Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Existence of "pink" spam contracts confirmed.

By mrsam in Internet
Wed Nov 01, 2000 at 08:33:12 AM EST
Tags: Freedom (all tags)
Freedom

It's safe to say that everyone around here has to go through a daily routine of fumigating his or her mailbox, and deleting the usual assortment of pornograms, make-money-fast schemes, baldness cures, and various flavors of snake oils.

Those of us with a cynical nature would often wonder that sometimes large network providers just have to be in cahoots with the spammers. Well, what do you know? These cynics amongst us have turned out to be right!


ADVERTISEMENT
Sponsor: rusty
This space intentionally left blank
...because it's waiting for your ad. So why are you still reading this? Come on, get going. Read the story, and then get an ad. Alright stop it. I'm not going to say anything else. Now you're just being silly. STOP LOOKING AT ME! I'm done!
comments (24)
active | buy ad
ADVERTISEMENT
There are many folks in the anti-spam community (myself included) who volunteer their time and effort into chasing persistent spammers out of our collective mailboxes. Call it the Internet equivalent of "community service", if you will.

We have suspected, for the longest time, the existence of so-called "pink contracts". All network providers today supposedly have explicit clauses in their Terms Of Service/Acceptable Usage Policies which prohibit their customers from spamming. Yet, time and time again certain dedicated spam factories have remained connected for long periods of time, in a seeming contradiction to the solid anti-spam clause in their network provider's TOS/AUP.

It almost seems that sometimes large network providers, in exchange for cash, give the dedicated spam factories a general exemption from having to abide by the anti-spam TOS/AUP clause.

Well, it turns out that this is, indeed the case. One anti-spam effort, called the "Spamhaus Project" has obtained a copy of such a called "pink" spam contract issued by att.net, which allows a very well known militant spammer to spam away with impunity. Quoting from http://spamhaus.org/rokso/nevadahosting.jpg:

  "NevadaHosting wishes to operate Bulk Hosted Web Sites. Bulk Hosting
    is defined as hosting a web site that is Spammed from other gateways.
    NevadaHosting only hosts the web site that is advertized in the Spam.

    AT&T Agrees that it will not terminate the provision of services to
    NevadaHosting because of NevadaHosting's operation of Bulk Hosted
    Web Sites"

The MAPS RBL project has certainly been notified. It looks like att.net has a pretty good chance of going down in net.history as the first major backbone to be automatically blackholed by half the Internet.

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o http://spa mhaus.org/rokso/nevadahosting.jpg
o MAPS RBL
o Also by mrsam


Display: Sort:
Existence of "pink" spam contracts confirmed. | 68 comments (54 topical, 14 editorial, 0 hidden)
Uh-huh (2.37 / 16) (#4)
by vsync on Wed Nov 01, 2000 at 12:45:11 AM EST

And I'm sure AT&T's answer will be surprising. No doubt they're going to say it was some rogue salesperson who has since been disciplined. The question is, do we believe them?

--
"The problem I had with the story, before I even finished reading, was the copious attribution of thoughts and ideas to vsync. What made it worse was the ones attributed to him were the only ones that made any sense whatsoever."
Dubious spin doctoring (3.90 / 31) (#5)
by Sunir on Wed Nov 01, 2000 at 12:51:58 AM EST

Having read the contract, it seems questionable whether the write up presented here at k5 reflects the contract at all.

It almost seems that sometimes large network providers, in exchange for cash, give the dedicated spam factories a general exemption from having to abide by the anti-spam TOS/AUP clause. ... Well, it turns out that this is, indeed the case
No, it does not seem to be the case. The contract states that "NevadaHosting at no time will ever send Spam from or through AT&T's gateway," a point it repeatedly makes. Indeed, NevadaHosting must abide by AT&T's Acceptable Use Policy as well.

I'm not a lawyer, but I don't see where this contract remotely allows NevadaHosting to do anything than host the website which is the target of the spam.

Now, I'm no fan of spammers, but I don't think making a claim misrepresenting the contract is very ethical.

-1 Dump it.

"Look! You're free! Go, and be free!" and everyone hated it for that. --r

How spambags operate. (4.34 / 29) (#6)
by mrsam on Wed Nov 01, 2000 at 01:01:27 AM EST

Let me ask you something. Let's pretend that you're running an ISP.

