The agreement explicitly says nothing of the sort. At least not the one I
signed. Did you look at the one you signed? Did you sign one?
fdt-gw#The agreement Paul Vixie makes RBL users sign states that EXPLICITLY
^
% Invalid input detected at '^' marker.
Can we please argue about the merits/evils of the RBL elsewhere?
"Makes"... makes how? I simply enabled it in my sendmail configs and ran
with it. Didn't even SEE where it mentioned that I *HAD* to go agree to
stuff.
Now granted, in my case, its on my personal mail server and doesn't affect
anyone anyways, but there needs to be more emphasis placed on this. A lot
of people will know what the RBL is, and enable it in Sendmail, and it will
work, and they won't have even visited Paul's site to read "the rules of
the game" so to speak.
Dunno what the solution is, but I can see a somewhat real problem here.
Derek
of course, the specific point of discussion was that you suggested that
there were potential trademark/copyright issues associated with rbl operation.
clearly there are not. the rest of your posting appears to be an attempt to
change the subject to evade admitting that you are talking through your hat.
<plonk>
richard
this is true if you're using BGP4 to implement the RBL. if you're using the
DNS version (which is what i use), there are no documents to sign that i'm
aware of; you just point your MTA at the RBL DNS host (if your MTA supports
the RBL) and go.
ethical sysadmins/isps, of course, inform their users of the RBL regardless.
richard
Vix and I have been in agreement that we need a test case. I volunteered
to try and find such evidence last year, but I can't. What I've found is
that ***no major NSP's block spammers***, or least none actually admit to
doing so. One that boasted of such filtering on Nanog last winter, backed
down on providing evidence of blocking, and I couldn't find any without
some cooperation from them, from my remote point.If you are an NSP, and you are blocking a spammer from transiting your
network, where you have no relationship with the parties to the email (the
sender or the recipient), and you and your attorney are completely
convinced of the legality of your actions, then tell me who you are
blocking. And we'll have our test case.
Dean, you keep changing your tune.
First you said *any* spamblocking was illegal.
Now you're looking for someone who is spamblocking IN TRANSIT (ie: not to
or from an end customer).
How would THAT come about, pray tell? Do you know how modern SMTP based
email actually *works*?
Spam blocking happens at the point of delivery or origin. Email is a
point-to-point media in fact, at least in the case where there is no
forgery, fraud, or theft (ie: relay rape) going on.
That is, the transaction looks like:
SENDER >>>>>> Relay ---------- Internet -------- MX of Recipient
>
>
>
RECIPIENT
In the middle, the "Internet", you only have a packet flow. You can't
block "SPAM" in the middle, because you don't know what is and is not
spam since none of the machines in the middle do anything other than
route a packet flow from one place to another.
The Relay (originator host) and MX (target host) both have contractual
relationships of some kind with one of the parties.
You've conceded that at THOSE TWO POINTS, there is no "legal recourse"
available to the parties involved, since there is a contractual set
of conditions (and perhaps even a DUTY to block disruptive traffic in
some cases)
You keep changing your tune. You've been shown to be wrong in every
situation you have tried to postulate, and now you've devolved into
demanding a "test case" which simply doesn't exist.
Give it up Dean. You lost this argument six months ago.
SENDER >>>>>> Relay ---------- Internet -------- MX of Recipient
>
>
>
RECIPIENTIn the middle, the "Internet", you only have a packet flow. You can't
block "SPAM" in the middle, because you don't know what is and is not
spam since none of the machines in the middle do anything other than
route a packet flow from one place to another.
<joke>
conf t
ip spam protect xxx.xxx.xxx.xxx
where xxx.xxx.xxx.xxx = host for preprocessing email and removing spam
</joke>
Dean, you keep changing your tune.
First you said *any* spamblocking was illegal.
Yes. Any spam blocking when you aren't a party to the email is illegal. You
are an attorney. Come on. This isn't relevent. Nor is it a departure from
anything I have said, previously.
So, does this mean you agree that *some* spamblocking is illegal? (I
suspect not, but surprise me.)
This reads like a political attack. (#25: claim your opponent has waffled,
but offer no evidence that anything is different). But I'm not running for
any office. My credibility has no relevance to the truth of whether or not
2511 can apply to network providers. Its federal law. Network providers and
employees ought to be roughly aware of the laws which apply to them. And
certainly not misled.
Telling people a particular law can't possibly apply to them when in fact
it can seems like a gross disservice. It is obvious now that it can apply.
Its also just as clear that there are some legal limitations on what
network providers can do with "their equipment".
Now you're looking for someone who is spamblocking IN TRANSIT (ie: not to
or from an end customer).
As I have said before, transit providers are clearly not parties to
transiting traffic. And I was looking for a Network Service (transit)
provider before.
How would THAT come about, pray tell? Do you know how modern SMTP based
email actually *works*?
Yes, but apparently you don't. This isn't the only way its handled. Some
people "transparently" intercept SMTP. 6 months ago I pointed out UUCP.
