Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Censorship Your Rights Online

Above.net Blackholes, Unblackholes Macromedia 334

Last week, neonzebra wrote us: "In addition to peacefire.org, and thousands of other blacklisted sites (some unjustifiably), the SPAM nazis at Above.net have now added internet software giant Macromedia to the list. Anyone trying to access Macromedia's website through Above.net's backbone will get a 'site not responding' error." And around the same time, aangelis wrote: "It seems that for the last 4 days Macromedia's web servers give back to my browser not even a bit! Are they down? Maybe it is a DNS problem, but nearly twenty people located at Greece, EU told me the same thing!" It wasn't a DNS problem. Last week, in a high-profile example of stealth blocking, Macromedia's website vanished from a significant minority of the internet. The site reappeared Friday, but I think it's worth taking notice of what happened last week anyway. Details below...

This is a sequel to last December's article, MAPS RBL is now Censorware. For the (very) long version of how the RBL works, and how it sometimes fills the same role as "filtering" software, go take a peek.

The short version is that a small group of anti-spam crusaders called MAPS publishes the RBL, which many ISPs subscribe to. Those ISPs block mail to and from addresses on the RBL list.

Some subscribers, notably the backbone provider Above.net, whose CTO is a MAPS co-founder, use the RBL to block not only mail but all internet traffic from IPs listed by RBL. Thus, to cleints of these providers, sites deemed to deliver spam -- or merely deemed spam-friendly -- just drop off the net.

That CTO/co-founder is Paul Vixie, author of Vixie cron and BIND and all kinds of good stuff. He makes some interesting observations about censorship in a 1997 SunWorld interview.

I checked the RBL's servers Thursday night and found that two of Macromedia's IPs were actually blocked. postal.macromedia.com was blocked, which makes sense for stopping spam; presumably that's where the spam emenates from.

But the other IP blocked was www.macromedia.com, which is of course their Web address. Blocking this address, I would assume, stops no spam from reaching anyone's inbox.

What it does do is get Macromedia's attention. Because Above.net blocks all traffic and is a major backbone provider, being put on the RBL effectively takes a site off the net for many users. Taking down a big corporation's website is a good way to show you mean business.

(Above.net's abuse department said I would have to talk to public relations, but their PR contact did not return repeated phone calls.)

I spoke with a Macromedia spokesperson both last week and today. She confirmed that "there were two addresses blocked, one of which resulted in users worldwide not being able to access the website." She also repeated several times that they were on the RBL for their email newsletter "the Edge," saying it "does have an opt-in model, that does not spam."

She also pointed out that "worldwide access to macromedia.com has been restored." That access happened sometime Thursday night or Friday morning. Our Slashdot submissions about the downed site came in on Thursday, and I confirmed the IP numbers' presence on the RBL Thursday during the day.

I've contacted several people at MAPS, but they had no comment and (per their policy) refused to tell me how long those IPs had been on the RBL.

The rationale for the RBL is that it tries to "prevent ... our paying, in money and resources and our own time, to receive and process, or relay, traffic which is nonconsensual in nature." (Their emphasis.) What is "nonconsensual" about reading Macromedia's website? Why was www.macromedia.com on the list?

I'm only running this story because it's Macromedia. After all, one it's of the larger sites on the net, home of Flash animation among other things. If it can be quietly removed from a chunk of the net, who can't? (If you noticed Macromedia missing last week, post a comment!)

Take a moment to go read that stealth blocking statement, issued last week. I signed as a member of the Censorware Project; other signatories were the ACLU, CPSR, EFF, and EPIC. We're concerned that, as the statement says:

ISPs that practice "stealth blocking" are violating consumer protection principles and restricting user choice and freedom in cyberspace.

What do you think?

This discussion has been archived. No new comments can be posted.

Above.net Blackholes, Unblackholes Macromedia

Comments Filter:
  • by Anonymous Coward
    > they continued to operate their 'opt-in' mailing > list in an unsafe way, i.e. without requiring
    > confirmation of subscription requests.

    Not true. They simply run a mail list in a way Vixie and Dave Rand have decided to define as unacceptable. They have chosen to define what the one true way of mail list administration is, and anyone who doesn't agree with them is a spammer.

    MAPs is a very unreliable system -- I've been whacked by MAPs multiple times for relay checks, because I run a mail list that someone attached to MAPS was subscribed to, and because the MAPS system chose to define it as spam, even though it was legitimately delivered and a normal piece of e-mail.

    MAPS has no oversight -- who's watching to make sure MAPs doesn't abuse it's power? the MAPs people, of course. Do they report to anyone (like the people who've chosen to enforce RBL) what they're doing? Do people actually know what they're enforcing?

    Probably not. Because MAPs is no longer about stopping spam, but about trying to force a way of doing things on anyone who disagrees. Having spent way too much time trying to detangle my sites from MAPs mistakes and uncaring attitude (if we screw up, you get hosed, adn we'll fix it when we feel like it), all I suggest is that people who enforce RBL actually go and find out what they're REALLY enforcing for MAPs. If you still support it once you get that -- great.

    but you know what you'll get? "trust us. We know what we're doing". MAPs refuses full disclosure, even to those doing the work for them. Shouldn't that worry you? If they have nothing to hide, they should have full disclosure, and they should have a group of people who enforce RBL as an advisory group on policy and operation.

    MAPs is as closed-source on what they do as Microsoft is. But for some reason, nobody's noticed. If they're really okay, what are they hiding? Why won't they work with the people enforcing the RBL to make sure that what MAPs is doing is what the rbl-users want done?

    And apologies for going AC here. I have to for two reasons -- one is that I run systems that are at risk of MAPs taking punitive action against me or my company for speaking out, and I fully believe them capable of doing so based on my previous interactions with them. and second, my ISP buys bandwidth through Above.net, so if Above.net decides to attack my home network, I simply disappear without a trace (this ALSO implies that I have no choice about whether or not to do RBL enforcement; it's done for me, without my choice, by above.net) because of their TCP blocking.

    I can't afford to get in a fight with MAPs, because I'd lose. And a group like MAPs shouldn't be in a position where they can do that AND NOBODY WOULD NOTICE OR KNOW. but they are.

    Just hope they don't get mad at you....

  • by ximenes ( 10 ) on Monday May 21, 2001 @01:51PM (#207308)
    As it happens, I did notice that Macromedia's website was unavailable last week. I was going there to download Flash or something of the sort. After making sure that my general Internet access was still operating, I gave up and tried again a few days later.
    The important part is that I had no idea why Macromedia's site wasn't responding. Presumably due to some kind of legitimate, undesired situation on their end somewhere. I never would have expected this to be the reason.
    All this blocking by MAPS and Above.net resulted in was me, a user who has never received e-mail from Macromedia, being unable to do what I wanted to. Neither my employer or me are Above.net customers, nor are we users of MAPS. We had no idea of what was going on (that it had been blocked due to "spam"), and we were not in favor of the action being taken.
    Nevertheless, we were affected by the actions of MAPS and Above.net, as were Macromedia. That isn't very acceptable to me. Is this supposed to be for my own good?
    • What if Macromedia's outgoing spam was in HTML and largely depended on www.macromedia.com?

    • Jamie remains my favorite /. editor by once again going the extra mile in hunting down the facts behind a story. All hail Jamie!

    • ...their PR contact did not return repeated phone calls. Oh, that is PRICELESS! Folks, if your PR people get calls from Slashdot, and ignore them, fire your PR people. They do not know what they are doing.

      I bet Above.Net's flacks don't ignore phone calls from the local daily paper - even though THAT media outlet has fewer readers, many fewer readers with a clue, and many many fewer readers in decision-making positions.

  • Reread the consitution *again*. It is only limited to the Goverment's interference. *NOWHERE* does it say that companies are covered by it. Peacefire can't get that little ditty of a fact registered through their mind, and aparently you can't either.

    Now call Macromedia again and ask them if their "opt-in" lists verify the address by sending one e-mail to the person, which asks to confirm the subscription. Yahoo! Groups does this. Lyris does this. It prevents annonymous subscriptions, abuse of Macromedia's resources, and, what do you know, a MAPS RBL. If they say they don't do this "double" or "confirmed" opt-in, then they *deserve* to be in the MAPS RBL right next to Real Networks -- and I still have the spam from Real.

    Next, call MAPS and get their position on it. They are very open. Aparently, you have not called them. Do so. Now.

    Now, if you have any problems with all of this, and you've made the phone calls, write to us at news.admin.net-abuse.email on Usenet. We will give it to you in eazy-to-understand terms.

    Remain Calm. Kill Spam. TINLC.

    WolfSkunks for a better Linux Kernel

  • DNS protocol standardization takes place on the censored namedroppers mailing list. Vixie has had a large involvement in DNS, and I believe he even hosts the mailing list.

    Have a read at Dan Bernstein's attempts to raise important issues on this list that are routinely censored:

    http://cr.yp.to/djbdns/namedroppers.html [cr.yp.to]

    Through a strange coincidence, it seems that plenty of problems I've read about center around or close to Paul Vixie. It's impossible not to have contempt for him at this point. Does he try??

    He is involved or responsible for projects which have/had shown significant problems: Vixie Cron (security holes), BIND (security holes), DNS standardization (security holes, censorship, bloated/redundant features), Blacklisting (mis-filtering or abusing filters), etc. This is too weird.

