensual" indeed (Score:2)
------
SPAMcop (Score:2)
Re:A bigger issue. (Score:2)
//rdj
Too bad (Score:5)
;)
MAPS is a vigilante group. (Score:2)
Or, go check out their 'DUL'.
I'll be happy when they go away.
Why are they subscribing? (Score:2)
It's not like they are protecting any of thier end users? Do they even HAVE end users?
If my ISP ants to subscribe, that's fine and dandy, but if my ISP has no choice in subscribing, that is another issue. Don't give me that "If they don't want to subscribe, they can find another backbone provider" line, because that's bull. Servicing the end users (filtering ip addresses is a service) is the responsibility of the ISP, not the backbone provider.
-Joe
Don't use Above.net (Score:3)
It should be up to me what traffic I want to block, not my ISP. If I were an Above.net customer I would be looking for another ISP. I'm suprised their customers let them get away with that crap.
Re:Newsletters can be spam too (Score:2)
above.net blocked me, too (Score:5)
It's a fine line. Clearly, above.net has the right to do anything they want with their systems, and I fully support that right (it's the only thing that allows us to fight SPAM at all).
However, their customers should know what they're doing so they can make an informed choice about who they get service from.
Dave Rand, the MAPS board member and CTO of Above.net, actually sent me a note threatening to block my employer's class C if I so much as connected to any of above.net's mail servers, just because I was associated with ORBS.
Bottom line - Rand's a dick. But, MAPS does good things and Above.net supporting them helps keep the real SPAM under control.
Re:Noticed the problem, didn't notice the reason (Score:3)
I noticed the problem too. I went to log on to the macromedia university (hosted through elementk) to get some information off their bookshelves (I paid the 499$ fee for a years access). It's actually on a different server, so had I remembered the address, I might have been ok, but as it was, I couldn't get to the main site www.macromedia.com [macromedia.com] for that or for any other purposes (The flash and ultradev exchanges). I've never recieved any spam from macromedia, so all Above.net's military-like actions did was remove some users who genuinely needed to get there.
I even sent email to Macromedia asking if their site was down, but they were as confused as I was in their reply. They said they were not showing any problems, but that others had reported the same issues.
Oh well..yet another reason to dislike people with too much power that have no conscience about using it.
How are they obnoxious? (Score:2)
Re:RBL is opt-in (Score:2)
The RBL is opt-in. Consumers have the choice of moving to a provider that doesn't opt-in if they desire.
This is a frog-in-the-pot argument. (A frog won't notice the water heating slowly until it's too late to save itself from cooking.)
Let's rephrase this:
The subscriber software application market is opt-in. Consumers have the choice of using other word processors or spreadsheets from competing providers that don't charge for software if they desire. (That is, except for those file formats that are proprietary but ubiquitous throughout many organizations, like Flash or MS-Word. Seen an open source Windows Media Player lately?)
The DVD digital scrambled content is opt-in. Consumers have the choice of viewing movies from tape or laserdisc providers that don't scramble digital content if they desire. (That is, until the players and tapes and laserdiscs are no longer produced. Seen a laserdisc lately?)
Unleaded gasoline and smoke-free flying enjoyed similar "consumer choice" periods until the opponents were worn down. RBL may be seen as a "good thing" too... but if all ISPs choose a solution like RBL, how is it an opt-in for their consumers?
Re:RBL getting out of hand... (Score:4)
Remember that the MAPS RBL is very strict about entry requirements, and very trusting. A RBL nomination is _very_ hard, and requires a large amount of evidence. I don't suppose Jamie checked the RBL evidence files before writing the article, did he? The only comment's from Macromedia PR, who are anxious to make themselves look good. Sigh.
What the RBL administrators will have done would be to list the entire Macromedia netblock in which the spewing mailserver exists - NOT just two IPs, as Jamie says. This is 216.35.148.0/23, on Exodus - which contains not only the mail server, but also secondary DNS service (primary is on Concentric) and the Macromedia web server.
Today's traceroute to macromedia.com goes into a loop at a border router in Exodusland, by the way.
