I'll go you one better (because if you're procmailing, the spammer has already wasted your resources) and point you to the MAPS Realtime BlackHole List.

My threshold is set to 1. Please post accordingly.

(I once was "Ungrounded Lightning Rod" but slashdot slashed off my " Rod". Is that why they call Linux a "Unix workalike"?)

Spamcop has got to be the most worthless thing I've ever seen. Just about any ISP of any size is blocked according to their site. That and they can't tell the difference between spam and just regular email.

But who does the UDP attack. And it is an attack. It it not a "boycott" as so many seem to say. All posts originating from within @home are to be ACTIVELY CANCELLED. From the UDP FAQ:

11.So if you cancel everything from the UDP site, don't legitimate people get canceled, too?

Yes. One of the driving forces behind forcing compliance with generally accepted guidelines is that the ISP's own legitimate users (if any) can bring pressure to bear on their rogue ISP. Remember, the UDP is a near-last-resort measure.

If the UDP were a passive, mass refusal to carry traffic from @home, I would support it. But active seek and destroy to all news posts originating from @home? That's a DOS attack on the (mostly) innocent users of @home. It is wrong.

--- Bizard Legal Fantasy Mode Engaged ---

Frankly, if I were at @home lawyer and a bastard, I'd love it if the UDP were instituted against @home. It would be trivially easy to collect a nice fee from @home for identifying the individuals who are issuing cancels and suing their pants off. I could even imagine a class action suit on the part of @home users against the perpetrators of the UDP, claiming irreparable damage and denial of free speach.

I really have to ask, does anyone know is SPAM profitable? Are these just un-informed idiots that really don't know that they're wasting their time? Does anyone have information on this?

Furthermore has anyone even _heard_ of someone that bought something because of SPAM?

Are these people just the deranged/hopeful side of the net?

if the UDP has the desired effect, then it's an example of anarchism actually working

the UDP FAQ certainly claims a large number of successes, among them:

Erols.com had been a thorn in the side of usenet for a long time. With a change in policy after discussion of a UDP against them, they now have a very high reputation among both the usenet and email community.

Bell Atlantic, near the end of July, 1997, was a major spamhaus. Word got to them that they were being considered for a UDP. Spam dropped dramatically almost instantly, to their credit. No UDP was necessary.

UUnet, which was the largest single spam producer around the beginning of August, 1997, [...]announced and apparently instituted a much tougher AUP against spamming, and nuked a couple of the most persistent spammers that usenet has ever seen. Numbers again have fallen dramatically, and we all hope that UUnet continues with this policy.

October, 1997, Compuserve

In December, 1997, TIAC appeared absolutely unwilling to deal with any of their ongoing spam [...] UDP was announced with the 5 business day waiting period before institution. Although their owner continued to make excuses and argue about their culpability as well as bluster and threaten legal action, by the time the deadline had arrived, they had "cleaned up their act" to the point that the UDP was no longer necessary, and the deadline was extended for another 5 days to watch the numbers. After that additional 5 day period, the stats had stayed low, and the UDP deadline was lifted.

About 10 others between these dates.

In December of 1999, a simultaneous UDP of VSNL and SILNET, the two main carriers in India, was instituted for their failure to even begin to control the usenet terrorist who calls himself "HipCrime" and who forges, cancels, floods, and supercedes thousands of articles on a nearly daily basis in an attempt to blackmail the entire world into doing things his way - his way being a usenet without spam cancels. Currently, VNSL and SILET have enabled port 119 (news)blocks on all outgoing connections from their services with the exception of their own servers.

So, it looks like there is good evidence that this will work, given the past history of success.

My Mum told me to hit them!

Usenet will be around as long as people enjoy talking, debating, and/or fighting in mostly unmoderated ways...

If you take a look at this graphic, you'll find that the average daily feed for all of Usenet was 80 GB. Per day. Even the text-only discussion groups work out to 4 or so GB/day.

Just 'cause you haven't been there don't mean nobody else uses it.

James

UUNET was UDPed about a year and a half ago. Right now, their spam levels are barely a tenth of what they used to be before the UDP.

The last four times a UDP was called, it never actually went into place, after the waiting period. The recalcitrant provider always figured out how to get their collective sh*t together, and the UDP was called off.
--
E*Trouble ! (updated Nov 9)

How is a large number of sysadmins co-operating in response to a common threat in a way formalised by the relevant newsgroups and FAQs an example of functioning anarchy?

Because each individual [company sysadmin] has the option to evaluate each threatened UDP independently, and act or not as they choose, with no coersion. There is no government authority involved.

Please note that no one has successfuly sued the Realtime Blackhole List, either.

~Chris

Stupid.

If this is the same poster who's posted in a number of other threads, what she (generic pronoun) is objecting to is not path filtering, but third-party cancels. Path filtering alone is known as a passive UDP; what @home is being considered for is an active UDP where ALL posts from @home are being cancelled by spam-cancellers. Part of the reason for the objection is, if I remember correctly, that in an active UDP, news admins who aren't intentionally participating in the UDP will still have @home postings removed, because they haven't configured their news server to restrict third party cancels. This is different from a passive UDP inasmuch as only those news admins who have consciously decided to participate in the UDP will drop the messages.