  • Spam is killing the net, it has already turned Usenet into crap, and email from a "almost immidiate" communication form, to something that is read a couple of times a day when you have time to sort the gunuine messages from the spam. Currently spammers are trying to sabotage SMS messages in those part of the world where SMS (cell phones) has become widespread.

    The real solution to spam is (I know the libertarians will disagree) efficient laws. However, without such laws it is up to the citizens (the libertarians will love this) to protect the usefullness of the net by refusing to do business with spammers and anyone who allows spammers access through their site. This responsibility is shared by both individuals, ISP's and backbone sites.

    Ande yes, like any boycot or political action, sometimes people get hurt by this. Sometimes, like in this case, it is someone who provide useful survices, and "only spam a little". And sometimes, it is someone who have done nothing wrong except choose the wrong ISP. In these cases, the victims might try to blame the responsible citicens instead of the spammers, and when the audience is sufficiently ignorant of how the net works, like here on /., they might even be believed. Lots of /.'ers seem to think spam is a question of a few unwanted emails a week, they haven't seen with their own eyes all the useful fora that died under the weight of spammers since September 1993. They haven't seen what happens with spam when it isn't fought.

    As I said, we need efficient laws. Without those, the choice is to let the citizens protect their own interest in the net (with all the problems that come with that), or to let the net die in the hands of spammers. I can't blame the citizens, especially those with a vested interest in a functioning net, choose the lesser evil.
  • But the question is whether customers, knowing that their ISPs were likely to do this, would still be their customers.

    If an ISP implements this kind of policy, then those who choose to trust them with their IP packets should know, that is why stealth blocking is dangerous.


  • I've been a user of Brightmail for a long time. Brightmail produces a spam filtering mechanism that works at the ISP level. I love their product! Unfortunately they are discontinuing their Free Brightmail program and are asking their users to move to one of many ISPs (Excite, Earthlink, etc.) who are already implementing their software. Free Brightmail will be No More after 1.June, and they have no plans at this time to sell the service to individuals and/or small companies (our case). Check out http://www.brightmail.com for details.

    The way I understand it, Brightmail's filtering works with context heuristics rather than lame IP address blocking. It's been very efficient for us, and it had the option to turn filtering on/off in case a legitimate message got caught by mistake. You could define the heuristics for such messages to get through. Their operational model was similar to the anti-virus services out there: It relied to a degree on spam being reported by the Brightmail users. They have other mechanisms that I can't discuss now (NDA) but you get the idea.

    Does anyone in this forum know of a similar service (free or paid) that will provide filtering?

    Thanks in advance,

  • "The RBL only block MAIL!! ... Jamie should learn a few things about the how things work before allowed to post things again."

    Readers said the same thing last December; go check the story MAPS RBL is now Censorware [slashdot.org], its updated section, the information about the BGP and so on.

    Trust me on this. I read it very carefully in December: some ISPs use the RBL to block all traffic, not just mail. Not all ISPs. But one ISP is enough, if that ISP is a major backbone provider [above.net].

    Jamie McCarthy

  • by jamiemccarthy ( 4847 ) on Monday May 21, 2001 @08:33PM (#207319) Homepage Journal

    "I don't suppose Jamie checked the RBL evidence files before writing the article, did he?"

    I did. I saw documentation of one statement of one incident from one person alleging spam from Macromedia. Perhaps there were more somewhere, but I did not see them. I would really like to go back and read exactly what it said, but when I asked MAPS if I could link to it or just read it for myself, they said no.

    MAPS removed their documentation from public view when they took the site off the RBL -- and in several communications with them, they made it clear that (although they presumably had this information archived somewhere) they would refuse to let me look at it again.

    "The only comment's from Macromedia PR..."

    Correct. This is because Above.net and MAPS were unavailable for, and refused to, respectively, comment.

    "What the RBL administrators will have done would be to list the entire Macromedia netblock in which the spewing mailserver exists - NOT just two IPs, as Jamie says."

    I am not sure why you say that. Thursday, I checked the RBL and these were the only two IPs that were blocked (I spot-checked up and down from those two to see if others nearby were blocked; nope).

    "Peacefire, your favoured 'hey, there's another example', is collateral too - it is in the middle of a netblock containing a load of spam support sites (Sam Al's Samco, in this case) and was MOVED there by Media3 in August 2000, after the RBL listing for that particular netblock was in place (the listing is dated June). And Media3 is suing MAPS, and so MAPS is not going to remove the listing. I wonder whether Media3 was trying a publicity stunt, and using Bennett as a figurehead?"

    As Bennett Haselton wrote me when I asked him about this:

    It was August 2000, but it was planned months before it happened, and months before MAPS started complaining to Media3 about the content of the other sites. But all that the public knew was that the scheduled date of the transfer fell after the date of the RBL listing; that's why a bunch of people were screaming that Media3 must have done it on purpose to cause trouble.

    However, there were dozens of other sites that were moved, as a group, all at the same time. And Media3 knew that we were not using the server to send email, so the idea that they moved it into an RBL'ed range to cause trouble, doesn't make any sense -- they host a lot of sites that are (1) more popular, and (2) send more mail to their users, and those sites would have made a much better "human shield"! In fact, Media3 they found out that an application on our server *did* need to send mail to people, and was being blocked, they configured the server to route outgoing mail through another, non-RBL'ed machine, without me even asking them. They obviously wouldn't have done that if they were trying to cause trouble.

    When the discussion started on UseNet, I posted this information many, many, many times. And then I stopped.

    Jamie McCarthy

  • by jamiemccarthy ( 4847 ) on Monday May 21, 2001 @08:44PM (#207320) Homepage Journal

    "Macromedia could have fixed this 'censorship' problem in 10 minutes by separating the mail and web services on their server, and assigning the web server a new IP address."

    You completely missed the point. Macromedia's mail server and web server were separate. Their mail server was blocked for alleged spam, OK, fine. But their web server, on a totally different IP number, was deliberately targeted for blocking anyway.


    Since (presumably) no spam comes from the webserver, the only point of putting it on the RBL is to annoy Macromedia by having the BGP-subscribed backbone providers like Above.net cut off their web traffic.

    "...by referencing 'nazis' in your first paragraph, you've already lost your argument..."

    -1, Redundant :)

    The submittor sent that in, I didn't edit it, we generally do very light editing of submissions (grammar and spelling, if anything).

    Jamie McCarthy

  • > referencing 'nazis' in your first paragraph

    Um, that's not jamie's first sentence, that's the reader submission. And regardless of how you may feel about the word, that's pretty much what they are. Would it make it better for you if I said instead of that Above.net was like a couple of Mafia thugs who run around the Internet kneecapping anyone who doesn't 'pay up' to their standards of Netizenship? No 'nazi' in there

    > without requiring confirmation of subscription requests

    OK, but what you're describing is a double-opt-in scheme, where I opt in, then I have to opt-in to the opt-in choices that I just made. I don't defend spam, but single-opt-in is what most things are right now. I rarely have to confirm that I've signed up to get my inbox blasted with crap.

    > but not 'stealth' in any way

    Due to the nature of the Internet, I expect that I should be able to get to every site, or be told that I can't get to the site. Masking machines behind DNS failure is stealth blocking, because I never know that the site is blocked. If you've managed to hack your DNS to take RBL sites, then redirect them to a "520: AboveNet Block" error page or something, but quit playing like a three year old who took his bat and ball home because he didnt' get his way. And if you debate this point, let me point out that the RBL, when configured in the recommended way, does indeed send errors back to the mail sender if you match an RBL host. So RBL mail blocking is not stealth, just RBL DNS.

    &gt their mailing practices still suck

    Why, because you don't have to reply to 15 Emails before getting a newsletter you didn't read through enough fine print to avoid getting? Is it bad PR to guerilla spam us by using thing like un-opt-in checkboxes (Check here if you wish to receive no email from...)? Hell yes. Should we require double-opt-in? Maybe, if you're too dumb to read, you deserve to get spammed. But are they doing anything technically wrong? No, they aren't.

    > This is not a censorship issue

    I don't defend spammers, but what exactly do you call it when a company blocks your access to Macromedia? The end justifies the means, so it's not censorship? That's what the French government says about Nazi paraphanalia (there's that 'nazi' word again) - that there is no good reason for anyone to ever see it. History be damned and who cares if we can't learn from those mistakes because we don't even know they're there.

  • Is that legal in most states in the US?


    That may be precisely what email confirmation is meant to ensure, but then you need to tell your respective representatives that you want double opt-in confirmation, because checking a box, then responding to an email is more than basic opt-in. And lest you think this is just me, every advertising company out there will use this definition too.

    Don't complain about the definition of what you're asking for, ask for the right thing to begin with.

  • Christ almighty.

    The people who were blocked by above.net were customers of above.net. Maybe if they don't like sites being blocked, they could, oh, I don't know, switch to an ISP that doesn't go through Above.net?

    If a candy bar tastes nasty despite the fact that it was advertised to be delicious, do you sue the manufacturer? There is no difference.
  • I thought the RBL was so that you could configure your network to not accept MAIL from the offending hosts.

    But the other IP blocked was www.macromedia.com, which is of course their Web address. Blocking this address, I would assume, stops no spam from reaching anyone's inbox.

    That's only true if mail never comes from www.macromedia.com, which is an assumption on your part.

    It seems possible that "spam" was sent out from the host "www.macromedia.com" and as such, that machine was also in the RBL.