Remember that Above.net and Teleglobe are two of the VERY few providers that use what is called a BGP feed to the RBL. This is the original RBL - it provides a feed of RBL data to the border routers, where the IPs are cut off. As they are very private networks, they're entitled to do to them what they like - ISPS ARE NOT COMMON CARRIERS IN LAW. When a second tier ISP decides to connect to the above.net backbone (Above don't sell to consumers, but only to big webhosters - ironically, some of which spam loads themselves, like eBay) they KNOW about the RBL BGP feed. It's one of Above's selling points, the network most free of spam trouble.
Of course, BGP is becoming more troublesome than it's worth. But Peacefire, your favoured "hey, there's another example", is collateral too - it is in the middle of a netblock containing a load of spam support sites (Sam Al's Samco, in this case) and was MOVED there by Media3 in August 2000, after the RBL listing for that particular netblock was in place (the listing is dated June). And Media3 is suing MAPS, and so MAPS is not going to remove the listing. I wonder whether Media3 was trying a publicity stunt, and using Bennett as a figurehead?
Whatever. As for Macromedia, they're not blocked now. Obviously, they've been educated. Let's move on.
(Oh, by the way...whichever comment referred to us antispammers [and we are no means a coherent whole - some of us oppose the RBL, some of us oppose ORBS, some oppose both, some of us have HUGE private blocklists of our own] as "spam nazis" is violating Godwin's Law at stage one, as well as being factually inaccurate. We support free speech, just not your right to force it on others at the expense of theirs. Shame on you.)
Mod up parent (Score:2)
Re:I think.. (Score:2)
Sure, you can block anyone you want to, but once people find out they're going to start complaining until you change. Heck, you might even get sued or something.
Btw, everyone who says that people should just get a different ISP clealy A) Do not understand that above.net is not an isp. and B) Do not understand the power people have when they start complaining loudly in public places.
Backbone Providers vs. local ISP's (Score:3)
When I connect to the Internet as Joe User I have no voice whatsoever as to what path my packets take. I may buy my connectivity from Local.net who in turn buys it from NSP.net who in turn peers with Tier1.net who then peers with Above.net. If it were simply a case whereby I could change my ISP to voice my diapproval with their policies that would be one thing, but as it is I have no way to opt out of using Above.net's pipes.
As a Tier 1 provider it is generally assumed that it is their duty to provide nothing more than an open pipe, anyone with a networking background knows you never apply filters at the core level, that should be handled at the access level. By the very practices of the networking industry in general Above.net is committing several transgressions.
In all honesty they can't afford to commit too many more of these blockings without risking their peering partners dumping them in favor of someone who doesn't apply filters. As a NOC Manager myself I would be horrified to find out I was directly peering with someone who doesn't understand the basics of network topology.
I urge anyone working for the major ISP's to drop Above.net as a peering provider in favor of someone a little more user friendly.
sounds OK to me (Score:2)
Re:Now wait a minute... (Score:2)
It's like killing flies with a sledgehammer. (Score:2)
Okay so you have a spammer; known, identified, caught in the act. How do you stop the spammer, shut down all traffic to that site from the backbone so that the site effectively dissapears? I guess that's effective, except that it really doesn't stop the spam from going out, it still gets sent but just never makes it to a destination. Additionally it blocks people who are legitimately and legally doing business from doing said business. That company could then turn around and take legal action against any company that willfully attempted to keep it from doing business. To date only a few states have any laws limiting spam and there is currently no federal law that I know of that does so.
Now if I choose to filter out spam or websites for ME, then it's my choice to do so. Just like it's my choice to turn the channel when a commercial comes on. I guarantee that if a company made a device that filtered commercials there would be thousands of companies lined up to bash their head in for loss of potential profit. Now the bashing wouldn't come because there's not a market for the product or because the product isn't good for or accepted by the consumer. The bashing and lawsuits would come from the disruption of legal marketing and loss of profit posed by the product.