Ok, I'll sign up for a dial up account, then proceed to spam half the Internet with a pitch for my website that promises a cure for baldness, plus miraculous vitamin pills.

You get complaints, you cancel my account.

Five minutes later, I call you back up, and open up another account, then resume spamming the other half of the Internet with a pitch for my website that promises a cure for baldness, plus miraculous vitamin pills.

You get complaints, you cancel the second account.

Well, guess what happens five minutes later? I go back, and spam again the first half of the Internet. I know for a fact how one can easily obtain new credit card numbers daily, and with an endless supply of credit card numbers and billing addresses I can guarantee you that there would be absolutely nothing that you can do to stop me from spamming from your ISP.

I wonder whether you'll be content with simply sitting around, whistling dixie, and watching complaints melt down your mail server, or perhaps you might go after the web site being spammed. After all, without that website which pitches vitamin pills and a cure for baldness, there is nothing for me to spam. As long as the web site exists, there's nothing that you can do to keep me spamming from your ISP.

It is for that reason is why these days all ISPs not only prohibit their customers from spamming directly, but they also prohibit their customers from sending spam anywhere, referring back to their original accounts in any way, shape, matter, or form. By executing this pink contract, att.net basically allows anyone to spam with impunity, as long as they host their web site on the att.net network.

Think about it. This is not a theoretical situation. I know for a fact that it happened before. Two years ago uu.net actually had to go to court and hire a bunch of PIs to hunt down a bunch of spambags who kept opening dialup uu.net accounts, to immediately begin spamming out the wazoo.

[ Parent ]

What about false positives? (3.57 / 7) (#36)
by plett on Wed Nov 01, 2000 at 02:32:54 PM EST

So if I want to shut down a website (a competetor of my business for example), all I need to do is send out lots of spam advertising it?

Lots of people will complain to the people hosting the website and, hey presto, it's shut down and they're probably added to the RBL as well.

[ Parent ]
False positives. (3.66 / 3) (#46)
by mrsam on Wed Nov 01, 2000 at 07:26:22 PM EST

In 1997, a disgruntled associate of Sanford Wallace decided to use exactly that approach, and spammed pretty much the whole of the Internet, for a duration of about a month, supposedly spamming some of my personal web sites, and some of my mailboxes. At least one university mail server, that was hijacked to do this, crashed under the load.

I did not lose a single web site, or a mail account.

Although there are occasional exceptions, folks who answer abuse@ mail are generally savvy enough to detect these kinds of things. Once you've been "down in the trenches", in a matter of speaking, it becomes rather trivial to distinguish an authentic spam run from a fake one, designed to accomplish exactly that goal.

Sorry to sound a bit elitist, but this is a skill that one gains quickly from experience. Let's put it this way: you can take any person off the street, and ask him to read a scene from "Hamlet" in front of a camera. Then, take a professional Broadway actor, an do the same. Then, ask a third person to see both clips, and figure out who's who. It's going to be pretty obvious.

[ Parent ]

The Upside (4.33 / 3) (#53)
by mcelrath on Thu Nov 02, 2000 at 08:50:11 AM EST

There's an upside to all this. By allowing the spammers to remain at one one ISP for long periods of time, they're easier to block. Currently spam-blocking is shooting for a quickly moving target. By keeping them at one ISP it should be easier to identify their spam than if they used a different ISP every day. Hey, I say give them legit e-mail accounts and encourage them to send unforged headers. Prosecute for forging headers. Then we just have to block their legit account in the from address. MAPS RBL would become much more effective all of a sudden.

--Bob
1^2=1; (-1)^2=1; 1^2=(-1)^2; 1=-1; 2=0; 1=0.
[ Parent ]

A little history (3.00 / 1) (#56)
by saucepan on Thu Nov 02, 2000 at 03:05:00 PM EST

It's been years since any spammer has been able to set up shop and spam from a permanent location. The last backbone to allow this was AGIS (who refused to disconnect Sanford Wallace's Cyber Promotions), and it's widely believed that the resulting community backlash directly contributed to their insolvency soon after. (If you want all the sordid details, google for "agis spam".)

At the time there were some who argued, as you do, that at least while they stayed in one place their addresses were easy to block (and in fact, IIRC this was one of the reasons MAPS was initially started). Others disagreed for a variety of reasons (one interesting observation being that spamous portions of the address space become "polluted" as various admins around the world hardcode IP blocks and never bother to remove them), but the issue is pretty much moot at this point.