    But if you're using the RBL to block ALL traffic from those hosts, then that's your problem, right? That's not what the RBL was designed for. If "www.macromedia.com" made the list, then sysadmins who choose to use the RBL will not accept mail from www.macromedia.com.

    But that shouldn't mean that HTTP traffic is shut off.

    What am I missing?
  • mod that down to -1, Troll, please.

    You obviously didn't read it at all. The RBL is supposed to be only for mail, but Above.net likes to use it to block EVERYTHING.
  • I'm also puzzled by this differeniating between blocking e-mail traffic only (acceptable) and blocking all traffic (unacceptable). There is no qualitative difference. Only quantitative. Such blocking helps the quality of the Internet by making it difficult (or impossible, or unaffordable) to spam.

    The difference is, you couldn't go to macromedia.com for a while if you routed via above.net. And before that, peacefire.org.
  • by Barbarian ( 9467 ) on Monday May 21, 2001 @01:56PM (#207333)
    the sad thing is you'll get modd'ed up to +5 Informative by the blind moderators.

    Consumers have the choice of moving to a provider that doesn't opt-in if they desire to.

    Someone always raises this. This would be fine if this was just mail blocking, but this is total IP traffic blocking if you happen to route via above.net. Usually you have little choice as a consumer on who your ISP routes through, and your ISP often has little choice too -- what if above.net is a backup route, and ___Net is down today, so you get filtered IP access? In addition, most ISP's are loathe to disclose routing information, so you have to get what you can from traceroute, and have no idea if above.net is a backup route.

    You are missing the whole point in your post -- probably due to not reading the whole article -- in this case, it wasn't just a matter of RBL blocking email. It was a matter of censored access to www sites.

  • by Barbarian ( 9467 ) on Monday May 21, 2001 @01:52PM (#207334)
    This has been mentioned about 10^6 times in respect to censorship here before, but by selectively filtering IP traffic to places they don't like (for political and ideological reasons, not for network integrity reasons) does above.net lose any possible status as a common carrier, and are they now responsible for filtering traffic to meet US law? That is, are they going to have to filter out stuff like DeCSS, porn that violates decency standards, and whatever anyone can get a court order on?
  • No, membership is in fact voluntary for the user. If you don't like your provider using MAPS, or your provider's provider using MAPS, then simply change companies. If MAPS is really a bad idea, it will shrivel due to lack of support. It's one of those pesky times when the principles of capitalism actually work. Providers will not use MAPS if their customers don't want it.

    The problem with the above is that average users wouldn't likely know why the site they were trying to reach (in this case, Macromedia) is unavailable. The user does not receive an error message stating that the site has been RBL'ed; instead, the user merely cannot connect to the host. Without a clue as to the nature of the fault, the consumer can only chalk it up to a problem somewhere on the Internet and leave it at that.

    The ideal consumer in a capitalist system is a well-informed one. Unfortunately, the tight-lipped nature of MAPS works against the process.


    "Is it all journey, or is there landfall?"

  • by Shadowlore ( 10860 ) on Monday May 21, 2001 @04:13PM (#207340) Journal
    (Insightful? Please, simple-minded is more like it. Somebody needs to mod this back down.)

    No, you did not think.

    So, you believe that your ISP can freely, and clandestinely block anything from you without your permission?

    So, you'd be fine if they started secretly blocking slashdot, and didn't let you know right?

    If you had _read_ the issue, you would know that the issue is NOT the blocking, but the clandestine blocking, that is the issue. if an ISP wants to say 'we blovk all traffic from the foo domain', that is just fine (and was NOTED IN THE ARTICLE).

    Why? Because they told their customers about it. if thay had not done so, that woudl be bad. in this case, Above.net was doing it _SECRETLY_.

    Try strapping your legs down so your knees don't jerk them around like that so much.

    And backbone providers should _never_ do the blocking. Let the final ISP do it.

    In this case, Above.net's policy is to block their own customers before confirming. but there is nothing on their site about blocking websites of cmpanies not hosted by them, or their customers.

    now, it seems that hey are NOW trying to cover their arse, and have a 'new' policy in the wings.
    Which tells you they will block other providers whenever they see fit to.


    current/old one at:

    note that they don't just block the mail traffic, they block ALL traffic. And since they ar enot _Just_an_ISP_, this effects more people than their customers. This is wrong. period. What about the poor sap that unknowingly gets routed through above.net's network?

    This type of censorship is viral, for it goes beyond the provider's own network. Thus, the requirements and standards should be higher.

    MAPS is so draconian that they could, by their rules, block anybody and everybody. Read their rules.

    The net, just as government, should follow the Principle of the Least Rrestrictive. this means you block only the service causing the problem. Their tyrannical policy of refusing to say just how or why a given company, service or address is antithetical to their alleged goal.

    I, as an administrator and potential subscriber to the RBL deserve to know how macromedia managed to get into the list. You, as a individual who may do business with Macromedia deserve to know as well. Say you don't like doing business with spammers. Say Macromedia got on the list without their having done anything wrong. You will never know, because MAPS has no real interest in decency. They are a single minded group of people who block more than is necessary, and refuse any responsibility or accountability for their decisions or actions.

    They may try the claim of "We just list, we do not block". That is horseshit; they know full well how many places do block based upon their lists 9after all, they have subscriptions which cost quite a chunk of change, and require that you indemnify them), and the impact of even 24 hours of being listed unfairly. They have the arrogance to claim that UCE/UBE is more detrimental than lost connectivity.

    Their hosts, they say, will _change_ the DNS entries of certain, routing them to their 'black hole'. THis practice is wrong because it violates what sanctity DNS has. They have noauthority to alter information regarding domains they do not own. how would you feel if the postals ervice, or FedEx, or whomever is in your area, decides to just stop delivering the mail you sent out?

    What if you had no choice in the matter?

    withte consolidation of ISPs that is currently underway, there will be less and less opportunity for indivudal users to select alternative ISPs. And those that did select a more decent ISP, may get screwed when that company sells to an ISP they left, or chose to not patronize.

    They way to stand up to places like abive.net, and MAPs is to stop using them. For this to happen, people need to be told the reality of the situation. MAPS' claims are like the 'for the children' pleas from those who have no real justification for their proposals.

    MAPS preference woiuld be a non-usable internet, rather than one that had spam. yeah, that's generlly called 'cutting off your nose to spite uour face'.
  • Telephone companies are common carriers. Internet Service Providers are not common carriers, according to rulings from the FCC. Common carriers have to offer service on a non-discriminatory basis. ISPs have no such obligation.
  • by mrsam ( 12205 ) on Monday May 21, 2001 @04:18PM (#207342) Homepage
    The issue isn't whether they have the right do control traffic on their private network, which they do, but whether they have an obligation to be up-front to their customers about such blocking, which I believe they should.

    No shit, Sherlock?

    http://www.above.net/anti-spam.html [above.net]

    NOTE: The MAPS RBL is used by AboveNet to help reduce the amount of spam received by customers. AboveNet cannot remove you, your customers, or remote sites from the RBL. Please contact the RBL workers at rbl@mail-abuse.org with RBL-related questions.

    Gee whiz, that is even linked from their home page.


  • by mrsam ( 12205 ) on Monday May 21, 2001 @02:39PM (#207343) Homepage
    ...does above.net lose any possible status as a common carrier?...

    above.net has nothing to lose. The notion that ISPs are common carriers is an urban legend. You do not become a "common carrier" simply by proclaiming yourself to be one. The common carrier status is something that has to be explicitly granted by the FCC, and it comes with stringent standards and regulations. Neither above.net, nor consumer ISPs are common carriers. There is some confusion whether or not ISPs operated by RBOCs (Verizoff, USWorst, PacHell) are common carriers, or not, but that's about it.

    And just to clear up another popular misconception: above.net does not have any legal obligation to uphold anyone's First Ammendment rights. The 1st Ammendment only applies to the government. Unless above.net is a federal, state, or local, government agency, they are under no legal obligation to carry anyone's packets.

    Although I am not familiar with the details of this particular situation, I strongly support above.net's right to firewall anyone and everyone they choose to firewall for any reason whatsoever. What those pseudo-libertarians around here who are shaking with righteous indignation, right now, are failing to realize is that civil liberties go both ways. If you would like to have your civil liberties respected, you'll just have to respect everyone else's civil liberties too. Blocking network traffic to/from netblocks that you don't want to route traffic to is conceptually identical to not being able to tell people to stop driving on your front lawn. This is above.net's network, their private properties, they have every right to tell anyone that they cannot use it, just like you have the civil right to tell anyone that they cannot drive on your private property too.


  • by Kysh ( 16242 ) on Monday May 21, 2001 @02:55PM (#207358) Homepage Journal
    I use Abovenet. And I have no problem with them
    using BGP blackholing of RBL sites, at all.
    I fully support that. Less spam for me, for one.
    For two, I fully support the efforts of the RBL,
    and know that only struggle and effort on the
    part of system and network admins like me, against
    the voices of the idiot users who don't see the
    full picture, keeps the world as spam-free as it
    is. Spammers are winning the battle- They are the
    enemy, not the MAPS people, who are providing a
    service, and dare I say, a damned fine service,
    to the system and network administrators that are
    intelligent enough to use it.

    Even worse than the spammers are the people who
    support spammers and spamming in general, and
    the end users who just write off spam as a necessary evil. It is NOT, but if you give up on
    anti-spam measures, all is already lost.

