RBL Update (Re: Lets go vixie!! rbl)
paradox@nac.net (Ryan Pavely) writes:
Wholy jesus :)
http://maps.vix.com/cgi-bin/lookup?207.68.152.137
ps.. 207.68.152.137=msn.com's mx host.
well, ok, so we blackholed microsoft (for the second time now). the blockade lasted 3.5 days, and they used several interesting tricks: first they moved their mail relays to different addresses -- hoping, i suppose, that we would not notice the spam being relayed through the new set? then they sent out a simply *amazing* bit of direction to their customers (many of them, it seems, were calling the 1-800-* number asking why their mail was bouncing). we heard it from one of their customers who was kind enough to include in their complaint to us the mail they'd been given by their microsoft network representative: |Greetings-- | |I am at a loss. I contacted MSN to see what it could do about helping |correct a problem with mail we send to my wife's sister. It says it cannot |help me. What do I have to do in order to send mail to this family member? | |I am enclosing MSN's response to my query; it includes my message sending |them to the MAPS screens: |---------------------------------------------------------- |Hello, | |Thank you for posting to Ask msn Member Support. I appreciate the |opportunity to assist you. | |We apologize for the inconvenience of having your mail blocked by this |server. I have visited the website that the message referred you to and |regret to inform you that we can do nothing from MSN as far as |configuration settings to your system to stop them from blocking the mail. |It is their system that set the block, and it will need to be their system |that removes it. According to the website that you were referred to they |are only blocking that particular IP address. If in fact this is true then |you should be able to send E-mail after you log off MSN and log back on. |MSN gives you a new IP address each time you log on. I do not know for |sure, but am more likely to believe that they have in fact blocked all MSN |and MSN.COM domain names from sending mail. If this is true then even |changing IP addresses will not help you send mail to the address you are |attempting to mail. You need to contact the postmaster of the domain you |are attempting to send mail through. In all likelihood this would be |addressed as "postmaster@(domain name.com)" where (domain name) represents |the name of the ending of the address you are attempting to send to. For |example...if you were attempting to send to an MSN address it would be |"postmaster@msn.com" I apologize for the trouble, but if anyone can stop |this domain from blocking users mail transport it is the domain itself. |Hope this helps explain things. | |In order to ensure a quick response to future concerns; please continue to |utilize the on-line forms at the address provided below. If you reply to |this email, be sure to include the original message. | |http://memberservices.msn.com/ | |We hope you are enjoying The Microsoft Network, and we look forward to |meeting all your service needs. | |Thanks, |msn Member Support and i have to admit, until i saw the above text, i was worried that maybe we shouldn't have blackholed MSN. whenever we have to blackhole something large, we get mail from RBL subscribers asking "are you crazy?" or similar. i hate to shake the tree too hard all at once -- the wrong things fall out. but when i saw what microsoft was telling their customers, it became clear to me that this was a battle we could not avoid. hearts and minds, etc. i'd like to correct one misimpression, though: i don't do the RBL alone. i make the decision whenever we have to blackhole somebody, since i'm the one that gets sued. but there's a team of volunteers working night and day to research spam sources and relays, answer phones, help people reconfigure their sendmail (or other mailers), and fill my inbox with just the really *high*quality* spam rather than the run-of-the-mill stuff that doesn't need blackholing (or which came from or through a place that was willing to plug their spam leak.) any indication you may have seen that i could last even five minutes as the main and only RBL guy was incorrect, and holding that view in any form would dishonour the very real and necessary work performed by the whole MAPS RBL team. microsoft, btw, finally called in late this morning and said "ok, we give up, we'll turn off third party relay on our mail gateways." it's not done yet, but they told us when to expect it to be done, and so we've removed them from the RBL until at least that time. we're still getting about two complaints per minute from the backlog of msn.com customers who are only now getting back and finding bounced mail in their inboxes. hopefully it'll level off soon. the only other fun thing i'd've said had i made it to NANOG for my usual RBL status update this last time, is that someone asked us to remove 2.0.0.0/8 from the RBL since the IP address of their mail server ended in ".2" and some customer had done a manual "nslookup" in the RBL.MAPS.VIX.COM zone for their address but without reversing it first (remember, we're like IN-ADDR.ARPA) and had cancelled a leased T1 on the basis that they refused to deal with spammers. OUCH! i hate it when that happens. i offered to intercede, but was told that it was just too late. however, we can't removed 2.0.0.0/8 from the RBL until IANA allocates it, as we still get periodic complaints from people who get blackholed when they try to use unallocated address space. we ask where they got their address space and then we never hear back from them. but note -- the only reason it doesn't work for them is the RBL; there's not wide-enough-spread ingress route filtering going on out there, since most of the net, except for RBL subscribers, is actually reachable from unallocated address space. i know that jerry and tony and others are working on this, but i thought i'd point out to those assembled that it's a REAL problem -- try it yourself and note how far you can get, assuming that your BGP neighbors don't filter ingress, it's definitely a safe bet that THEIR neighbors won't. -- Paul Vixie La Honda, CA "Many NANOG members have been around <paul@vix.com> longer than most." --Jim Fleming pacbell!vixie!paul (An H.323 GateKeeper for the IPv8 Network)
Always a good sport, I will take bets in the MSN vs Vixie battle. ;-) I don't think its going to be quite so easy for MSN to turn off mail relaying, without breaking a lot of corporate customers. Of course, Vixie didn't say when the date was to expect MSN to stop relaying. Is it a few days or a few years? I think its facinating that Vix can take them out of the RBL, and then claim it was MSN who gave up. "Retreat and declare victory" I guess. But we'll see I guess, in a few days or a few years. Seriously Paul, I would like to have some kind of announcement made on Nanog before you do that again, so that people can tell you not to do it. Breaking a large service provider is definitely an operational issue. How much do you suppose such a service interuption cost the companies who couldn't communictate? Spam actually costs next to nothing, but being on a trip and losing email contact with your company can be quite expensive. I can't help but wonder if the "blockers" were only blocking email to which they are a party under 18 USC 2511. Of course, many know the opposing view, that RBL causes third party relaying, and that usenet canceling causes multiple reposts of the same message, resulting in drug-addict like behavior: More cancels result in more reposts. Pull the cancel drug, and it hurts when one is inundated with multiple reposts, but the anti-spam drug is the source and cause of the problem. This sort of anti-spam activity is destructive and harmful for the rest of us, who must put up with ever increasing volume of usenet posts and cancels, and more creative relaying/anonymizing(new word?) techniques by spammers. It illustrates why anti-spam is a bad idea. Now that we are completely "addicted" to usenet cancels, how long before the cancelers start to extort "support" money from ISPs? I think we can and should stop the cancelers: Get rid of that addiction now. It will not be painless, but it will only get worse. Canceling other people's posts is abusive behavior by any definition. What Vix is doing probably isn't illegal by itself, though it might possibly violate trademark or the new copyright law when domain names are used. I don't think he is likely to get sued. However, using the RBL could be illegal if one isn't a party to the email being blocked. The legislative history of 18 USC 2511 indicates it was specifically meant to apply to email. I wish I knew that last year. For example, if Above.net blocked mail betweeen company X and an MSN customer, and they are not an agent of company X or the MSN customer, they are probably in trouble by 2511. Of course, one of the parties to the email has to figure out where the mail was blocked, and notice that the blocker isn't a party to the email. Then they have to know that there is a federal law that prohibits that. And finally, they have to seek enforcement. --Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP/DCE http://www.av8.com We Make IT Fly! (617)242-3091 x246 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Dean Anderson writes:
Seriously Paul, I would like to have some kind of announcement made on Nanog before you do that again, so that people can tell you not to do it. Breaking a large service provider is definitely an operational issue. How much do you suppose such a service interuption cost the companies who couldn't communictate?
