Re: RBL quandry - opinions hereby solicited
I don't really see this as SPAM. It's is annoying, but I would place it in the same classification as a credit card company, one that I hold a card from. sending me junk mail. Since they (Network solutions), have developed this mailing list from infomation you provided to them in registering domain(s). They are entitled to contact you. You may, of course complain, and they (Network solutions), are of course are entitled to take no action. Ron Johnson Paul A Vixie <paul@vix.com> on 11/16/98 02:17:36 AM To: nanog@merit.edu cc: (bcc: Ron Johnson/Enron Communications) Subject: RBL quandry - opinions hereby solicited The RBL team and I are kind of wondering what to do about some spam we got. Because blackholing NSI would be of operational concern to a lot of you, I've decided to ponder this question out loud: ------- Forwarded Message Date: Wed, 11 Nov 1998 08:50:26 PST To: rbl@maps.vix.com Subject: Paul - value call on this Technically, this is an opt-out customer-relationship spam. I think it is a special case, because _there is no where else to go_. 208.226.58.70 should be RBL'ed, IMHO. Help me.
Return-Path: owner-admin1@LISTS.NETSOL.COM Received: from pasteur.netsol.com ([208.226.58.70]) by ns2.galaxy-net.net (8.8.7/8.6.9) with ESMTP id QAA00585; Tue, 10 Nov 1998 16:50:06 -0800 (PST) Received: from pasteur (pasteur [208.226.58.70]) by pasteur.netsol.com (8.9.1/8.9.1) with ESMTP id TAA23788; Tue, 10 Nov 1998 19:40:31 -0500 (EST) Received: from LISTS.NETSOL.COM by LISTS.NETSOL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 0342 for ADMIN1@LISTS.NETSOL.COM; Tue, 10 Nov 1998 15:01:15 -0500 Received: (from listmngr@localhost) by pasteur.netsol.com (8.9.1/8.9.1) id PAA18548 for admin1@lists.netsol.com; Tue, 10 Nov 1998 15:01:14 -0500 (EST) X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Message-ID: <199811102001.PAA18548@pasteur.netsol.com> Date: Tue, 10 Nov 1998 15:01:14 -0500 Reply-To: admin-remove@LISTS.NETSOL.COM Sender: Owner-Admin <owner-admin@LISTS.NETSOL.COM> From: List Manager Account <listmngr@LISTS.NETSOL.COM> Subject: Network Solutions' E-Commerce Update To: ADMIN1@LISTS.NETSOL.COM Content-Type: text/plain; charset=US-ASCII
###########################
Dear Customer,
You are a valued customer and we want to help increase and protect the value of your domain name. As a free added benefit of your domain name registration, we would like to send you our "E-Commerce Update" from time to time. In these updates, we will try to identify helpful information and news that you can use to enhance the value of your Web address. If you do not wish to receive this newsletter in the future, simply respond to this e-mail with the word "remove" in the first line of the message. If you have any questions or comments, please send them to hostmaster@internic.net.
Network Solutions - the world's leading provider of domain name services -- together with VeriSign -- the world's leading Web security provider -- has published a new informative guide to on-line security, "Securing Your Web Site for Business."
"Securing Your Web Site for Business" outlines the options you have to secure and protect your Web site. By downloading your free copy (http://www.verisign.com/nsi/whitepaper), you will be able to learn how easy it is to secure your site in order to protect yourself and your customers.
Issues covered in "Securing Your Web Site for Business" include:
* Why on-line security problems could slow the growth of your business * How to maximize your on-line security at a low cost * How to accept credit cards and sell products on-line---securely * What a Digital ID is * Why you need a Digital ID * How to obtain a Digital ID for your Web site
As an additional service to our customers, Network Solutions and VeriSign bring you a special free trial version Secure Server ID. VeriSign Secure Server IDs are the security solution currently used by over 90 percent of Web sites conducting secure online commerce and this free trial will allow you to experience how easy Web site security can be. Please visit us at http://www.verisign.com/nsi/trial to start experiencing the benefits of on-line security today.
We would also like to take this opportunity to remind you of the importance of keeping your Network Solutions domain name records up to date. Incorrect data can result in your next invoice being delivered to the wrong location, and may cause delays when you request other services such as a Secure Server Digital ID. To review your domain name records and the associated information go to http://www.internic.net/verisign/update.html.
Thank you for being a Network Solutions customer. We look forward to serving your future domain name needs.
