Spam. Again.. -- and blocking net blocks?
Before the flame begins.. I'm not sure when this started.. Background: We have a downstream ISP, who hosts a website of questionable material. This customer (of our customer) used a third party to spam on their behalf.. Which is a violation of our AUP. (In fact we null0 the /32 in question). Problem: For some reason, spews has decided to now block one of our /19.. Ie no mail server in the /19 can send mail. Questions: 1) How do we smack some sense into spews? 2) Does anyone else see a HUGE problem with listing a /19 because there is one /32 of a spam advertised website? When did this start happening? Regards, Mark -- Mark Segal Director, Data Services Futureway Communications Inc. Tel: (905)326-1570
On Tue, 2002-12-10 at 15:00, Mark Segal wrote:
Before the flame begins..
I'm not sure when this started..
Background: We have a downstream ISP, who hosts a website of questionable material. This customer (of our customer) used a third party to spam on their behalf.. Which is a violation of our AUP. (In fact we null0 the /32 in question).
Problem: For some reason, spews has decided to now block one of our /19.. Ie no mail server in the /19 can send mail.
Questions: 1) How do we smack some sense into spews?
Very difficult.... we had a similar problem. One bad customer and SPEWS blackholes not only our corporate LAN but also my HOME address range, and that of my home ISP, who was not even peripherally involved. We just had to sit it out, as SPEWS is not accountable, or contactable. Eventually the listing decayed, but it was a real problem for us while it lasted.
2) Does anyone else see a HUGE problem with listing a /19 because there is one /32 of a spam advertised website? When did this start happening?
Since SPEWS, with its complete lack of accountability, started being used by respectable spam blocking software. Yes, its a massive problem. Nigel
Questions: 1) How do we smack some sense into spews?
Very difficult.... we had a similar problem. One bad customer and SPEWS blackholes not only our corporate LAN but also my HOME address range, and that of my home ISP, who was not even peripherally involved.
We just had to sit it out, as SPEWS is not accountable, or contactable. Eventually the listing decayed, but it was a real problem for us while it lasted.
There is no technical solution to spam. Regards, Neil.
On Tue, 10 Dec 2002, Neil J. McRae wrote:
There is no technical solution to spam.
Nor is there a legal or political one... Deeann M.M. Mikula Director of Operations Telerama Public Access Internet http://www.telerama.com * 412.688.3200
The only solution for eliminating spam is a radical change in social behavior of those whom are causing, allowing and facilitating it. All reasonable attempts to do so have failed, mainly due to commercial interests. Thus only a primitive and for some painful interference helps. Though few want to admit it, as long as all the backbones - unanimously - are not seriously addressing this problem, and factually accept the financial consequences of cut off's, and forcefully propagate those policies to whomever is connected to them, only the hard way remains. I advocate that spews and others are tough, but apparently necessary means. The more spam, the harder the action-pack to combat it. The problem is not necessarily only Korea, Nigeria, Costa Rica, etc. We, in the US are a significant source of this activity ourselves, probably the biggest. Painfully enough we lack the initiative to set a standard for the rest for the World. best, Bert hostmaster@nso.org
The only solution to spam is to start charging for email (perhaps with reasonable included minimums if that calms you down for some large set of "you") and thus create an economic incentive for all parties involved. Face it folks, the party is over, the free-for-all was a nice idea but it simply did not work. See "The Tragedy of the Commons". On December 10, 2002 at 13:00 hostmaster@nso.org (hostmaster) wrote:
The only solution for eliminating spam is a radical change in social behavior of those whom are causing, allowing and facilitating it. All reasonable attempts to do so have failed, mainly due to commercial interests. Thus only a primitive and for some painful interference helps. Though few want to admit it, as long as all the backbones - unanimously - are not seriously addressing this problem, and factually accept the financial consequences of cut off's, and forcefully propagate those policies to whomever is connected to them, only the hard way remains. I advocate that spews and others are tough, but apparently necessary means. The more spam, the harder the action-pack to combat it. The problem is not necessarily only Korea, Nigeria, Costa Rica, etc. We, in the US are a significant source of this activity ourselves, probably the biggest. Painfully enough we lack the initiative to set a standard for the rest for the World.
best,
Bert hostmaster@nso.org
Barry Shein wrote:
The only solution to spam is to start charging for email (perhaps with reasonable included minimums if that calms you down for some large set of "you") and thus create an economic incentive for all parties involved.