These days, as mrsam explained, the issue is with spammers who obtain a permanent location for their web page and then spamvertise it with impunity from dialup whack-a-mole accounts.



[ Parent ]

It's still grounds for RBL, though (4.12 / 16) (#21)
by pw201 on Wed Nov 01, 2000 at 08:12:52 AM EST

The RBL will do you for spam support services for something like this. Rightly so: as Mr Sam has already pointed out, spammers can create loads of new email accounts for themselves all the time, so when once gets cancelled, they'll just move on to another one. The only thing to do is go after their websites.

So, when you complain about spam, you complain to their web host too. Mostly, they'll zap the site. The spammers are forced to keep changing to different web providers (the free providers, like Angelfire, are popular). What these people seem to be after is a stable site which they can promote via spam. As long as they don't spam via the AT&T connection, they're OK, by this contract. This is grounds for an RBL on their web host once they start sending spam.



[ Parent ]

please clarify on the RBL... (3.00 / 4) (#37)
by Barbarian on Wed Nov 01, 2000 at 03:40:07 PM EST

<tt>The RBL will do you for spam support services for something like this. Rightly so: as Mr Sam has already pointed out, spammers can create loads of new email accounts for themselves all the time, so when once gets cancelled, they'll just move on to another one. The only thing to do is go after their websites.</tt>

Can you clarify this here: What difference does the RBL make if a website is added? Isn't the RBL just for mail?

Is RBL actually used as a http censorship tool to ensure that users on RBL'ed ISPs can not load these sites (port 80, http, not port 25) because they've been RBL'ed?


[ Parent ]
Router blocking, disruption of communication (5.00 / 1) (#51)
by pw201 on Thu Nov 02, 2000 at 08:12:51 AM EST

Can you clarify this here: What difference does the RBL make if a website is added? Isn't the RBL just for mail?

Couple of things: in the past, some folks used the RBL to do router blackholing, so nothing gets to or from RBL'd sites via their routers. I don't know whether people still do this, but if they do, being on the RBL pressures a web provider because it prevent people from seeing their sites.

The other thing is that the web provider then can't send mail to sites which use the RBL, so it may impact their business communications. It may be argued that this isn't fair as the provider isn't spamming, but as someone else has said, it's like a blockade: I suppose the thought is "If you're helping others abuse mail, we're not going to take mail from you."

[ Parent ]

spam vs censorship (2.55 / 20) (#9)
by enterfornone on Wed Nov 01, 2000 at 03:37:15 AM EST

I don't like spam. But I like censorship even less. Anybody who thinks censoring a backbone because of this is a good idea really needs to think out the implications.

--
efn 26/m/syd
Will sponsor new accounts for porn.
Not really censorship, more like a blockade. (3.77 / 9) (#11)
by iCEBaLM on Wed Nov 01, 2000 at 03:43:12 AM EST

This is not censorship, censorship is blocking expression you don't agree with. This is not only blocking expression we don't agree with, it is blocking ALL expression from the customers of a service you don't agree with. This is more akin to a blockade or embargo where you don't agree with one group of individuals policies so you stop trade with them.

While I don't agree with the conclusions of this article, I agree that if it were proven that any service provider did take part in "pink contracts" I would agree on the entire service provider being black holed even if it was mine, as I am on att.net.

-- iCEBaLM

[ Parent ]
censorship (4.20 / 5) (#31)
by spaceghoti on Wed Nov 01, 2000 at 11:52:39 AM EST

Whenever I log into my primary account, I spend a good half hour reading through spam messages to collect header information, at which time I forward the message in its entire to SpamCop and Abuse.Net so the ISP providers can be encouraged to discourage spammers. That's a sizeable chunk of time I could be using to do something productive like repairing the computers in my department, or slightly less productive but no less edifying, reading and posting to this website.

Censorship is when you want to make a statement and you're prevented from doing so. You have the right to make your statement so long as you do not get in my face and force me to take extreme measures to not have to listen to you. The spammers are requiring the average email user to take extreme measures to not have to deal with them. This is unsolicited spam. They follow the rules by providing a means of removing your email address from their list, but before they do they can and do sell your email address to another list, propagating the spam. They can then buy your email address back from someone else, making it a new and unrelated list!