  • If some city were the origination of massive numbers of phone connections that was depriving people of the use of their phones, and the telco in that city was not acting effectively to prevent the problem, then by all means they should drop said city until the problem gets corrected. They should not only be allowed to do this, but required to.

    Of course this is less likely to happen for phone calls than for internet spam, due to the pricing and charging structures involved. But if it did happen, that would be the analogy. If the ISPs that allow spam to come from their customers had to pay for it, you can bet they would suddenly "find" a means to stop it (or else extract the cost for said customer).

  • Then you need to do 2 things:

    • Choose an ISP that doesn't block places on the net.
    • Choose an ISP that doesn't do the kinds of things that would get themselves blocked.
    Now if you happen to be a spammer, you're not going to be able to succeed with the 2nd item.
  • Get a T1. You know you want it.

  • That's fine if you live in New York City, and have lots of options. What if you live in Podunk, Utah, and there's only a couple of ISPs operating locally? If all those ISPs have the same policy, then you have a great business opportunity to offer a service to all the people that don't give a shit about the spam they get and only care for total access to everywhere.

  • How do you define a major backbone? And what makes you think a major backbone somehow isn't paying the cost of the spam bandwidth and having to charge that bandwidth cost back to their customers?

    Your analog presumes that it is possible to identify what city someone comes from, but is otherwise unable to tell if they are a speeder. The circumstances needed to make that analog match would be so bizarre that I don't think anything else would be realistic.

    Even backbones are businesses who can choose who they take on as customers and who they peer with. And there are choices.

  • The first 2 are a matter of law, so businesses can't just choose to ignore the law.

    In the 3rd example, they actually do have this right. A trucking business certainly has the right to not carry goods to or from Montana.

  • Spam is a network integrity reason. If it isn't stopped or controlled, it will expand beyond the limits of network capacity and deny services to legitimate customers, or increase their costs.

  • Then, as they say, choose another ISP. And if there isn't one, start one. Do you think there are enough customers to make it float? Ask around. Maybe there are. If your ISP pisses off enough people, you'll have investors clamoring for your technical skills in making it work.

  • Suing you is too much trouble. Adding your server to RSS would be easier if it were mine to control. Oh wait. It is. Sorta. I have a shadow zone of my own for RBL/RSS/DUL zones. Wow, I have the power. I can block anyone I want. I can open up anyone I want. So actually I don't have to choose just between all or nothing. I can block you if I want. Or I can let you back in if RSS blocks you.

    Have you made sure you're not an open relay? I've heard it's not trivial to do with old sendmails. I abandoned sendmail back around 8.8 or so, when it was too much trouble to keep hacking sendmail.cf to keep all the tricks of the spammers out, and now run Postfix [postfix.org].

  • Despite the fact that more spam passes through PSI.NET/PSI.COM than any other place on the Internet (source: spamcop.net stats), I have not ever heard of them even being considered for RBL listing. They have been proven to be a spam-friendly provider in the past, but MAPS does nothing.

    Yet ABOVE.NET routinely add competing black hole lists (ORBS) to the black hole list without cause.

    For these reasons, I don't respect the RBL or MAPS anymore. They are clearly no longer independent entities, but have been subverted to serve corporate interests.

  • It would work, but only if anonymizer didn't go through Above.net's backbone. Basically, what Above.net is doing is telling their border routers (which connect their network to other networks, hence the Internet) that any packets destined to or from www.macromedia.com's IP address(es) are to be what we call "null routed," or delivered into the equivalent of a black hole. Data goeth in, it don't goeth out.

    The catch with Akamai is that there has to be one point at which Macromedia's site is accessed, even before it turns you over to Akamai's caching network. If you knew to access Macromedia through http://macromedia.akamai.net/3/24/99/00/www.macrom edia.com (that doesn't work, I made it up), you could get to Macromedia's site. But if you had to go to www.macromedia.com (IP, in our fictional example) through Above.net's network, and Above.net had said "make IP disappear" to its routers, you'd sitll be out of luck.


  • What do you think?

    I think private companies can carry or drop whatever internet traffic they want to for any reason they want.

    Pretty simple, actually.
  • >And to think that people actually get paid to >be this dumb. I use the DUL and RSS and greatly >enjoy the assistance they give me in filtering >out eroneous and illegitimate mail. I've even >considered the use of RBL or ORBS from time to >time.

    I think you're on the right track, although I wouldn't have used quite so much sarcasm myself.

    Personally, I despise the `guilty by default' that the DUL applies to email; I don't spam folks and I don't expect my IP# to be blocked. However, I do use the RBL in a filtering capacity within exim, just about everywhere I implement it. That works fine by me; I can configure procmail and/or my MUA to drop mail with an RBL-Warning header into the appropriate bit-bucket.

    As for extending it to routing... well you have to weigh up the trust you have for the folks who put stuff in the RBL against the chances of you losing any legitimate traffic and against the crime (in a moral sense - go sort your laws out if you disagree) of sending spam.

    Me, I also despise Flash and all these other poxy plugins; the web is a content-dissemination medium, so if a site requires me to watch some constipated frog spinning in a blender, it can just bog off.

    ProxyBlock macromedia.com
    is my fwend(TM).
    .|` Clouds cross the black moonlight,
  • Above.net has never made any secret of their usage of the RBL to blackhole traffic. If you don't like it, don't peer with them. Above.net is under no obligation to carry any traffic other than that stipulated in their contracts with other ISPs. If this affected you, somebody somewhere signed a contract on your behalf that lets this happen.
  • You need to pull YOUR head out. One can configure a router to block all IP traffic to/from RBL-listed addresses. See http://www.pch.net/documents/tutorials/maps-rbl-bg p-cisco-config-faq.html [pch.net] for example.
  • Actually who really decides what you see on the net are the search engines, particularly as smart algorithms like Googles (the only search engine worth using!) become more prevalant.

    Apparently only 1% of the web is indexed and 99% is not!!! The 99%, which is referred to as the "deep web" is only there if you stumble into bits of it, or utilize any of the specialy engines or indices that touch upon it.
  • when you purchase internet access you do so under the terms and conditions of the isp. it's a service, and if you dont like it dont use it. people are getting so used to internet access that they think it is some sort of "right". its something you purchase, like paying somone to come in and clean the house. if noone in town does windows then you are just out of luck.

    if you think this has something to do with free speech, you can stop over exercising that poor hampster for a minute. that argument only comes into play when the government is involved. the isps have no such obsticles holding them back while administering their network.

    if you signed up and it says somewhere in your contract that you will have access to "all" publically available internet sites then you might have a case.

    use LaTeX? want an online reference manager that
  • Hogwash. Membership is voluntary.

    So what? If I disagree with what MAPS decides, and somewhere upstream is a MAPS member, then I have no choice but to go along with what they say I can or cannot see. That is totalitarian in this context. And moving to another ISP is unacceptable for the simple reason that that should't be required. The Net was founded upon open access to all IPs, with no central authority deciding what users can or cannot see. Period.

    - Rev.
  • by revscat ( 35618 ) on Monday May 21, 2001 @01:53PM (#207399) Journal

    It pains me to say this, but the RBL has become something to be abhorred, not loved. The purpose was (is!) noble, but for all practical purposes we have a few elites who are controlling a significant amount of traffic on the internet, based upon their own personal judgment calls. There is no system of checks and balances to make sure that mistakes like this do not occur, nor is there any recourse for someone to take if they do not believe they fit the classification of spammer and have nevertheless been blacklisted.

    I hate spam as much as anybody, and hope for a gooey death for all of them. But MAPS is heading towards becoming a de facto totalitarian organization, deciding who gets to see what on the net. This is a dangerous thing, and don't think that there aren't governments out there who will take MAPS' tactics and apply them in even more unsavory ways.

    - Rev.
  • You can get procmail filters which use the RBL to filter after the mailbox. Here is one example. [spambouncer.org]
  • what youre missing is that above.net and some other backbone providers configured their cisco routers to read from the MAPS RBL list to block ALL packets flowing from hosts listed in there. someone should bash above.net's head in for doing this with a class action lawsuit.
  • by macdaddy ( 38372 ) on Monday May 21, 2001 @09:06PM (#207404) Homepage Journal
    Ok, I know this has probably already been brought up but after skimming the top comments I didn't see it mentioned in the way I'm going to mention this.

    Tell me something. What kind of idiotic netadmin would use something like the RBL to block routes on a router? That is the most assinine thing I've ever heard of. What happens if your provider's mail server gets listed? Whoops. What happens if the mail server of your DNS registrar gets blacklisted for whatever reason? Whoops. Gee I sure hope we don't need to update any of our records or renew a payment on our primary domain. Good thing I have that Yahoo address for when things like this happen. Oh darn, did the RBL just list keiko.ebay.com and the CEO missed an outbid notice on a gift for his wife. Well he should know better than to rely on such tempermental things as email from a very well known company like ebay to be on time and accurate.

