Slashdot Log In
MAPS RBL Is Now Censorware (Updated)
from the seeing-pink dept.
Media3 has had six of its ClassCs added to the RBL: one in June, and five in November. These 1500 IP numbers are now cut off entirely from the rest of the Internet for any Internet provider who subscribes to the RBL (more on this later).
But making these 1500 IP numbers vanish from the net -- which is exactly what happens for any provider who subscribes to the RBL -- does not stop any spam from getting through. They are not blocked because those servers are sending unsolicited email, or any kind of e-mail for that matter.
Media3's service agreement is more-or-less the same as all responsible, anti-spam providers:
"M3 does not permit the transmission of unsolicited e-mail... Subsequent violations will result in suspension and/or termination of the account without refund of service fees..."
And MAPS does not even allege that a single piece of spam has been sent from any of these 1500 IP numbers. As their press release says:
"Media3 refused to require their Web-hosting customers to stop advertising their Web sites by using unsolicited commercial email..."
Even this fact is in dispute. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate Web sites which promote themselves through spam.
You can check the RBL evidence file yourself. When a MAPS representative spoke with Joe back in June, he told him that he needed to, not tighten up his sendmail rules, but "terminate the Samco [Web] sites and rewrite his AUP to prohibit the hosting of spamware."
Spamware? Yes. Media3 does host Web sites which sell software that sends bulk e-mail and harvests e-mail addresses. Take a look at MarketingMasters.com. Their IP number is 209.211.253.74, which is in the Media3 ClassC which was blocked in June. You can look them up on the RBL at http://mail-abuse.org/cgi-bin/ lookup?209.211.253.74.
Again, the blocking of that IP number, their Web site, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose Web site can't be seen by RBL subscribers.
The problem is that MAPS has put every 209.211.253.x IP number on their list. For example, if you look up 209.211.253.169, you'll see exactly the same message and same rationale.
And 209.211.253.169 is not a spam Web site. It's otherwise known as Peacefire.org, a group of young people who are advocates of free speech rights for teenagers, and -- irony alert -- longtime opponents of censorware.
In fact, if you visit their Web site you'll see many reports about how censorware blocks the good as well as the bad. Their latest, "Amnesty Intercepted," shows that sites like Amnesty International Israel and the American Kurdish Information Network are blacklisted as pornographic by overzealous censorware.
Kind of like Peacefire -- and over a thousand other sites -- are blacklisted by MAPS.
Let's be clear about what censorware does. It does not by itself block content. It "only" rates that content as unacceptable for viewing, and it is up to someone -- your parents? your teacher? your ISP? -- to apply its rules to prevent you from seeing that content.
I don't like spam any more than the next person. But I also don't like censorship, and I take a content-neutral view of these things. If someone delivers a product to be used by Alice to block Bob from seeing website because she doesn't like its content, that product is censorware.
And if that product capriciously, unfairly, and deliberately blocks innocent Web sites, then it's not very good censorware.
In this case, the "bad" Web site sells software which could be used to spam. Frankly, compared to Nazi propaganda or bomb-making instructions, it's pretty tame. But that's not important. Standing up for speech I agree with is easy, everybody does it. If you want freedom, you have to stand up for speech you disagree with.
At least with programs like CyberPatrol, SurfWatch, and Net Nanny, when overblocking mistakes are pointed out, they are corrected. But as MAPS admits in its press release and evidence files, the intent here is not to block the actual Web sites (after all, people who want to buy the software will find a way to buy it).
No, the intent is to get the ISP in question to play ball. The fact that a thousand innocent Web sites are censored is, as far as I can tell, irrelevant.
I don't see much difference between this and any other censorware. One difference is that few other censorware packages are actually free. Another is that fewer are so obviously wielding their power as a retaliatory weapon.
And, there's also the fact that the RBL is used by a backbone provider, AboveNet, whose CTO also happens to be a co-founder of MAPS. Peacefire had no idea that it was being censored until it heard from confused would-be readers. At least with traditional censorware, if your connection to a website is blocked, you have some idea of why. Peacefire's readers naturally had no idea whether their packets were traveling over AboveNet's network, and only knew that their connections were being rejected.
(I contacted Paul Vixie to ask about AboveNet and how it uses the RBL, but he refused comment, sending me to AboveNet PR, who didn't get back to me by deadline time.)
Vixie claimed in 1998 that "MAPS volunteers always contact the owner of a site before it's blacklisted." I'm guessing none of the 1,500 blocked Web sites were contacted.
But then, MAPS also advises Web providers:
"If you host Web sites, we suggest that you use one IP per domain so that if spam occurs for one Web site, we don't have to blackhole you or your other customers to block access to the spamming site."
That's exactly what Media3 does -- and exactly what MAPS did.
Oh, and one more difference. The RBL is more successful than any other censorware package. According to Upside, 20,000 companies that control 40% of all e-mail accounts (and, quite possibly, Web sites); that's up from what ZDNet said in 1998, 2000 ISPs that control 30% of Internet destinations.
I can't find much to argue with in Joe Hayes's summary:
"They [MAPS] are blocking very good educational sites, nonprofit organizations, in their attempts to get us to adopt their definitions in their entirety. They've made no bones about hurting people and while Media3 maintains a policy of not allowing unsolicited e-mails, we do not see completely eye-to-eye on MAPS's definitions because they become very encompassing and very broad. While they have a good tool, and I commend them for their efforts to contain e-mail abuse, they're a good thing gone bad and they have basically become the abuser."