There's censorship and then there's invasion of privacy. If the people wishing to advertise their products will simply post their advertisements on paid sites or register with search engines, they're not invading my privacy and I will defend their right to maintain their product, sales and advertisements.. But the moment they spam my mail server with their special, not-to-be-missed-deal-of-the-millenium, they lose the right to claim censorship. They become my enemy whom I will do my damnedest to hunt down and remove in every incarnation, from email account to website. In every email I forward to postmasters and spam hunter services, I place the following: "Please help remove this unsolicited spam from the Internet." Spam email advertising bulk email lists are my special targets.



"Humor. It is a difficult concept. It is not logical." -Saavik, ST: Wrath of Khan

[ Parent ]
This is not censorship (none / 0) (#68)
by Arker on Sun Nov 12, 2000 at 03:39:12 PM EST

There is no censorship issue at all. This has nothing to do with free speech. This has to do with theft.

Spammers abuse the generally open nature of the internet by stealing bandwidth. They have no right to use my, your, or anyone elses network resources to send unsolicited advertising.

A real world analogy would be a man coming onto my property, opening my shed, and using my PA system to blast my house with advertising copy, then crying censorship when I tell him to get off my PA system and off my property. Oh, cry me a river.

There are cases of real censorship occuring around the world every day, and it is a profound insult to those who are victims of censorship to even for a moment pretend spambags who get what they have coming are in the same class.



[ Parent ]
I'm not convinced (3.00 / 18) (#13)
by tezmc on Wed Nov 01, 2000 at 05:12:07 AM EST

Maybe it's just me, but this doesn't look all that convincing.

I haven't been able to see the jpg of the alleged 'contract' (server seems to be down), but the part that was included in the article didn't feel like any kind of legal document/contract that I've ever seen.

Maybe it's the liberal use of the word "spam" that did it. I mean, surely if this was one of those stuffy legal/contractual documents they'd use some jargon-like term such as unwilling-client-focused-bulk-mailing... or something.

,Tez
The eight legged groove machine
Same here (2.90 / 11) (#19)
by Farq Q. Fenderson on Wed Nov 01, 2000 at 07:59:33 AM EST

There's enough information present to make me curious, but not enough to elevate this beyond the level of "gossip."

I am interested, though. More research would be a good thing.


farq will not be coming back
[ Parent ]
spam site (4.00 / 8) (#32)
by spaceghoti on Wed Nov 01, 2000 at 12:03:57 PM EST

The key phrase is here: "NevadaHosting wishes to operate Bulk Hosted Web Sites." In essence, NevadaHosting wishes to host the foundation of a spam domain on ATT.net without using ATT to send the spam. It's a form of hierarchy scheme. I use your home to sell my products with your permission, but I break into other homes to use someone else's phone to call every number in the city repeatedly to get them to come to your home to buy my product. People can block the phone number that was used to call them, but the spammer goes to another house and calls you from there.

The spammer is engaging in immoral, if not illegal activity. Congress passed a law that states if the spammer is only sending the spam once, or provides a means for the email address to be removed, then the spam is technically "legal." That's a load of crock. The spammers who follow that law still sell the email address to another list, creating whole new lists that still propagate the problem. Congress passing laws about the Internet is like shooting flies with an elephant gun.

ISPs need to respect that their customers don't want, don't appreciate and don't tolerate spam. If they want to continue doing business with the rest of the Internet, they need to help solve the problem, not provide them with the foundation for continuing it.



"Humor. It is a difficult concept. It is not logical." -Saavik, ST: Wrath of Khan

[ Parent ]
You should've read the contract... (3.19 / 26) (#22)
by ewan on Wed Nov 01, 2000 at 08:53:37 AM EST

...before you submitted this story.

It does not say that AT&T will allow spam to be sent from its mail network, it says that websites that are mentioned in spam mails may be hosted on AT&T's network. There's a world of difference between these 2 things.

Even the small section you selectively posted here to give it the best possible spin explicity says the mail will not be sent through AT&T - "Bulk Hosting is defined as hosting a web site that is Spammed from other gateways."

Blocking an entire backbone because it hosts some content that is advertised in a way you dont agree with is laughable.