    I don't mean to sounds sarcastic but... Wait, I take that back. Yes I do mean to sound sarcastic. I mean to sound very sarcastic. Using the RBL to drop routes on a router is one of the dumbest things I think I've ever heard of. It's even more dumb than the time my super asked why we couldn't just turn off spanning tree in our flat-as-Calista-Flockhart's-chest network. And to think that people actually get paid to be this dumb. I use the DUL and RSS and greatly enjoy the assistance they give me in filtering out eroneous and illegitimate mail. I've even considered the use of RBL or ORBS from time to time. I have to have a certain degree of trust with a group that puts something like RBL or ORBS together. I trust them to filter out mail servers of spammers, spam friendly hosts, or misconfigured/compromised machines acting as an open relay. That doesn't mean that I want to drop all traffic to and from those hosts. I just don't want their damned spam. Does anyone else feel that RBL and routing just don't mix? My views may be skewed coming from an ISP and a university standpoint (separate thoughts and jobs) but this just doesn't make sense to me.

    Ok, I just thought of an analogy that describes my thoughts on this. Using the RBL to drop routes at your border routers, hence dropping traffic that someone else deemed to be bad, is like the DMV or DOT using road spikes at on ramps to prevent all vehicles using Firestone tires from getting onto the highway. Someone else said they were bad tires and you automagically believe them and prevent all of them from entering onto your section of the highway, no matter what you tax-paying county/state residents want. That's a good business plan. Make them pay their dues but don't give them any say in what they get in the end.

    In all honesty, using the RBL or any other such list to decide my filtering rules goes against every belief I've ever had as a network and/or security professional. Security. I haven't touched on that. It's late and I need my beauty sleep so I'll leave you with this one last thought. Consipiring with others to submit bogus RBL nominations or lightly compromise a machine enough to spam from it to get it on the RBL is one helluva DoS attack, don't you think? It's like probing ports of a machine that's running portsentry (set to drop routes) with their gateway of last resort, mail server, DNS servers, etc... addresses. That makes for a nice DoS attack too. Not only would this make them fall off of the face of the 'Net, but it would quite easily cast the shadow of guilt onto MAPS for accepting the bad nominations, or at least off of your trail for some time. It's an interesting thought...


    • ... Jamie and Bennet needed a publicity fix so it's time for the regularly-scheduled MAPS-bash.
    • ... Macromedia has been sending mail to every address that they could scrape for years.
    • ... Macromedia had all of this explained to them very, very clearly. They could have separated their http and mail servers but chose to play Chicken with MAPS.
    • And by the way I also think that moving peacefire.org into an already-RBL'd netblock with a bunch of spamware peddlers was a shoddy publicity stund that anybody with half a clue has seen through.

  • I can understand why they have moved to IP blocking, most email is directly sent to the receiver these days and email routers are not used nearly so much. HOWEVER blocking all connections to an from the site is unacceptable in my book. If block outgoing SMTP connections. Perhaps blocking incomming ones... but thats is blocking us non spammers so that kind of unfair, blocking all net access, frankly I would be tempted to go to court on that one.

    As said before blocking IPs from routing affects people who do not opt in, personally, I think they should only decide what there end usrs get not everyone else.

  • You opt out by finding an ISP that isn't going to accept above.net's routes and that isn't routing traffic over them. Its that simple.

    I for one would love to have my ISP use rbl's blacklist but I'm forced to use just their email filtering database.
  • Ok, now every slashdotter is going to turn 180 degrees and whale on RBL, I'm sure. "It's censorship! *Burn her*!"

    I can stand RBL because, as Paul says, it does not (or claims not to) make a subjective judgement of the *content* of the spam. If it was unsolicited, it's spam. Whether somebody wants to give you money or send you a picture of the virgin mary with dung on her face, it's still spam. Secondly, at the bottom of the spam problem is that it is a denial of service, or at least degradation of service. It wastes bandwith, mail queues, and *my* time. That big sites, or innocent people, get hit once in a while is the price for an organic system like this. And I do consider it a more "organic" system than the typical censorware here-is-the-"thou-shalt-not"-list approach.

    Yes it may be mean. But it's a necessary evil (oh, no I'm compromising my principles! put on my asbestos pants). If you think of the internet as an organic, ever-changing system, then you'll have to accept organic solutions that err once in a while, but most often get it right.
  • I think like 99% of stories on Slashdot today you're blowing it totally out of proportion.
  • Except in my locality broadband is a monopoly! I CAN'T choose someone else. Otherwise I'd be more inclined to agree with you.

    Assuming that your link is to your broadband connection, I don't buy it. There may be only one company the provides cheap high-speed connections in your area, but I'd bet you can get cheap low-speed connections or pricey high-speed ones.

    If you're only willing to pay for low-budget, you shouldn't expect a lot of control over the outcome. At a fancy restaurant, they'll make whatever you want as long as they have the ingredients. At McDonald's, you only can order what's on the menu.

  • If all ISPs choose a solution like RBL, how is it an opt-in for their consumers?

    Even if all ISPs used the RBL today you could go out and start your own ISP [pbs.org] tomorrow that didn't use it. And given that above.net is, AFAIK, the only major ISP to use it for blocking anything other than mail, you're safe so far. And given how much outrage it seems to cause, it looks like there will always be a market for ISPs that allow non-mail traffic to RBL-listed sites.

    I'm afraid your analogies don't really match up. Microsoft doesn't count; it has a monopoly, and above.net doesn't. The encryption of DVD is more a cartel, but the RBL doesn't have one of those, either. And leaded gasoline and smoky flights were both outlawed by the government because they were health hazards. Even in Paul Vixie's wildest dreams I doubt the feds will be mandating RBL usage anytime soon.

    This is a frog-in-the-pot argument...

    Not really; that would require that the RBL were somehow quietly infectious. Even if you, playing the role of frog, wake up to realize that the sinister anti-spam forces have assimilated some ISP other than above.net, it looks like their are plenty of cooler puddles to hop to.
  • One is that there's no guarantee that even switching to another provider would actually help the situation.

    There are few guarantees in life, bucko. But a quick swing by traceroute.org will suggest that above.net does not yet have an iron grip on connecting to macromedia, much less the whole of the internet.

    Saying that the alternative to accepting censorship is to create your own multinational corporation is not a strong argument.

    Luckily, I'm not saying that, for two reasons. One, this isn't censorship. Censorship is the suppression of speech based on the content. Above.net says that they won't deliver packets to anybody who the RBL lists as spam-friendly; spamming is a behavior that is content-neutral. And two, in practice there seem to be lots of ISPs that don't use above.net for transit to macromedia. So unless you have some reason to believe that they are likely to get a monopoly shortly, maybe you could cease to whine about problems that exist only in theory?

    But your restaraunt analogy points out that there are some aspects of a service that we consider to be essential, not optional, and businesses that fail to provide them should be shut down.

    Exactly. Note that McDonald's is obligated to provide food that is sanitary, which is a restriction that applies equally regardless of the type of food. But McDonald's is not obligated to provide you with any kind of food you want, and they are certainly not obliged to provide food that is nutritious or good for you. The government makes no determination about quality, taste, or value. Other than minimum safety standards, the government lets people vote with their wallets.

    The bigger point is that getting access to web sites is not an optional service for a web provider.

    That's not obviously true, at least not for all web sites everywhere. That may be what *you* want out of a service provider. Heck, that's probably what i want out of a service provider. But non-techies (i.e., 99% of internet users) may not feel that way.

    During one of the big email worm scares, a number of providers shut down access to a range of IP addresses that the worm was using to report stolen passwords and possibly to propagate, which included legitimate web sites. Is this a denial of service that Jamie would probably rail against? Sure. Is it a judgement call the ISP gets to make? Sure. Are most of the ISP customers happy having the ISP deal with this? Again, yes.

    From the point of view of above.net, this is no different. Spam is network abuse. They don't want to talk to known recalcitrant spammers ever, and have delegated the power to make that determination to MAPS. I would like MAPS to be more transparent about how they determine this stuff, but I think the people at Above.net and the people who buy services from Above.net are adults and are allowed to make their own minds up about how they run their businesses.

  • My previous comment was moderated "off-topic" and "troll".

    When Jamie calls somebody a Nazi, I think it's fair to bring up the Jargon file's entry about that. And I meant the comment as a funny way of making a serious criticism of Jamie's over-the-top editorials disguised as news pieces. My previous posts on Jamie's stories bear that out. Ergo, no troll, either.
  • That would be perfect! How many spam-friendly ISPs do you think there would be if being on the RBL brought their business to a screeching halt.

    With most internet-related issues, I strongly advocate a laissez-faire attitude, but I have absolutely no tolerance for network abuse (DoS, spam, etc). I say, if an entity is spamming, or its mailing-list subscriptions don't require a double-opt-in, then that entity should be kicked off the internet and forced to take netiquette classes.

    I just really don't like network abuse, because it hurts everyone. I like to see spammers (including those whose laziness encourages spam) get nailed hard.

  • The users never had a direct choice in the matter. To be effective, the RBL can only be used at the SMTP server, which means the ISP, not the individual user, makes the decision of whether or not to employ the RBL. Most people don't have a problem with that ("Less junk in my mailbox? Great!").

    To get on the RBL, Macromedia must have been lazy in setting up their mail servers. It's actually fairly difficult to get on the RBL, and really easy to get off it. This is exactly what the industry needs. We need publicity like this, that says spamming on the internet is an implied no-no; it's simply not an option.

    If this happens a few more times, the internet could be spam-free within a couple of years. Wouldn't that be marvellous!