No one forces you to use the RBL. Personally, I feel Paul did the right thing. If you don't feel he did the right thing, feel free to not use the RBL.
Of course, many know the opposing view, that RBL causes third party relaying,
And with time, that is becoming less and less prevalent. Eventually, it will largely disappear.
Now that we are completely "addicted" to usenet cancels, how long before the cancelers start to extort "support" money from ISPs?
Forever.
What Vix is doing probably isn't illegal by itself, though it might possibly violate trademark or the new copyright law when domain names are used.
Huh? Quit playing lawyer. You don't do it well. Paul could be sued on lots of bases, but it would be rather difficult to claim he was violating trademark or copyright even on the most strained of premises. Among other things, Mr. Anderson, HE DOESN'T BLOCK BASED ON NAMES. The RBL doesn't contain a single domain name. Even if it did, such a claim would be almost impossible to press, but given that he doesn't, it would be completely impossible to press. Perry
On 06/15/98, "Perry E. Metzger" <perry@piermont.com> wrote:
No one forces you to use the RBL. Personally, I feel Paul did the right thing. If you don't feel he did the right thing, feel free to not use the RBL.
...or start your own, using your rules instead of the MAPS volunteers' rules. -- J.D. Falk <jdfalk@criticalpath.net> Special Agent In Charge (Abuse Issues) Critical Path, Inc.
Dean Anderson wrote:
Seriously Paul, I would like to have some kind of announcement made on Nanog before you do that again, so that people can tell you not to do it. Breaking a large service provider is definitely an operational issue. How
I'm suprised that people haven't done a better job at building better SMTP filters.. Unfortunately what I wrote was on company time, so I can't release it (grrrrrr), but I definately have the flexability to do stuff like this (indeed, this isn't the first time MSN mail was blocked, and I was not affected by Vixie's decisions): + :rbl:true * * 550 You are on Vixie's list, see ... [macros to generate http address] or contact postmaster@calweb.com to override the RBL. + any:msn.com any:msn.com * 250 Permit MSN's machines to send MSN-originated email I'm not sure how easy/hard it would be to maintain *sendmail* that way.. However, as a seperate process, there isn't that much overhead on what I'm currently running to make intelligent decisions following a list of rules, that do things like override MSN-originated email (we still refuse 151251@34581235.com from MSN boxes), to require juno.com email actually come from juno.com email servers, and other silly tricks. I get 1-2 emails a week for individuals that get caught by the frontend that are legimate, which get immediately put into the rulesets. Anyone who can read the bounce message, is by definition from a valid email address..
On Tue, Jun 16, 1998 at 01:53:55AM -0400, Dean Anderson wrote:
What Vix is doing probably isn't illegal by itself, though it might possibly violate trademark or the new copyright law when domain names are used. I don't think he is likely to get sued. However, using the RBL could be illegal if one isn't a party to the email being blocked. The legislative history of 18 USC 2511 indicates it was specifically meant to apply to email. I wish I knew that last year.
Not applicable. The people who lose connectivity to the places Vix blackholes _specifically request_ that behavior -- indeed, they _must_ turn the feed on by hand. Their customers might have cause of action against _them_; _no one_ has cause for action against Paul.
For example, if Above.net blocked mail betweeen company X and an MSN customer, and they are not an agent of company X or the MSN customer, they are probably in trouble by 2511. Of course, one of the parties to the email has to figure out where the mail was blocked, and notice that the blocker isn't a party to the email. Then they have to know that there is a federal law that prohibits that. And finally, they have to seek enforcement.
I think that logic's faulty, too, Dean. The interim provider certainly has right of control over it's own equipment; if the provider feels that spam and such are impeding it's ability to provide such service, it is certainly within it's rights to fix the problem. If it's customers don't like this, it's certainly not impossible for it to move to another provider. Cheers, -- jr 'If you need a lawyer, hire one' a -- Jay R. Ashworth jra@baylink.com Member of the Technical Staff Unsolicited Commercial Emailers Sued The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby, Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592 Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com
I think that logic's faulty, too, Dean. The interim provider certainly has right of control over it's own equipment; if the provider feels that spam and such are impeding it's ability to provide such service, it is certainly within it's rights to fix the problem. If it's customers don't like this, it's certainly not impossible for it to move to another provider.
I would have to agree with this, but I would say that the caveat is that the ISP should notify the customer (somewhere, anywhere) that they use the RBL (or at least that the ISP reserves the right to block domains and/or hosts from connecting/sending to the mail server). It can be in the fine print of the multi-page AUP that the customer gets shoved under their nose, but it should be in there. Derek
On 06/16/98, Derek Balling <dredd@megacity.org> wrote:
I would have to agree with this, but I would say that the caveat is that the ISP should notify the customer (somewhere, anywhere) that they use the RBL (or at least that the ISP reserves the right to block domains and/or hosts from connecting/sending to the mail server). It can be in the fine print of the multi-page AUP that the customer gets shoved under their nose, but it should be in there.
So far, the consensus seems to be that an ISP should notify their customers of any filtering policies. In fact, I have yet to see anybody disagree. So why are we continuing this argument? -- J.D. Falk <jdfalk@cp.net> Special Agent In Charge (Abuse Issues) Critical Path, Inc.
On Tue, Jun 16, 1998 at 12:51:07PM -0500, Derek Balling wrote:
I think that logic's faulty, too, Dean. The interim provider certainly has right of control over it's own equipment; if the provider feels that spam and such are impeding it's ability to provide such service, it is certainly within it's rights to fix the problem. If it's customers don't like this, it's certainly not impossible for it to move to another provider.