Personally, I think that any news admins that have a significant feed, that is accepting just any old third-party cancels, is going to have a crippled news feed anyway, due to the actions of cancellers with less "noble" agendas (e.g. Scientologists' various attempts to shut down alt.religion.scientology); so inadvertently participating in UDPs is the least of the problems such a news server has. But the practice of third-party-cancelling posts that aren't spam should be questioned, and the questioner deserves a reasoned and well-thought-out response. Which I'm not really qualified to give.

Do I look like I speak for my employer?

What did the users do yo you?

They sent money to a spam-friendly ISP. Without those millions of customers' revenue, the ISP would not be able to support the spammers' terrorism.

If you do business with scum, you're going to get a little dirty. That's why I don't pity the Windoze users when they BSOD. (Or at least I try not to show any compassion.) They put money into Microsoft's pockets instead of hiring good people. They brought it all onto themselves, and made the world a slightly darker place for the rest of us too. Fuck 'em.

Your analogy is sickening. Ninty-nine percent of the people using Windows do not have the technical ability, knowledge of other OSes at the time they purchased, or the option of choosing another OS (like in companies). You can be upset with company IT people that choose Windows. I *personally* hate anyone with an IT position who chose Windows for their company. It is, however, unacceptable for you to be upset with the users at home that don't have the knowledge or skills necessary to use another OS, or the corporate workers whose OS is dictated by tyrannical IT people. It is not their fault, and they already suffer.

BeOS could solve a lot of this if it would get more popular...OS X needs maturity, and Linux isn't gonna be a consumer OS for years to come.

-- "You can never have too many elephants on your team."

However, if you go and try to put duct tape over someone else's mouth because you don't want to hear their words, then it is you who are doinf wrong and must be suppressed.

Boycott @home by refusing to propagate their traffic and I will support you.

Actively send out cancel messages to suppress their free speech and I will oppose you.

If everyone simply drops @home's traffic, no one will hear them and they will (most likely) change their ways. This requires most other sites to agree with the boycott, i.e., community support. Actively attempting to suppress traffic from @home says to me that you aren't interested in community support and are a rogue vigilante carrying out your own personal crusade, irrespective of common opinion, against @home. For this *you* too should be UDP'd.

Laws *still* aren't designed to suit the Internet well. End of story.

Deja it is.
The Matrix is going down for reboot now! Stopping reality: OK. The system is halted.

OK, so we do know ths ISP. However, the spammer can set the user account to absolutely anything. Therefore... One goes to the ISP, and nicely asks them to check this out. They would have logs of who was on when, and could probably figure out who actually did it (to them, you see, the remote would be the spammers own machine. They know who they gave which IP to, and can figure out the identity of the spammer). If they didn't keep the logs, they could watch for him to resurface (ie keep logs temporarily and deal with it if he does it again). This would almost certainly be acceptable as a response, and would get them off the hook.

If the ISP is uncooperative, then all that can be done (from the next level up) is to blackhole the ISP. Only the ISP can really know who the spammer was, so theu have to deal with it, or ignore it. If they ignore it, I guess the people at the next level have the right to recommend blocking and to block it for themselves. If you read the post, individual news-carrying sites have the choice if a) whether or not to follow UDPs at all or b) to follow them, but exempt this one. How to do so was described. So if you like spam or think this is too extreme (maybe it is, I haven't hear whan @Home's response was or how many warnings they got) find a news-carrier who is not going to follow it. Or run nntpd yourself, and don't follow it.

So it's a lot like the system right here at slashdot. Read at -1 if you want, or don't if you can't stand trolls and spam. Individual choice (except that you do have to be the person running the newsserver and using up the resources to be able to make the choice.

At least, that's my understanding of the setup, but I don't actually run a usenet server, so any innaccuricies are hereby disclaimed. If I'm wrong, would someone reply and say so.

The Matrix is going down for reboot now! Stopping reality: OK. The system is halted.

(I once was "Ungrounded Lightning Rod" but slashdot slashed off my " Rod". Is that why they call Linux a "Unix workalike"?)

@Home should sue any site that refuses to carry its traffic (at least those subject to US courts).

The UDP is a community action. @Home was not a good neighbor, and now they can't borrow the weed whacker. There is no obligation to carry a particular companies usnet articles. There is no obligation to even allow IP packets from @home into their networks (except for their upstream provider who IS under contract).

Besides that, there are very few 'smaller' sites out there. Most ISP's that don't own their own national network outsource their usenet service.

You've been taken in by spammer FUD and BS. Net sites are the private property of their respective owner, free to reject traffic according to their own rules (though they may be liable if they selectively enforce the rules in a prejudicial manner).

Especially go after the smaller sites. They'll BUCKLE under the legal pressure as their bosses realize that they cannot afford a long expen$$$ive lawsuit.

@Home presumably hires reputable and competent lawyers, who do not wish to besmirch their recordss with frivolous-lawsuit sanctions. Their spammer customers are welcome to file such lawsuits, if any of them can find an attorney willing to accept chick en bones as a form of currency.
/.
If the government wants us to respect the law, it should set a better example.