  • Bullets kill people.
  • Does someone have the actual RBL entry including the real reason Macromedia was on the RBL in the first place?
  • Uh... MAPS didn't block the IP traffic. Above.net blocked the IP traffic. MAPS simply has a listing that says "this is a site with a spamming problem".
  • I get my fair share of spam. I report all to spamcop [spamcop.net] for processing. Many messages get examined and the IPs get sent to ORBS for possible blocking and such. The part where macromedia comes in is when spam, in HTML, has flash. There is the url in the html telling the browser where to get the appropriate plugin. Spamcop picks up on this and reports it as a spam-related service...
  • One could also call it "self-regulation", which most people here seem to prefer over law.

  • by babbage ( 61057 ) <cdevers@@@cis...usouthal...edu> on Monday May 21, 2001 @02:00PM (#207431) Homepage Journal
    Ahh, if only it were that easy to make Flash go away. Sadly, the software is out in the wild, and even if we cut off the source, we'll still be seeing stupid Flash intro pages for years to come. Killing off Flash is indeed an admirable goal, but I'm afraid this isn't the most effective way to do it.


  • MAPS is a vigilante group. All one has to do is look through their website. They're blocking people for not doing a '3 stage mailing list acceptance protocol'? WTF?

    Or, go check out their 'DUL'.

    I'll be happy when they go away.

  • I want to know why a backbone provider is subscribing to ANY kind of blackhole list?

    It's not like they are protecting any of thier end users? Do they even HAVE end users?

    If my ISP ants to subscribe, that's fine and dandy, but if my ISP has no choice in subscribing, that is another issue. Don't give me that "If they don't want to subscribe, they can find another backbone provider" line, because that's bull. Servicing the end users (filtering ip addresses is a service) is the responsibility of the ISP, not the backbone provider.


  • by emf ( 68407 ) on Monday May 21, 2001 @01:49PM (#207438)

    It should be up to me what traffic I want to block, not my ISP. If I were an Above.net customer I would be looking for another ISP. I'm suprised their customers let them get away with that crap.
  • This is like InstallShield... how many lists do those *sses have anyway? After two years, I finally got tired of it and mined their website for email addresses (I only took the first 20 it found) and mailed them the same "remove me" message once per hour for most of a day. There's nothing like spamming the sales force to get your name removed. (I especially liked the extra effort of finding my home phone number and calling to ask me to stop.)
  • by ahodgson ( 74077 ) on Monday May 21, 2001 @01:55PM (#207442)
    Above.net dropped packets bound for a couple of my systems last year, because I was a secondary DNS provider for ORBS, who Above.net was in a pissing contest with (mostly due to MAPS wanting to create a monopoly on anti-spam services, but also due to some questionable things the ORBS operator was doing from New Zealand).

    It's a fine line. Clearly, above.net has the right to do anything they want with their systems, and I fully support that right (it's the only thing that allows us to fight SPAM at all).

    However, their customers should know what they're doing so they can make an informed choice about who they get service from.

    Dave Rand, the MAPS board member and CTO of Above.net, actually sent me a note threatening to block my employer's class C if I so much as connected to any of above.net's mail servers, just because I was associated with ORBS.

    Bottom line - Rand's a dick. But, MAPS does good things and Above.net supporting them helps keep the real SPAM under control.
  • I noticed the problem too. I went to log on to the macromedia university (hosted through elementk) to get some information off their bookshelves (I paid the 499$ fee for a years access). It's actually on a different server, so had I remembered the address, I might have been ok, but as it was, I couldn't get to the main site www.macromedia.com [macromedia.com] for that or for any other purposes (The flash and ultradev exchanges). I've never recieved any spam from macromedia, so all Above.net's military-like actions did was remove some users who genuinely needed to get there.

    I even sent email to Macromedia asking if their site was down, but they were as confused as I was in their reply. They said they were not showing any problems, but that others had reported the same issues.

    Oh well..yet another reason to dislike people with too much power that have no conscience about using it.

  • According to the info in the story and followup, there was ONE complaint. About a newsletter that macromedia says is an opt-in. Obnoxious? Or just one annoyed customer trying to get revenge? I have no way of knowing since rbl has removed their documentation. It is unacceptable that they can block access to a site without me being able to find out why. It is unacceptable that the technological elite would then be able to figure out a way to the site but the majority of users wouldn't.
  • The RBL is opt-in. Consumers have the choice of moving to a provider that doesn't opt-in if they desire.

    This is a frog-in-the-pot argument. (A frog won't notice the water heating slowly until it's too late to save itself from cooking.)

    Let's rephrase this:

    The subscriber software application market is opt-in. Consumers have the choice of using other word processors or spreadsheets from competing providers that don't charge for software if they desire. (That is, except for those file formats that are proprietary but ubiquitous throughout many organizations, like Flash or MS-Word. Seen an open source Windows Media Player lately?)

    The DVD digital scrambled content is opt-in. Consumers have the choice of viewing movies from tape or laserdisc providers that don't scramble digital content if they desire. (That is, until the players and tapes and laserdiscs are no longer produced. Seen a laserdisc lately?)

    Unleaded gasoline and smoke-free flying enjoyed similar "consumer choice" periods until the opponents were worn down. RBL may be seen as a "good thing" too... but if all ISPs choose a solution like RBL, how is it an opt-in for their consumers?

  • by inquisitor ( 88155 ) on Monday May 21, 2001 @03:45PM (#207452) Homepage Journal
    As far as I can see from Jamie's admittedly biased reporting, Macromedia got on the RBL because of an open, unconfirmed mailing list they REFUSED to fix - and they got off again very soon afterwards, probably by promising to fix it.

    Remember that the MAPS RBL is very strict about entry requirements, and very trusting. A RBL nomination is _very_ hard, and requires a large amount of evidence. I don't suppose Jamie checked the RBL evidence files before writing the article, did he? The only comment's from Macromedia PR, who are anxious to make themselves look good. Sigh.

    What the RBL administrators will have done would be to list the entire Macromedia netblock in which the spewing mailserver exists - NOT just two IPs, as Jamie says. This is, on Exodus - which contains not only the mail server, but also secondary DNS service (primary is on Concentric) and the Macromedia web server.

    Today's traceroute to macromedia.com goes into a loop at a border router in Exodusland, by the way.

    Remember that Above.net and Teleglobe are two of the VERY few providers that use what is called a BGP feed to the RBL. This is the original RBL - it provides a feed of RBL data to the border routers, where the IPs are cut off. As they are very private networks, they're entitled to do to them what they like - ISPS ARE NOT COMMON CARRIERS IN LAW. When a second tier ISP decides to connect to the above.net backbone (Above don't sell to consumers, but only to big webhosters - ironically, some of which spam loads themselves, like eBay) they KNOW about the RBL BGP feed. It's one of Above's selling points, the network most free of spam trouble.

    Of course, BGP is becoming more troublesome than it's worth. But Peacefire, your favoured "hey, there's another example", is collateral too - it is in the middle of a netblock containing a load of spam support sites (Sam Al's Samco, in this case) and was MOVED there by Media3 in August 2000, after the RBL listing for that particular netblock was in place (the listing is dated June). And Media3 is suing MAPS, and so MAPS is not going to remove the listing. I wonder whether Media3 was trying a publicity stunt, and using Bennett as a figurehead?

    Whatever. As for Macromedia, they're not blocked now. Obviously, they've been educated. Let's move on.

    (Oh, by the way...whichever comment referred to us antispammers [and we are no means a coherent whole - some of us oppose the RBL, some of us oppose ORBS, some oppose both, some of us have HUGE private blocklists of our own] as "spam nazis" is violating Godwin's Law at stage one, as well as being factually inaccurate. We support free speech, just not your right to force it on others at the expense of theirs. Shame on you.)
  • Agreed one hundred percent. Why are they taking consensual packets (http packets) and routing them, then blackholing them? This is despicable.
  • Simple and also dumb.

    Sure, you can block anyone you want to, but once people find out they're going to start complaining until you change. Heck, you might even get sued or something.

    Btw, everyone who says that people should just get a different ISP clealy A) Do not understand that above.net is not an isp. and B) Do not understand the power people have when they start complaining loudly in public places.

  • by jhagler ( 102984 ) on Monday May 21, 2001 @02:26PM (#207463)
    I think the biggest problem here that most people are missing is that Above.net is not your standard ISP. They are what is commonly referred to as a Tier 1 ISP.

    When I connect to the Internet as Joe User I have no voice whatsoever as to what path my packets take. I may buy my connectivity from Local.net who in turn buys it from NSP.net who in turn peers with Tier1.net who then peers with Above.net. If it were simply a case whereby I could change my ISP to voice my diapproval with their policies that would be one thing, but as it is I have no way to opt out of using Above.net's pipes.

    As a Tier 1 provider it is generally assumed that it is their duty to provide nothing more than an open pipe, anyone with a networking background knows you never apply filters at the core level, that should be handled at the access level. By the very practices of the networking industry in general Above.net is committing several transgressions.

    In all honesty they can't afford to commit too many more of these blockings without risking their peering partners dumping them in favor of someone who doesn't apply filters. As a NOC Manager myself I would be horrified to find out I was directly peering with someone who doesn't understand the basics of network topology.

