Best Practices for Being Permanently Added to the RBL
RBL Working Group Ben Black INTERNET DRAFT Layer 8 Networks Obsoletes: draft-ietf-rbl-selfdefense-00.txt November 1998 Expires May 1999 Best Practices for Being Permanently Added to the RBL <draft-ietf-rbl-permanent-00.txt> Status of this memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as ``work in progress.'' To view the entire list of current Internet-Drafts, please check the ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), or ftp.isi.edu (US West Coast). Abstract The Realtime Blackhole List (RBL) service from the Mail Abuse Protection System (MAPS) is a completely free and voluntary system for creating intentional network outages to limit the propogation of unwanted, unsolicited, mass e-mail (SPAM). Many purveyors of SPAM and SPAM-related services have had little trouble in getting themselves added to the MAPS RBL, but certain providers of web hosting services whose customers engage in SPAMMING have expressed concern that at some point in the future they may be removed from the MAPS RBL, exposing millions of innocent e-mail users to a barrage of SPAM. This document offers a description of the best current practices for guaranteeing that your company stays on the MAPS RBL. 1. Terminology Throughout this document, the words that are used to define the significance of particular requirements are capitalized. These words are: - "MUST" This word or the adjective "REQUIRED" means that the item is an absolute requirement of this specification. - "MUST NOT" This phrase means that the item is an absolute prohibition of this specification. - "SHOULD" This word or the adjective "RECOMMENDED" means that there may exist valid reasons in particular circumstances to ignore this item, but the full implications should be understood and the case carefully weighed before choosing a different course. - "SHOULD NOT" This phrase means that there may exist valid reasons in particular circumstances when the listed behavior is acceptable or even useful, but the full implications should be understood and the case carefully weighed before implementing any behavior described with this label. - "MAY" This word or the adjective "OPTIONAL" means that this item is truly optional. One vendor may choose to include the item because a particular marketplace requires it or because it enhances the product, for example; another vendor may omit the same item. 2. Best Practices Although there are many successful methods for achieving a lifetime membership in the RBL, the following have proven the simplest and most expedient. 2.1 Verbally Harassing the Maintainers of the RBL The maintainers of the MAPS RBL are all volunteers with an interest in making the Internet less of a haven for nefarious SPAM merchants. This is a fundamental technique which SHOULD be attempted by ALL service providers wishing to burn all possible bridges. 2.2 Sending SPAM Demanding Removal from the RBL Nothing says "Blackhole me!" like sending an unwanted mass mailing to potential subscribers of the MAPS RBL service. Service providers in the market for a new line of work unrelated to the Internet MUST SPAM as MANY other service providers as possible to maximize their chances at a coveted RBL Blackhole Lifetime Membership. 2.3 Threatening Lawsuits Even the most stalwart RBL maintainer may later have mercy later if only the suggestions in Sections 2.1 and 2.2 are followed. To avoid this eventuality, service providers SHOULD threaten to sue not only the RBL maintainers, but also all RBL subscribers. When responding to queries regarding the upcoming legal action, providers MUST NOT resort to the use of logic and common sense. Hard work definitely pays off in this area. 2.4 Proper CAPITALIZATION One of the keys to a successful SPAM demand or threat is proper capitalization. Unlike normal English usage, providers MUST randomly capitalize ENTIRE words for no APPARENT REASON. E-mail which follows this rule is certain to have a major impact on all readers. 3. Example of Advanced Techniques This outstanding example illustrates a complete mastery of all the tecniques listed above. The sender of this message is obviously highly motivated in his quest to remain on the RBL until the end of time. -- start -- From: "Alan R. Bechtold" <alanbechtold@sysop.com> Subject: Using MAPS will get you SUED!!! Date: Wed, 18 Nov 1998 11:48:11 -0800 It has come to my attention that your company utilizes the MAPS BLACKHOLE list to block purported SPAMMERS from sending E-mail to your system. While the idea might sound good I am writing to inform you that you will be named in a Federal Lawsuit if you do not CEASE AND DESIST use of this list IMMEDIATELY. Here is why: My company, BBS PRESS SERVICE, INC., designs and hosts Web sites. That's all we do. We don't sell access to the Internet. We don't sell E-mail accounts. Besides some E-mail accounts for our employees to use when contacting our customers, and one E-mail account we use to send out a weekly newsletter to our customers, we don't generally handle any E-mail at all. I am anti-SPAM. I advise all of my 5,000+ clients against the use of SPAM. Still, two have used it to promote sites we host for them. Naturally, this resulted in our receiving the usual barrage of E-mails DEMANDING that we remove the Web sites of the offending parties. Our attorneys have advised us that it is NOT in our best interest to do so. Removing the Web site of anyone for something they did OUTSIDE of our system, even if it was indeed PROMOTING a site hosted on our system, would in fact expose my company to possible lawsuit from