Face it folks, the party is over, the free-for-all was a nice idea but it simply did not work. See "The Tragedy of the Commons".
Sure, because charging for postal mail has certainly stopped the deplorable practice of junk mailing.</sarcasm> As long as spamming is legal, people will do it, period. You cannot solve administrative problems with technical solutions. The key is for ISPs to form a political lobby (with the same power as the DMA) and push for reasonable laws to protect consumers. Until then, we're all pissing in the wind. S
On Tue, 10 Dec 2002, Stephen Sprunk wrote:
Barry Shein wrote:
The only solution to spam is to start charging for email (perhaps with reasonable included minimums if that calms you down for some large set of "you") and thus create an economic incentive for all parties involved.
Face it folks, the party is over, the free-for-all was a nice idea but it simply did not work. See "The Tragedy of the Commons".
Sure, because charging for postal mail has certainly stopped the deplorable practice of junk mailing.</sarcasm>
As long as spamming is legal, people will do it, period. You cannot solve administrative problems with technical solutions. The key is for ISPs to form a political lobby (with the same power as the DMA) and push for reasonable laws to protect consumers. Until then, we're all pissing in the wind.
This discussion is very familiar! ... and that will stop for example the nigeria scams how? or the asian porn sites how? Steve
On Tue, 10 Dec 2002, Stephen Sprunk wrote:
As long as spamming is legal, people will do it, period. You cannot solve administrative problems with technical solutions. The key is for ISPs to form a political lobby (with the same power as the DMA) and push for reasonable laws to protect consumers. Until then, we're all pissing in the wind.
When something is illegal in the US, it does not necessarily be illegal in Europe or Asia. Or do you really expect Pakistani police to track down and convict a spammer who has offered you A Larger Penis[tm]? What I'm trying to say is that 'the solution' will probably have to be a combination of legislation and technical measures. -- Sabri Berisha www.cluecentral.net "I route, therefore you are"
What I'm trying to say is that 'the solution' will probably have to be a combination of legislation and technical measures.
It won't fix the problem. The world needs to change to stop driving the possible gains from sending spam. Its an eduction/social issue. Regards, Neil. -- Neil J. McRae - Alive and Kicking neil@DOMINO.ORG
Sorry for top posting, but I'm late for work... -- Agreed. I believe that society dictates that the accumulation of personal wealth is one of the most important factors to most people who have the means to generate it in abundance. Any avenue to make a buck will supersede any legislation or "Please don't do that because it's not (nice|safe|legal|honest|<your_word_of_the_day_here>)". Until spam is no longer synonymous with generating revenue or growing personal wealth, it's here to stay. Until drugs are legal, or dealers are killed if caught, the fact that dealers know pushing that crap on the streets is harmful, it doesn't matter. The need, or desire to have more money than the next guy is more important to someone than the other people who exist outside their little box. Different circumstances, but the same thing at the end of the day, I think.
It won't fix the problem. The world needs to change to stop driving the possible gains from sending spam. Its an eduction/social issue.
-- -JaL "AFAIK, You think I'm a BOFH for continually bashing you over the head with a clue-by-four. OTOH, if you would just RTFM every once in a while, my life would suck *much* less."
On Tue, 10 Dec 2002, Barry Shein wrote:
The only solution to spam is to start charging for email (perhaps with reasonable included minimums if that calms you down for some large set of "you") and thus create an economic incentive for all parties involved.