I've always been optimistic that someday people will evolve to the point where governments will no longer be necessary at all, though I really doubt I will be seeing this happen in my lifetime.

People just aren't ready to rule themselves.

~Chris Carlin

The problem is that people can't control themselves, and so we need the government. It's a matter of an evil cancelling out another evil.

Why is it evil? Well by evil I meen negative... evil is perhaps too strong a word. ANYWAY, the reason government is something that should be avoided is that it has to drain energies off of society. We have to work to pay for its existance. Even if we didn't have to pay taxes of any sort, it would still take government workers to run it spending energy then.

If government wasn't necessary it should cease to exist so all of the energy could be returned to the people instead of being thrown to /dev/null.

Perhaps another way to put it is that government is just a correction to a direction... any correction takes energy. When there is nothing else to correct, the energy can be put to better use. Of course I doubt government will die that easily, but now I'm just rambling late at night :)

~Chris Carlin

Perpetrators of the UDP are just as moronic as those in the real-life examples given above. And no different in their actions.

If you wish to comment on Usenet-related issues, it behooves you to learn a little bit about what Usenet is and how it works.

Do I look like I speak for my employer?

I wouldn't have thought that there was enough cause to conclude that the AC is a spammer herself (feminine pronoun used arbitrarily). It is possible that she is merely vehement that All Third-Party Cancels Are Wrong, no matter the cause. Given the assortment of other posts thread which are expressing the same opinion, scattered amongst about 3 or 4 different subthreads, she must be very vehement...

Also, I'll note that she appears to have altered her posts based on further information, and now seems to has no problem with denying service to messages originating from @Home; she is merely insisting that cancels not be used. I'll leave it to others to address whether this is possible, or address why cancels ought to be used anyway.

Do I look like I speak for my employer?

Besides, only @home can really tell who the spammer is. see My other comment

The Matrix is going down for reboot now! Stopping reality: OK. The system is halted.

> Gotta a problem with the spammers? Go after THEM, you lazy
> bastards. Don't fuck everyone else over on the premise that
> the site is responsible for all traffic it forwards.

HOW? My ISP has rules against spamming built right into the contract by which I get my service from them. If I violate their anti-spam rules they charge me a whole bunch of money and then cancel my account. There's not a whole lot I can do about it if they do, because those are the terms of my contract, and they're right there in black and white, and if I don't like it I can find another ISP. So far so good.

But what happens if a guy who subscribes to another ISP spams me or mail bombs me? One time I got mail bombed by some ass with an account at Southwest Nell. So I emailed SWBell's abuse department and sent them copies of all the emails with which he jammed up my pop in-box. Since SWBell is a reputable company and my bomber was in violation of their terms of service, they cancelled his account. But keep in mind that MY ISP couldn't do a damn thing to this guy, since what he did, while obnoxious, is not illegal.

Now there were spammers running out of @Home accounts, right? People from all over were complaining to @Home, but @Home took no action. Again, since there was no violation of the law, @Home was not exactly required to do anything to the spammers. If @Home values the spammers's business more than it values the cooperation that is necessary to make Usenet work, or if they are too understaffed or lazy to enforce their terms of service, that's their privilege. It is also MY ISP's privilege to not copy posts from their news server into my ISP's news server.

You say "Go after THEM," "THEM" being the spammers, but unless they do something legally actionable (such as broadcasting death threats, etc.) no one can touch them. The only people who could restrain spammers with @Home accounts are the management of @Home, and the one and only reason @Home can do anything to stop the spammers is because those spammers are in a contractual relationship with @Home.

Yours WDK - WKiernan@concentric.net

I've taken more from the internet than I will ever give back. If someone wants some of my code they can have it. Maybe I'd feel differently if I was more talented?

"Don't open the gates, who the hell needs a wooden horse that size?"

> The WORST thing that has EVER happend when an otherwise mentally stable individual has downloaded or otherwise VEIWED ANY sort of pornography, is quite simply that they had to clean up a sticky mess from masturbating. Downloading, viewing, and exchanging porn is fine in my eyes.

You're ignoring the fact that for child porn to be produced, a child has to be abused. And often hurt badly (physically and/or mentally) in the process. "So what's wrong with redistributing stuff that's already been produced?" you ask...

1. Its an invasion of the child's privacy. They didn't ask for their picture to be taken in sexual situations, and I'm sure they don't want millions of people observing them in these situations. Once they get old enough to understand, the fact that pornography of them is widely available has got to be disturbing. Not to mention the fact that it makes them a target for further abuse - a kid who doesn't tell about one time is less likely to tell if it happens again.

This also applies to adult porn produced non-consensually.

2. Increased demand leads to increased production. Which leads to more kids getting victimized.

Not to mention you're assuming that the people who view porn are otherwise mentally stable. In many cases this may be true. But in some cases it is going to lead to further problems. Probably moreso in the case of child pornography, since people who view child pornography are probably much more likely to have further problems. After all, to have a child pornography habit, they have to already A. be attracted to children, and B. Have either the lack of willpower to ignore their impulse to view pictures of children being abused, despite what their conscience tells them, or they don't have a moral problem with it to begin with.