Ewan

Missing the point (3.81 / 11) (#23)
by arafel on Wed Nov 01, 2000 at 09:07:49 AM EST

There's not nearly as big a difference between hosting the spammed website and hosting the spammers as you think. In fact, you could make a reasonable argument that hosting the website is in fact worse behaviour netwise.

You should also read Sam's post here, which might make you reconsider.


Paul
[ Parent ]
Not really (3.22 / 9) (#30)
by ewan on Wed Nov 01, 2000 at 11:24:08 AM EST

I think there is a big difference between the two.

Sending an email to someone requires some action from them, often just the downloading, glancing at, and deleting of the email, but still an action. A website simply existing has no direct effect on anyone, unless they choose to visit there.

A website is not required for spam, though it is often involved - some spammers even rely on the user having Outlook and send an entire html page with all the details on it to the user. But the fact is simply blocking a web page would not stop spam - you'd then need to shut down their free call phone numbers, their sales@wherever email account, their fax numbers, and every other way they can ask to be contacted for more information.

Blocking a website (or in this case a major backbone) would simply be yet another step along the war between spammers and spam-haters, but it would not stop anything.

I'm no fan of spam, and subscribe to an isp that uses some filtering software to stop most of the garbage, but I honestly do not believe shutting down a website would slow down the spammers for 1 second, they'd just switch tactics again.

I read Sam's post, and while he has a valid comment, that particular problem applies to far larger areas than just spamming, and the ISP's just have to deal with it for now when it happens and try to think up a way to stop it in the long term. I imagine AOL get more annoyed at people signing up repeatedly with fake credit cards details to avoid payment than people who sign up to spam.

Ewan

[ Parent ]

Requirements for Spam (4.33 / 9) (#33)
by spaceghoti on Wed Nov 01, 2000 at 12:23:41 PM EST

There are a lot of ways that spammers can make money. They can supply a telephone number, they can provide a snail mail address and they can provide a website.

For the first two options, you can report the abuser to the authorities and start criminal proceedings against them. Invasion of privacy is a legitimate issue in US law. For email and websites, you have no such options. All you can do is report the spam to the email hosts and to the webhost.

You say, "I honestly do not believe shutting down a website would slow down the spammers for 1 second, they'd just switch tactics again." Does that mean we should just give up and concede defeat to the spammers? I say that's foolish. I agree that spammers move around obstacles as quickly as we can set them up, but that doesn't stop me from doing everything in my power to discourage them. If they want to go on to other means to attempt to contact me, that's up to them. But if I can hurt them often enough and significantly enough to make it not worth my effort to spam me, then I'll do it. And I'll keep doing it any way I can until they stop. I'm not going to make it easy for them. Any company that provides a safe haven for spammers is going to lose my business and the business of anyone who agrees with me. ATT.net may have legal foundation for allowing a spam site to reside on their domain, but they're going to suffer a huge market impact if people like me have anything to say about it.

In my mind, spam is an invasion of privacy and theft of resources. If they leave me alone I'll leave them alone. I don't spam people to visit my website, and I don't appreciate anyone else spamming me to visit theirs. If I'm interested I'll go looking for it. If I'm not, you're not going to convince me otherwise.



"Humor. It is a difficult concept. It is not logical." -Saavik, ST: Wrath of Khan

[ Parent ]
It does help (4.00 / 3) (#52)
by arafel on Thu Nov 02, 2000 at 08:16:06 AM EST

To deal with the points in something resembling an order...

A website isn't required, no. However, where one is included, leaving it up means that the spammer profits from that spam run. This is going to encourage them. I can't believe you want that. If you remove the website, they've just wasted X hours of spamming time, a dialup account, and hopefully Z open relays which should get secured, *and they have nothing to show for it*.

I'm not sure if it was just a bad choice of word, but we don't especially want AT&T to block the website - ideally they should educate their customer if possible, or close the account if not. Blocking is a last resort, at least at RBL level (not my personal level, I'll admit.)

As for their email account - if it's legitimate, and not one of the free services, then it's usually with whoever's hosting the site, so it goes when their account does. If not, then yes, I'll go after that as well, and try to get their hosting cancelled. I generally also let anyone else they're using know too (for example, webpage counters, advertisers, linkexchange, etc.)

I can't do anything about the freecall numbers, but what it basically comes down to is that I can try and make it more expensive and more hassle for them to spam, and I will do so if possible. The more services they lose each time they spam, the less likely they are to do it again.

