Why Blacklisting Spammers Is A Bad Idea 396
Roland Piquepaille writes "For the last two months, an eternity in Internet time, I was unable to reach -- and to contribute to -- Smart Mobs, the collective blogging effort around the next social revolution initiated by Howard Rheingold. Why that? Because an unknown customer of Verio decided it was a spamming site and asked the company to blacklist the site. Verio complied -- probably without even checking it -- and my problems started. It took me dozens of e-mails and phone calls and two visits to the headquarters of my french ISP, Noos, to fix the situation. More about this horror story is available here."
Horror story my arse (Score:5, Interesting)
Instead this article should be title "Why Blacklist Do Work" and what spammers are doing to try and disrupt them.
Had the same problem.. (Score:3, Interesting)
The first thing we know about it is when members of staff come to us and complain that they are getting error messages such as 'denied' when trying to email important people.
Sigh.. in fact I have that very same problem waiting to be tackled when I get back on Monday morning. And its always such a ballache to get your mail servers removed from these block lists...
Re:Improperly done blacklist (Score:4, Interesting)
That sucks ass royally.
Hypocrisy (Score:5, Interesting)
The real issue, however, seems to be this guys ISP. I mean honestly, what the hell is wrong with them? If I had called Speakeasy with this sort of problem, it would have been taken care of that day.
-sirket
incorrect title (Score:2, Interesting)
User vs. Customer (Score:3, Interesting)
Re:Yup, I was RBL'd (Score:4, Interesting)
That said, you left a relay open for 3 days, and potentially tens of thousands of spam emails, and you are going to sit their and complain that it took two weeks for you to be removed from the black list? What about all the individual admins that added you to their personal blacklists and just never bothered removing you?
-sirket
Re:Had the same problem.. (Score:4, Interesting)
-sirket
Blacklists and filtering only works so well. (Score:3, Interesting)
Slashdot global bans Spain (Score:2, Interesting)
Why
Yep I know my evil "isp" hijacked the internet and put a transparent firewall but I CANT switch "isp" there is only one "real" adsl provider in spain Telefonica, the other ones are resellers of the same product.
(I tried once emailing
Note: All adsl in spain goes to port 80 using only a handful of IP adresses which
Re:Verio = SBF (Spammer's Best Friend) (Score:2, Interesting)
Are they being: A. DDoS'ed again B.
Re:Slashdot global bans Spain (Score:3, Interesting)
I got that message and immediately blocked their entire subnet...
Re:Even more offensive (Score:3, Interesting)
Either way, get a real provider, and your problems will disappear.
Um, Verio? (Score:3, Interesting)
Re:Improperly done blacklist (Score:5, Interesting)
Why don't I use my ISP's mail server? Because:
Re:Am I understanding this correctly? (Score:3, Interesting)
Newsworthy? (Score:3, Interesting)
Don't tell me, because of this upset you missed meeting up with four thousand other bored office workers in a public place to do something 'wacky'? Boo freaking hoo.
Re:Improperly done blacklist (Score:3, Interesting)
I had this happen at work. The marketing group is responsible for administering the mail server (don't ask me how that happened) and as of last Thursday about 95% of outgoing mail was being rejected by the server. It was configured to send mail direct to the remote host, bypassing the ISPs SMTP. Apparently a whole lot of domains are now blocking unrecognized SMTP transfers (there was something in the news about it). I had to call up SBC (our ISP) and find out what their mail settings were and once I did that everything worked fine, right up 'til the point where their server stopped responding for a few hours and screwed things up yet again. That was why I configured it to go direct in the first place.
I dunno about this. I'm generally not in favor of torture or undue human suffering but I'm reaching the point where I think a few spammers need to be dealt some very public, painful and drawn-out deaths. Actually, I withdraw that statement. The deterrent effect nailing only some of them is insufficient. We need to do it to all of them.
Something has to put a stop to this. My feeling is that legal, political and diplomatic solutions are going to fail, miserably. Let's face it, the problem is multinational and it only takes one spamer-friendly country to screw things up for the rest of us. That's why simple-minded ideas like "charge a penny for each mail sent!" are doomed to failure. Sure, you can crucify a few spammers, and that makes us feel like our politicians are "doing something", but ultimately the solution is going to have to be technological.