Absolutely unrealistic... micropayments never got off the ground for a number of good reasons - some of them having to do with unwillingness of national governments to forfeit financial surveillance. Even if e-mail will cost something, you'd still be getting a lot more spam than useful mail. Check your snail-mail box for empirical evidence :) I'd say strong authentication of e-mail sources and appropriate sorting at the receiving end should do the trick. When I give someone e-mail address, I may just as well get their fingerprint and put in my "allowed" database. The question is, as always, convinience and useability - with a good design that doesn't seem unsurmountable.
Face it folks, the party is over, the free-for-all was a nice idea but it simply did not work. See "The Tragedy of the Commons".
Linux does not exist, science disappeared long time ago, etc, etc. Those are commons, too. In fact, the prevailing myth is that property system is the primary driver of progress. As if. It existed for several millenia (in fact, all higher animals exhibit behaviour consistent with notion of property, usually territory and females) and not much happened most of that time, aside from endless wars. Then the decidedly anti-proprietary "gift economy" of science comes along and in couple hundred years completely changes the world. The free-for-all is a nice idea. Should be preserved whereever possible. Spam is not "tragedy of commons" (i.e. depletion of shared resources because of uncontrolled cost-free accessibility) - the spam traffic does not kill the network, last I checked (in fact, TCP's congestion control provides a basic fairness enforcement in the Internet - which explains why the backbones aren't really prone to the "tragedy of commons", even when demand is massively larger than supply). Spam is theft (i.e. unauthorized use of private resources), and should be fought as such - by prosecuting perps, by installing locks, and by checking ids before granting access. --vadim
Ok on a serious note can we not try to solve the spam problem here? its a never ending loop (tech problem or social problem who cares.. its a problem and we all know it, be a good operator and kill anyone who wants to spam on your network). On a not-so-serious note maybe if we just assigned spammers 69.0.0.0/8 ip space the problem would take care of itself. -Scotty ----- Original Message ----- From: "hostmaster" <hostmaster@nso.org> To: <nanog@nanog.org> Sent: Tuesday, December 10, 2002 1:00 PM Subject: Re: Spam. Again.. -- and blocking net blocks?
The only solution for eliminating spam is a radical change in social behavior of those whom are causing, allowing and facilitating it. All reasonable attempts to do so have failed, mainly due to commercial interests. Thus only a primitive and for some painful interference helps. Though few want to admit it, as long as all the backbones - unanimously - are not seriously addressing this problem, and factually accept the financial consequences of cut off's, and forcefully propagate those policies to whomever is connected to them, only the hard way
I advocate that spews and others are tough, but apparently necessary means. The more spam, the harder the action-pack to combat it. The problem is not necessarily only Korea, Nigeria, Costa Rica, etc. We, in the US are a significant source of this activity ourselves, probably the biggest. Painfully enough we lack the initiative to set a standard for
remains. the
rest for the World.
best,
Bert hostmaster@nso.org
Looking at this from another angle, what RBL set are people using that works well? This is our current set: blackholes.mail-abuse.org, dialups.mail-abuse.org, relays.mail-abuse.org, dynablock.wirehub.net, inputs.relays.osirusoft.com, socks.relays.osirusoft.com, formmail.relays.monkeys.com, proxies.relays.monkeys.com We were using spamcop until I found out about the 7-day timeout for delisting. We get some complains about the formmail relay blocking, but that just seems to be for customers trying to get email from web hosting companies that don't care to clean their servers of old copies of FormMail.pl. Ralph Doncaster principal, IStop.com
On 10 Dec 2002, Nigel Titley wrote:
2) Does anyone else see a HUGE problem with listing a /19 because there is one /32 of a spam advertised website? When did this start happening?
Since SPEWS, with its complete lack of accountability, started being used by respectable spam blocking software. Yes, its a massive problem.