And here's a heavily abridged list of the sites that cannot be accessed via AboveNet, or any of the other providers who use the RBL -- just a few of the sites on just one blacklisted ClassC:
- FulfilledLives.com, "the place for women and girls," about spirituality and relationships.
- DesktopHeaven.com, Windows themes, screensavers, wallpaper.
- TownOfCary.org, the official website for the town of Cary, North Carolina.
- StudioZito.com, yet another Web site-designer.
- Crossalizer.de, a music site which points out (in German) that it's a victim of an anti-spam initiative, and thus has moved to Crossalizer.com.
- StrikeMore.com, bowling tips and schedules.
- NewTechWellness.com: "The total balance of wholeness and wellness within the areas of Mind, Body, Family, Society, and Finances in our lives is our goal," OK, whatever.
- ElaineCoffman.com
and DianaPalmer.com
-- both are authors of romance novels.
And finally, - CraftersCommunity.com. "If you are looking for a fun and easy recipe to do with the kids, try these deliciously simple Winter Cookie Pops."
Update, something like an hour later: If you're planning to e-mail me or post a comment saying I don't know what I'm talking about because the RBL only blocks mail traffic, please take a moment to read this 1997 interview. Excerpt:
SunWorld: How do you defend your policy of Blackholing Web services that host spammers' Web sites -- even if the spam itself isn't going through their service?
Vixie: This is the most controversial thing we do because it's censorship of something that isn't spam. It's me saying to some Web provider, because you are renting space to this person [a spammer] who is doing something completely legal, I am going to Blackhole your butt.
For more on the Border Gateway Protocol implementation of the RBL, see this page (thanks to jeffg for the link); for a description of how it drops all packets to blackholed sites, see this message.
Also, Bennett Haselton of Peacefire reports, at 10:58 PM EST:
I just telnetted in to www.peacefire.org and was able to do "ping www.above.net" and "ping home.cnet.com" and "ping www.infoworld.com" despite the fact that that traceroute on all of these sites shows that they are hooked up via above.net.
Peacefire's IP address is still on the RBL, so it looks like AboveNet has, for the time being, temporarily stopped blocking their users from accessing sites on the RBL.
This means that either:
(1) AboveNet has realized the errors of their ways, and is trying to correct them.
(2) AboveNet is trying to cover up the fact that they ever censored their users' Internet access, and they are temporarily opening up the gateway so that people on AboveNet will be able to access Peacefire and will think it is all a hoax.
Irony Alert: DeCSS (Score:5)
Now, spamming software is sick messed up crap, but if we subscribe to maps, then are we as bad as Jack Valenti and his pals in the entertainment industry?
Chris DiBona
VA Linux Systems
--
Grant Chair, Linux Int.
Pres, SVLUG
RBL Usage info - READ THIS (Score:5)
There are three ways that RBL may be used, listed at this address:
http://mail-abuse.org/rbl/usage.html [mail-abuse.org]
ONLY ONE OF THE USAGE METHODS results in blackholing all ip traffic, that is the Subscription via BGP. This option is only available to larger networks with routers which have an ASN (see whatis.com [techtarget.com] if you don't know what an ASN is.)
I know of very very few networks which use RBL in this manner. There must be a few, but it seems like a pain in the ass, and there are negative effects of doing it, as indicated on the RBL description of the service.
Anyone choosing to implement such an esoteric blackholing system for all ip traffic from RBL-listed hosts is likely FULLY AWARE that they will be dropping some hosts, and must consider that an acceptable risk. If you are a client of such an organization, and don't buy into that, then leave. My guess would be that most that have successful implementations of BGP RBL subscription had buy-in from their clients before they set it up.
My guess is that 95% or more of RBL subscribers use the "Direct usage via DNS lookup by mailserver" method of applying RBL blocking. This method has ZERO IMPACT on http, ftp, dns, ICMP, or any other type of traffic other than SMTP.
This Slashdot article was written by someone who does not understand the nature of the Internet and the RBL on a detailed level, and who is obviously dipping into conspiracy theories a bit... his little diatribe on above.net sounds like the manifesto of a lunatic. To the author: Get over it, sir. You don't understand the technology, and you don't understand the decisions made by ISPs who implement the RBL. I wish you well in your career, but this isn't going to be the ground-breaking story you thought it was. Feel free to write me if you'd like to speak to me further.
Sincerely,
~Acheron
The problem is the innocent victims (Score:3)
Such a gaffe might be understandable if the IP addresses in question were dynamic, but they're not. They're static. There is no need for MAPS to list peacefire.org in the RBL.
Re:Huh??? (Score:5)
There are many forms of the MAPS RBL subscription.
One form that appeals to some network providers is the MAPS RBL Subscription via Multihop eBGP4 [mail-abuse.org] . This subscription option involves configuration within border routers of a subscribing network provider. Any traffic that passes through a router configured to peer with the MAPS RBL feed will null-route packets destined for any host or network listed in the MAPS RBL. This includes ALL internet protocol traffic -- not just mail.
If a network or host is listed in the MAPS RBL, and a router between you and that host or network is configured to use the MAPS RBL BGP feed, you will be unable to browse a website located there, you will be unable to ftp to them, and yes, you will be unable to send them mail. And they will be unable to send you mail, or browse your web site. Again, any traffic passing through a router configured in this way that is destined for an IP in the MAPS RBL will be null-routed -- for all intents and purposes, dropped on the floor.