I would have to agree with this, but I would say that the caveat is that the ISP should notify the customer (somewhere, anywhere) that they use the RBL (or at least that the ISP reserves the right to block domains and/or hosts from connecting/sending to the mail server). It can be in the fine print of the multi-page AUP that the customer gets shoved under their nose, but it should be in there.
The agreement Paul Vixie makes RBL users sign states that EXPLICITLY. You are not allowed to use the RBL unless you disclose such use fully to your customers and/or downstreams.
Derek
-- Steven J. Sobol - Founding Member, Postmaster/Webmaster, ISP Liaison -- Forum for Responsible & Ethical E-mail (FREE) - Dedicated to education about, and prevention of, Unsolicited Broadcast E-mail (UBE), also known as SPAM. Info: http://www.ybecker.net
On Wed, 17 Jun 1998, Steve Sobol wrote:
I would have to agree with this, but I would say that the caveat is that the ISP should notify the customer (somewhere, anywhere) that they use the RBL (or at least that the ISP reserves the right to block domains and/or
The agreement Paul Vixie makes RBL users sign states that EXPLICITLY. You are not allowed to use the RBL unless you disclose such use fully to your customers and/or downstreams.
The agreement explicitly says nothing of the sort. At least not the one I signed. Did you look at the one you signed? Did you sign one? fdt-gw#The agreement Paul Vixie makes RBL users sign states that EXPLICITLY ^ % Invalid input detected at '^' marker. Can we please argue about the merits/evils of the RBL elsewhere? ------------------------------------------------------------------ Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or Network Administrator | drawn and quartered...whichever Florida Digital Turnpike | is more convenient. ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
At 07:34 PM 6/17/98 -0400, you wrote:
On Tue, Jun 16, 1998 at 12:51:07PM -0500, Derek Balling wrote:
I think that logic's faulty, too, Dean. The interim provider certainly has right of control over it's own equipment; if the provider feels that spam and such are impeding it's ability to provide such service, it is certainly within it's rights to fix the problem. If it's customers don't like this, it's certainly not impossible for it to move to another provider.
I would have to agree with this, but I would say that the caveat is that the ISP should notify the customer (somewhere, anywhere) that they use the RBL (or at least that the ISP reserves the right to block domains and/or hosts from connecting/sending to the mail server). It can be in the fine print of the multi-page AUP that the customer gets shoved under their nose, but it should be in there.
The agreement Paul Vixie makes RBL users sign states that EXPLICITLY. You are not allowed to use the RBL unless you disclose such use fully to your customers and/or downstreams.
"Makes"... makes how? I simply enabled it in my sendmail configs and ran with it. Didn't even SEE where it mentioned that I *HAD* to go agree to stuff. Now granted, in my case, its on my personal mail server and doesn't affect anyone anyways, but there needs to be more emphasis placed on this. A lot of people will know what the RBL is, and enable it in Sendmail, and it will work, and they won't have even visited Paul's site to read "the rules of the game" so to speak. Dunno what the solution is, but I can see a somewhat real problem here. Derek
At 07:34 PM 6/17/98 -0400, Steve Sobol wrote:
The agreement Paul Vixie makes RBL users sign states that EXPLICITLY. You are not allowed to use the RBL unless you disclose such use fully to your customers and/or downstreams.
this is true if you're using BGP4 to implement the RBL. if you're using the DNS version (which is what i use), there are no documents to sign that i'm aware of; you just point your MTA at the RBL DNS host (if your MTA supports the RBL) and go. ethical sysadmins/isps, of course, inform their users of the RBL regardless. richard -- Richard Welty NeWorks Networking, Inc. 518-244-9675 rwelty@neworks.net http://www.neworks.net/
On Thu, 18 Jun 1998, Richard Welty wrote:
ethical sysadmins/isps, of course, inform their users of the RBL regardless.
we use Exim (http://www.exim.org) to handle mail, and we don't block on RBL active, but there's a standard setting to add a header to indicate that the mail was received from an RBL'd host... thus allowing our customers to filter if they want. has anyone ever heard of an ISP blocking their own customer if their customer is in the RBL? I'd love to hear a telephone call between ISP and customer if this occurred!!! Paul ---- P Mansfield, Senior SysAdmin PSINet, +44-1223-577577x2611/577611 fax:577600 :r~/humour/signature :wq
In message <Pine.GSO.3.93.980622182519.29812v-100000@staff.uk.psi.com>, Paul Ma nsfield writes:
has anyone ever heard of an ISP blocking their own customer if their customer is in the RBL? I'd love to hear a telephone call between ISP and customer if this occurred!!!
Uh, most of the time if the ISPs customer is RBL, the ISP will KNOW about it, from the volume of complaints. (And will probably have had notice from the RBL folks.) Most any ISP that particpates in RBL type blocking is going to turn off any spammer well before they would show up. (We would.)
Paul ---- P Mansfield, Senior SysAdmin PSINet, +44-1223-577577x2611/577611 fax:577600 :r~/humour/signature :wq
--- Jeremy Porter, Freeside Communications, Inc. jerry@fc.net PO BOX 80315 Austin, Tx 78708 | 512-458-9810 http://www.fc.net
Attached is an example of how hotmail blocks outgoing spam mail to help you in your determinations and their abuse policy of spam Henry Paul Mansfield wrote:
On Thu, 18 Jun 1998, Richard Welty wrote:
ethical sysadmins/isps, of course, inform their users of the RBL regardless.
we use Exim (http://www.exim.org) to handle mail, and we don't block on RBL active, but there's a standard setting to add a header to indicate that the mail was received from an RBL'd host... thus allowing our customers to filter if they want.
has anyone ever heard of an ISP blocking their own customer if their customer is in the RBL? I'd love to hear a telephone call between ISP and customer if this occurred!!!
