That's a pretty shortsighted view, Sheryl. I suspect you haven't been on
the receiving end of some idtiot buying a leased line/virtual web presence
from you and then spamming from an AOL/PSI/earhlink/yadda yadda account. It
isn't pleasant. Folks aren't stupid. They ignore the fact that the tool
used to spam was a throwaway account and go right for the jugular (you).
It's better to have a zero tolerance policy and not have to deal with the
silliness in the first place.
Chris
Chris Mauritz
Director, Systems Administration
Rare Medium, Inc.
chrism@raremedium.com
The problem with this is that someone, sooner or later, is going to
take a run at people trying to set up what amounts to a set of contractual
requirements that exceed legal requirements - and then enforce them network
wide.
The collusive aspect of this is downright scary, especially when coupled
with threats of depeering, active denial of service attacks, etc.
I happen to be an "anti-spammer", but when you get to the point that you
start telling people what they have to put in their contracts as an industry,
such that if Person #1 commits an act on a *completely unrelated* system
they get their contract voided you're treading on very, very thin ice.
That looks an awful lot like an industry-wide blacklist, and those are
dangerously close to being per-se illegal.
There's nothing wrong with a single provider putting whatever provisions
in their agreements they see fit - you're always free to shop for a new
provider. However, when industry actions conspire to basically *force*
certain provisions to be included in *everyone's* contracts, and those
provisions go beyond "don't do illegal things", then IMHO you're exerting
force that needs to be very carefully thought out.
There IS a means to solve the problem otherwise - that is, for the industry
to make "throw away, instant registration" accounts disappear. The problem
with what is being done now is that the entire industry is being forced to
provide a "safe haven" for a PARTICULAR marketing tactic.
There are a lot of "questionable" things that this industry does, but IMHO
this one is near or at the top of the list of things I'd talk to my counsel
about....
Paul A Vixie <paul@vix.com> writes
+ The RBL team and I are kind of wondering what to do about some spam
+ we got. Because blackholing NSI would be of operational concern to a
+ lot of you, I've decided to ponder this question out loud:
I'm confused. Does Mr. Vixie come over to your office and configure your
sendmail to reject messages from RBL'ed addresses?
Does Mr. Vixie configure come over to your office and configure your
routers to drop packets from an RBL'ed address?
If the answer to both of these is "NO", which I'm almost certain it is,
then you have nobody to blame but yourself. By enabling those features,
you have ASKED him to censor your data for you. If you don't want him to
be the final arbiter, feel free to remove the FEATURE(rbl) line from your
.mc file, and lo and behold the censorship stops.
Or is it Mr. Vixie's job to come over to your office and do that for you?
There are plenty of people, who are HAPPY to have Paul's RBL (I recently
subscribed last night finally, thank you Paul!) around to lighten the
workloads of our servers, and to lessen the mailspools of our customers.
If you are not among those, simply feel free to not use it. But don't
presume to imply that just because YOU don't trust Paul's judgement on who
you want to get mail from, that I should feel it necessary to not trust
his judgement.
D
Bob Allisat wrote:
<Various drivel snipped>
Bob Allisat
Free Community Network _ bob@fcn.net . http://fcn.net
http://fcn.net/allisat _ http://fcn.net/draft
You'd be far better served if you'd clean up your own act, and shut down
the open relay you're running at scriba.org. Then talk about net
citizenship.
Talk about living in the future (2036). Doh!!!
/rlj (RBL subscriber if anyone wants to sue me)
I will at some point today drink enough coffee to gain the self control it
would take to not answer crazies. Because that time has not yet come, I can
only hope that you, the reader, will delete this message without reading any
further.
bob@fcn.net (Bob Allisat) writes:
Mr. Vixie and his cohorts increasingly
imagine themselves to be the final and
ultimate arbiters in matters of Network
integrity. Having them sit in judgement
over the Black Holing of successive and
alleged perpetrators violates numerous
protections and freedoms all citizens
Yup. Well, your freedoms anyway. Note
that the MAPS RBL is a subscription service;
no second and third parties are ever denied
the opportunity to communicate freely unless
one of them subscribes to the MAPS RBL and
the other list listed on it.