the SPAMMER! I understand many Web site design and hosting services stipulate in their contracts that they reserve the right to pull any site if evidence of SPAMMING is seen -- but my attorneys have also advised me that this is completely unenforceable in court and wouldn't stand up to a court challenge. I don't know about you but I am totally opposed to being REQUIRED to take action against anyone for anything they've done outside of my control. Do we also want to become liable for pulling Web sites held by anyone who is convicted of a crime...any crime? Wouldn't this lead to the requirement of background checks, to make sure a Web site customer has never indeed beenconvicted of a crime? The ramifications are tremendous. Anyway -- I write to anyone complaining about SPAM from a client of mine (and they do track down the Web site host even if we didn't originate the SPAM) and inform them of my position. One person apparently forwarded my reply to MAPS. Even though my reply states CLEARLY that I am OPPOSED to SPAM, the kind folks at MAPS decided to add my company's IP to the list anyway. The problem is -- they won't TALK about resolving the problem. Their "volunteer" hung up on me when I called, after first being outright surly and rude with me. I tried E-mailing Paul Vix to tell him to remove my company's IP from his list but -- guess what -- my E-mail got REJECTED by his system because he uses the list! I finally got a message through by going through another provider. Meanwhile Paul Vix has not returned my urgent calls and hasn't been available on the phone when I do call. This is causing my company irreparable harm. MAPS' whole attitude and the way they create their so-called LIST is, because of my case alone, entirely questionable. And he has left me little choice but to file suit against Paul, MAPS and anyone associated with the LIST or using it in their products or on their services. This is where you come in. I am writing to tell you right now -- cease and desist from using the MAPS BLACKHOLE list on your service IMMEDIATELY. I will be including anyone and everyone still using the MAPS list in my lawsuit against MAPS. Period. You might also want to contact Paul Vixie and let him know the legal jeopardy his methods have placed you in. By comparison, the SPAMMERS are starting to look like the "good guys." I know they're not and you know they're not but MAPS must end here and now. I would appreciate your comments and cooperation. -- end -- 4. Author Information Ben Black Layer 8 Networks email: black@layer8.net
Oh dear, I let a little typo slip through (left as an exercise for the reader). The corrected text can be found at: http://www.layer8.net/~black/draft-ietf-rbl-permanent-00.txt Enjoy. Ben
Excellent! It's sad but I should agree. From my point of view such systems make more problems than solve them. RBL is not the worst example, through, ODBS (or what's exact name of this crazy system) is. -- Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
OK, given, this guy is a flaming moron, and the original message was completely out of line. HOWEVER, it seems to me he raises at least one valid objection. It seems to me, both from his allegations and from the phraseology of the "Best Practices for Being Permanently Added to the RBL", that web hosting services are being treated unfairly in the following circumstance: Company S(pam) has a web site, hosted on the servers of web-presence-provider Company P(rovider). Company S uses the services of Company X to send out massive loads of SPAM, with referencing the web site and even e-mail addresses hosted by Company H. Now, if I'm hearing what's being said on this list correctly, Company H is being expected to pull the website they host for Company S (or else be blackholed), _even though no illegal or spam-generating activity is being generated on their network_. Am I understanding this correctly?!? By this philosophy, it would seem that if I were to host the web pages of a company which engaged in unwelcome telemarketing (which I personally find much more offensive than SPAM, and which is no more or less illegal in most states), I would be under an obligation to cease providing service to that company! So, given the earlier threads about annoying UUNET marketing folks, let's blackhole all mail that comes from UUNET. Oh, and also mail that comes from anyone who peers with them. And of course any mail that has to be transported over those evil people's networks.....wait a sec, why's my inbox suddenly empty, where'd the internet go??? Maybe I'm misinterpeting the policies here, but I didn't hear anyone disputing the actual complaints of this guy, which can only lead me to believe that either A) This guy was actually treated unfairly, and has a valid complaint, or B) Nobody cares enough to say "hey, wait a minute, there's been a failure in communication, let's see if we can work this out." So, what's up, guys? I'd hate to think a great thing like the RBL is being abused to squash people who we just happen to find annoying. -- -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS/IT/M/P/S d?- s+:- a17>? C++++$ UBLS++$>++++ P--- L++>+++ E---- W+++$ N- !o K? w@$ !O M-- V-- PS+++ PE Y+ PGP- t+ 5-(++) X+ R+ tv>! b+++ DI+++ D+ G++ e* h!*>++ r%>++ !y->$ ------END GEEK CODE BLOCK------
By this philosophy, it would seem that if I were to host the web pages of a company which engaged in unwelcome telemarketing (which I personally find much more offensive than SPAM, and which is no more or less illegal in most states), I would be under an obligation to cease providing service to that company!