Paul ---- P Mansfield, Senior SysAdmin PSINet, +44-1223-577577x2611/577611 fax:577600 :r~/humour/signature :wq
-- ™¢4i1å Subject: Automated Response from Hotmail Customer Service Date: Mon, 22 Jun 1998 10:31:07 From: "Hotmail Customer Support" <autoresponder@hotmail.com> To: undisclosed-recipients:; Thank you for emailing Hotmail Policy Enforcement (Abuse). The Hotmail Terms of Service (TOS) forbids email abuse, and we strictly enforce the TOS. We also employ tough unsolicited bulk email (aka "spam") counter-measures: 1. We LIMIT the number of individual recipients allowed per each email message, making Hotmail ineffective for sending "spam." 2. We do not allow numeric characters at the beginning of an email address. Any Hotmail Login Name beginning with a NUMERIC character is a forgery. 3. We include the field "X-Originating-IP: [xxx.xxx.xxx.xxx]" in the header of each email message that is delivered via our system. If an email message doesn't contain this field in its full headers, it DID NOT come from Hotmail. 4. We maintain a FULL login IP history for each Hotmail account. 5. We BLOCK our relay hosts so "spammers" can't use them. 6. We have been successful in taking action against senders of unsolicited bulk email who forge Hotmail addresses. If you are writing to report unwanted, abusive, or fraudulent email, please note that you MUST include the full, unedited content of the email message in question, along with the full, unedited message headers. Email programs often display short headers. To display the full headers, please consult your email program's help system. If you are reporting abuse from a non-email source, such as ICQ, chat, or Usenet, you must include the following information in your message: 1. The media involved (chat, ICQ, Usenet, etc.) 2. The Hotmail account involved 3. The content of the offensive or unsolicited message 4. Any user information We will reply to you regarding your concern as soon as possible. You may also reach the Department of Policy Enforcement by telephone at (1)(408) 222-7011 Monday-Friday from 8a.m. to 6p.m. Pacific time. The Hotmail Department of Policy Enforcement is dedicated to eradicating spam, one villain at a time. DO NOT reply to this message. Any messages sent to this address (autoresponder@hotmail.com) will be deleted.
At 01:53 6/16/98 -0400, you wrote:
Seriously Paul, I would like to have some kind of announcement made on Nanog before you do that again, so that people can tell you not to do it. Breaking a large service provider is definitely an operational issue. How much do you suppose such a service interuption cost the companies who couldn't communictate? Spam actually costs next to nothing, but being on a trip and losing email contact with your company can be quite expensive. I can't help but wonder if the "blockers" were only blocking email to which they are a party under 18 USC 2511.
I support and applaud Mr. Vixie's actions, MSN was having major mail relay and spamming problems. The RBL apparently forced them to finally move on their long-planned (according to MS sources), oft-delayed implementations. Bravo. And Mr. Vixie should not have to post his attentions here for any spam apologists to decry. It's his RBL, his rules and he can do as he wishes. He doesn't need anyone's permission. The stance noted above is akin to blaming the police for criminals running...saying "if the police don't pursue, the bad guys won't run and hurt innocents". Kinda has cause and effect reversed, doesn't it? If the crooks don't run, the cops don't have to chase. Likewise, if MSN (or anyone else) plays by the RFCs, is a nice net neighbor, then there is no need for a listing in the RBL. 18 USC 2511 is the US Code regarding wiretapping and intercepting of communications. Inapplicable to this matter as the communications were not intercepted, but blocked. No attempt was made to discover or disclose the contents of the communications, thus not meeting the definition for "intercept". Specious and fallacious argument. Recommend actually reading the code before citing it: http://law2.house.gov/uscode-cgi/ fastweb.exe?getdoc+uscview+t17t20+1002+40++18%20USC%202511
Of course, many know the opposing view, that RBL causes third party relaying, and that usenet canceling causes multiple reposts of the same message, resulting in drug-addict like behavior: More cancels result in more reposts. Pull the cancel drug, and it hurts when one is inundated with multiple reposts, but the anti-spam drug is the source and cause of the problem. This sort of anti-spam activity is destructive and harmful for the rest of us, who must put up with ever increasing volume of usenet posts and cancels, and more creative relaying/anonymizing(new word?) techniques by spammers. It illustrates why anti-spam is a bad idea.
Again the argument that law enforcement causes crime. Specious and silly.
I think we can and should stop the cancelers: Get rid of that addiction now. It will not be painless, but it will only get worse. Canceling other people's posts is abusive behavior by any definition.
Most ISPs now ignore third-party cancels and filter on their own servers. If usnet posters don't spam, then cancellers have nothing cancel.
What Vix is doing probably isn't illegal by itself, though it might possibly violate trademark or the new copyright law when domain names are used. I don't think he is likely to get sued. However, using the RBL could be illegal if one isn't a party to the email being blocked. The legislative history of 18 USC 2511 indicates it was specifically meant to apply to email. I wish I knew that last year.
STRONGLY recommend readers view the actual code and it's legislative history at the above URL. 18 USC 2511 introduced to US Code in Public Law 90-351, June 19, 1968. "Electronic Communications" added to section 2511 by Public Law 100-690, Nov. 18, 1988. Assertion that 18 USC 2511 "was specifically meant to apply to email" is incorrect...as initially written only oral and wire communications were covered.
For example, if Above.net blocked mail betweeen company X and an MSN customer, and they are not an agent of company X or the MSN customer, they are probably in trouble by 2511. Of course, one of the parties to the email has to figure out where the mail was blocked, and notice that the blocker isn't a party to the email. Then they have to know that there is a federal law that prohibits that. And finally, they have to seek enforcement.
Invalid argument caused by not knowing anything about the law cited. Entire argument is a smelly pile of dung. What do spammers and nails have in common? They're both intended for hammering. Dean Robb PC-Easy On-site computer services (757) 495-EASY [3279]
At 6:23 PM -0400 6/16/98, Dean Robb wrote:
STRONGLY recommend readers view the actual code and it's legislative history at the above URL. 18 USC 2511 introduced to US Code in Public Law 90-351, June 19, 1968. "Electronic Communications" added to section 2511 by Public Law 100-690, Nov. 18, 1988. Assertion that 18 USC 2511 "was specifically meant to apply to email" is incorrect...as initially written only oral and wire communications were covered.
But unfortunately the relevant hearings aren't online. The amendment with "electronic" language was specifically added to make these statutes apply to email. That was the purpose of the amendment. The debate is over. [you pretty much can't be more wrong on 2511: the amendment and its hearings completely resolves our debate.] I guess its an emotional topic for many, but this is the current law. Maybe you can still get the law changed regarding spam. But everyone should read it and apply it. And think about whether they are a party to the communication before they do something bad to it. MSN just has to change from "You have to take it up with the company you want to send mail to", to "you have to take it up with the company you want to send mail, and if they didn't block it, you should contact the FBI" --Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP/DCE http://www.av8.com We Make IT Fly! (617)242-3091 x246 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[you pretty much can't be more wrong on 2511: the amendment and its hearings completely resolves our debate.]
This isn't about logic-chopping -- It's about whether it is feasable to stop people from crapping all over your network.
I guess its an emotional topic for many, but this is the current law. Maybe you can still get the law changed regarding spam.
If 2511 were relevant to spam, then Wallace Stanford would be a millionaire today instead of having his ass in a sling.