Asymmetric routing and inadequate coverage on the border can be a noted hole, but in cases such as these, the MAPS RBL BGP feed isn't really working anyways.
Re:Exactly (Score:3)
Bruce
Re:This isn't right (Score:3)
1 dnai-com.perens.com (216.15.108.185) 21.416 ms 0.832 ms 0.703 ms
2 dnai-216-15-96-1.cust.dnai.com (216.15.96.1) 22.975 ms 12.134 ms 16.915 ms
3 fe3-0-br-1.sjc.dnai.com (207.181.193.1) 22.722 ms 7.364 ms 7.759 ms
4 main2-249-152.sjc.above.net (209.249.152.3) 20.723 ms 9.060 ms 7.091 ms
5 core5-main2-oc3.sjc.above.net (216.200.0.205) 23.190 ms 7.470 ms 7.776 ms 6 core1-core5-oc48.sjc2.above.net (216.200.0.178) 23.403 ms 7.579 ms 7.755 ms
7 ord-sjc-oc12.ord.above.net (207.126.96.117) 67.590 ms 67.780 ms 68.573 ms 8 POS12-0-0.GW2.CHI6.ALTER.NET (157.130.111.89) 70.829 ms 69.470 ms 69.189 ms
9 112.ATM3-0.XR1.CHI6.ALTER.NET (146.188.208.186) 69.099 ms 67.905 ms 69.813 ms
10 291.ATM2-0.TR1.CHI4.ALTER.NET (146.188.208.250) 94.485 ms 95.112 ms 93.882 ms
11 106.ATM7-0.TR1.TOR2.ALTER.NET (146.188.142.74) 95.481 ms 102.600 ms 99.372 ms
12 299.ATM7-0.XR1.TOR3.ALTER.NET (152.63.129.149) 103.557 ms 98.535 ms 98.082 ms
13 190.ATM7-0.GW1.TOR3.ALTER.NET (152.63.129.233) 98.190 ms 100.049 ms 98.933 ms
14 205.150.221.230 (205.150.221.230) 114.641 ms 100.628 ms 103.484 ms
15 mediamasters (204.101.215.149) 102.729 ms 101.457 ms 101.752 ms
So, it's not happening here.
OK, I'm a dunce. (Score:3)
Bruce
Re:OK, I'm a dunce. (Score:3)
Thanks
Bruce
I have to agree. (Score:5)
It happens that if you write me and I'm not at home, I get your mail via Palm VII wirelessly. Whoever you are. Even if I've never heard of you. And sometimes, that matters to people.
Spam really is a problem on the Palm, because it takes time to download it, there's only 2MB RAM so there's no space for it, and so on.
So, I want to filter spam, and I want to deter spammers because deterrence is more effective than a filter. The RBL has been a positive force for me, it's kept the S/N to the point that I can read your mail.
Thanks
Bruce
Re:I definately do not agree - (pro-MAPS) (Score:3)
Just some corrections of your correction. :)
1. The Spamhaus list is here [spamhaus.org].
2. Not a single one of the IP numbers listed there sends spam. Let me repeat that: you could drop every one of those IP numbers off your network and it would not stop a single piece of spam from reaching you. Those are websites. Spamhaus and MAPS don't like ths products those websites are selling and that is why they (and over a thousand other websites) are blocked.
3. Media3 has 42 Class C blocks, which means that 0.2% of their IP numbers house websites which sell spam-friendly software (but, again, those IP numbers are not sending spam). I would not say 0.2% is a "high percentage."
The situation is analogous to a censorware company blackmailing a service provider into removing Holocaust-denial material, by blocking thousands of innocent websites. Now, I don't like Holocaust denial [holocaust-history.org], but standing up for free speech means standing up for speech I don't believe in.
This situation is no different (except that, on my scale of evil, spammers aren't even close to those who want to rehabilitate Hitler).
Jamie McCarthy
You don't have the choice. (Score:3)
Re:Sorry, Jamie, you are way off base (Score:4)
You don't need to. Just block the spammer's website. This still cuts off the money - the spammer will get less, since they've been RBL'd, and if the spammer goes elsewhere, then the ISP loses their money - but not at the (unnecessary) expense of other customers. Repeat the process with wherever the spammer goes next.
That's how MAPS should work, by blocking the bad stuff so that RBL users just don't see it. There isn't any need to punish innocent sites who happen to be on the same class C. MAPS should concentrate on blocking spammers and their sites, not trying to twist ISPs arms.
If MAPS successfully got Media3 to shut down the spammer's site, then MAPS WOULD be dealing in censorship, wouldn't they? They'd no longer be this optional advisory guide you could use, rather, they'd be going around getting websites they don't like shut down. If that's not censorship, I don't know what is.
MAPS seems to want to have it both ways - to the public: "Oh, we're not censoring anyone", but to M3: "Shut this site down now, or we'll punish you by blocking lots of your sites". I'm sorry, but to me, that's just terrible.
jamie has a point. (Score:4)
Arguments about whether or not RBL is a censor because it doesn't wield the power of a government are sort of missing the point. The point is if it provides a useful list. Censorware is censorware because it provides a very unuseful list. The fact that schools and libraries use it is almost irelevant to its name.