Telemarketing is not network abuse. Spamming is network abuse. Moreover, it's network abuse that can and often does directly impact the operations of the site to which the spam is pointing. Moving from the realm of philosophy to the hard, cold facts of contract law, you need to remember that in drafting your usage agreement you are the master of the universe created therein. You are not only within your rights to prohibit behavior affecting your system integrity, some might say you are obligated by your duty of diligence to your employer, clients, shareholders, partners, etc. If the client doesn't like the contract, they can go elsewhere: the essence of the free market. But if your contract doesn't give you the right to terminate a spammer, then you need to find a new lawyer. -Ray -- ------------------------------------------------------------------ Ray Everett-Church (RE279) * More info: <http://www.everett.org> Attorney/Internet Consultant * Opinion(REC) != Opinion(client(REC)) This mail isn't legal advice. * Outlaw Spam = <http://www.cauce.org> ---------------------------------------------------------------------
Company S(pam) has a web site, hosted on the servers of web-presence-provider Company P(rovider). Company S uses the services of Company X to send out massive loads of SPAM, with referencing the web site and even e-mail addresses hosted by Company H. Now, if I'm hearing what's being said on this list correctly, Company H is being expected to pull the website they host for Company S (or else be blackholed), _even though no illegal or spam-generating activity is being generated on their network_. Am I understanding this correctly?!? By this philosophy, it would seem that if I were to host the web pages of a company which engaged in unwelcome telemarketing (which I personally find much more offensive than SPAM, and which is no more or less illegal in most states), I would be under an obligation to cease providing service to that company!
Not to mention being the ultimate DoS: sending out loads of useless SPAM that appears to come from a competitor, getting them kicked off their Net. -- ----------------------------------------------------------------------- Eric Anderson Online Network-Entertainment CyberIron Bodybuilding ICQ 3849549 <http://www.on-e.com/> <http://www.cyberiron.com> <keric@on-e.com> San Diego, CA <keric@cyberiron.com> ----------------------------------------------------------------------- "..and then my doctor said my nose wouldn't bleed so much if I just kept my finger outta there!" -- Ralph Wiggum
On Wed, 18 Nov 1998, Chris Williams wrote:
phraseology of the "Best Practices for Being Permanently Added to the RBL", that web hosting services are being treated unfairly in the following circumstance:
First, nobody gets "permenantly added" to the RBL. There are well documented methods for getting off the RBL once added to it. Besides, the RBL is a service the users of which have asked for. i.e. it is totally opt-in. If I choose to not communicate with networks/hosts that the RBL maintainers deem unfavorable, that's my decision. At least that's what we're assuming. I haven't seen any law saying I have to make my network talk to any other network that happens to be connected to the internet. If the RBL is found to be ilegal, what's next? Sprint's prefix filters? If I'm connected to the net, and advertise a /32 via BGP, they better see the advertisement and talk to me, or they're cutting their entire network and their customers off from part of the net.
Company S(pam) has a web site, hosted on the servers of web-presence-provider Company P(rovider). Company S uses the services of Company X to send out massive loads of SPAM, with referencing the web site and even e-mail addresses hosted by Company H. Now, if I'm hearing what's being said on this list correctly, Company H is being expected to pull the website they host for Company S (or else be blackholed), _even though no illegal or spam-generating activity is being generated on their network_. Am I understanding this correctly?!?
Yes...but I think you messed up the lettering above and Company P = Company H. Am I right? The reasoning for this is that in such cases, the spammer is likely to use disposable spam accounts with numerous dialup providers, and there is no effective way to go after them. Each provider just closes the account when they get burried with complaints. Shutting down the web site is akin to steaking out the home of a burgler. You don't know where he'll strike next, so your odds of catching him in the act are poor, so you nail him at home.
By this philosophy, it would seem that if I were to host the web pages of a company which engaged in unwelcome telemarketing (which I personally find much more offensive than SPAM, and which is no more or less illegal in most states), I would be under an obligation to cease providing service to that company!
Many providers against spam have things like the following in their AUP: _3.7a_ The account holder agrees to not, under any circumstances, send unsolicited mass emailings from any Internet account (at FDT or elsewhere), nor to use FDT services for the collection or distribution of address lists to be used for such purposes. The account holder agrees to not, under any circumstances, associate FDT with any such mass mailings. This basically says, you can't spam period. If you do, from here or anywhere else, we can terminate you.
believe that either A) This guy was actually treated unfairly, and has a valid complaint, or B) Nobody cares enough to say "hey, wait a minute, there's been a failure in communication, let's see if we can work this out."
C) This guy is hosting the web site for a spammer, and doesn't care that the company is spamming to advertise their site, so he's made to feel the pain of others. ----don't waste your cpu, crack rc5...www.distributed.net team enzo--- Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or Network Administrator | nestea'd...whatever it takes Florida Digital Turnpike | to get the job done. ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key________
participants (6)
-
alex@relcom.EU.net -
Ben Black -
Chris Williams -
Eric Anderson -
Jon Lewis -
Ray Everett-Church