And there is also route filtering via BGP RBL. If they aren't a party to
the communication, then its illegal. (like I said before)
I'm really disappointed that people keep claiming that 2511 can't possibly
apply to a network provider, in spite of the now overwhelming proof to the
contrary. But then apparently 2/3s of the democrats think that Clinton
didn't screw Monica. And some people think Nixon didn't break any laws. I
can't change that sort of blind belief.
6 months ago, I could understand that behavior, since I was offering my
opinion based on my reading the text of the statute. It was arguable, and
I argued well, I think, but perhaps not well enough. But given the
revelations of the 1988 amendment and its hearings, which support my
reading of the text, and everything I said 6 months ago and am saying now,
I just can't believe there are still people who argue this.
At this point, there is nothing to be gained by argument on the
applicability of 2511 to network providers. All the evidence is now
available, make your own decision. I've brought it to your attention.
--Dean
Vix and I have been in agreement that we need a test case. I volunteered
to try and find such evidence last year, but I can't. What I've found is
that ***no major NSP's block spammers***, or least none actually admit to
I can't imagine why they would. You can't spam a router.
If you are an NSP, and you are blocking a spammer from transiting your
network, where you have no relationship with the parties to the email (the
We are not an NSP, and if we were, we would block as little as possible
because blocking costs. If our downstreams want to block traffic, they
can pay us or they can block it themselves.
And by the way, blocking spam sites at the packet level doesn't make much
sense to me. In the first place, very little spam (in porportion to the
total) comes from actual spam sites. If you want to effectively filter
spam, you have to do it at the MTA and MDA levels, and since you need to
maintain access lists for that, why have a second set of access lists for
your routers? And what kind of an informative error message does a Cisco
send to some poor bastard who's blocked because of his broken mailerserver?
There's also a tradeoff between bandwidth and cpu usage when you are
filtering packets. Maybe it would work out to be cheaper if let the
packets through and then reject the spam at the smtp level.
If you are really doing what you claim you can, then someone should provide
some evidence.
I didn't claim what you think i did. I claimed only that it's feasable
and legal (US) for us to insist that people follow our AUP if they want to
use our network. People who don't respect us will have trouble sending us
email, getting our nameservers to answer their questions, etc.
Bill
>Dean, you keep changing your tune.
>
So, does this mean you agree that *some* spamblocking is illegal? (I
suspect not, but surprise me.)
*Illegal*, as in criminal? No, I don't agree with you on that.
Possibly civilly actionable? Sure, depending on what you promised someone
in a service agreement it might very well be. Then again, that's true of
just about anything if you draw service agreements in a foolish way.
My credibility has no relevance to the truth of whether or not
2511 can apply to network providers. Its federal law. Network providers and
employees ought to be roughly aware of the laws which apply to them. And
certainly not misled.
You have presented no such evidence (hint: your claiming that it does is
not evidence). A cite from a case in which a decision was rendered would
be "evidence". But you freely admit no such cite exists.
>How would THAT come about, pray tell? Do you know how modern SMTP based
>email actually *works*?Yes, but apparently you don't. This isn't the only way its handled. Some
people "transparently" intercept SMTP.
Horseshit.
6 months ago I pointed out UUCP.
UUCP still maintains a customer relationship, and ergo, it is once again
irrelavent. If I sell you a UUCP connection, you and I now have an
agreement. If you sell someone ELSE a connection off your machine, the
problem is yours, not mine, if you don't disclose the terms and conditions
of OUR transport of your (and your customers) material.
And there is also route filtering via BGP RBL. If they aren't a party to
the communication, then its illegal. (like I said before)
And again, its bullshit. The BGP RBL blocks all traffic from abusive sites.
The people affected are the site's customer base, all of which have a
customer relationship. If there is a third party behind one of those
customers, that problem is *the customers*, not the BGP RBL subscriber.
I'm really disappointed that people keep claiming that 2511 can't possibly
apply to a network provider, in spite of the now overwhelming proof to the
contrary.
There is no such proof that in the instant case under discussion it would
apply, your pontification to the contrary notwithstanding. I'm sure we
could contrive some situation where it COULD apply, but in the context of
blocking abusive sites (whether by smurf or by spam) it simply is not a
factor.
I just can't believe there are still people who argue this.
You have no factual basis.
I've brought it to your attention.
--Dean
Do you want to spam someone (or have you in the past done so) Dean?
Yes. Any spam blocking when you aren't a party to the email is illegal. You
are an attorney. Come on. This isn't relevent. Nor is it a departure from
anything I have said, previously.
So quote the law. The relevant parts of the law. Otherwise, shut up.
This reads like a political attack. (#25: claim your opponent has waffled,
but offer no evidence that anything is different). But I'm not running for
any office. My credibility has no relevance to the truth of whether or not
2511 can apply to network providers. Its federal law. Network providers and
employees ought to be roughly aware of the laws which apply to them. And
certainly not misled.
And people spouting the law ought to know something about the law they're
spouting.
Telling people a particular law can't possibly apply to them when in fact
it can seems like a gross disservice. It is obvious now that it can apply.