MSN just has to change from "You have to take it up with the company you want to send mail to", to "you have to take it up with the company you want to send mail, and if they didn't block it, you should contact the FBI"
If any network wants to connect to our network, then it should be done according to our acceptable-use policy. If MSN or their accounts don't like our policies, they can go piss up a rope. Bill
If 2511 were relevant to spam, then Wallace Stanford would be a millionaire today instead of having his ass in a sling.
No, Unfortunately, there isn't much in the way of civil penalties. And his contract for service was terminated, which is legal. [that has been one of my points: you have to disconnect *your* customer if you don't like whats coming out of their pipe. You can't smugly pretend your router doesn't work and you can't pretend that spam is an DOS attack if its not.]. Anyway, there hasn't been any evidence that Wallace was ever blocked by anyone who was not a party to his email. AOL, Compuserve, etc are parties to their users email: their contracts give them permission. Sprint (for a madeup example) would not be a party to a spam traveling from Wallaces AGIS connection, over Sprint, to MCI, to AOL. As far as I can tell, Sprint never blocked him, nor did anyone else in their position. But the statute of limitations hasn't expired. If someone would like to admit to blocking him, when they weren't a lawful party to the communications, please contact me. Vix and I have been in agreement that we need a test case. I volunteered to try and find such evidence last year, but I can't. What I've found is that ***no major NSP's block spammers***, or least none actually admit to doing so. One that boasted of such filtering on Nanog last winter, backed down on providing evidence of blocking, and I couldn't find any without some cooperation from them, from my remote point. If you are an NSP, and you are blocking a spammer from transiting your network, where you have no relationship with the parties to the email (the sender or the recipient), and you and your attorney are completely convinced of the legality of your actions, then tell me who you are blocking. And we'll have our test case. It claimed that 2511 Only applies to telephone/voice communications Doesn't apply to email etc. Each of these has been shown to be wrong. There isn't anything left to debate. If you are really doing what you claim you can, then someone should provide some evidence. --Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP/DCE http://www.av8.com We Make IT Fly! (617)242-3091 x246 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
On Wed, Jun 17, 1998 at 07:12:23PM -0400, Dean Anderson wrote:
Vix and I have been in agreement that we need a test case. I volunteered to try and find such evidence last year, but I can't. What I've found is that ***no major NSP's block spammers***, or least none actually admit to doing so. One that boasted of such filtering on Nanog last winter, backed down on providing evidence of blocking, and I couldn't find any without some cooperation from them, from my remote point.
If you are an NSP, and you are blocking a spammer from transiting your network, where you have no relationship with the parties to the email (the sender or the recipient), and you and your attorney are completely convinced of the legality of your actions, then tell me who you are blocking. And we'll have our test case.
Dean, you keep changing your tune. First you said *any* spamblocking was illegal. Now you're looking for someone who is spamblocking IN TRANSIT (ie: not to or from an end customer). How would THAT come about, pray tell? Do you know how modern SMTP based email actually *works*? Spam blocking happens at the point of delivery or origin. Email is a point-to-point media in fact, at least in the case where there is no forgery, fraud, or theft (ie: relay rape) going on. That is, the transaction looks like: SENDER >>>>>> Relay ---------- Internet -------- MX of Recipient | | | RECIPIENT In the middle, the "Internet", you only have a packet flow. You can't block "SPAM" in the middle, because you don't know what is and is not spam since none of the machines in the middle do anything other than route a packet flow from one place to another. The Relay (originator host) and MX (target host) both have contractual relationships of some kind with one of the parties. You've conceded that at THOSE TWO POINTS, there is no "legal recourse" available to the parties involved, since there is a contractual set of conditions (and perhaps even a DUTY to block disruptive traffic in some cases) You keep changing your tune. You've been shown to be wrong in every situation you have tried to postulate, and now you've devolved into demanding a "test case" which simply doesn't exist. Give it up Dean. You lost this argument six months ago. -- -- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV | NEW! Corporate ISDN Prices dropped by up to 50%! Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
On Thu, 18 Jun 1998, Karl Denninger wrote:
On Wed, Jun 17, 1998 at 07:12:23PM -0400, Dean Anderson wrote:
SENDER >>>>>> Relay ---------- Internet -------- MX of Recipient | | | RECIPIENT
In the middle, the "Internet", you only have a packet flow. You can't block "SPAM" in the middle, because you don't know what is and is not spam since none of the machines in the middle do anything other than route a packet flow from one place to another.
<joke> conf t ip spam protect xxx.xxx.xxx.xxx where xxx.xxx.xxx.xxx = host for preprocessing email and removing spam </joke> ;)
-- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV | NEW! Corporate ISDN Prices dropped by up to 50%! Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
At 2:16 PM -0400 6/18/98, Karl Denninger wrote:
Dean, you keep changing your tune.
First you said *any* spamblocking was illegal.
Yes. Any spam blocking when you aren't a party to the email is illegal. You are an attorney. Come on. This isn't relevent. Nor is it a departure from anything I have said, previously. So, does this mean you agree that *some* spamblocking is illegal? (I suspect not, but surprise me.) This reads like a political attack. (#25: claim your opponent has waffled, but offer no evidence that anything is different). But I'm not running for any office. My credibility has no relevance to the truth of whether or not 2511 can apply to network providers. Its federal law. Network providers and employees ought to be roughly aware of the laws which apply to them. And certainly not misled. Telling people a particular law can't possibly apply to them when in fact it can seems like a gross disservice. It is obvious now that it can apply. Its also just as clear that there are some legal limitations on what network providers can do with "their equipment".
Now you're looking for someone who is spamblocking IN TRANSIT (ie: not to or from an end customer).
As I have said before, transit providers are clearly not parties to transiting traffic. And I was looking for a Network Service (transit) provider before.
How would THAT come about, pray tell? Do you know how modern SMTP based email actually *works*?
Yes, but apparently you don't. This isn't the only way its handled. Some people "transparently" intercept SMTP. 6 months ago I pointed out UUCP. And there is also route filtering via BGP RBL. If they aren't a party to the communication, then its illegal. (like I said before) I'm really disappointed that people keep claiming that 2511 can't possibly apply to a network provider, in spite of the now overwhelming proof to the contrary. But then apparently 2/3s of the democrats think that Clinton didn't screw Monica. And some people think Nixon didn't break any laws. I can't change that sort of blind belief. 6 months ago, I could understand that behavior, since I was offering my opinion based on my reading the text of the statute. It was arguable, and I argued well, I think, but perhaps not well enough. But given the revelations of the 1988 amendment and its hearings, which support my reading of the text, and everything I said 6 months ago and am saying now, I just can't believe there are still people who argue this. At this point, there is nothing to be gained by argument on the applicability of 2511 to network providers. All the evidence is now available, make your own decision. I've brought it to your attention. --Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP/DCE http://www.av8.com We Make IT Fly! (617)242-3091 x246 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
On Thu, Jun 18, 1998 at 04:51:44PM -0400, Dean Anderson wrote:
At 2:16 PM -0400 6/18/98, Karl Denninger wrote:
Dean, you keep changing your tune.