We had this problem a while back too. One particular problem is that the relays.osirusoft.com block-list - which seems to be used by an awful of people - aggregates data from several dozen sources, including spews.
Check out www.antispews.org -kyle On Tue, 10 Dec 2002, Mark Segal wrote:
Before the flame begins..
I'm not sure when this started..
Background: We have a downstream ISP, who hosts a website of questionable material. This customer (of our customer) used a third party to spam on their behalf.. Which is a violation of our AUP. (In fact we null0 the /32 in question).
Problem: For some reason, spews has decided to now block one of our /19.. Ie no mail server in the /19 can send mail.
Questions: 1) How do we smack some sense into spews? 2) Does anyone else see a HUGE problem with listing a /19 because there is one /32 of a spam advertised website? When did this start happening?
Regards, Mark
-- Mark Segal Director, Data Services Futureway Communications Inc. Tel: (905)326-1570
On Tue, 2002-12-10 at 17:03, Bryan Bradsby wrote:
Check out www.antispews.org -kyle
There are two SPEWS lists.
SPEWS[1] lists direct spam sources as accurately as /32
Which is the list that our corporate servers and my home lan ended up on, despite never having sent direct spam
SPEWS[2] includes SPEWS[1] plus collatteral damage.
Which was the rest of our address range and that of my home ISP
to clarify, nothing more.
The intent of the double spews listing is good, but it isn't adhered to in practice.
I tend to agree. We had the same issue a customer who we did not know was a spammer did something similar and they listed our blocks. I terminated the customer. I believe spews has a newsgroup that is listed on their site you can post to but more than that I'm not certain. Also its funny how they don't block all the blocks originated by cnw <where the spam in my case originated> but listed mine. Either way I think you did the correct thing the deal now is to post to the newsgroup and let them know you cleared the issue. That's all I have heard can be done. On Tue, 10 Dec 2002, Mark Segal wrote:
Before the flame begins..
I'm not sure when this started..
Background: We have a downstream ISP, who hosts a website of questionable material. This customer (of our customer) used a third party to spam on their behalf.. Which is a violation of our AUP. (In fact we null0 the /32 in question).
Problem: For some reason, spews has decided to now block one of our /19.. Ie no mail server in the /19 can send mail.
Questions: 1) How do we smack some sense into spews? 2) Does anyone else see a HUGE problem with listing a /19 because there is one /32 of a spam advertised website? When did this start happening?
Regards, Mark
-- Mark Segal Director, Data Services Futureway Communications Inc. Tel: (905)326-1570
Are you billing and presumably suing (if they don't pay) the owners of the website et al for the damages they've caused your business by all this? If not you're just subsidizing their attempt to profit off of mayhem at your expense. The question of course is rhetorical. On December 10, 2002 at 10:00 MSegal@FUTUREWAY.CA (Mark Segal) wrote:
Before the flame begins..
I'm not sure when this started..
Background: We have a downstream ISP, who hosts a website of questionable material. This customer (of our customer) used a third party to spam on their behalf.. Which is a violation of our AUP. (In fact we null0 the /32 in question).
Problem: For some reason, spews has decided to now block one of our /19.. Ie no mail server in the /19 can send mail.
Questions: 1) How do we smack some sense into spews? 2) Does anyone else see a HUGE problem with listing a /19 because there is one /32 of a spam advertised website? When did this start happening?
Regards, Mark
-- Mark Segal Director, Data Services Futureway Communications Inc. Tel: (905)326-1570
participants (17)
-
Barry Shein -
Bryan Bradsby -
deeann mikula -
hostmaster -
Jason Lixfeld -
K. Scott Bethke -
Kyle Christy -
Mark Segal -
Miles Fidelman -
neil@DOMINO.ORG -
Nigel Titley -
Ralph Doncaster -
Sabri Berisha -
Scott Granados -
Stephen J. Wilcox -
Stephen Sprunk -
Vadim Antonov