Sincerely,
Doug Wolford Senior Vice President
------- End of Forwarded Message
Except for one problem: What other gTLD choices do you have if you don't like their policy? -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization. On Mon, Nov 16, 1998 at 09:45:56AM -0800, Ron_Johnson@enron.net wrote:
I don't really see this as SPAM. It's is annoying, but I would place it in the same classification as a credit card company, one that I hold a card from. sending me junk mail. Since they (Network solutions), have developed this mailing list from infomation you provided to them in registering domain(s). They are entitled to contact you. You may, of course complain, and they (Network solutions), are of course are entitled to take no action.
Ron Johnson
Paul A Vixie <paul@vix.com> on 11/16/98 02:17:36 AM
To: nanog@merit.edu cc: (bcc: Ron Johnson/Enron Communications) Subject: RBL quandry - opinions hereby solicited
The RBL team and I are kind of wondering what to do about some spam we got. Because blackholing NSI would be of operational concern to a lot of you, I've decided to ponder this question out loud:
------- Forwarded Message
Date: Wed, 11 Nov 1998 08:50:26 PST To: rbl@maps.vix.com Subject: Paul - value call on this
Technically, this is an opt-out customer-relationship spam.
I think it is a special case, because _there is no where else to go_.
208.226.58.70 should be RBL'ed, IMHO. Help me.
Return-Path: owner-admin1@LISTS.NETSOL.COM Received: from pasteur.netsol.com ([208.226.58.70]) by ns2.galaxy-net.net (8.8.7/8.6.9) with ESMTP id QAA00585; Tue, 10 Nov 1998 16:50:06 -0800 (PST) Received: from pasteur (pasteur [208.226.58.70]) by pasteur.netsol.com (8.9.1/8.9.1) with ESMTP id TAA23788; Tue, 10 Nov 1998 19:40:31 -0500 (EST) Received: from LISTS.NETSOL.COM by LISTS.NETSOL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 0342 for ADMIN1@LISTS.NETSOL.COM; Tue, 10 Nov 1998 15:01:15 -0500 Received: (from listmngr@localhost) by pasteur.netsol.com (8.9.1/8.9.1) id PAA18548 for admin1@lists.netsol.com; Tue, 10 Nov 1998 15:01:14 -0500 (EST) X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Message-ID: <199811102001.PAA18548@pasteur.netsol.com> Date: Tue, 10 Nov 1998 15:01:14 -0500 Reply-To: admin-remove@LISTS.NETSOL.COM Sender: Owner-Admin <owner-admin@LISTS.NETSOL.COM> From: List Manager Account <listmngr@LISTS.NETSOL.COM> Subject: Network Solutions' E-Commerce Update To: ADMIN1@LISTS.NETSOL.COM Content-Type: text/plain; charset=US-ASCII
###########################
Dear Customer,
You are a valued customer and we want to help increase and protect the value of your domain name. As a free added benefit of your domain name registration, we would like to send you our "E-Commerce Update" from time to time. In these updates, we will try to identify helpful information and news that you can use to enhance the value of your Web address. If you do not wish to receive this newsletter in the future, simply respond to this e-mail with the word "remove" in the first line of the message. If you have any questions or comments, please send them to hostmaster@internic.net.
Network Solutions - the world's leading provider of domain name services -- together with VeriSign -- the world's leading Web security provider -- has published a new informative guide to on-line security, "Securing Your Web Site for Business."
"Securing Your Web Site for Business" outlines the options you have to secure and protect your Web site. By downloading your free copy (http://www.verisign.com/nsi/whitepaper), you will be able to learn how easy it is to secure your site in order to protect yourself and your customers.
Issues covered in "Securing Your Web Site for Business" include:
* Why on-line security problems could slow the growth of your business * How to maximize your on-line security at a low cost * How to accept credit cards and sell products on-line---securely * What a Digital ID is * Why you need a Digital ID * How to obtain a Digital ID for your Web site
As an additional service to our customers, Network Solutions and VeriSign bring you a special free trial version Secure Server ID. VeriSign Secure Server IDs are the security solution currently used by over 90 percent of Web sites conducting secure online commerce and this free trial will allow you to experience how easy Web site security can be. Please visit us at http://www.verisign.com/nsi/trial to start experiencing the benefits of on-line security today.
We would also like to take this opportunity to remind you of the importance of keeping your Network Solutions domain name records up to date. Incorrect data can result in your next invoice being delivered to the wrong location, and may cause delays when you request other services such as a Secure Server Digital ID. To review your domain name records and the associated information go to http://www.internic.net/verisign/update.html.
Thank you for being a Network Solutions customer. We look forward to serving your future domain name needs.