It is my opinion that these activities
have reached their zenith and something
should be done to finally Black Hole
Vixie/RBL should they continue on their
renegade mission of uncontrolled and
arbitrary censorship. Maybe it is time
to pull the plug on the ultimate plug
pullers, black hole the black holers!
I suppose that you'd prefer "controlled"
censorship? Well, anyway, the sysop.com
guy is spamming threats far and wide in
hopes of scaring away my subscribers, but
this doesn't appear to be having his desired
effect. Maybe "renegade" is the wrong word?
As for your suggestion, I would like it, and
I mean I would really, really like it, if you
(Bob Allisat) would please blackhole my route
in your upstream router. I'm 204.152.184/21.
Leave 192.5.4/23 out, since that's where F
lives, but I promise that none of my mail or
web servers are outside 204.152.184/21.
Paul and fans are running a volunteer service that should be a
commercial entity. The main problem here is that they are acting
as editors for spam. Is spam that passes the MAPS RBL endorsed?
Problematic are ISP's that subscribe without disclosing the fact
to their customers (or, in some cases, even to their own management).
Dirk
On Thu, Nov 19, 1998 at 09:09:45AM -0800, Paul Vixie put this into my mailbox:
I will at some point today drink enough coffee to gain the self control it
would take to not answer crazies. Because that time has not yet come, I can
only hope that you, the reader, will delete this message without reading any
further.
There are two entries in my .procmailrc that help prevent me from replying
to the nutbags. Here they are, for anyone else's use:
:0
* ^From:.*fleming@unety\.net
/dev/null
:0
* ^From:.*bob@fcn\.net
/dev/null
I find reading mail much more worthwhile after these filters are applied.
Not only do I have to wade through less crap, but the content seems more
intelligent, as well.
Consider this my contribution to the NANOG-RBL. I'm sure someone could
come up with an equivalent that you can use to configure your routers
(hi Randy!).
-dalvenjah 'so I just figured out that "maps" is "spam" backwards..'
You know, I have Bob black-holed here as well.
However, the dirtbag had to post to NANOG, which I have white-listed in my
personal "bite me" list.
So guess what - I got a bunch of his shit anyway.
Sigh.... sometmies you can't win for losing.
Mr. Vixie and his cohorts increasingly
imagine themselves to be the final and
ultimate arbiters in matters of Network
integrity.
Actually, I think they imagine themselves as the folks who maintain a list
of people who spam. What other people choose to do with that list is up to
them. It just so happens that I trust their judgement on who happens to be
a spammer, and thus reject messages sent to my system based on that.
renegade mission of uncontrolled and
arbitrary censorship.
Stop, you're killing me. I haven't laughed this hard in ages.
You're talking about someone maintaining a listing of addresses which
happen to be held by people who exhibit a particular characteristic.
Do you have a problem with the ARIN or InterNIC whois databases? You
should, by your logic; they maintain a detailed database of information on
people who run networks. Someone might use that information in a bad way.
Better stop them, too. As a matter of fact, any listing could be used in a
manner which does not conform to the Allisat moral way. Better outlaw
lists of things altogether.
...raving >mumble< >mumble<...
Maybe it is time
to pull the plug on the ultimate plug
pullers, black hole the black holers!
You're missing the point. Paul didn't pull the plug on people on my
network. -I- did. If you have a problem with not being able to send mail
to me, take it up with me, not Paul (unless you're planning on changing
the behavior that caused you to be placed there originally). -I- chose to
use his list, and prevent someone's email from traveling through systems I
purchased and maintain.
Paul Vixie didn't make me use his list. Brownie points for you if you can
guess who did.
Not even that. They maintain a list of IP addresses that they,
due to a published set of criteria, do not wish to accept mail
from. Many others agree with their criteria.
However...Bob Allisat will never agree, so it's not worth your
time to argue with him.
Karl Denninger writes:
That looks an awful lot like an industry-wide blacklist, and those
are dangerously close to being per-se illegal.
There's nothing wrong with a single provider putting whatever
provisions in their agreements they see fit - you're always free
to shop for a new provider. However, when industry actions
conspire to basically *force* certain provisions to be included in
*everyone's* contracts, and those provisions go beyond "don't do
illegal things", then IMHO you're exerting force that needs to be
very carefully thought out.