    I urge anyone working for the major ISP's to drop Above.net as a peering provider in favor of someone a little more user friendly.
  • i don't see the problem. MAPS has a set of guidelines that must be met before an IP is put into the database. Macromedia was, according to MAPS rules, talked to about their ongoing problem and what they need to do to resolve it. Macromedia obviously did not take their advice and were thus added to the RBL.
  • They are getting their RBL feed via BGP [mail-abuse.org]. They are setting thier routers to send those packets to null0.
  • Okay so you have a spammer; known, identified, caught in the act. How do you stop the spammer, shut down all traffic to that site from the backbone so that the site effectively dissapears? I guess that's effective, except that it really doesn't stop the spam from going out, it still gets sent but just never makes it to a destination. Additionally it blocks people who are legitimately and legally doing business from doing said business. That company could then turn around and take legal action against any company that willfully attempted to keep it from doing business. To date only a few states have any laws limiting spam and there is currently no federal law that I know of that does so.

    Now if I choose to filter out spam or websites for ME, then it's my choice to do so. Just like it's my choice to turn the channel when a commercial comes on. I guarantee that if a company made a device that filtered commercials there would be thousands of companies lined up to bash their head in for loss of potential profit. Now the bashing wouldn't come because there's not a market for the product or because the product isn't good for or accepted by the consumer. The bashing and lawsuits would come from the disruption of legal marketing and loss of profit posed by the product.

    All this hoohah about 'let the market sort it out' and 'let your money do the talking' is pretty much crap and I can give you one excellent example: AOL. Here's a company that's even more morally bankrupt than MS. They market a product using mostly peer pressure and spin. Their best product/service is pretty lackluster in it's performance and features and is one of the very few products that has ZERO handicap accessible features and ZERO plans to build such in. There's hypocracy, greed, heavy handedness, intimidation, lying, and a host of other reprehensible behavior that could be added to their pedigree. Most of the people you will talk to, current members or not, would agree with some if not all of the above, and yet year after year the company gains more subscribers, controls a little more of the net and a little more of the media. So don't come to me and say that lovely catch phrase "let your money do the talkin'". That phrase might work with some local business that can't afford negatvie press or the spin doctors that are needed to correct it, but it doesn't work on multimillion/billion dollar companies and companies that noone even knows they are paying (like above.net).

    If you wanna take to killing flies with sledgehammers be my guest, but do it in your own place not mine. I know how to ignore spam just like I do commercials and better still I know how to avoid getting spam unfortunately unlike commercials. Make a law or set up some ethical guidelines and peer review boards and I'm all for it, but this crap just isn't the way to go

  • I noticed that www.macromedia.com was unavailable last week as well, only none of the routing between me and macromedia is through level3. It makes me wonder if the RBL listing was the actual cause of the outage the original poster experienced. I suspect that the RBL and above.net may have had nothing to do with the incident at all.

  • by susano_otter ( 123650 ) on Monday May 21, 2001 @02:20PM (#207480) Homepage
    True, but part of the money you pay is to carry your access provider's costs of transmitting spam. If there was no spam, your access to the entire internet would probably be cheaper.

    If you don't agree with how your provider goes about fighting spam, then don't do business with them.

    Just like how ISPs can shoose not to carry traffic from other providers.

    Whether or not above.net, macromedia, and you are making the right business decisions is being determined in the market, moment by moment, precisely how it should be - by evaluating the proven profitability of those business decisions.
  • A lot of these "blackholed" sites weren't actually blackholed... (Example: Macromedia [there is no reason whatsoever to blackhole macromedia])

    Above.Net is such a large backbone provider because of its very large collection of peering agreements (ie. direct connection to another provider). This allows numerous valid routes to be found, and the more routes you find, the more chances that a quicker route will be present.

    One of their big peers (which will rename nameless, but you can figure it out with a little research) took a major dive, but all their routers still showed that the shortest route was through the dead peer. Hence the seeming of pointlessly "blackholed" sites.

    Attached below is a copy of the letter that Covad sent out.


    Dear xxxxxxxxxxx,

    One of our peers is experiencing network issues that are affecting our
    peering points. We are working with the peer to resolved these issues, but
    at this time we have no ETA. You may notice latency or packet loss across
    these peering points.

    We apologize for any inconvenience this may be causing. If you have any
    questions concerning this technical contact or would like to be removed
    from this mailing list, please contact our 24x7 Call Center by email at
    xxxxxx@above.net or call 1-877-xxx-xxxx / -1-408-xxx-xxxx.

    Thank you.

    AboveNet Communications
    Metromedia Fiber Network
  • by mdb31 ( 132237 ) on Monday May 21, 2001 @02:40PM (#207485)
    First of all, it's spam, not SPAM or Spam (the first refers to unsollicited commercial e-mail, the latter two are trademarks of Hormel). Also, by referencing 'nazis' in your first paragraph, you've already lost your argument, whatever it is...

    OK, back to the facts: Macromedia was listed on the RBL because, after several warnings, they continued to operate their 'opt-in' mailing list in an unsafe way, i.e. without requiring confirmation of subscription requests. The RBL is subscribed to by a large number of ISPs to keep their mailservers free from spam: Abovenet uses it to filter all IP packets from or to RBL-listed destinations from their network, which is a little extreme, but not 'stealth' in any way, since it is their stated policy to do this. (Don't like this? Don't buy transit from Abovenet or get an ISP that doesn't transit Abovenet...)

    Since Macromedia apparently used their web server to send mail at some point, the result of their RBL listing was: no more Macromedia web services to Abovenet customers, or customers who receive their transit via Abovenet. Does this suck for these customers? Yes. Does it suck as much as large corporations not being a responsible Netizen? No, not at all.

    Macromedia could have fixed this 'censorship' problem in 10 minutes by separating the mail and web services on their server, and assigning the web server a new IP address. One DNS change (and a few cache expiries later: give or take 4 hours) later, all would have been OK, web-wise. Why didn't they do it? Probably for the same reason their mailing list practices still suck: ignorance and/or incompetence.

    This is not a censorship issue: it's an issue about weeding out the clueless on the Internet. And Macromedia apparently is the weakest link. Goodbye!

  • by rgmoore ( 133276 ) <glandauer@charter.net> on Monday May 21, 2001 @03:12PM (#207488) Homepage

    This is a crap argument for two reasons. One is that there's no guarantee that even switching to another provider would actually help the situation. Above.net is a big backbone provider, so in practice it may be impossible to avoid using them short of building your own network. Saying that the alternative to accepting censorship is to create your own multinational corporation is not a strong argument.

    The bigger point is that getting access to web sites is not an optional service for a web provider. You claim, in essence, that you get what you pay for and that if you want good service you may have to pay more for it. But your restaraunt analogy points out that there are some aspects of a service that we consider to be essential, not optional, and businesses that fail to provide them should be shut down. In restaraunts, we expect that the food and facilities will meet certain minimum standards, and we have periodic health inspections to ensure that the restaraunts are meeting those standards. We are merely expressing the view that the minimum acceptible standard for an internet provider is that they deliver the information that their users request and not censor it because they disagree with the policies of the source.

    This is actually a pretty good analogy, because the kitchen of a restaraunt, like the backbone provider for an ISP, is something that's generally hidden from the end user. Most people aren't given the option of inspecting the kitchen of a restaraunt for roaches before eating there, and most users aren't given the option of finding out about their ISP's backbone providers before deciding whether to pick it. This is reasonable behavior in each case, but it means that the companies involved have a responsibility to maintain acceptible standards even when their customers aren't looking.

  • Great flaimbait post...

    The truth is, if you are selectively filtering the net, then you are suddenly responsible for everything that you didn't block. This is painfully obvious at the college where I work as recently, all blocks and filters have been dropped and anyone can go anywhere.

    If any organization blocks Spam hosters, they are responsible for every piece of spam you recieve... If any company wants to take on that responsibility, I'd love to sit back and watch it.

    While I don't particularly agree with it, we have to fight with the weapons we have. Since consumers have few to no rights in the electronic world, it's only right that they use to the full extent the laws that do work in their favor.


  • by fleener ( 140714 ) on Monday May 21, 2001 @01:57PM (#207499)
    "Reputable" organizations should be held accountable if they don't follow-up on "newsletter" problems. I subscribed to a major news company's "breaking news" mailing list, only to discover their web-based subscription system repeatedly failed to execute my UNsubscribe request. After many unreturned e-mail and website form complaints I finally added this company to my spam filter. I'd have hauled them into small claims court if I was 65-years-old and had such time on my hands.
  • by fleener ( 140714 ) on Monday May 21, 2001 @02:32PM (#207500)
    No, membership is in fact voluntary for the user. If you don't like your provider using MAPS, or your provider's provider using MAPS, then simply change companies. If MAPS is really a bad idea, it will shrivel due to lack of support. It's one of those pesky times when the principles of capitalism actually work. Providers will not use MAPS if their customers don't want it.
  • by TekPolitik ( 147802 ) on Monday May 21, 2001 @03:43PM (#207510) Journal
    The common carrier status is something that has to be explicitly granted by the FCC

    This is not strictly correct. A common carrier can be declared as such by the courts, however ISPs have already been ruled by the courts as not being common carriers (in CompuServe v Cyber Promotions IIRC) because:

    1. They are neither monopolies nor oligopolies.
    2. Even if they were monopolies or oligopolies in their regions, there are alternate mechanisms (telephone, USPS), so the ISP service cannot be considered an essential service.
  • by MrBogus ( 173033 ) on Monday May 21, 2001 @03:30PM (#207521)
    I'm downstream from above.net, and I'm fully behind them on this.