Consensual adult pornography is a different story. While I still have problems with it (many of the women involved have been raped/abused in the past, or are feeding a drug addiction, or otherwise have low self worth which is being taken advantage of), it is *their choice* to have their picture available.

What I've *never* seen is this famous internet kiddie porn. (though I haven't really looked for it). How come, do you think?
Producing child pornography is illegal almost everywhere. (though some enforce the laws quite losely). Thus there is almost always a case against whoever outs it on the net. Thus you don't want the wrong people (cops) finding it.

Point being, the justice system actually has a case, so it is not really a "internet problem"

"Regular" porn is a completely different story. You and I may dislike it, but IT IS NOT ILLEGAL!!!

You want to ban porn? Fine! start with defining what "porn" is. Picures of intercource? Genitalia? General nudity? Bare legs? Women without a veil?

We can (and ought to) stop porn sites with illlegal (unmoral) business practices, just like spammers, but separate business practice from content. Spamming for a "good cause" is still spamming. Putting intercource videos on a site where it is legal is still legal.

All opinions are my own - until criticized

She may have been enjoying herself. Kids are show offs.

That doesn't mean that when she's 12, 13, 14 or whatever and realizes that there's possibly thousands of people around the world seeing this, that she's going to be comfortable with it.

Yes, some of the emotional pain over abuse is a societal construct. That's unfortunate, but it doesn't change the fact that it still hurts.

Its entirely possible that some kids are relativly unaffected by what is considered to be abuse. That doesn't mean that such behavior is ok - some other kid may be traumatized for life by the same experience.

What it comes down to in my mind - children in general don't have the frame of reference (including knowledge of our culture) to understand the meaning of what is happening. The adult responsible is taking advantage of this lack of knowledge, as well as quite possibly the child's need for attention, love, and approval.

Also, keep in mind that not all child pornography is as mild as you've described.

Didn't I say that consensual adult porn is an entirely different thing from child porn? While I have problems with it, I'm quite aware that it isn't illegal. And I don't think it should be, either.

However, my point was that the original poster claimed there was nothing wrong with the distribution of *any* porn, child or otherwise.

And yes, its true that it is harder to find child porn (especially when you aren't looking for it). That doesn't mean it doesn't happen (I've seen people spamming child porn sites on IRC, as well as channels that make no effort to hide their contents), or that its not a problem.

No, you're not. I was just throwing in some support buddy. Perhaps I wasn't clear enough on what was "I agree" and what was my own addendum, sorry.

My standpoint is that one must always see the difference between moral and legal. Too many people scream loudly about the tiny illegal fraction (child porn, warez etc) when what they are really after is all that they consider imoral (including sex education, DeCSS and xenu.net)

If you (contiously) distribute the first kind you contributed to a crime. If you distribute the second, you'll get some loud-voiced enemies who are executing *their* free speech, but you are in the clear as far as any (fair) law goes.

Now the pseudo anonymous net does an equally good job at protecting and exposing both kinds.

All opinions are my own - until criticized

Sending out cancels only supports a weak "UDP" that does not enjoy widespread support among the world's newsadmins, and hence needs active offensive action to carry out the UDP. An honest UDP can succeed on passive actions along, because everyone will agree not to forward the UDP'd sites traffic.

Do you really have the support you think you have?

Press any key to continue, or any other key to cancel.

Actively sending out cancel messages to destroy articles originating from @home (wherever they be) is a DOS attack against the @home user eho is not spamming.

This "god" is obsolete and outdated and needs to be cast into the dumpster.

You know I have had accounts at the infameous hotmail and even then I got spam in small quantities. What people need to do is to simply delete the spam and just look at what's there. How hard is it to just delete it?

How is an ISP supposed to "delete" all of the gigabytes of spam (e-mail & news) which they are forced to carry every day, and for which they had to pay big bucks for the bandwidth, servers, hard disk space & administration to be able to support? They can send out cancel messages, but this uses MORE resources and the time lags involved allow spam to slip through. (Plus, _somebody_ has to be paid to identify the messages to cancel & issue the cancel message...)

You seem to have a very limited understanding of the mechanisms which support the Internet, and a debating style consisting mostly of emotional appeals w/very little logical content.

You've obviously never had anything to do with running a news server. The news spools can get HUGE if you keep articles for any length of time. RAID is an absolute MUST. A spam on usenet takes up resources on every usenet server in the world.

Usenet spam is a lot worse than email spam. I have seen newsgroups that were about 20% actual messages and 80% spam. If s/n isn't enough argument, consider every news server needing an extra 9G U2W SCSI drive for the spam and the extra bandwidth (that costs some real money BTW).

The problem with open proxies is that any spammer anywhere can use them to hide their identity so they don't get their account cancelled. There's nothing eletist about that. I can't think of any ISP that doesn't provide you with usenet as part of the basic service. The only people who really need the proxies are the spammers.

As for Lucifer, at least if you tell him you're not interested, he goes away. Besides that, although his prices are outrageous, he, unlike many spammers, actually delivers the promised goods and services. [/humor].