Paul
[ Parent ]
Clean-up fees (3.50 / 2) (#58)
by nogin on Thu Nov 02, 2000 at 04:04:33 PM EST

Some ISPs charge substantial clean-up fees when they close the account because of spam. If all major ISPs will start doing that, it would make a big difference. But until there are ISPs who are willing to tolerate spamwertized sites, the sapmmers would have an easy way to avoid paying clean-up fees.

[ Parent ]
Re: Clean-up fees (4.00 / 1) (#66)
by elemental on Tue Nov 07, 2000 at 06:55:53 PM EST

Professional spammers already do have a way to avoid paying clean-up fees... It's called signing up accounts using stolen credit cards. Nine times ouf of ten, this is how they do it.


--
I love my country but I fear my government.
--> Contact info on my web site --


[ Parent ]
According to that contract... (3.09 / 11) (#25)
by General_Corto on Wed Nov 01, 2000 at 09:47:02 AM EST

... the wording is:
NevadaHosting will not send unsolicited distribution lists in electronic mail or other mass unsolicited electronic mailing, commonly referred to as Spamming, from or through AT&T's gateway. NevadaHosting understands that Spamming may be a just cause of immediate termination of services from AT&T.
Now, to my rather untrained eye, what that says is "we can't give out lists of users, and we can't randomly mail them". However, the 'may be a just cause' is a little wishy-washy, and if I was a lawyer for either of the two parties, and spam was an issue, that would be section of the agreement where I'd be most worried (or hopeful) the court battle would be fought.

Moral of the story: AT&T should be *far* more proactive about killing off the possibility of spam going through their parts of the network.


I'm spying on... you!
Blocking ATT?? (2.36 / 11) (#26)
by jeremya on Wed Nov 01, 2000 at 10:17:30 AM EST

I think that would be a thing to do if you had the nerve to do so.

Of course... ATT has lots of money which means lots of lawyers.

It would be interesting to see a really big company go after MAPS

I think thats a BAD idea, you would see rather quickly what a bunch of money and lawyers can do to the life of anything...

Jeremy

Yeah, let the money and lawyers run the world! (2.20 / 5) (#28)
by marlowe on Wed Nov 01, 2000 at 10:33:46 AM EST

That'll work.

-- The Americans are the Jews of the 21st century. Only we won't go as quietly to the gas chambers. --
[ Parent ]
Cynicism? Can I smell cyncism? :-) !msg (1.50 / 2) (#42)
by static on Wed Nov 01, 2000 at 05:14:53 PM EST



[ Parent ]
But MAPS wants to get sued (3.66 / 6) (#29)
by pw201 on Wed Nov 01, 2000 at 10:38:36 AM EST

MAPS are so eager to get sued they even provide a web page telling you how to sue them. It seems they want their day in court so their legal position can be resolved. I think they've got a strong position, but then I agree with what they do (and I'm not a lawyer).

BTW, if you want to help support MAPS, you can sign up for one of their filtered forwarding accounts for $50 a year. (I'm not associated with MAPS, before people tell me off for advertising, I just think what they do is a good thing).

[ Parent ]

Oh the irony... (2.15 / 13) (#27)
by greydmiyu on Wed Nov 01, 2000 at 10:23:53 AM EST

Anyone else find it ironic that there is a mention of the RBL here and one of the links to other stories is to "Has terrorism ever been a successful strategy?"
-- Grey d'Miyu, not just another pretty color.
MAPS and terrorism (4.20 / 10) (#34)
by spaceghoti on Wed Nov 01, 2000 at 12:28:27 PM EST

MAPS provides a voluntary service for ISPs to subscribe to of their own free will, and they don't solicit (spam) subscriptions. All they say is that the IPs on their list have a history of supporting spammers. ISPs can subscribe to the list or not, and they will only do so if they feel that MAPS is providing a service they want. MAPS is, in effect, providing market research for those companies who are responding to the desires of their users. If that's terrorism, then I'm an avowed terrorist.



"Humor. It is a difficult concept. It is not logical." -Saavik, ST: Wrath of Khan

[ Parent ]
Be careful what you wish for. (4.30 / 13) (#35)
by IpxODIE on Wed Nov 01, 2000 at 01:46:33 PM EST

Backbones providers should only be in the business of providing pipes and ip addresses -- not in deciding what goes over their backbone. To do so could mean they are partially responsible for what their customers do!

