On Mon, 28 Mar 2005, Jay R. Ashworth wrote:
On Sun, Mar 27, 2005 at 05:57:13PM -0500, Dean Anderson wrote:
There are consequences, of course, to doing irresponsible things, and to misleading your subscribers, and to blocking email that your subscribers didn't authorize you to block.
Dean: it seems to make running a blacklist *at all* A Bad Thing... which, my perception is, is *not* the sense of the Net.
Not at all. Responsible blacklisting doesn't have to do irresponsible things. For example, most people agreed that MAPS had no business blocking Exactis; Exactis didn't meet the MAPS definition for blacklisting. SORBS clearly doesn't have to lie about Av8 Internet's address blocks: 130.105/16 and 198.3.136/21. etc. I'm definitely not saying that all blacklisting is bad: It isn't.
As for "didn't authorize you to block", two thoughts come to mind: first, the person with the last clear chance in a mail blacklisting situation is the mail admin in question, is it not? If you're running blacklists, and you're concerned about what they block, I should think it would be up to you to back-check the judgement of the BL operator by doing end-to-end testing.
I agree the mail admin is usually the last chance for assessing BL reputation before use. But nearly every call I make to an admin using SORBS results in a response of the sort: "Gee, I didn't know they were doing this sort of thing, give me a second...they're gone. let me know if you any more problems". Before that it was ORBS, etc--the list is long and ignomious. But most people "in the know" just know. Its the people "not in the know" who get misled.
And second, to the extent that you *are* using a given list, I suspect (and IANAL, of course), that you are -- constructively -- allowing them to act as your agent for the purpose of deciding which mail to block (absent caselaw to the contrary, which I'll admit I haven't researched), which gives you a lot less leeway to be mad at them.
I agree. But they said they were going to block _spam_. They don't usually say 'we're going to use the list to boycott non-spammers'. And they don't usually say they just block whoever we feel like. They usually don't say "we want you to help us on our non-spam vendetta quest". They usually say they are trying to block spam. They usually have some criteria for blocking, which they then violate.
And of course, the only *real* liability you ought to have in the first place is to *your users*, and as long as you're disclosing to them that you use mail BL's, then that one's a bit arguable, as well.
However, most ISPs don't disclose what BL they use until there is a problem. I've yet to find the BL listed in the product service description for email services. And I've never found an ISP that says "We're going to participate in boycotts for personal vendetta's, your email is a weapon for us." The BLs don't say that to the subscribers/ISP's; the ISPs don't say it to the users. Neither the ISPs nor the end users want that. -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000