From what jamie has said, it sounds like RBL isn't so much trying to block spam as trying to apply political pressure to get an ISP to do what it wants.
Essentially, they're using the fact that hundreds of ISPs suscribe to them and trust them to help them block spam as a club to beat other ISPs into doing what they want. That doesn't seem like a terribly wholesome thing to do to me. I don't want my subscription to be used that way. I simply want them to tell me what sites send spam.
Re:This is exactly what we want them to do. (Score:3)
No. There's one little flaw in your analogy, but it's important.
It's not like locking up the people who made the photographic paper. It's like choosing to not do business with the people who made the photographic paper, and telling them that you will remove your boycott if they stop selling photographic paper to the kiddy pornographer.
Nobody's rights are being infringed. Nobody is having force used against them. There's a huge difference between locking someone up and boycotting them.
---
You've totally missed the point... (Score:4)
ASN is NOT required (Score:4)
You can use RBL w/o an ASN. You just have to run BGP4 and peer with the RBL eBGP4 server and let it route to your black hole address. You then default route everything else out your single backbone connection. No other BGP peering is needed. Since you're not announcing routes (and RBL certainly isn't taking them) you can use a reserved ASN to configure your router.
can MAPS/ORBS be advisory to users? (Score:3)
Re:Irony Alert: DeCSS (Score:5)
Pornography is bad, to some people. To some others, it is ok. And still others appreciate it.
DeCSS is bad, to some people. To some others, it is ok. And still others appreciate it.
We here at slashdot tend to view a given subject only from the perspective which best serves our own interests. We are as selfish, prejudice, maliciously reactionary, and sublimely manipulative as any of the MPAA, the spamware folks, or the extremist portion of the Christian Right.
Rather than attempt to remain reasonable and retain even a hint of impartiality, we react viciously to anything deemed to be infringing upon on our rights, with absolute disregard to the rights of any others who might be in the way.
We do this as we sit high upon our assumed intellectual high horse/flimsy house of cards, shouting banters about freedom, goodness, and The Right Thing To Do; cries which typically fall upon deaf ears.
Witness our views on DeCSS, Censorware, Spamware, MP3 encoders, MP3s themselves, the iOpener, or TiVo's 'exploitation' of the Linux kernel, and try to visualize the other parties' justification (which, in these cases, is -always- legitimate) for whatever it is that they have done to offend the horrid, arrogant, nonsensical beast that is slashdot. In other words, put yourself in their shoes.
Those who are unwilling to do so are simply afraid of finding that said shoe fits their own foot perfectly, and that they'd hence not be able to remove it from their mouth. This is an obviously unacceptable outcome, given the clear superiority of the average slashdot user (let alone the top 5 percent).
With such bigotry abounding en masse, it's no wonder they can't hear us.
Choose your enemies carefully, because that is who you will become. --Lao Tzu
censorware. (Score:4)
Re:This is exactly what we want them to do. (Score:4)
And, in fine Usenet fashion, the discussion is now over!
According to S.P.(U.T.U.)M. (Score:4)
First, we must translate the Five Spheres (or Rings) of the enemy system into modern Net.War counterparts:
- Sphere 5: Fielded forces-- throwaway AOL accounts, hired consultants, dedicated spam domains
- Sphere 4: Population-- Spam-related customers, support employees (secretaries, etc.)
- Sphere 3: Infrastructure-- Primary non-rogue ISPs, Websites, ftp sites, cgi scripts, mail relays, reputation
- Sphere 2: System Essentials-- Money, bandwidth, telco access, computers
- Sphere 1: Leadership-- the SpamBoy himself, his partners and business associates
By alliances, we mean those reciprocal relationships the spammer has formed with: news media (Cyber-Clueless First Amendment activist newbie journalists, for example)- other spammers
- ISPs, whether rogue or non-rogue
- hacker consultants
- fringe associates (Meowers, Kook Cabal)
- banks, business organizations, and other sources of economic power
- politicians
We must then examine our assumptions. If our Spammer runs his own ISP, then attacking an AOL account he controls (by complaining to abuse@aol.com) will be of negative value-- a waste of our time and resources. If his ancillary server is somehow "taken down", but his primary SpamServers keep pumping out ECP spam via open NNTP ports worldwide, what will we have gained? If he is (like Gr*bor or our own deeply psychologically troubled Doktor Funway) only marginally rational, abuse and punishment that would persuade a reasonable Yeti to leave the field of battle may only enrage the Bull(shitter) like the pricking of a picador. Finally, if we do not have the necessary intelligence to pinpoint our enemy and her crucial Strategic systems exactly, our efforts will either be wasted entirely, or increased by orders of magnitude over what they could have been with accurate and timely information. In our final strategic translation matrix, we shall endeavor to identify what we mean by a Spammer's Political, Economic and Military powers; as well as the proper role of the semi-tautological Net.War attribute of Information.- Political power: news media (online and traditional), lawmakers, friends and acquaintances, usenet Kooks
- Economic power: cold hard cash earned both legitimately and by Spam; frivolous lawsuits (to tie up opponents' assets/time)
- Military power: Net.war capabilities of spammer's own systems (mail bombs, Usenet binary bombs); hired gun hackers; open NNTP and mail servers ripe for exploitation
- Information: Positive and Negative--> Positive: Spammer's ability to gather intel on foes; ability to adapt to changing laws, standards, and software affecting/enabling internet communication; ability to slander and defame enemies and thus provoke them to rash deeds;
- Negative: the ability to cloak himself in anonymity, pseudonymity, and false faux-open identities, thus denying his enemies that first prerequisite of strategic analysis: identification.