    I almost feel sorry for the small time trailerpark crowd trying to sell me diplomas or CDs full of e-mail addresses. It's the mainstream spamming which must be simply absolutely not tolerated on the Internet, and I'm glad that there's powerful forces fighting it.

    If it becomes acceptable for reputable companies such as Macromedia (or EA or eBay to name a few perpetrators) to spam, do you really think there's any hope stopping bubba19023@hotmail.com from flooding your inbox with MAKE MONY FAST?
  • by krystal_blade ( 188089 ) on Monday May 21, 2001 @11:49PM (#207531)
    Actually, due to the political differences between the two countries, I'm quite sure the US would be more than happy to allow *EVERY* Cuban TRUCKER to ATTEMPT to drive their vehicle to the US.

    Think about it.


  • by nazgul@somewhere.com ( 188228 ) on Tuesday May 22, 2001 @04:50AM (#207532) Homepage
    You completely missed the point. Macromedia's mail server and web server were separate. Their mail server was blocked for alleged spam, OK, fine. But their web server, on a totally different IP number, was deliberately targeted for blocking anyway.

    I think you are unclear on just what MAPS is for. MAPS plays no significant role in blocking spam. MAPS is a deterrent to spam. MAPS is what keeps big providers and companies from deciding that spam is worthwhile. To work, they have to make it very painful for a company to spam. That means blocking the company. Not just the mail servers.

    In April some idiot signed up for The Edge at Macromedia's web site using webmaster@somewhere.com. It took me a month and a half and repeated complaints to get off the list. If MAPS has forced changes so that won't happen again--more power to them.

    The internet is not a democracy. It's a battleground between competing interests. MAPS and ORBS both have major problems with the personalities involved, and they've both stepped over the line at times, although MAPS is far more conservative. If you think you can do a better job, then step up to the plate. If you think they've gone too far, then say so. But don't bite the hand that's protecting you.

  • by dbirchall ( 191839 ) on Monday May 21, 2001 @05:35PM (#207536) Journal
    Being fairly familiar with various parties mentioned, and having seen far more of Peacefire's attempt at a smear campaign against MAPS on Usenet (and the rebuffing it got from all manner of administrative sorts not associated with MAPS) I can say with very little doubt that Inquisitor has the story at least 99.999% right, and probably 100%.

    Peacefire's whining over their provider getting RBL'ed for being a pit of spammers, and more importantly their refusal to change providers, even though they were offered free hosting other places, made it quite clear that they're not interested in actually getting along with folks, and merely want to be seen as some sort of martyrs.

    Merely mentioning Peacefire made it clear from the outset that this wasn't going to be an objective story.

    Censorship is bad. Spam is bad. Censorship is content-driven. The RBL and things like that are not content-driven. They are activity- and method-driven. Censorship is oppressive. Is the RBL oppressive? Sure. Is spam oppressive? Every bit as much as the RBL is.

    Anarchy is not about getting rid of rules - it is about getting rid of oppression.


  • by Ereth ( 194013 ) on Monday May 21, 2001 @01:52PM (#207539) Homepage
    The RBL is opt-in. Consumers have the choice of moving to a provider that doesn't opt-in if they desire to. I think ISPs should list whether they subscribe to RBL or MAPS clearly and publicly, but they should not be denigrated for doing so. They are not, in fact, hampering consumer choice, but aiding it. Many of us would rather not get SPAM and having a provider that opts in helps with that very valid cause. As long as RBL is optional, I don't see a problem.

    Another point I want to add is that RBL works. I once worked for an ISP that refused to secure their mail server, because it meant the pointy head bosses might actually have to understand how their mail works when they were travelling. They ran for a year that way, against advice, and then one day popped up on the RBL list and started getting complaints. Problem fixed in about a day. The Sys Admin had to work his butt off to fix the relay, but he got it up and got off the RBL within a couple days. And he understood the net better afterwards.

  • by ScuzzMonkey ( 208981 ) on Monday May 21, 2001 @04:44PM (#207550) Homepage
    Gosh, you're right, that would be awesome! And then we can go after all those scum that host porn sites! And anybody with a dancing hampster! I mean, that stuff's all just a useless waste of bandwidth too, right? Not to mention the fact that right now--this very instant--I'm having to pay my ISP extra to carry packets from people just posting crap on /. The nerve!

    While I agree that there are some things egregeous enough to demand relatively harsh actions, I think it's clear to most reasonable people that the RBL is overkill for what it's reacting to. Combined with the fact that it's relatively ineffective at blocking spam, which is its stated purpose (see cites in Jamie's previously posted article--third-party research indicates that MAPS is one of the worst filtering systems out there) I think that this is more of a witch hunt than a socially responsible act of network defense. Do you honestly think that spam really absorbs a significant percentage of bandwidth in these days of fat pipes and graphics heavy websites? (actually, if anyone knows that stat, I would seriously be interested in seeing a cite for it... I've always wondered). I understand, and share, the common disgust with spammers. I'm all in favor of most anti-spam tactics, even including retaliatory spamming (especially liked some previous posters method of harvesting salesperson's e-mail addresses and hitting them back) which are easily seen as just as evil as the original abuse. But the RBL affects too many people who cannot have any control over it, and operates in too much secrecy to have any broad educational effect. I see all kinds of posters to this story clamoring about how you should shop for another ISP if you don't like one that uses the RBL, but that's both impractical for users who can't track down backbone providers (which is what we're really talking about here) for their ISP options, and flat-out impossible if you don't realize that the RBL is causing your problems--they provide no notification to the end-user. Not everyone has the base level of technical ability that the average poster here does.

    And for those here blaring loudly that as a private company, Abovenet can do whatever it damn well pleases with the traffic it carries (quite correctly), I have two comments: one, extend that notion to other commonly provided services you patronize and see if it still sounds good; two, don't bitch about the inevitable lawsuits... that's how matters are resolved when companies do whatever they damn well please.

    Thank you.

  • by agentZ ( 210674 ) on Monday May 21, 2001 @04:11PM (#207551)
    magine if states started blocking truckers coming from certain states

    But they do! The United States does not accept any imports from Cuba because of political differences. You can argue that there are consequences to that (non-)relationship, but don't think that it doesn't happen in the real world.

  • I'm suprised their customers let them get away with that crap.

    Unfortunatly, they can. Here's why:

    1. The automatic customer's response to a "DNS Error" message is "Oh, the web site is down." Almost noone stops to think if they are being censored unless the error says so (or they have other evidence)
    2. Abovenet is a backbone provider, not an ISP. Therefore, even if someone sees this story on some website, they probably won't know if it affects them. "Oh, but this is about Abovenet, I use (insert any Abovenet powered ISP)"
    3. Very few people are behind an Abovenet ISP, and try to visit a certain censored site on a certain day, and see a news story about that same site being blocked by Abovenet, and realize that they are using an ISP that uses Abovenet, and complain about it.
  • by HongPong ( 226840 ) <hongpong@hongpon g . com> on Monday May 21, 2001 @01:59PM (#207564) Homepage
    When I pay for Internet access I pay for access to all the Internet, not just morally OK areas.

  • "The net, just as government, should follow the Principle of the Least Rrestrictive. this means you block only the service causing the problem. Their tyrannical policy of refusing to say just how or why a given company, service or address is antithetical to their alleged goal."

    I totally agree with you! Well said!

    I think I can explain WHY MAPS refuses to justify their decisions with an explanation:

    To do so would be to get sued. Why? because they'd have to BACK UP every word.

    So, they operate clandestinly, hiding behind the vague "we have the right to block any traffic coming through our network" BS.

    Sooner or later, MAPS is going to piss off someone too big to defend against the lawsuit...

    Why Macromedia?

    I can name THESE sites that SPAM you FAR worse than Macromedia (ie, have "opt out" systems when registering software or signing up for services)... Think MAPS will block THEM anytime soon?

    Real Networks
    Doubleclick and most other ad servers (sick of all those "cursor upgrades" that pop up and install automatically when using `Doze, one reason why I do all net surfing under Mandrake now).

    Or does "who" you are matter more to MAPS than how offensive your tactics are?

    Operating the way they do, in refusing comment or to justify their actions AT ALL, MAPS is setting themselves up to be "avove ALL question".

    NOTHING offends me more than that attitude! There is NOTHING... NOTHING that is above ALL question!

  • by tuxlove ( 316502 ) on Monday May 21, 2001 @03:55PM (#207598)
    I'm a little confused. As a customer of Above.net, I received a notice from them stating they were no longer going to use MAPS RBL. I found this a little surprising, considering that Paul Vixie was one of the founders of MAPS and is the CTO or VP of Something at Above.net.

    In light of this, I'm confused. Is Above.net using MAPS or not? This notice came a couple of weeks ago.
  • "Jamie" has published here what is essentially a paraphrased press release from Bennett Haselton, head of Peacefire.org - and Haselton has openly admitted that his Web site was moved inot the middle of the RBLed IP space *months* after that space was RBLed. So it is obvious that (1) Peacefire is now openly operating to provide public relations for spammers, and (2) Jamie McCarthy is providing "news" articles to /. as a service to Peacefire - for which he is compensated in same way (being listed as a senior member, perhaps - publicity hounds are usually happy with that sort of payment). I strongly suspect this comment will be moderated out of existence here, but it will appear in public news fora elsewhere.

"Oh my! An `inflammatory attitude' in alt.flame? Never heard of such a thing..." -- Allen Gwinn, allen@sulaco.Sigma.COM