So, does this mean you agree that *some* spamblocking is illegal? (I suspect not, but surprise me.)
*Illegal*, as in criminal? No, I don't agree with you on that. Possibly civilly actionable? Sure, depending on what you promised someone in a service agreement it might very well be. Then again, that's true of just about anything if you draw service agreements in a foolish way.
My credibility has no relevance to the truth of whether or not 2511 can apply to network providers. Its federal law. Network providers and employees ought to be roughly aware of the laws which apply to them. And certainly not misled.
You have presented no such evidence (hint: your claiming that it does is not evidence). A cite from a case in which a decision was rendered would be "evidence". But you freely admit no such cite exists.
How would THAT come about, pray tell? Do you know how modern SMTP based email actually *works*?
Yes, but apparently you don't. This isn't the only way its handled. Some people "transparently" intercept SMTP.
Horseshit.
6 months ago I pointed out UUCP.
UUCP still maintains a customer relationship, and ergo, it is once again irrelavent. If I sell you a UUCP connection, you and I now have an agreement. If you sell someone ELSE a connection off your machine, the problem is yours, not mine, if you don't disclose the terms and conditions of OUR transport of your (and your customers) material.
And there is also route filtering via BGP RBL. If they aren't a party to the communication, then its illegal. (like I said before)
And again, its bullshit. The BGP RBL blocks all traffic from abusive sites. The people affected are the site's customer base, all of which have a customer relationship. If there is a third party behind one of those customers, that problem is *the customers*, not the BGP RBL subscriber.
I'm really disappointed that people keep claiming that 2511 can't possibly apply to a network provider, in spite of the now overwhelming proof to the contrary.
There is no such proof that in the instant case under discussion it would apply, your pontification to the contrary notwithstanding. I'm sure we could contrive some situation where it COULD apply, but in the context of blocking abusive sites (whether by smurf or by spam) it simply is not a factor.
I just can't believe there are still people who argue this.
You have no factual basis.
I've brought it to your attention.
--Dean
Do you want to spam someone (or have you in the past done so) Dean? -- -- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV | NEW! Corporate ISDN Prices dropped by up to 50%! Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
At 16:51 6/18/98 -0400, you wrote:
Yes. Any spam blocking when you aren't a party to the email is illegal. You are an attorney. Come on. This isn't relevent. Nor is it a departure from anything I have said, previously.
So quote the law. The relevant parts of the law. Otherwise, shut up.
This reads like a political attack. (#25: claim your opponent has waffled, but offer no evidence that anything is different). But I'm not running for any office. My credibility has no relevance to the truth of whether or not 2511 can apply to network providers. Its federal law. Network providers and employees ought to be roughly aware of the laws which apply to them. And certainly not misled.
And people spouting the law ought to know something about the law they're spouting.
Telling people a particular law can't possibly apply to them when in fact it can seems like a gross disservice. It is obvious now that it can apply. Its also just as clear that there are some legal limitations on what network providers can do with "their equipment".
So cite the relevant codes. Failure to quote the relevant parts of the relevant laws just will prove you're wrong.
Yes, but apparently you don't. This isn't the only way its handled. Some people "transparently" intercept SMTP. 6 months ago I pointed out UUCP. And there is also route filtering via BGP RBL. If they aren't a party to the communication, then its illegal. (like I said before)
Key here: YOU said. Unfortunately for you, the Congress hasn't.
I'm really disappointed that people keep claiming that 2511 can't possibly apply to a network provider, in spite of the now overwhelming proof to the contrary. But then apparently 2/3s of the democrats think that Clinton didn't screw Monica. And some people think Nixon didn't break any laws. I can't change that sort of blind belief.
WHAT overwhelming proof? Cite the sentence! Show a legal case or opinion that says it applies? I challenge you right here and now to put up or shut up.
6 months ago, I could understand that behavior, since I was offering my opinion based on my reading the text of the statute. It was arguable, and I argued well, I think, but perhaps not well enough. But given the revelations of the 1988 amendment and its hearings, which support my reading of the text, and everything I said 6 months ago and am saying now, I just can't believe there are still people who argue this.
*Sigh*....why don't you ask a lawyer or judge what role hearings play in their interpretation of a law?
At this point, there is nothing to be gained by argument on the applicability of 2511 to network providers. All the evidence is now available, make your own decision. I've brought it to your attention.
Meaning: I can't win, so I'll make it look like I'm being a good netizen. OK. Play it your way. Back into the Fruitcake Filter you go! What do spammers and nails have in common? They're both intended for hammering. Dean Robb PC-Easy On-site computer services (757) 495-EASY [3279]
If this interpretation was correct don't you think that given this litiguous society and some spammers such as Stinkus.com who have sued before, that *someone* would have filed suit by now? On Thu, 18 Jun 1998, Dean Anderson wrote: Yes. Any spam blocking when you aren't a party to the email is illegal. You are an attorney. Come on. This isn't relevent. Nor is it a departure from anything I have said, previously. -- James D. Wilson netsurf@sersol.com "non sunt multiplicanda entia praeter necessitatem" William of Ockham (1285-1347/49)
Now you're looking for someone who is spamblocking IN TRANSIT (ie: not to or from an end customer).
How would THAT come about, pray tell? Do you know how modern SMTP based email actually *works*?
The rest of your argument notwithstanding, it could come about if you block certain CIDR blocks at your borders based on repeated and/or unresolved spam activity from a given source. I.e, blocking *all* ip traffic for a given block at your borders, then transiting customers, who may be transiting other customers, etc. lends credence to that theory. I can't comment on the (il)legality of such, though I'd fight any court which challenged my right to filter, even arbitrarily, at my own borders. None of my service contracts guarantee universal connectivity. Cheers, Brian -- Brian Wallingford Network Operations Manager Meganet Communications, TCIx, Inc.
On Wed, 17 Jun 1998, Dean Anderson wrote:
Vix and I have been in agreement that we need a test case. I volunteered to try and find such evidence last year, but I can't. What I've found is that ***no major NSP's block spammers***, or least none actually admit to
I can't imagine why they would. You can't spam a router.