Freely stolen from: http://www.radix.net/~revjack/snotwad/snotwad3.htRe:Irony Alert: DeCSS (Score:3)
It's NOT ok to "go after" tools, because it doesn't solve anything. If someone wants to do something, they're going to do it. You can make it difficult by trying to remove a tool that makes that end easy, but two things happen:
1) A new tool takes it's place.
2) The general populace stays ignorant of why the end is "bad". All they learn is that the tool that does it is bad, which we've already pointed out to be wrong.
Re:MAPS != censorship. (Score:5)
It's not quite that simple, though. Common carriers, although private organizations, don't have the choice to carry or not carry based on content. Now a local dialup provider is hardly a common carrier, but I would say that a tier one provider really should be a common carrier. After all, a local dialup in Peoria can't reach Bangladesh without crossing some backbone provider's network.
itachi
MAPS != censorship. (Score:3)
If a government library refuses to cary 'Hucklberry fin' because of it's content then that's censorship. However private organizations should not be forced to carry or not carry a given item. You cannot compel me to carry a slashdot bumper sticker on the back of my car claiming that if I refuse I am 'censoring' your right to free speech.
By the same token you should not be able to force a private entity such as an ISP to carry traffic they choose not to carry, i.e. traffic identified by the MAPS RBL. If you don't like MAPS then don't use their service or use the services of ISP's who do.
This also carries over to 'censorware'. Government institutions should not censor internet content through manditory filtering. However it's morally acceptable to me for a parent to by some software (that arguably does a poor job) to filter the content on their privately owned computers.
-- Greg
Re:I definately do not agree - (pro-MAPS) (Score:5)
-- Greg
This is exactly what we want them to do. (Score:3)
Those who host websites for spammers even after its brought to their attention that they're spamming deserve to be blackholed--I praise the RBL for their continued action in this regard.
Should they wish to rejoin the RBL using net, they may terminate their spammers and tighten their policies. For those who cry about "free association," remember that subscribing to the RBL is voluntary, and using an ISP that subscribes to them is voluntary. If individuals want their subscription fees to support spam and their packets to be dumped, they're free to subscribed to an RBL'd provider.
Re:Thats not what its for... (Score:3)
//rdj
Re:Sorry, Jamie, you are way off base (Score:5)
That couldn't be further from the truth. What's happening is that I decide that someone else has sufficiently similar opinions to mine about what I don't want to see, and ask them to do it for me. That's not censorship, it's outsourcing. Well, I guess you could always call it "self-censorship by proxy" or something equally convoluted.
Now if the RBL isn't what it advertises to be, that's a different question. But that wouldn't be censorship either, it'd be false advertising.
Sometimes, the best thing to do is nothing. (Score:3)
Incest happens, one way around it is to require that everyplace that allows children is tape recorded to catch the bastards. A simpler and cheaper alternative is to kill all children.
This is my solution.
Sometimes, when the only way to stop an evil is to do an even greater evil, the only sane thing to do is nothing.
You totally miss the point. (Score:3)
But, this article is about the fact that MAPS uses a very broad brush to paint its spammers. In its zeal to stop spam, it is hurting people and organizations that have never done anything wrong. MAPS has been accused before of being arbitrary with its power, and this is some pretty compelling backup to those accusations.
Frankly, I wish that a more moderate group than MAPS had taken the lead in writing a blackhole list. I find their definition of spam to be to far-ranging. I find their tactics to be abominable. I find their superior-that-thou attitude to be offensive.
I hope that press like this will lead an alternative list-group to form, and more press will steer people to it.
MAPS can hide behind "free association" for a while. But if they continue with practices and policies like this, I suspect that they will find few willing to associate with them.
As I read the %2 article (Score:4)
Additional data (Score:4)
Spamhaus.org's ranking of spam supporters [spamhaus.org]
Media3's list of active spamhausen [spamhaus.org]
OK, on three, let's have a great big "Awww" for poor widdle Media3.
1....2....3.... BPPPPPPT!
Sorry, Jamie, you are way off base (Score:5)
Now, what can we do to end the spam?
No, you follow the money: the spammer makes his money when morons go to the web site and by the spamware. Kill the web site, kill the cash flow, kill the spammer's business.
Now, places like Media3 will say "But we aren't spamming!" No, but they are giving aid and comfort to the enemy. So, what do you do to get Media3 to close down the spammer?
Follow the money
You make it unprofitable for Media3 to host the spammer. You do this by driving business away from Media3. You do that by blackholing enough of their customers that Media3 says "We are losing money doing this. Let's not do this anymore!"
Rememer Spamford Wallace, the uberspammer? Ageis communications was providing cyberpromotions.com with bandwidth, and by God they weren't going to stop. Then they got blackholed, and many of their customers left. Faced with losing money, they dropped Spamford like a hot rock.
Remember: follow the money. It's always about the money. If somebody says it's not about the money, it's about the money.
I say, "GO MAPS GO!"