So why can't they get it across their god damned thick skulls that NOBODY WANTS TO SEE YOUR SPAM!?

If you ever find the answer to that question along with an appropriate clue stick, I will nominate you for any award of your choice.

Golly gee, and here I was thinking that telnet was a client. Guess not.

Find a particular server? How is it any differnt from email? Should every ISP just automatically allow anyone, free of charge, to have an email acount on their server?

Well, there *is* the fact that the UDP doesn't exist in the email world...

The server your ISP has doesn't have all the groups you want? That is your ISP (or whoeevr runs the server) fault. Complain to them. I know that here where I work, we are willing to add any group to our feed that is requested by a user.

Betcha you aren't willing to add alt.binaries.mp3s or whatever NG carries mp3s on usenet if you don't have it already.

Open Proxies are not open usenet servers. An open proxie is a proxie server that ANYONE can connect to. This allows ANYONE on the net to "Hide" their real adress by connecting to the proxie and having the proxie connect for them.

I think that anyone should have the right to run whatever servers they want to. Of course, they're responsible for the content...

The problem here is that A) 99% of the time this is NOT the intent of the machines owner but a mis-configuration that others are taking advantage of. B) This allows spammers to post spam to email and usenet without ANY audit trail to track them back to their ISP. This means that it APEARS like the person with the relay is sending the spam.

A) This is silly. There are much worse configurations that are put on cable modems (which are the bane of security experts everywhere). Try probing a few cable-modem machines with Samba, various DoS Windows programs or look for open Sendmail machines. They're all over. Cable-modems and uninformed users are a bad match. Cable modems, IMHO, should be banned by the gov'mt. Everything oughta use DSL. Cable modems are such a lousy architecture.

B) Well, then I guess the'll find out it was a bad idea to run the proxy, because their account will get canceled. So what?

You know...if it was JUST the fact that I get an ocasional email advertisment I wouldn't care. However, spammers are much worst than that. Do you know what a spammer can do to an unsuspecting network?

Given what you're responding to, I take it that you're saying "yes, spammers are worse than demons".

"One World, one Web, one Program" - Microsoft promotional ad
"Ein Volk, ein Reich, ein Fuhrer" - Adolf Hitler

This may sound heavy handed, but from my experience (5 years as an anti-spammer now) the anti-spammers involved make every effort to contact the offending ISP and help them secure their news servers, report abusive users to them, etc. In essence, a UDP is something of last resort.

It should also be noted that this isn't some small cabal (TINC) of people trying to censor others, as participation in a UDP is voluntary. All you need to do to not participate is alias NNTP traffic with the "udpcancel" site in the path. Often however, the benefits of a UDP outweigh the disadvantages, and the UDPed site cleans up their act rather quickly.

Hope this helps.

A UDP is not invoked lightly. It is invoked as a last resort against a set of servers that have resisted or ignored all reasonable requests to participate within the USENET community.

If @Home is incapable or unwilling to act as a responsible member of the USENET community, news admins are fully within their rights as owners of their news servers to reject traffic from @Home's users.

Similarly - by aliasing out the "udpcancel" site in the path, news admins who wish not to participate in the UDP are fully within their rights to ignore it.

This isn't about "censorship" or a "Cabal" (TINC). This is about the rights of news administrators to choose for themselves whether or not to accept traffic from a site that has demonstrated a clear inability or unwillingness to clean up its act.

To @Home users: The problem is with the management of the company who (poorly) administers your news servers. The proper course of action is to contact your @Home technical support or customer service reps and tell them that you want @Home's managment to authorize @Home's news administrators to take the actions required to bring @Home out of the UDP. While the rep you speak with on the phone can't help you, the message will eventually be heard by @Home management. While it's regrettable that the situation went as far as it did, the precedent for the UDP is good; UDPd firms generally do clean up their acts, and USENET is the better for it.

what does it mean to "alias" NNTP traffic? Specifically, what does the following from the UDP mean?

UDPs are enforced by site administrators and spam cancelers around the world, who either cancel the messages directly, or pathhost alias the sites so that their news software no longer accepts nor propagates articles which originate at the site under UDP.

>what does it mean to "alias" NNTP traffic?

Okay, every posting to Usenet have a "Path:" header in it, and each site that processes the post ads its name in, so you can see what path the post took.

Now, the way a UDP works, the cancel messages that are sent (which "cancel" other posts, or remove them from news servers that process them), those cancels have the string "udpcancel" in the path.

So, if you want to ignore the UDP, you could "alias out" that string, and your news server would drop those cancel messages and only those cancel messages. The term alias essentially tells the news server "hey, the system 'udpcancel' is an alias for this host, so ignore posts that contain that string". It's a hack, but it works. :-)

The original message linked to on deja states:

Please see the Usenet Death Penalty FAQ, <http://www.stopspam.org/usenet/faqs/udp.html>.

"You can't shake the Devil's hand and say you're only kidding."
- They Might Be Giants

AOL has at least 10 times as many subscribers as the next largest ISP, so unless their spamming is proportionatly greater than the other ISPs, they shouldn't get a UDP.