Sincerely,
Doug Wolford Senior Vice President
------- End of Forwarded Message
I don't really see this as SPAM. It's is annoying, but I would place it in the same classification as a credit card company, one that I hold a card from. sending me junk mail. Since they (Network solutions), have developed this mailing list from infomation you provided to them in registering domain(s).
They are entitled to contact you. You may, of course complain, and they (Network solutions), are of course are entitled to take no action.
Ron Johnson
According to the rules MAPS follows when dealing with other RBL candidates, if there is no reliable way to stop someone from sending you e-mail, then it makes no difference that they have some preexisting relationship with you. In other words it's the fact that they won't stop, rather than the fact that we have no ability to take our business elsewhere, that has qualified them for the RBL. Probably the 208.226.58.70/32 server, which handles only netsol and not internic business, will go on the MAPS RBL later today. We're trying to reach them by phone one last time.
At 10:16 11/16/98 -0800, you wrote:
In other words it's the fact that they won't stop, rather than the fact that we have no ability to take our business elsewhere, that has qualified them for the RBL.
Probably the 208.226.58.70/32 server, which handles only netsol and not internic business, will go on the MAPS RBL later today. We're trying to reach them by phone one last time.
That seems entirely fair since it was NSI, not InterNIC, that sent the spam. Spammers should be investigated by Ken Starr! Dean Robb PC-EASY computer services (757) 495-EASY [3279]
I would suggest that they would not be RBLed as 1] this is a list that can be easily (I assume) opted out of. 2] They are sending to folks that use the service. 3] I see no effort below from the RBL team to try to correct their issues before action to put them on the RBL. I would suggest that the RBL team suggest that there be a "kinder" way of folks opting into this "list" although I have seen much worse from "legit" mailing lists programs (majordomo) and maintainers (egroups). A "kinder" way that could be suggested would be to annouce the list as an opt-in in some missive that NSI normally sends out such as domain payment requests. Tim Pozar -- Tim Pozar, Dir. of Operations Bright Light Technologies, Inc. 415.905.5595(w) 915 Cole Street, No. 338 415.905.5188(f) San Francisco, CA 94117 Now hiring Anti-Spam Experts, Sr. Sales Execs, Sys-Admins, and Sr. Product Marketing Mngrs. -- Ron_Johnson@enron.net wrote:
Paul A Vixie <paul@vix.com> on 11/16/98 02:17:36 AM
To: nanog@merit.edu cc: (bcc: Ron Johnson/Enron Communications) Subject: RBL quandry - opinions hereby solicited
The RBL team and I are kind of wondering what to do about some spam we got. Because blackholing NSI would be of operational concern to a lot of you, I've decided to ponder this question out loud:
------- Forwarded Message
Date: Wed, 11 Nov 1998 08:50:26 PST To: rbl@maps.vix.com Subject: Paul - value call on this
Technically, this is an opt-out customer-relationship spam.
I think it is a special case, because _there is no where else to go_.
208.226.58.70 should be RBL'ed, IMHO. Help me.
Return-Path: owner-admin1@LISTS.NETSOL.COM Received: from pasteur.netsol.com ([208.226.58.70]) by ns2.galaxy-net.net (8.8.7/8.6.9) with ESMTP id QAA00585; Tue, 10 Nov 1998 16:50:06 -0800 (PST) Received: from pasteur (pasteur [208.226.58.70]) by pasteur.netsol.com (8.9.1/8.9.1) with ESMTP id TAA23788; Tue, 10 Nov 1998 19:40:31 -0500 (EST) Received: from LISTS.NETSOL.COM by LISTS.NETSOL.COM (LISTSERV-TCP/IP release 1.8c) with spool id 0342 for ADMIN1@LISTS.NETSOL.COM; Tue, 10 Nov 1998 15:01:15 -0500 Received: (from listmngr@localhost) by pasteur.netsol.com (8.9.1/8.9.1) id PAA18548 for admin1@lists.netsol.com; Tue, 10 Nov 1998 15:01:14 -0500 (EST) X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Message-ID: <199811102001.PAA18548@pasteur.netsol.com> Date: Tue, 10 Nov 1998 15:01:14 -0500 Reply-To: admin-remove@LISTS.NETSOL.COM Sender: Owner-Admin <owner-admin@LISTS.NETSOL.COM> From: List Manager Account <listmngr@LISTS.NETSOL.COM> Subject: Network Solutions' E-Commerce Update To: ADMIN1@LISTS.NETSOL.COM Content-Type: text/plain; charset=US-ASCII
###########################
Dear Customer,
You are a valued customer and we want to help increase and protect the value of your domain name. As a free added benefit of your domain name registration, we would like to send you our "E-Commerce Update" from time to time. In these updates, we will try to identify helpful information and news that you can use to enhance the value of your Web address. If you do not wish to receive this newsletter in the future, simply respond to this e-mail with the word "remove" in the first line of the message. If you have any questions or comments, please send them to hostmaster@internic.net.