Spammers are an infection that is slowly poisoning the entire organism, and the Internet needs to be given some kind of an immune system that will, in true autonomic fashion, eliminate the possibility of spam once and for all.
Because we all know... (Score:3, Interesting)
The rest of us, sadly, aren't interested in trying hard enough, especially if it results in as much difficulty as you seem to have in extracting your cranium from the depths of your large intestine.
That said, I do agree that two weeks isn't an irrational amount of time for this. If it had been two months, though, I would say that they were, in fact, being irresponsible, because they said they were doing something, and then they didn't actually do it, and in fact damaged someone's personal life and potentially their business for making one simple, easy-to-make mistake.
At some point, if you volunteer to undertake a project, and then in the course of doing so you dick someone over in an easily-prevented manner, you are acting unethically. Doesn't matter that you volunteered: if your actions can screw up someone else's life, you have the obligation to be careful of them.
I try to avoid killing pets in the road, if I can do so safely. It's certainly not illegal to run over a cat, but it's certainly not nice. The argument that 'they shouldn't have let fluffy escape out the window that their nine-year-old accidentally left open' does not, somehow, cause me to decide not to (gently) step on the brake.
I know, I know, I'm the anti-libertarian, right? Saying that we actually have some sort of obligations not to actively screw over our fellow man? God, I'm a pinko commie symp! Shoot me now! Or something.
Sheesh.
-fred
Not really going well and not a good idea. (Score:3, Interesting)
What's needed is a two pronged approach. One prong is legal and is being followed fairly well; pass laws that make spamming illegal. The other prong, which is still under development, is to make technical changes to email so that spammers can't hide their addresses.
First, I don't share your glee about current laws and the direction they are taking. I fear email will end up like broadcast radio and TV - only people who pay big bucks to the government will be alowed to run a mail server. The result will be as dismal as broadcast media is, but worse because mail is personal. Imagine licensed spam and every email service being like Hotmail - a spam in every can! Your email will always be searchable by government agencies and spammers if people like AOL and Microsoft have their way.
How do they get there from here? They are already half way there. Blacklists are a part of it. Any ISP that does not prevent their users from running mail servers gats on M$ and AOL blacklists, regardless of the actual volume of spam. Convienetly enough for them, this puts further pressure on smaller ISPs and eliminates competition, compliance or no. Another way to get there is by creating mechanisms "so that smappmers can't hide their addresses". This would create the kind of central authority that the internet was designed to avoid. Wanna bet who will run that central authority? The smarter you make the net, the dumber and less free it becomes.
Laws making spam illegal, with reasonable definitions of spam are the only way to kill spam. The IP address of the spammer should leave a large enough trail for people who really want to bust spammers to follow, so it is indeed practical. Some recent turns are good, I just hope it applies to the big boys the same way it applies to the smaller ones. Somehow I doubt it, despite small charges against ATT. No spam is ever acceptable on a medium that was designed to work on pull and our laws should reflect it. If France can keep people from selling Nazi junk, the USA can halt spam if it wants to.
Re:Just to clarify (Score:3, Interesting)
Did this guy misconfigure his web server application to fetch content from a remote server and present it, and it erroneously gave a 404 error when the connection couldn't been established?
Anyhow, it's also quite uncommon that a single IP gets blocked. It's more common that a whole subnet is blocked, and this may hurt innocents who share the subnet with a spammer.
The article also fails to give any useful info on what caused the block in the first place. The complaint might have been valid for all we know -- the lack of evidence, and very biased and one-sided story doesn't give us enough information to draw any conclusions, one way or another.
Apart from either a lack of understanding of HTTP error codes and possibly misconfigured server, that is -- which makes me hesitate to dismiss the possibility that this guy was the cause of spam by having a misconfigured mail server too, or allowed his web server to be used for spamming. There's simply not enough info to say, one way or another.
As for blacklists, yeah, they're a bad idea. I used to publish one (back in the days of Sanford Wallace), but was forced to shut it down because there was no way I was going to be able to afford all the lawsuits I was threatened with -- even if not doing anything wrong, you have to front quite a bit of money, and you lose even if you win.