Same thing goes for US Robotics modems. When I worked in tech support I used to think they were the worst, until I took into consideration that USR has a huge market share

one of the ever persistent problems for an email server admin is spam. it just taks up space for everyone; imagine what it's like to not have only your email inbox flooded, but countless others (say 100 or 10,000 or more). every day, several times. the onus was taken on by mail admins to block spamming, both at the server level (ie relays) and receiving it (ie through the RBL). and it works pretty well. usenet could easily have a similar situation.

i think if a large number of sites really did band together and update their ACLs for port 80 access, they'd be set for killing unresponsive ISP's. oh,m and security incidents that go without a reply are even worse than spam. and a lot of ISP's (ie uu.net) really don't do shit about complaints all too often.


jose nazario jose@biocserver.cwru.edu

You need patience, of course, to wade through junk posts, as well as the self-imposed week or so of lurking before posting rule. You need to find resources in the group, as most good NGs have FAQs about what and what not to ask. And you need to realize that reply times from USENet are much slower than other possible methods (IRC, web boards), but generally are going out to a much wider audience and will have a better chance to be answered correctly.

A newsreader with a killfile in today's USENET is a must. You also would like one with good filters that can rank messages based on subject or author. This helps highlight what you're interested in rather than wading through the rest.

But more importantly than the above is having a strong newsgroup to participate in. It takes a while for a ng to develop it's community, but once it's in place, most are pretty good. Examples that I read include comp.infosystems.www.authoring.html, rec.arts.tv.mst3k.misc, and rec.games.roguelike.nethack/.adom. On the other hand, if there is no clear leadership/common posters, or the like, or the subject matter is of the right type, you get groups that are mostly organized anarchy: alt.html, alt.tv.simpsons, alt.games.half-life, etc.

But in generally, most of the non-alt groups will be good; the regulars are knowledgable and will try to answer a well-worded question to the best of their ability.

Unfortunately, USENET is really only practical for those with T1 connections or shell accounts with their newsreader - most groups get 100+ messages a day, and if you wanted to read all the messages with a standard dialin and newsreader, it could easily take 10 minutes per newsgroup per day to download that information. That's why web discussion boards have gained popularity. However, IMO, it will not replace the quality of help I generally get from USENET.
"Pinky, you've left the lens cap of your mind on again." - The Brain

A newsreader with a killfile in today's USENET is a must. You also would like one with good filters that can rank messages based on subject or author.

Can anybody recommend a good newsreader for X? I used to use YA-Newswatcher on my Mac, and I loved it. It would be nice if it could handle inline images, too (gotta get my daily prawn allowance)

(And needless to say, HTML is NOT a USENET posting standard - thanks to Netscape for unleashing this travesty to the world, but fortunately, only about 2% of the posters I read use HTML in the first place.)
"Pinky, you've left the lens cap of your mind on again." - The Brain

ORBS is an automated service. If your server is an open relay (the tests ORBS employs are the best around), you will be put into the list automatically. Yes, you will be notified about this. But there is no way to stop or delay this block, unless you fix your servers.

On the Bugtraq issue, read this page

What do you prefer? One single email all 21-45 days announcing the probe or a real spammer who uses your server to send thousands of emails?

If your SMTP servers don't relay, no probing message will make it through. There is no harm done by this method.

They don't attack you. It's a free service to help you defend your SMTP servers against spammers.

What would problably work in this day and age would be a WDP (Web Death Penalty). Block port 80 from and to known ISPs that spam. Boy will that get people's attention.

If you really want to nail them to the wall, declare an email death penalty as well. Block any connections to port 25 to and from @Home. The two services used MOST these days are email and web. Shut those down and the customers are paying $65 for nothing.

Tension, apprehension

And dissension have begun

- Alfred Bester, The Demolished Man

this sucks for me, being a new @home user. i have wanted to stop by the usenet, but i havent had a chance to anytime. now im being punished for something im not even doing... anyway a hapless victim could get around this?

Just let @home know how you feel about it. And not only their support, but also their sales. That ought to help as the UDP will be lifted once they clean up their act.

/Bergie

--
The Midgard Project - Web Building with Web-based Tools.

you *may* (most likely, you can) still be able to read/post messages using DejaNews.

And that would probably be an option for most people if Deja's user interface didn't suck so badly. A lot of people are going to be very put out by this UDP 'cause they won't be able to use the news reader / poster of their choice. I know if I couldn't use 'tin' and had to go with Deja, I'd just not bother with usenet.

My 2(where'd the cents symbol go?),
Anonymous Coward

that form has all the junk that the original poster's form leaves out. that was the whole point of his post.

-- everything should be made as simple as possible, but not simpler. -- A.E.

I've found even the modified search forms (there are several floating around) hard to use given Deja's current breakage. The real lifesaver for me is dejasearch, a command line utility. Throw it a search and it saves the result set to a file which you can then browse. Find it here at Freshmeat.

What part of "Gestalt" don't you understand?
sid=moderation

I am a former admin of a fairly large news outsourcing service and believe me this problem is not new. Recently usenet posts have exploded to well over 20 gigs a day most of the time, many times now it has hit 30. A 250 gig raid can only retain about a weeks worth of articles now. Of that 250 gig I would guess that 2 days worth of retention space is lost to spam. Its a serious problem.