I will continue to use MAPS RBL (Score:3)
It's slandering the innocent (Score:4)
It's not about whether it's reasonable to twist the arms of the hosting companies, it's about misrepresenting what it is you're providing. If a censorware package included a category that said "anti-filtering sites or redirect services", and said you better leave it turned on, that wouldn't be a problem. But when they list all the anti-filtering sites, babelfish, anonymizer and so-on in every category, that's misrepresenting what you're doing.
I read some of MAPS site and it implies that it's pretty hard to get on the list without doing something you shouldn't be. But this isn't the case. "A site being advertised as a target on multiple spam messages may be placed on the MAPS RBL. We assume that the site knows that it is being advertised in this manner". That's a pretty big assumption when you go blocking class C's. I can't find any mention of using the RBL for punishing ISPs as they seem to be doing in this case. Do all their subscribers know they are using it to punish ISPs? Would those subscribers continue to use the RBL if they knew it was blocking large numbers of sites that have no connection to spam other than having the same ISP?
I'm really curious what MAPS contract looks like. They don't have it up on their webpage, and it's the only thing that would exactly address what they claim their service is. Personally, I'd love it if sites would cancel an account if it's at all connected to spamming, even if it isn't where it's sent from. I know geocities does because I've forwarded a few pieces of spam to abuse there. I don't think I'd want the "feature" of being prevented from viewing the sites of anyone hosted on a server that is also used by a spammer.
Mission Creep (Score:3)
The main problem is that this level of blocking goes far beyond the original intent [mail-abuse.org] of the RBL. The Blackhole was only supposed to block known current sources of spam. Over the years it has experienced mission creep [cnn.com] and now goes after spam accomplices (e.g. affiliated web pages & email boxes) as well as accessories [nolo.com] (e.g. email harvesting software). That is too many tasks for a single list!
RBL's original mission is a good idea, and could even be palatable to major backbone providers. For example, imagine if Verizon [slashdot.org] and UUnet [slashdot.org] were subscribers to the more-focused version. Millions of people would be better off instantly. Within months, RBL would put itself out of business -- anyone on the list would scramble like mad to get off or else go out of business from lack of traffic.
MAPS has already implemented multiple parallel lists -- RBL, RSS, DUL, etc. It's time to break up the RBL into 3 separate components with appropriately narrow targets.
Bullshit (Score:3)
By your logic, the United Nations should start killing Iraqi men, women, and children until Sadam Hussein steps down. Hey, it would work. Once all the citizens are dead, Sadam will have no one to rule over, and will thus no longer have power.
By your logic, it is perfectly reasonable for the RIAA to shut down Napster. After all, Napster is harboring far more copyright infringers than Media3 is hosting spammers.
By your logic, if I go on a shooting rampage and kill 14 people in my dorm, not only am *I* to blame, but so is everyone else in the dorm, as well as the dorm supervisor, the University of Minnesota, my parents, my friends, and, hell, Slashdot even.
I mean, I've seen double-standards, but this is rediculous. And you got score 5, even. Huh.
------
Power, unchecked, corrupting as usual (Score:5)
(2) How much is enough? Should MAPS block every single IP address that the provider has, just to force them to stop hosting the software seller? How many innocent sites have to be taken down in the name of shutting down the spammers? And do you really think people looking for spamming software won't be able to find it because you shut this down? When these software sellers move, should we shut down a thousand more? Will you feel the same when its YOU?
(3) No one ever stops to think how insidiously powerful MAPS has grown. As their filters have become useful, it has gone far beyond good sysadmins using them to protect their users -- it has gone corporate, with millions of addresses obeying the filters MAPS dishes out. What happens when it is abused?
Think that won't happen? Wrong, it already has. MAPS blocked 209.211.253/24, because it hurt a lot more than just blocking 209.211.253.68-89, or even 209.211.253.64/27. I shouldn't need to repeat it, Jamie made a great point: Paul Vixie said MAPS contacts all blocked websites before blocking them. Ah, but that must date back to before MAPS was so powerful, such an icon of internet protection, with supporters lining up to buy them lawyers.
(4) MAPS is tied far too closely with AboveNet. The fact that Vixie was an Abovenet VP (who knows what he is with Metromedia, who bought Abovenet), should absolutely chill people. There's something absolutely creepy about the power to block email to 40% of addresses being thus controlled. I'm sure the small-time sysadmins would remove MAPS configs from sendmail if it were abused -- but would corporations be so quick to follow? With change control procedures, possibly even total apathy?
At this point, a lot of these points have been intentionally sensationalized to provoke a bit of thought. I think that MAPS has just selected an overbroad block to filter this time -- and I agree with filtering spam software sales. You support spam, down you go. But I also think that the cheerleading, here and elsewhere, and the lack of concern over the fact that MAPS has run roughshod over so many innocent sites, shows that people have a tendency to follow net luminaries far too blindly. If you're going to run MAPS filters, then you're handing that project power. Best keep an eye on that, if you don't want to contribute to the abuse of that power.
moderate parent up (Score:3)
However I can not fault them for selling spamming software. The right to create and distribute software is a sacred right. I get so frustrated at the people who don't treasure this right.
I believe that no one has the right to tell someone not to create a piece of software. Patents that stop people writing software are evil. Laws that stop people writing software are wrong. People that stop people from writing software are wrong.
I get frustrated by reading the comments about software sometimes. A month ago someone created a visual basic clone for Linux and people complained about it. Not that it was poorly written but just that they didn't want a visual basic clone. People complain that Mozilla have been goofing off adding features instead of just working on gecko. Someone today said that Open Source was making software suck more because now 20 year olds were writing software and his post got moderated to a +4 interesting?!?