Regards,
--
*Art
Comment removed (Score:3, Interesting)
Comment removed (Score:3, Interesting)
you sir, are an idiot. (Score:3, Interesting)
Re:Improperly done blacklist (Score:2, Interesting)
I had to do this recently due to AOL refusing mail from my server (which is a BT business account, but not on a static IP).
Trouble is, BT's SMTP service is terrible -- earlier this year it was unavailable for over a week. That was unusual though; mainly it just drops out for an hour or so. I can handle this.
Now (as of last week) they have decided that if you send more than two emails in quick succession they will bounce the remaining mail. So if you've got say, three mails in your mail queue, when BT's SMTP server pops up again they will accept the first two mails, and bounce the third.
Of course, I will get round this when I get a bit of time by using my hosting company's SMTP server. But how long will it be before BT start snaffling all port 25 traffic and redirecting it to their own crappy server (NTL in the UK do this already)?
I find myself endlessly chasing my own tail to get the service that I used to have. Only if
Yeah, whatever, moron (Score:3, Interesting)
(1) SPEWS is ineffective. It might have some effect if your goal is to drive spammers away from a given ISP, or drive customers in general away from a given ISP. But it won't significantly reduce the amount of spam you get compared to using the lists with a philosophy that involves far less collateral damage. But by using SPEWS, you WILL block hundreds or thousands of times more legitimate emails. If you (the list USER) wish to use the inconvenience of your customer base as a means to punish an ISP with spamming customers, then by all means, use SPEWS. However, if you think your first duty is to maximize spam droppage while minimizing false positives, SPEWS is NOT for you.
(2) SPEWS is inaccurate because of how it is organized. For example, one ISP I used had a spammer, and a clueless staff. After the SPEWS listing hit us, we worked with them to clear out their spammers. They did so; but one set up across town with their own space, and had a very similar name to the ISP. SPEWS decided the ISP was "hiding" its spamming on another block, and listed all blocks (the ISP and their former customer) together, despite different names and addresses on their ARIN registrations. To this day, the ISP remains in SPEWS because the other company spams. Of course, since Collateral Damage is SPEWS middle name, this is of no concern.
(3) Run by fanatics. Much like the 'Eat Your Spews' crowd; they're just the shame of all of us who'd like to see spam stop and would like to take reasonable countermeasures. I get over 1000 spams per day to my 8-year-old email address (most of which are oblitterated by spamassassin), and I wouldn't think of using SPEWS.
(4) SPEWS damages the innocent and does so without warning. Even if you're incredibly conscientious about NOT spamming, you may one day discover a horde of bounces because you are on SPEWS. Now without warning or cause, you will now suffer significant economic damages even if you do immediately exactly what SPEWS would like you to do: switch ISPs.
(5) Because of the sudden effect of (4), you probably will not; you will probably begin immediately routing your mail through a third party, thus rendering SPEWs useless, and simply costing you more money, slowing delivery, wasting bandwidth, etc.
(6) Because SPEWS must, by necessity, delist organizations who stop sending spam, the whole process only serves to make spammers be clandestine and move from ISP to ISP. And so they do; they still show up in ALL the same places. They just move on more often. And the problem is never solved. I'm sure you've noticed that there's still no shortage of spam and years of SPEWS listing places hasn't even dented the problem. But it has cost billions of dollars of productivity and other collateral damage trying to deal with the effects of SPEWS.
Basically, SPEWS is the terrorist anti-spam organization. It is threatening to blow up mail delivery if the spammers don't capitulate. Whether SPEWS works or not is really irrelevant; spammers will always move on and find new ISPs, and at best, SPEWS makes them move more often. Meanwhile, the innocent suffer, because the cure is worse than the disease.
Now, one thing I do agree with: you have every right to use SPEWS. But realize that most of your users would never concur with what you're doing, and they only accept it because they are clueless. Almost every ACCOUNTABLE organization (typically, corporations) that tries to use SPEWS stops immediately, because it is UNACCEPTABLE to have a 100:1 ratio of false positives:true positives. The shame is moronic ISPs like pacbell.net signing their servers onto SPEWS and fucking their ignorant customers out of a ton of their legitimate email.
So, it is perfectly accurate to call SPEWS the nuclear bomb of blacklists. It can and does do enormous collateral damage, most of the IPs it blocks are used by responsible or at least innocent net