All this hoohah about 'let the market sort it out' and 'let your money do the talking' is pretty much crap and I can give you one excellent example: AOL. Here's a company that's even more morally bankrupt than MS. They market a product using mostly peer pressure and spin. Their best product/service is pretty lackluster in it's performance and features and is one of the very few products that has ZERO handicap accessible features and ZERO plans to build such in. There's hypocracy, greed, heavy handedness, intimidation, lying, and a host of other reprehensible behavior that could be added to their pedigree. Most of the people you will talk to, current members or not, would agree with some if not all of the above, and yet year after year the company gains more subscribers, controls a little more of the net and a little more of the media. So don't come to me and say that lovely catch phrase "let your money do the talkin'". That phrase might work with some local business that can't afford negatvie press or the spin doctors that are needed to correct it, but it doesn't work on multimillion/billion dollar companies and companies that noone even knows they are paying (like above.net).
If you wanna take to killing flies with sledgehammers be my guest, but do it in your own place not mine. I know how to ignore spam just like I do commercials and better still I know how to avoid getting spam unfortunately unlike commercials. Make a law or set up some ethical guidelines and peer review boards and I'm all for it, but this crap just isn't the way to go
Re:Noticed the problem, didn't notice the reason (Score:2)
I noticed that www.macromedia.com was unavailable last week as well, only none of the routing between me and macromedia is through level3. It makes me wonder if the RBL listing was the actual cause of the outage the original poster experienced. I suspect that the RBL and above.net may have had nothing to do with the incident at all.
maru
Re:I think.. (Score:3)
If you don't agree with how your provider goes about fighting spam, then don't do business with them.
Just like how ISPs can shoose not to carry traffic from other providers.
Whether or not above.net, macromedia, and you are making the right business decisions is being determined in the market, moment by moment, precisely how it should be - by evaluating the proven profitability of those business decisions.
An Above.Net contractor speaks! (Score:2)
Above.Net is such a large backbone provider because of its very large collection of peering agreements (ie. direct connection to another provider). This allows numerous valid routes to be found, and the more routes you find, the more chances that a quicker route will be present.
One of their big peers (which will rename nameless, but you can figure it out with a little research) took a major dive, but all their routers still showed that the shortest route was through the dead peer. Hence the seeming of pointlessly "blackholed" sites.
Attached below is a copy of the letter that Covad sent out.
--
Dear xxxxxxxxxxx,
One of our peers is experiencing network issues that are affecting our
peering points. We are working with the peer to resolved these issues, but
at this time we have no ETA. You may notice latency or packet loss across
these peering points.
We apologize for any inconvenience this may be causing. If you have any
questions concerning this technical contact or would like to be removed
from this mailing list, please contact our 24x7 Call Center by email at
xxxxxx@above.net or call 1-877-xxx-xxxx / -1-408-xxx-xxxx.
Thank you.
AboveNet Communications
Metromedia Fiber Network
OK, a couple of things... (Score:4)
OK, back to the facts: Macromedia was listed on the RBL because, after several warnings, they continued to operate their 'opt-in' mailing list in an unsafe way, i.e. without requiring confirmation of subscription requests. The RBL is subscribed to by a large number of ISPs to keep their mailservers free from spam: Abovenet uses it to filter all IP packets from or to RBL-listed destinations from their network, which is a little extreme, but not 'stealth' in any way, since it is their stated policy to do this. (Don't like this? Don't buy transit from Abovenet or get an ISP that doesn't transit Abovenet...)
Since Macromedia apparently used their web server to send mail at some point, the result of their RBL listing was: no more Macromedia web services to Abovenet customers, or customers who receive their transit via Abovenet. Does this suck for these customers? Yes. Does it suck as much as large corporations not being a responsible Netizen? No, not at all.
Macromedia could have fixed this 'censorship' problem in 10 minutes by separating the mail and web services on their server, and assigning the web server a new IP address. One DNS change (and a few cache expiries later: give or take 4 hours) later, all would have been OK, web-wise. Why didn't they do it? Probably for the same reason their mailing list practices still suck: ignorance and/or incompetence.
This is not a censorship issue: it's an issue about weeding out the clueless on the Internet. And Macromedia apparently is the weakest link. Goodbye!