If you are an NSP, and you are blocking a spammer from transiting your network, where you have no relationship with the parties to the email (the
We are not an NSP, and if we were, we would block as little as possible because blocking costs. If our downstreams want to block traffic, they can pay us or they can block it themselves. And by the way, blocking spam sites at the packet level doesn't make much sense to me. In the first place, very little spam (in porportion to the total) comes from actual spam sites. If you want to effectively filter spam, you have to do it at the MTA and MDA levels, and since you need to maintain access lists for that, why have a second set of access lists for your routers? And what kind of an informative error message does a Cisco send to some poor bastard who's blocked because of his broken mailerserver? There's also a tradeoff between bandwidth and cpu usage when you are filtering packets. Maybe it would work out to be cheaper if let the packets through and then reject the spam at the smtp level.
If you are really doing what you claim you can, then someone should provide some evidence.
I didn't claim what you think i did. I claimed only that it's feasable and legal (US) for us to insist that people follow our AUP if they want to use our network. People who don't respect us will have trouble sending us email, getting our nameservers to answer their questions, etc. Bill
At 19:48 6/16/98 -0400, you wrote:
At 6:23 PM -0400 6/16/98, Dean Robb wrote:
STRONGLY recommend readers view the actual code and it's legislative history at the above URL. 18 USC 2511 introduced to US Code in Public Law 90-351, June 19, 1968. "Electronic Communications" added to section 2511 by Public Law 100-690, Nov. 18, 1988. Assertion that 18 USC 2511 "was specifically meant to apply to email" is incorrect...as initially written only oral and wire communications were covered.
But unfortunately the relevant hearings aren't online.
The amendment with "electronic" language was specifically added to make these statutes apply to email. That was the purpose of the amendment.
Correct. 20 YEARS AFTER section 2511 was introduced into the law. However, you said "The legislative history of 18 USC 2511 indicates it was specifically meant to apply to email. I wish I knew that last year." That was wrong, the '88 amendment was written to apply to email, not the original section as you asserted. Your entire argument is still a bogus strawman because this bit of law applies to the interception of a communication for illegal purposes. Specific language that destroys your argument: 1. "[1] (B) obtains or is for the purpose of obtaining information relating to the operations of any business or other commercial establishment the operations of which affect interstate or foreign commerce; or..." 2. "[1](d) intentionally uses, or endeavors to use, the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection; or..." 3. "18 USC 2510. Definitions. As used in this chapter - ...(4) ''intercept'' means the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device." So, on three key criteria, your argument is toast. Blocking mail cannot obtain information relating to the operations of a business (except possibly the fact that the business uses email...a public fact and not actionable); blocking mail does not use the contents of an email as the contents not read; and finally, blocking does not constitute an intercept as defined by the law. Now. What specific language do YOU have that attempts to prove your point?
The debate is over.
[you pretty much can't be more wrong on 2511: the amendment and its hearings completely resolves our debate.]
The hearings that only you seem to have access to? Your right, the debate IS over. You're wrong. Please keep in mind, too, that hearings on the language of a bill are pretty irrelevant except as sparingly used by the Supreme Court to determine the intent of a bill if it's challenged. What the law SAYS is what matters, not what someone says in a hearing over the matter.
I guess its an emotional topic for many, but this is the current law. Maybe you can still get the law changed regarding spam.
Can't imagine anyone getting emotional about limits on wiretapping. I think the laws limiting wiretapping to are pretty good...why would I want them changed?
But everyone should read it and apply it. And think about whether they are a party to the communication before they do something bad to it.
I assure you, I'll apply it. The next time I think I need a wiretap, I'll go before a Court and get permission. If I ever feel the need to tape a conversation, I'll get permission from one of the parties first. You need to think about consulting a lawyer before spouting US Code like you actually have a clue. Perhaps reading the law without a pre-concieved notion as to what it says would serve you well in the future.
MSN just has to change from "You have to take it up with the company you want to send mail to", to "you have to take it up with the company you want to send mail, and if they didn't block it, you should contact the FBI"
Whereupon the FBI will laugh at them quite loudly. The facts speak for themselves. Unless you can quote specific language in the 18 USC that supports your contention that preventing delivery of email is illegal (remembering that blocking does not fit the definition of "interception" in the law), you have no case. Feel free to call the nearest US Attorney to verify these facts...but don't tape the conversation without your permission. What do spammers and nails have in common? They're both intended for hammering. Dean Robb PC-Easy On-site computer services (757) 495-EASY [3279]
At 06:23 PM 6/16/98 -0400, Dean Robb wrote:
And Mr. Vixie should not have to post his attentions here for any spam apologists to decry. It's his RBL, his rules and he can do as he wishes. He doesn't need anyone's permission.
any mail system i administer is set up to use the RBL, and all my users know it. i can take it; so can they. anyone who uses the RBL should be prepared to deal with the potential consequences. richard -- Richard Welty NeWorks Networking, Inc. 518-244-9675 rwelty@neworks.net http://www.neworks.net/
On Tue, Jun 16, 1998 at 01:53:55AM -0400, Dean Anderson wrote:
Always a good sport, I will take bets in the MSN vs Vixie battle. ;-) I don't think its going to be quite so easy for MSN to turn off mail relaying, without breaking a lot of corporate customers.
I don't know anything about how MSN runs their network, but if their stuff runs on NT and hasn't broken yet, there ain't much that can break it. (j/k) <duck>
I think its facinating that Vix can take them out of the RBL, and then claim it was MSN who gave up. "Retreat and declare victory" I guess.
But we'll see I guess, in a few days or a few years.
Yup.
Seriously Paul, I would like to have some kind of announcement made on Nanog before you do that again, so that people can tell you not to do it. Breaking a large service provider is definitely an operational issue. How much do you suppose such a service interuption cost the companies who couldn't communictate?
I would agree, except that if I remember correctly, companies aren't RBL'd unless they are unresponsive or intentionally continue to spam... I would bet that a lot of people gave MSN a chance before it came to this.
can't help but wonder if the "blockers" were only blocking email to which they are a party under 18 USC 2511.
Dean, you and I and others here on NANOG have done that dance before. I don't know that it's necessary to waste bandwidth on that particular argument again.
What Vix is doing probably isn't illegal by itself, though it might possibly violate trademark or the new copyright law when domain names are used.
I can't see how.
blocker isn't a party to the email. Then they have to know that there is a federal law that prohibits that. And finally, they have to seek enforcement.
We've gone over all this before. PLUS... PROVIDERS SUBSCRIBE TO THE RBL VOLUNTARILY AND ARE REQUIRED BY THE AGREEMENT THEY SIGN BEFORE THEY GET HOOKED UP TO IT, THAT THEY WILL MAKE THEIR CUSTOMERS AWARE OF WHAT IS GOING ON.
We Make IT Fly!