The truth is that behind all the laws stopping people from writing software there is a person writing the law. In the end it's always a matter of PEOPLE stopping people from writting software.
On the other hand, I have to laugh everytime I read somewhere that open source software will never be able to do this thing or that thing. People didn't think Linux would scale. People didn't Mozilla would ever get finished. People don't think that Linux will succeed on the Desktop. I have to laugh because I know that someone is going to go out and do the things that were thought imposible. The fact is it is so much easier for some one to program something than to stop every other person from programming something. This means that when I say Linux can never run on a Ti93 I'm almost certain to be wrong because it's easier for someone to make linux run on a ti93 than it is for me to stop them.
For a technical problem there is a technical solution. There are more effective ways to block email than MAPS. If you think visual basic is not good then write your own better replacement. If you don't like the features in mozilla then use kmeleon (http://kmeleon.org). If you don't like open source programs because they were written by 20 year olds then write your own. Gnome wouldn't be better off if people stopped writing KDE apps and KDE wouldn't be better if people stopped writing gnome apps.
The solution is not to try stop software from being written. That's just playing hit the mole. The solution is to write MORE software that fixes the problem. More KDE apps. More Gnome apps. And if you agree with the +4 guy then you want more software written by old people.
Writing software is sacred right and an excersize in free speech.
Re:Irony Alert: DeCSS (Score:3)
If they just block people with misconfigured routers or people who spam that's not censorship.
But when people want to get spamming programs or email addresses and they can't because MAPS is blocking it that's censorship. Email addresses are private information and I don't mind them trying to censor that. I think it's pointless but I don't mind. I mind that they are trying to block people from getting to software though. And I mind that they are hurting inocent web site at the same time.
Basically censorship is when you block two people who want to communicate from doing so based on the content of what they are talking about. Sometimes that's not a bad thing to try do. But mostly the internet routes around censorship.
Re:Exactly (Score:3)
No offense to your grandmother, of course
I just want to hear Paul Vixie say (Score:3)
Media3.net is Guilty as Sin (Score:3)
--
Re:Horay! (Score:4)
Apparently AboveNet also failed to inform its customers, or prospective customers via its website, that portions of the Internet would be dark to them because of an action by an intermediate provider (AboveNet) against another intermediate provider (Media3). This ain't the way it's done, folks! As much as I hate spam (and I use the RBL, DUL and RSS to block on port 25) this breaks the Internet.
IMHO, even though it seems that AboveNet has stopped BGP blocking of RBL-listed sites, at least for the moment, they owe an apology and explanantion to their customers, Media3's non-spamware customers, and to the Internet community at large.
Re:A Better Analogy (Score:5)
Fine, lynch 'em. Tar and feather! The bastards deserve it!
In fact, bust down the doors of all their neighbors, yank those folks off their couchs and their kids away from their game consoles, and lynch them too.
They're living in same appartment complex (Class C IP address range), so let's crucify everyone in the surrounding area, so that the apt complex managers who tolerated the porographers will lose money and noone will move back in.
MAPS is not censorship; SPAM is censorship (Score:3)
An equally effective way is to drown it out with your own message.
And that is precisely the effect of spam. It overran Usenet years ago, rendering newsgroups which had functioned nicely for years useless. It's now overrunning the mail systems of ISPs, individuals and organizations in the same fashion.
Moreover, some companies/individuals have chosen to profit from this unethical activity, and in have in fact lent their active support to it. These companies/individuals should not be surprised when the community attempts to defend itself from their actions by barring their traffic.
So let's be clear on who the enemy are:
1. Spammers
2. Those who hire spammers.
3. Those who write spamware.
4. Those who provide hosting, connectivity, mail, or other services to 1-3.
These are the entities responsible for the floods of spam that clog mailboxes and mail servers; it is with them that the problem lies, not with the valiant attempt by MAPS to address it.
What in god's name are you talking about? (Score:3)
INFORMATIVE:
The MAPS RBL is used for blocking spam. There are rulesets you can add to sendmail to make it check a reverse DNS lookup if you'd like to verify reverse entries exist. You can change it just slightly to make it query something like 40.182.65.207.mail-abuse.org, and, depending on the result, allow or reject the mail. And that's how the MAPS RBL database works. It works via DNS.
TROLL:
This only blocks SMTP ****MAIL****, not websites. What kind of bullshit is that? "They can't go to their websites" blah blah blah, some more stuff i made up, blah blah blah.
INFORMATIVE:
I suppose it would be possible to alter bind to double-query and check the MAPS RBL for the ip and then return HOST_NOT_FOUND if it's blacklisted by MAPS, but what's the point? This is just pure punishment, not even on the same track as trying to cut down on spam. I seriously doubt many (if any) ISPs are actually resorting to something like this. And if MAPS is actually promoting doing this, then they really need a slap in the face, or a rude awakening or something.
TROLL:
So I believe this is when you update your article, say enough people convinced you you had absolutely no clue what you're talking about, and you remove the text of the article, and then you put it back up later because people bitched at you for taking it down because they wanted to see what everyone was making fun of you for and maybe get it on the action.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Re:What in god's name are you talking about? (Score:3)
Look, I use MAPS, and before I even thought of using it, I went to their webpage, and yeah, I researched it. I read a lot of stuff there before deciding to use the MAPS RBL on our mail server.