Re:Not quite (Score:5)
This is a crap argument for two reasons. One is that there's no guarantee that even switching to another provider would actually help the situation. Above.net is a big backbone provider, so in practice it may be impossible to avoid using them short of building your own network. Saying that the alternative to accepting censorship is to create your own multinational corporation is not a strong argument.
The bigger point is that getting access to web sites is not an optional service for a web provider. You claim, in essence, that you get what you pay for and that if you want good service you may have to pay more for it. But your restaraunt analogy points out that there are some aspects of a service that we consider to be essential, not optional, and businesses that fail to provide them should be shut down. In restaraunts, we expect that the food and facilities will meet certain minimum standards, and we have periodic health inspections to ensure that the restaraunts are meeting those standards. We are merely expressing the view that the minimum acceptible standard for an internet provider is that they deliver the information that their users request and not censor it because they disagree with the policies of the source.
This is actually a pretty good analogy, because the kitchen of a restaraunt, like the backbone provider for an ISP, is something that's generally hidden from the end user. Most people aren't given the option of inspecting the kitchen of a restaraunt for roaches before eating there, and most users aren't given the option of finding out about their ISP's backbone providers before deciding whether to pick it. This is reasonable behavior in each case, but it means that the companies involved have a responsibility to maintain acceptible standards even when their customers aren't looking.
Re:I think.. (Score:2)
The truth is, if you are selectively filtering the net, then you are suddenly responsible for everything that you didn't block. This is painfully obvious at the college where I work as recently, all blocks and filters have been dropped and anyone can go anywhere.
If any organization blocks Spam hosters, they are responsible for every piece of spam you recieve... If any company wants to take on that responsibility, I'd love to sit back and watch it.
While I don't particularly agree with it, we have to fight with the weapons we have. Since consumers have few to no rights in the electronic world, it's only right that they use to the full extent the laws that do work in their favor.
---=-=-=-=-=-=---
Newsletters can be spam too (Score:3)
Re:RBL goes against the spirit of the internet (Score:3)
Re:"common carrier" status lost (Score:3)
This is not strictly correct. A common carrier can be declared as such by the courts, however ISPs have already been ruled by the courts as not being common carriers (in CompuServe v Cyber Promotions IIRC) because:
Re:Wow... (Score:3)
I almost feel sorry for the small time trailerpark crowd trying to sell me diplomas or CDs full of e-mail addresses. It's the mainstream spamming which must be simply absolutely not tolerated on the Internet, and I'm glad that there's powerful forces fighting it.
If it becomes acceptable for reputable companies such as Macromedia (or EA or eBay to name a few perpetrators) to spam, do you really think there's any hope stopping bubba19023@hotmail.com from flooding your inbox with MAKE MONY FAST?
Re:hmm..Cubans Truckers (Score:3)
Think about it.
krystal_blade
Re:OK, a couple of things... (Score:4)
I think you are unclear on just what MAPS is for. MAPS plays no significant role in blocking spam. MAPS is a deterrent to spam. MAPS is what keeps big providers and companies from deciding that spam is worthwhile. To work, they have to make it very painful for a company to spam. That means blocking the company. Not just the mail servers.
In April some idiot signed up for The Edge at Macromedia's web site using webmaster@somewhere.com. It took me a month and a half and repeated complaints to get off the list. If MAPS has forced changes so that won't happen again--more power to them.
The internet is not a democracy. It's a battleground between competing interests. MAPS and ORBS both have major problems with the personalities involved, and they've both stepped over the line at times, although MAPS is far more conservative. If you think you can do a better job, then step up to the plate. If you think they've gone too far, then say so. But don't bite the hand that's protecting you.
Re:RBL getting out of hand... (Score:3)
Peacefire's whining over their provider getting RBL'ed for being a pit of spammers, and more importantly their refusal to change providers, even though they were offered free hosting other places, made it quite clear that they're not interested in actually getting along with folks, and merely want to be seen as some sort of martyrs.
Merely mentioning Peacefire made it clear from the outset that this wasn't going to be an objective story.