Its also just as clear that there are some legal limitations on what
network providers can do with "their equipment".
So cite the relevant codes. Failure to quote the relevant parts of the
relevant laws just will prove you're wrong.
Yes, but apparently you don't. This isn't the only way its handled. Some
people "transparently" intercept SMTP. 6 months ago I pointed out UUCP.
And there is also route filtering via BGP RBL. If they aren't a party to
the communication, then its illegal. (like I said before)
Key here: YOU said. Unfortunately for you, the Congress hasn't.
I'm really disappointed that people keep claiming that 2511 can't possibly
apply to a network provider, in spite of the now overwhelming proof to the
contrary. But then apparently 2/3s of the democrats think that Clinton
didn't screw Monica. And some people think Nixon didn't break any laws. I
can't change that sort of blind belief.
WHAT overwhelming proof? Cite the sentence! Show a legal case or opinion
that says it applies? I challenge you right here and now to put up or shut
up.
6 months ago, I could understand that behavior, since I was offering my
opinion based on my reading the text of the statute. It was arguable, and
I argued well, I think, but perhaps not well enough. But given the
revelations of the 1988 amendment and its hearings, which support my
reading of the text, and everything I said 6 months ago and am saying now,
I just can't believe there are still people who argue this.
*Sigh*....why don't you ask a lawyer or judge what role hearings play in
their interpretation of a law?
At this point, there is nothing to be gained by argument on the
applicability of 2511 to network providers. All the evidence is now
available, make your own decision. I've brought it to your attention.
Meaning: I can't win, so I'll make it look like I'm being a good netizen.
OK. Play it your way. Back into the Fruitcake Filter you go!
What do spammers and nails have in common? They're both intended for
hammering.
Dean Robb
PC-Easy
On-site computer services
(757) 495-EASY [3279]
Now you're looking for someone who is spamblocking IN TRANSIT (ie: not to
or from an end customer).How would THAT come about, pray tell? Do you know how modern SMTP based
email actually *works*?
The rest of your argument notwithstanding, it could come about if you
block certain CIDR blocks at your borders based on repeated and/or
unresolved spam activity from a given source. I.e, blocking *all* ip
traffic for a given block at your borders, then transiting customers,
who may be transiting other customers, etc. lends credence to that
theory.
I can't comment on the (il)legality of such, though I'd fight any court
which challenged my right to filter, even arbitrarily, at my own
borders. None of my service contracts guarantee universal connectivity.
Cheers,
Brian
If this interpretation was correct don't you think that given this
litiguous society and some spammers such as Stinkus.com who have sued
before, that *someone* would have filed suit by now?
>The agreement Paul Vixie makes RBL users sign states that EXPLICITLY.
No.
>You are not allowed to use the RBL unless you disclose such use fully to
>your customers and/or downstreams.
There is apparently some ambiguity surrounding my use of the verb "publish"
in the RBL Subscriber Agreement. I will see that this is fixed in V2.1.
"Makes"... makes how? I simply enabled it in my sendmail configs and ran
with it. Didn't even SEE where it mentioned that I *HAD* to go agree to
stuff.
There is no requirement that anyone sign a license if they aren't subscribing,
where "subscribing" means receiving it as an eBGP4 or DNS "feed". If you're
using "FEATURE(rbl)" in sendmail 8.9.0, or a similar feature of other mailers,
you're using the RBL but you're not a subscriber (and more power to you).
Dunno what the solution is, but I can see a somewhat real problem here.
The first line of complaint is the ISP who uses the RBL. If someone turns it
on without notifying their customers / downstreams, they'll hear about it
right quick.
> >The agreement Paul Vixie makes RBL users sign states that EXPLICITLY.
No.
> >You are not allowed to use the RBL unless you disclose such use fully to
> >your customers and/or downstreams.There is apparently some ambiguity surrounding my use of the verb "publish"
in the RBL Subscriber Agreement. I will see that this is fixed in V2.1.
Unfortunately, I can't even find the agreement now, so I can't comment.
Probably because I just woke up.
> "Makes"... makes how? I simply enabled it in my sendmail configs and ran
> with it. Didn't even SEE where it mentioned that I *HAD* to go agree to
> stuff.There is no requirement that anyone sign a license if they aren't subscribing,
where "subscribing" means receiving it as an eBGP4 or DNS "feed". If you're
Yup, I think this was a big part of my misunderstanding. I thought
subscription included things like hacking Sendmail to do DNS lookups at
the RBL site.
we use Exim (http://www.exim.org) to handle mail, and we don't block on RBL
active, but there's a standard setting to add a header to indicate that the
mail was received from an RBL'd host... thus allowing our customers to
filter if they want.
has anyone ever heard of an ISP blocking their own customer if their customer
is in the RBL? I'd love to hear a telephone call between ISP and customer if
this occurred!!!
Paul
Attached is an example of how hotmail blocks outgoing spam mail
to help you in your determinations and their abuse policy of spam
Henry
Paul Mansfield wrote:
hotmail1.txt (2.15 KB)