When every Service Provider writes
a carte blanche paragraph into their
alleged Acceptable Use Policies
allowing such practices as "Black
Holing", content deletion, account
termination etc. we become hostages
to commercial entities. Whatever
rights, freedoms and liberties we
have are eliminated in favour of
Kangaroo courts like Vixie's network
or RBL finks, Customer Services
flunkies and over-bearing capitalists
like Mr. Denniger here. They hide
behind arguments that their systems
are private property and their
alleged "property rights" are
more important than our inalienable
rights and freedoms.
It is not our right merely to
choose among companies and corporate
entities. Our rights to security over
our data and communications, to
privacy and access to commercial
and personal e-mail, etc are all
*SUPERIOR* to any tertiary rights
these business organizations may
claim. While Denniger shrieks in
uncharachteristic defense of our
liberties he is the first one to
claim dominion over every machine
and anything anyone does using
those machines, telling them to
basically get lost if they don't
like it.
We have universal, inalienable
rights and freedoms. These precious
things extend to private property
and internationally. If we do not
fight to protect these inalienables
we will suffer the rough consequences.
Please visit <http://fcn.net> for
more information.
Respectfully,
Bob Allisat
Free Community Network _ bob@fcn.net . http://fcn.net
http://fcn.net/allisat _ http://fcn.net/draft
Derek writes:
There are plenty of people, who are HAPPY to have Paul's RBL (I
recently subscribed last night finally, thank you Paul!) around to
lighten the workloads of our servers, and to lessen the mailspools
of our customers.
The simple point is you or any
other technician has no ability
or right to imagine themselves
representing or in any way inter-
fering with their customers mail.
You are acting as if you have any
right to intercept any private
e-mail. You have no such right.
In manipulating the free flow
of electronic mail you are
infringing with fundamentaly
human rigts and freedoms.
Bob Allisat
Free Community Network _ bob@fcn.net . http://fcn.net
http://fcn.net/allisat _ http://fcn.net/draft
As long as I tell my customers, "We subscribe to the RBL." and give
suitable explanations as to its workings, etc., my customers are free to
go wherever they choose, be it to me or to another ISP.
If they want, they can ALWAYS go to AOL, and have all the junkmail they
could possibly want.
Also keep in mind that although you and I may reside in the US, other
countries' ideas of "fundamental human rights and freedoms" differ
significantly from our own.
The bottom line is that my mail server is PRIVATE, my own personal
property, and if I choose to reject mail from people, so long as my
customers know getting into it what the situation is, they have the option
at any time to go to another ISP with a different policy. If all the ISP's
in a market have subscribed to the RBL, then capitalism works, because the
demand is obviously there. If there are a mix of subscribers and
non-subscribers, then in your world, the non-RBL sites will get all the
customers, and the RBL sites will lose money and either rethink their
decision or die out. (Economic Darwinism). Personally I think the RBL
sites have plenty of consumer-level support to survive.
D
Bullshit. Provided you notify your customers of your intent to
block known spam-houses and they concur in your decision, there is no
usurpation of individual rights. If they don't agree with your policies
they can simply choose another ISP. End of problem.
David Leonard
The simple point is you or any
other technician has no ability
or right to imagine themselves
representing or in any way inter-
fering with their customers mail.
You are acting as if you have any
right to intercept any private
e-mail. You have no such right.
*BBBZZZZTTT*, wrong answer,thank you for playing. Prevention of email
delivery is not interception. Nor is there reading of your private email,
or any of the other horrible crimes against humanity that so many envision.
Unlike the USPS, if you don't like your ISP's email policies, you are free
to go elsewhere. Your argument has no basis in legal, moral or ethical
theory.
In manipulating the free flow
of electronic mail you are
infringing with fundamentaly
human rigts and freedoms.
I must have missed that line in the US Constitution, UN Charter, et alia,
where "email delivery" is equated to "Life, Liberty and the Pursuit of
Happiness", eating, breathing, etc. etc. etc.
Have a nice day...go picket someone.
Ooops...just discovered you're a net.kook of the highest order. I make it
a practice not to tease the animals or mock the insane, so I'll just bow
out of this thread now....
Spammers should be investigated by Ken Starr!
Dean Robb
PC-EASY computer services
(757) 495-EASY [3279]