Just fighting off spammers on a local level is a full time job for a decent news service. Check http://www.spamhippo.com and look at the top 100 spam sites and you will be amazed at the sheer numbers.

I feel bad for any user that suffers due to their ISP's negligence but at the same time I know that locally we will comply with UDP. The suffering of the users unfortunately is the only way to stop it.

Most arent aware but there are actually people out there who do nothing but work as spammers for hire...they sign up for a newsservice and spam until they loose their account. @home has become a haven for them due to their apathy towards stopping them and several notorious spammers have been using them for months.

Yes, there is a way to get around it.

Fire them. Quit sending them a check every month.

LW

Of course! You should complain to @Home. Do so at length, and threaten to take your business elsewhere until @Home manages to fix the problem @Home has which is hurting @Home users.

If @Home doesn't fix the problem, you really should switch, if possible. If not, there are many other solutions. The cheapest and easiest would be to read newsgroups via Dejanews or Remarq. Better solutions would be to get a Unix shell account (these are available for free some places at least).

Of course, @Home may come around, hopefully before the UDP hits on the 18th. If so, you have no problems at all.

Try securityfocus.com & packetstorm.securify.net. Then you won't have to visit the crummy sites.

No, breaking into someone's computer shouldn't be treated like a physical assault. Not even close IMO.

But it SHOULD be treated like a property crime. After all, it is costing the victim money. If something of value is copied or destroyed then the victim is financially hurt. Say what you will about closed source, but it still holds a market value.

Hell it doesn't even have to be source code. People store all kinds of information on computers (credit cards, anyone?). Sure, this stuff should be secured, but there's no denying the fact that harm is done if someone steals it.

Even if nothing is done aside from breaking in the victim still loses. Why? He has to invest time (= money) in resecuring / reinstalling his machine.

Don't try to glorify computer intrusion as a harmless activity. It's not.

For what it's worth, I agree that sysadmins should work together to solve problems as much as possible before involving the authorities. It's generally a faster way to take care of the problem. But, when the abuse warrants it, either through damage, or through repeated activity, I have no problem contacting law enforcement to resolve the issue.

Best regards,

SEAL

Oh yeah, they'll be all over that puppy.

"Don't worry about a thing, sir. Me and my partner, Officer Krupke, will take care of things. Let's see, first we'll secure the crime scene. Hey, Scott -- er, I mean, Officer Krupke, do me a favor and bring up a shell on the router. Let's bring down some services and quiet things down in here. Sir, could you turn down that Xamp over there? Thanks."

"All right, people, I've got root here now. Anybody needs a whole in the firewall will have to go through me. I'm gonna start my investigation now. Let's see here, what does the syslog say?..."

Yeah, that makes sense.

RP

I'm a disgruntled @home user, or in other words, I've been on the service for more than three months. No one at @home takes proper measures to inforce the acceptable use policy. Instead, they cap bandwidth at 5k a second to make their ISP a less viable 'server', inconveniencing every user.

@home costs $65 a month Canadian, and they cut corners everywhere they can. My personal WAN area has between 32 and 40 people on it, and the packet drops are phenomenal. I have been phoning their tech support for thirteen months in a row, and they have told me it's everything BUT a crowded WAN area. They most recently have told me that 'Internet Access' does not include UDP. They do not support UDP, therefore they have no responsibility to control the quality of Internet gaming, despite advertising gaming on their network on television with fullscreen Quake pictures. I have been keeping track and am wondering about the viability of a lawsuit.

As I hinted above, servers are against the rules with @home. Have you ever played on a Quake server with an IP starting with 24.113 or 24.112? That's @home cable. Expect 5 to 50k/s upstreams.

Ever gone to a mp3 search engine? A ton of the sites are 24.113 or 24.112.

@home has been banned from Dalnet, due to excessive numbers of people spamming the network. The Dalnet ops have tried to contact @home about the problem, but they were ignored. The only way to connect to Dalnet for @home members is through gate.dal.net, which has too much lag. My two year old channel dwindled to zero people within a week.

The bottom line is, do NOT sign up with @home if there are any other alternatives. They will hook you in with a high installation fee, and it goes downhill from there. You're on your own. Everyone who has any sense of right and has power at @home must be ignored internally.

Why the heck are you sticking with @Home, then? I would have lost my patience waaay before 13 months, and switched to someone else. It's not even like they're really cheap.

"Science is magic that works." -- Kurt Vonnegut, Cat's Cradle

Their service is slow, and their nodes are overloaded by 300% (there should be 25 people per node, according to them - many nodes have 50-75). Some people call Cogeco almost weekly to complain, but they just blame it on someone else (i.e. "It's slow because people are running servers").

Here, the service is only $49.99 a month, or $39.99 if you subscribe to basic cable. But if DSL was available (it would be the same price, I've checked), I would switch to it, along with almost every other @Home user I know.

Yes. With some elbow grease it works under Linux and OpenBSD. Probably works under FreeBSD and NetBSD also. But, it's gonna take a bit of the old RTFM.