Unfortunately you are not doing the same for this argument. -- Steven J. Sobol - Founding Member, Postmaster/Webmaster, ISP Liaison -- Forum for Responsible & Ethical E-mail (FREE) - Dedicated to education about, and prevention of, Unsolicited Broadcast E-mail (UBE), also known as SPAM. Info: http://www.ybecker.net
On Tue, Jun 16, 1998 at 01:53:55AM -0400, Dean Anderson wrote:
What Vix is doing probably isn't illegal by itself, though it might possibly violate trademark or the new copyright law when domain names are used.
i missed it the first time this howler went by, and nobody seems to have pointed this out: the RBL is entirely an IP address thing. no domain names are harmed in the operation of the RBL. cheers, richard -- Richard Welty NeWorks Networking, Inc. 518-244-9675 rwelty@neworks.net http://www.neworks.net/
At 3:51 PM -0400 6/17/98, Richard Welty wrote:
the RBL is entirely an IP address thing. no domain names are harmed in the operation of the RBL.
Sigh. There used to be a list of spammers' domain names, such as cyberpromo.com. There were some companies (PGP) that were considering mail reader products which would do filtering on domain names. But after the new copyright law was passed, they dropped their plans for this scheme. Apparently, since cyberpromo and spam sending has gone underground, people have forgotten some of this. I predicted last year, when Cyberpromo was disconnected that "undergound" would happen, and that it would be harder to track than when they were directly connected, and that it wouldn't make a difference in the amount of spam. All have been proven. Sigh. Sigh. Those who were pressuring AGIS, should send AGIS some money for their lost revenue. --Dean P.S. In private discussion, Chris Liljenstolpe brought up a very good point about 3rd party relaying, and its causes. It seems that some Web Serving ISP's won't cancel web accounts according to their AUP if the spam wasn't sent from those accounts. So spammers are trying to hide their sending accounts using 3rd party relays. This is total hypocrisy. If you have an anti-spam policy, then you should enforce it on your customers regardless of where they send the spam from. [What its hard to tell, and it could be abused to deny services? Well, the anti-spam RBL/Cancel etc. ideas are pretty much full of such holes. I guess what you should be doing is more investigation of abuses to make sure it can't be abused. Too expensive? I thought spam was so ungodly expensive. Just think of the savings. :-P] So I amend my statement that RBL causes 3rd party relaying to be that the RBL and hypocritical ISP's cause 3rd party relaying. So if you aren't going to do the follow though, then you should just forget about the anti-spam AUP, too. Advertising happens. You can't make it illegal. Maybe you could help spammers avoid totally stupid things like sending out 300K attachments which just say "look at my web site", but more extreme action is certainly destined to fail. And screw things up for the rest of us. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP/DCE http://www.av8.com We Make IT Fly! (617)242-3091 x246 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
On 06/17/98, Dean Anderson <dean@av8.com> wrote:
At 3:51 PM -0400 6/17/98, Richard Welty wrote:
the RBL is entirely an IP address thing. no domain names are harmed in the operation of the RBL.
Sigh. There used to be a list of spammers' domain names, such as cyberpromo.com.
Yup, I maintained that list, painful and thankless job that it was. Right now there really aren't any spammers left who stay in one place long enough for that to work -- and if they do, they get RBL'ed. (Trolling igored -- you should know better by now, Dean.) -- J.D. Falk <jdfalk@cp.net> Special Agent In Charge (Abuse Issues) Critical Path, Inc.
On Wed, Jun 17, 1998 at 07:11:31PM -0400, Dean Anderson wrote:
I predicted last year, when Cyberpromo was disconnected that "undergound" would happen, and that it would be harder to track than when they were directly connected, and that it wouldn't make a difference in the amount of spam. All have been proven. Sigh. Sigh. Those who were pressuring AGIS, should send AGIS some money for their lost revenue.
Why? AGIS is still hosting a spamhaus or two. And while many spammers have gone underground, there is one right here in Northern Ohio that FINALLY got disconnected earlier this week that was unrepentant about it. On and on, ad nauseum. Dean, you insist you're right even when others offer proof that you're not. It's not a terribly professional thing to do.
ISP's won't cancel web accounts according to their AUP if the spam wasn't sent from those accounts. So spammers are trying to hide their sending accounts using 3rd party relays. This is total hypocrisy. If you have an anti-spam policy, then you should enforce it on your customers regardless of where they send the spam from.
If you host a web site, and someone spams an ad for it, yes, the web site should be nuked.
[What its hard to tell, and it could be abused to deny services?
No it isn't. Maybe in your mind it is.
So I amend my statement that RBL causes 3rd party relaying to be that the RBL and hypocritical ISP's cause 3rd party relaying.
Dean, stop while you're behind. You are still wrong.
Advertising happens. You can't make it illegal. Maybe you could help spammers avoid totally stupid things like sending out 300K attachments which just say "look at my web site", but more extreme action is certainly destined to fail. And screw things up for the rest of us.
Yadda, yadda, yadda. You get SO annoyed when people say you're a spammer, but you spout almost the same BS that the spammers do. And when you're proven wrong on one point, you try another. And so on, and so on, ad nauseum. -- Steven J. Sobol - Founding Member, Postmaster/Webmaster, ISP Liaison -- Forum for Responsible & Ethical E-mail (FREE) - Dedicated to education about, and prevention of, Unsolicited Broadcast E-mail (UBE), also known as SPAM. Info: http://www.ybecker.net
At 07:11 PM 6/17/98 -0400, Dean Anderson wrote:
At 3:51 PM -0400 6/17/98, Richard Welty wrote:
the RBL is entirely an IP address thing. no domain names are harmed in the operation of the RBL.
Sigh. There used to be a list of spammers' domain names, such as cyberpromo.com. There were some companies (PGP) that were considering mail reader products which would do filtering on domain names. But after the new copyright law was passed, they dropped their plans for this scheme.
of course, the specific point of discussion was that you suggested that there were potential trademark/copyright issues associated with rbl operation. clearly there are not. the rest of your posting appears to be an attempt to change the subject to evade admitting that you are talking through your hat. <plonk> richard -- Richard Welty NeWorks Networking, Inc. 518-244-9675 rwelty@neworks.net http://www.neworks.net/
participants (20)
-
Bill Becker
-
Brian Wallingford
-
Dean Anderson
-
Dean Robb
-
Derek Balling
-
Henry Linneweh
-
J.D. Falk
-
J.D. Falk
-
Jason Fesler
-
Jay R. Ashworth
-
Jeremy Porter
-
Jon Lewis
-
Karl Denninger
-
NetSurfer
-
Paul Mansfield
-
Paul Vixie
-
Perry E. Metzger
-
Richard Welty
-
Rick Smith
-
Steve Sobol