I never once saw the multihop eBGP4 while reading the info there. In fact, the whole time I spent there, the ONLY information that was all over the page was about blocking SMTP mail, and nothing else. Never once did they even IMPLY that there was another method of using the RBL. There was absolutely no information that I read that suggested otherwise. It looks like they've changed the site around since I was last there several years ago.
If that makes me ignorant, fine, whatever.
In any case, using MAPS in this way is just plain wrong. I support only blackholing via mail, not anything else.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Neural Net Spam Filtering! (Score:5)
A friend and I wrote a neural net spam filter using the UCI Machine Learning Database (on spam), that gets 90-95% accuracy on classifying a message as a spam or not-spam. It's integrated with the mail delivery system via procmail, so you can set it up to deliver all Good mails to one mailbox and Spam mails to another.
It is available (free + open source) at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.tar
The README is at:
http://www-cse.ucsd.edu/~wkerney/spamfilter.REA
For Solarius/Linux only, Windows users need not apply. The system works pretty darn well for a simple neural net, and can be greatly improved, so if anyone is interested in modifying our code, drop us a line!
William Kerney
UCSD
Horay! (Score:4)
Pavlov's dogs love the meaty taste of SPAM! (Score:3)
Someone should inform Pat Robertson or James Dobson about this phenomenon. They're not having as much luck as they'd like in pushing the use of censorware that covertly blocks sites with political content they don't approve. Imagine how happy they'll be when all they have to do to shut down the ACLU's web site, or the Democratic Party's, is set up a bogus spammer haven on the same subnet and then turn themselves in anonymously.
Hey,for that matter, why not skip the subterfuge and set up a MAPS-like service openly advocating censorship? All you'd have to do is control one decent-sized ISP by purchasing it or packing its board of directors, block its users' access to everything you don't like, and then threaten all the other ISPs with blackholing if they don't block your list of censored sites too.
Let's start with everyone's favorite hot button, kiddie porn. I'm sure with enough public relations noise we could convince AOL or some other large ISP to block every IP number in the same subnet as some site with questionable pictures of minors. From there, we could just let the blackmail flow.....
Re:Non-censoring anti-spam solutions are available (Score:3)
Hooooowwweeeeee! Boy, did they take me off their list, and a few of those sites seemed to be unavailable for a day or so.
Hopefully that prevented those last few people from hearing about those great money making schemes that are making everyone rich these days. Don't want those fantastic secrets spreading too far!!
A Better Analogy (Score:3)
So, it isn't like just providing the photo paper and ink to the kiddy porno makers... it is like providing the building, cameras, film, video-feed and streaming servers for kiddy pornographers - knowing full well what they are doing - and then being surprised when people are upset with you.
Software DESIGNED to spam (Score:5)
Sendmail could be used to spam. This website sells software that is DESIGNED to extract email addresses and then stealth email them, most likely through hijacked mail servers with forged headers and from addresses.
What I don't get is why Media3 isn't happy to change their AUP and dump the site. Afterall, the bulk email software is probably being used against Media3's own mail servers by spammers using the software. Kinda like a gun shop selling a gun to a guy who tells them he's going to rob the gun store with it.
Re:This is exactly what we want them to do. (Score:3)
They're not harboring spammers!! This is about someone who makes a piece of software that can be used to spam. This is the difference between locking up the kiddy pornographer and locking up the people that made the high quality photographic paper and the ink used to create the images!
This is not right.
Re:This is exactly what we want them to do. (Score:3)
WRT the replies: The analogy between paper makers and these guys may not be 100%, and I completely understand you not liking the fact that this software is available, and I agree technically that you have a right to block anyone you choose, and that the RBL is just a list of people who have done a set of things. An 'advisory'.
Hell if you want to blackhole Yahoo for some screwball reason, there's nothing stopping you. Except your own customers and clients abandoning *you* yourself!
But I will strongly argue with people who want to make 'certain software' illegal or unobtainable, where 'certain' can be a nice big fuzzy thing on the slippery slope to who the hell knows where. (Do you also RBL people who host databases of actual viruses? Why not? Oh, just the once that you decide have 'evil' intentions at heart, eh? That's nice and clear cut!) After arguing philosophy with you and trying to persuade everyone else listening in, the next thing is to apply the similar pressure to you that you are applying to them.
At this point I'm dropping RBL, and I won't deal with anyone who is using it. This is no longer "prevention", nor "applying pressure", this is extortion, not simply against the person who owns the building where handguns are made, but also the other 1000 people that live in other buildings owned by the same landlord. After handguns, then what? Hunting rifles? Cars? Baseball bats? Big ugly dogs?
"That was the line back there, and you stepped over it..."
Re:A compelling argument... (Score:5)
people, read the article (Score:3)
sig:
I don't get it.. (Score:3)
So what gives? Does it work, or not?
As for MAPS, the low hit rate is because it's based on DNS, and the number of unsecured mail servers approaches infinity. You just can't catch 'em as fast as they pop up, you really can't. Searching the text of the email (as your program does) is a better solution but one that can only be adequately implemented in a highly distributed way (i.e., at the client or possibly mailserver level). If you're an ISP and deal with 3 million SPAMs a day, processing the text isn't computationally desirable.
_________________________________