Network Solutions - the world's leading provider of domain name services -- together with VeriSign -- the world's leading Web security provider -- has published a new informative guide to on-line security, "Securing Your Web Site for Business."
"Securing Your Web Site for Business" outlines the options you have to secure and protect your Web site. By downloading your free copy (http://www.verisign.com/nsi/whitepaper), you will be able to learn how easy it is to secure your site in order to protect yourself and your customers.
Issues covered in "Securing Your Web Site for Business" include:
* Why on-line security problems could slow the growth of your business * How to maximize your on-line security at a low cost * How to accept credit cards and sell products on-line---securely * What a Digital ID is * Why you need a Digital ID * How to obtain a Digital ID for your Web site
As an additional service to our customers, Network Solutions and VeriSign bring you a special free trial version Secure Server ID. VeriSign Secure Server IDs are the security solution currently used by over 90 percent of Web sites conducting secure online commerce and this free trial will allow you to experience how easy Web site security can be. Please visit us at http://www.verisign.com/nsi/trial to start experiencing the benefits of on-line security today.
We would also like to take this opportunity to remind you of the importance of keeping your Network Solutions domain name records up to date. Incorrect data can result in your next invoice being delivered to the wrong location, and may cause delays when you request other services such as a Secure Server Digital ID. To review your domain name records and the associated information go to http://www.internic.net/verisign/update.html.
Thank you for being a Network Solutions customer. We look forward to serving your future domain name needs.
Sincerely,
Doug Wolford Senior Vice President
------- End of Forwarded Message
I would suggest that they would not be RBLed as
1] this is a list that can be easily (I assume) opted out of.
no. there is no way to opt out of it.
2] They are sending to folks that use the service.
yes. which is: everybody who has a domain in COM, NET, or ORG.
3] I see no effort below from the RBL team to try to correct their issues before action to put them on the RBL.
as a result of this nanog thread, folks from netsol are finally appearing willing to talk to us. we're waiting on a call back from their sales dept since it's their policy.
I would suggest that the RBL team suggest that there be a "kinder" way of folks opting into this "list" although I have seen much worse from "legit" mailing lists programs (majordomo) and maintainers (egroups).
now that they're talking to us, we're doing that.
A "kinder" way that could be suggested would be to annouce the list as an opt-in in some missive that NSI normally sends out such as domain payment requests.
as long as there is an existing customer relationship (i.e., money has changed hands -- not just "you surfed our web site, now here's your spam") i have no objection to an opt-in initial probe, and while i object lightly to an opt-out initial probe i won't blackhole somebody over it. but there's no way to make this stuff stop, and that's just unacceptable in light of the fact that we are ALL forced by current circumstances to be netsol "customers".
At 09:45 11/16/98 -0800, you wrote:
I don't really see this as SPAM. It's is annoying, but I would place it in the same classification as a credit card company, one that I hold a card from. sending me junk mail. Since they (Network solutions), have developed this mailing list from infomation you provided to them in registering domain(s). They are entitled to contact you. You may, of course complain, and they (Network solutions), are of course are entitled to take no action.
That's not correct at all. Just because you provide information for one purpose does not, and should not, be blanket permission to use that information for any other purposes. When you provide info to the credit card company, you can usually tell them you don't want junk mail from them. Even if you cannot, it's not reasonable to expect junk mail from, say, a vacuum cleaner company that has a deal with the credit card company. This is a perfect example of NSI's use of their database as a mailing list...something they have repeatedly denied that they will do (despite what their SEC filings say). The email was not for the benefit of NSI, it was for the benefit of Verisign...but the mailing list was not developed by Verisign nor were the spams sent from Verisign. NSI sold their database and mailing services like any common street whor^H^H^H spammer. And they probably didn't even sell it, given the inside track Verisign has there. You provided your information for registering a domain. That was the purpose for which the relationship was established. NSI could reasonably send you UCE relating to your domain registration because that relates to the relationship. This crap does not count. Remember that this spam is NOT touting an NSI service (they could get away with something touting WorldNIC, for example) but shilling another company's service. NOTE: Remember that they did this last spring, too...resulting in much outcry. I suppose we can look forward to more of it in the future. Spammers should be investigated by Ken Starr! Dean Robb PC-EASY computer services (757) 495-EASY [3279]
On Mon, Nov 16, 1998 at 09:01:11PM -0500, Dean Robb wrote:
the relationship. This crap does not count. Remember that this spam is NOT touting an NSI service (they could get away with something touting WorldNIC, for example) but shilling another company's service.