Censorship is bad. Spam is bad. Censorship is content-driven. The RBL and things like that are not content-driven. They are activity- and method-driven. Censorship is oppressive. Is the RBL oppressive? Sure. Is spam oppressive? Every bit as much as the RBL is.
Anarchy is not about getting rid of rules - it is about getting rid of oppression.
--
RBL is opt-in (Score:3)
Another point I want to add is that RBL works. I once worked for an ISP that refused to secure their mail server, because it meant the pointy head bosses might actually have to understand how their mail works when they were travelling. They ran for a year that way, against advice, and then one day popped up on the RBL list and started getting complaints. Problem fixed in about a day. The Sys Admin had to work his butt off to fix the relay, but he got it up and got off the RBL within a couple days. And he understood the net better afterwards.
Re:you're missing the point (Score:3)
While I agree that there are some things egregeous enough to demand relatively harsh actions, I think it's clear to most reasonable people that the RBL is overkill for what it's reacting to. Combined with the fact that it's relatively ineffective at blocking spam, which is its stated purpose (see cites in Jamie's previously posted article--third-party research indicates that MAPS is one of the worst filtering systems out there) I think that this is more of a witch hunt than a socially responsible act of network defense. Do you honestly think that spam really absorbs a significant percentage of bandwidth in these days of fat pipes and graphics heavy websites? (actually, if anyone knows that stat, I would seriously be interested in seeing a cite for it... I've always wondered). I understand, and share, the common disgust with spammers. I'm all in favor of most anti-spam tactics, even including retaliatory spamming (especially liked some previous posters method of harvesting salesperson's e-mail addresses and hitting them back) which are easily seen as just as evil as the original abuse. But the RBL affects too many people who cannot have any control over it, and operates in too much secrecy to have any broad educational effect. I see all kinds of posters to this story clamoring about how you should shop for another ISP if you don't like one that uses the RBL, but that's both impractical for users who can't track down backbone providers (which is what we're really talking about here) for their ISP options, and flat-out impossible if you don't realize that the RBL is causing your problems--they provide no notification to the end-user. Not everyone has the base level of technical ability that the average poster here does.
And for those here blaring loudly that as a private company, Abovenet can do whatever it damn well pleases with the traffic it carries (quite correctly), I have two comments: one, extend that notion to other commonly provided services you patronize and see if it still sounds good; two, don't bitch about the inevitable lawsuits... that's how matters are resolved when companies do whatever they damn well please.
Thank you.
Re:hmm.. (Score:4)
But they do! The United States does not accept any imports from Cuba because of political differences. You can argue that there are consequences to that (non-)relationship, but don't think that it doesn't happen in the real world.
Re:Don't use Above.net (Score:5)
Unfortunatly, they can. Here's why:
Re:I think.. (Score:3)
--
Re:I think.. (Score:4)
I totally agree with you! Well said!
I think I can explain WHY MAPS refuses to justify their decisions with an explanation:
To do so would be to get sued. Why? because they'd have to BACK UP every word.
So, they operate clandestinly, hiding behind the vague "we have the right to block any traffic coming through our network" BS.
Sooner or later, MAPS is going to piss off someone too big to defend against the lawsuit...
Why Macromedia?
I can name THESE sites that SPAM you FAR worse than Macromedia (ie, have "opt out" systems when registering software or signing up for services)... Think MAPS will block THEM anytime soon?
Real Networks
Microsoft
Doubleclick and most other ad servers (sick of all those "cursor upgrades" that pop up and install automatically when using `Doze, one reason why I do all net surfing under Mandrake now).
Or does "who" you are matter more to MAPS than how offensive your tactics are?
Operating the way they do, in refusing comment or to justify their actions AT ALL, MAPS is setting themselves up to be "avove ALL question".
NOTHING offends me more than that attitude! There is NOTHING... NOTHING that is above ALL question!
Above.net no longer uses MAPS RBL (Score:3)
In light of this, I'm confused. Is Above.net using MAPS or not? This notice came a couple of weeks ago.
Where's the journalistic integrity and objectiviy? (Score:3)