My threshold is set to 1. Please post accordingly.

I've used @Home with Cox in San Diego for something like 2 years at this point. Outside of the #%^#^ 128Kb outbound cap (vs. 400KBs pre-cap), the service has been good - I've had one or two outages over that entire period, maybe 10 hours total - you won't get a contract specifying that kind of uptime with a dedicated line without a LOT of money & effort! While I don't often see >1.1MB/s transfers, that's more the remote server than anything else; I frequently see 800KB/s+ agregate. I've never had a setup problem in spite of the fact that it's only been the last 2 months that I've had a computer in my house running a supported OS.

The Matrix is going down for reboot now! Stopping reality: OK. The system is halted.

I don't have a clue how @hoome does it, but a hidden proxy server is very easy to do. I've set them up using squid and Linux port forwarding. All you have to do is set your gateway to forward port 80 (or what ever port you want) to the proxy server port. That way all all traffic will hit the proxy.

IMHO this is a good thing, as a proxy means that rather than going over the internet to pull down static content, ie: the images on a web page for instance, it will all come out of the cache. Of course if whoever is running the proxy gets too thrifty you run into things like reading yesterdays slashdot page instead of the current version.

Note - they _used_ to require that you explicity specify the proxy server (and you would be unable to surf without doing so). Now, you don't have to set it, and you go through an invisible proxy.

--
This .sig no verb.

-- "You can never have too many elephants on your team."

Not all of 24.*, just most. I was with another cable provider and they used 24.*.

I'm on PlanetCable 512K/s BOTH WAYS baby! Running freefall.penguinpowered.com (24.137.10.83)from my home system.

That looks like 19 class B's and a class C. As I recall, @home applied for and was denied a class-A; they were moaning about it semi-publicly.

When I'm not in my right mind, my left mind gets pretty crowded. -- Steven Wright

-- "You can never have too many elephants on your team."

"You can't shake the Devil's hand and say you're only kidding."
- They Might Be Giants

"You can't shake the Devil's hand and say you're only kidding."
- They Might Be Giants

The only thing that is going to smarten them up is if they have to surrender their monopoly on "internet on cable", or if DSL providers achieve credibility and pricing parity. So far, it is more difficult to get DSL in most areas than it is to get @Home or other cable modem services.

I don't think the problem is that there are too many users on @Home, or that the company is naive about their responsibilities on the net. I think the problem is that the companies involved have made a decision to restrict the amount of service that they are going to provide. Long waits on support lines are not an accident, the company has calculated how much they can spend on phone support employees if they want to achieve profit margin x. I do know for certain that Rogers dispatches their installers on a strict time-and-motion-study basis: something like "If you can't make the hardware installation work in 12.5 minutes, leave anyway". My guess is that the same applies to complaints about DoS, SPAM, etc.: they don't want to spend the money that it would take for them to become a better net citizen, and so far nobody has forced them to rethink.

. In fact, it would be over a year before I ever saw an intelligent post from the aol.com domain.

There are no intelligent posts from aol.com. You must be mistaken.

If you'd actually read about UDP you'd understand that all reasonable and some unreasonable attempts to contact the isp are made before it happens. The ISP is not responsive to the internet community at large or does not have effective measures to deal with them.

You should call up @home and tell them you don't like the spammers. That's the whole point of the list. @home not doing what they should, and the usenet community at large is using the power of denying them access to pressure them to fall in line. The only reason that creates pressure is because customers, like you, want access to usenet. It's a rather simple thing.

Geek Merchandise

First they ignored UDP (the protocol), now they're the ones getting the UDP (the swift kick in the pants that is the Wrath of the 'Net).

And in other news, @Home announced today that it will be buying out the Ministry of Truth, making it the world's third largest Crappy-ISP-cum-Formerly-Half-Decent-News-and-Entertainment-Company, closely trailing AOL-Time-Warner and MSNBC.

http://www.shaw.ca

Maybe the lower price is because @home has real competition here. You can get DSL service starting at $445 a year ($38/month CDN, ie. $26/month US)

http://www.cadvision.com
http://www.telus.com

-- "At Microsoft, quality is job 1.1" -- PC Magazine, Nov. 1994

Trust me I know, I work there.

-- The quality of Doubting is rare among men, and a few choice souls are born with it. --Anatole France

Sludge wrote:

As I hinted above, servers are against the rules with @home.

Actually... You should go pull up the service agreement and read it again. It seems they've amended it recently. I was looking at it over the weekend, and all I could find was a section in "Service Characteristics" subsection "b" that basicly says "If you run a http or ftp server, someone may hack your box. Don't blame us." This surprised me, because it used to say "No servers of any kind. Period!". I'd post my SLA/AUP but it specificly restricts me doing this.

Your service agreement may read differently. In my area, @Home has lots of bandwidth. I've hit 550Kb/sec. on ftp downloads. (There's like 3 of us on the segment... :-) There's a 128k upload cap, which may account for the server restriction being removed. YMMV.

Temkin

I just double checked the SLA/AUP available externally on @Home's website, and it still includes the server restriction. The one available from my house via "http://www" does not contain the server restriction. YMMV!

Temkin