Well, unfortunately, although I don't like the mailings, they *can* claim the "existing business relationship". It would be nice, as I've already mentioned, if they'd let people opt-in when they registered a domain. -- Steve Sobol [sjsobol@nacs.net] Part-time Support Droid [support@nacs.net] NACS Spaminator [abuse@nacs.net] Spotted on a bumper sticker: "Possum. The other white meat."
Well, unfortunately, although I don't like the mailings, they *can* claim the "existing business relationship". It would be nice, as I've already mentioned, if they'd let people opt-in when they registered a domain.
I've seen the "existing business relationship" used in several new laws and AUP's. What I'm wondering is if anyone has a feel for how far this goes. Let me give some examples: 1) I buy a general electric light bulb, can they now spam me to buy a locomotive? 2) I buy a circuit from MFS. Can UUNet now spam me to buy internet service? (Reminder, Worldcom owns MFS, UUNet, and many others.) 3) I buy a ford truck, can I now get spam to buy a Lincoln? I think you see where I'm going with this. How far does a business relationship extend? -- Leo Bicknell - bicknell@ufp.org Systems Engineer - Internetworking Engineer - CCIE 3440 Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
On 11/17/98, Leo Bicknell <bicknell@ufp.org> wrote:
I think you see where I'm going with this. How far does a business relationship extend?
We'd probably have to wait for a judge to decide. -- J.D. Falk <jdfalk@cp.net> "Nathan says hi." Special Agent In Charge (Abuse Issues) Critical Path, Inc.
At 9:45 AM -0800 11/16/98, Ron_Johnson@enron.net wrote:
I don't really see this as SPAM. It's is annoying, but I would place it in the same classification as a credit card company, one that I hold a card from. sending me junk mail. Since they (Network solutions), have developed this mailing list from infomation you provided to them in registering domain(s). They are entitled to contact you. You may, of course complain, and they (Network solutions), are of course are entitled to take no action.
Ron Johnson
ron, the difference is, if you hold a credit card from a company that contacts you all the time with at best uninteresting offers, you have the CHOICE to seek another credit card company. at the MOMENT, who of us has an option to seek another company to register domains with? it's spam. in my humble opinion, paul, they should be warned that they are in danger of being added to the blackhole list...if and only because so many of us DO have to rely on them. the warning should be along the lines of no UCE, put something on your webpage for an opt IN choice if someone does want to receive information on this site. if they don't respond...*shrug* treat them just like any other spammer. personally i think it is worse that they are sending UCE because they know they have a captive audience and there isn't TOO much we can do about it. melinda thompson ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ life is a constant stream of people coming into and out of your life... sometimes you get to grab hold of one or two of them for a while... ima@badhabit.org http://www.ircd.com/meldatlist.html PGP Fingerprint: 5E9F 31EF DF11 A3EF F3E4 CB3C 9F42 2EC8 BCD0 C607 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Melinda wrote...
it's spam. in my humble opinion, paul, they should be warned that they are in danger of being added to the blackhole list...if and only because so many of us DO have to rely on them. the warning should be along the lines of no UCE, put something on your webpage for an opt IN choice if someone does want to receive information on this site. if they don't respond...*shrug* treat them just like any other spammer.
personally i think it is worse that they are sending UCE because they know they have a captive audience and there isn't TOO much we can do about it.
melinda thompson
My suggestion would be that Paul draft a letter of intent, indicating the problem, why they are being given this note instead of being handled like others, what is the expected behavior, and the consequence of future action (ie treat as any other), suggest an alternative (opt-in checkoff), cc: here on nanog. Anyone who would then like to 'sign the petition' to give them an idea of the support behind the intention statement in their customer base, is suggested to forward a copy plus any additional statement on to the original recipient. sarah baker
participants (10)
-
Dean Robb
-
J.D. Falk
-
Karl Denninger
-
Leo Bicknell
-
melinda b. thompson
-
Paul A Vixie
-
Ron_Johnson@enron.net
-
Sarah Baker
-
Steven J. Sobol
-
Tim Pozar