Consider UU.NET's AUP which prohibts spam:

Email Sending unsolicited mail messages, including, without limitation, commercial advertising and informational announcements, is explicitly prohibited. A user shall not use another site's mail server to relay mail without the express permission of the site.
but also prohibts anonymous posting:
Forging of any TCP-IP packet header or any part of the header information in an email or a newsgroup posting.
and also prohibts offending the wrong people, obscenity, hacking DVD encryption, etc:
This includes, without limitation, material protected by copyright, trademark, trade secret or other intellectual property right used without proper authorization, and material that is obscene, defamatory, constitutes an illegal threat, or violates export control laws.
and then passes the responsibility to monitor down to the ISP:
INDIRECT OR ATTEMPTED VIOLATIONS OF THE POLICY, AND ACTUAL OR ATTEMPTED VIOLATIONS BY A THIRD PARTY ON BEHALF OF A UUNET CUSTOMER OR A CUSTOMER'S END USER, SHALL BE CONSIDERED VIOLATIONS OF THE POLICY BY SUCH CUSTOMER OR END USER.
Forget that all of this is so overly broad that it can only be selectively enforced (do you think a big company that spams will be kicked off?). Prohibiting anything on a backbone pipe is just another slide down a slippery rope to censorship. After all, what do you say to a lawyer or politican when after ridding yourself of a spammer you are then asked to rid yourself of a pornographer? Can you honestly say you're just selling bandwith? Maybe we should consider focusing on the weakness in authenticating senders in SMTP instead of blaming spam on the fact that not everyone in the world is going to be disciplined (the tragedy of the commons...)

What do I say? (4.25 / 4) (#41)
by spaceghoti on Wed Nov 01, 2000 at 04:44:48 PM EST

...what do you say to a lawyer or politican when after ridding yourself of a spammer you are then asked to rid yourself of a pornographer?

"Is the pornographer forcing me to look at his pornography? No? Then go away."

If I actively choose to go out and look up information, I can't complain that I found it. It was my choice to look for it. If someone else decides that they want to try to make that decision for me, then I complain. That's the difference between a spammer and a pornographer.



"Humor. It is a difficult concept. It is not logical." -Saavik, ST: Wrath of Khan

[ Parent ]
Re: Be careful what you wish for. (4.00 / 2) (#59)
by catbert66 on Thu Nov 02, 2000 at 06:11:32 PM EST

IpxODIE writes:
Backbones providers should only be in the business of providing pipes
   and ip addresses -- not in deciding what goes over their backbone. To
   do so could mean they are partially responsible for what their
   customers do!

   Consider UU.NET's AUP which prohibts spam:

       Email Sending unsolicited mail messages, including, without
       limitation, commercial advertising and informational
       announcements, is explicitly prohibited. A user shall not use
       another site's mail server to relay mail without the express
       permission of the site. 

   but also prohibts anonymous posting: 

       Forging of any TCP-IP packet header or any part of the header
       information in an email or a newsgroup posting. 

How does that prohibit anonymous posting? It prohibits you from IP spoofing and joe-jobbing others.

   and also prohibts offending the wrong people, obscenity, hacking DVD
   encryption, etc: 

       This includes, without limitation, material protected by
       copyright, trademark, trade secret or other intellectual
       property right used without proper authorization, and material
       that is obscene, defamatory, constitutes an illegal threat, or
       violates export control laws. 

So you're not allowed to use a UUNet connection to break the law. Oh, that's unreasonable. IIRC, the DMCA makes the ISP is responsible for taking down infringing materials.

  and then passes the responsibility to monitor down to the ISP: 

       INDIRECT OR ATTEMPTED VIOLATIONS OF THE POLICY, AND
       ACTUAL OR ATTEMPTED VIOLATIONS BY A THIRD PARTY ON
       BEHALF OF A UUNET CUSTOMER OR A CUSTOMER'S END
       USER, SHALL BE CONSIDERED VIOLATIONS OF THE POLICY
       BY SUCH CUSTOMER OR END USER. 

People using UUNet's pipes are bound by their AUP. If someone gets out if line, the reseller they made their contract with is responsible for enforcing the AUP. If the reseller doesn't act, UUNet can hold them liable for their customer's actions.


   Forget that all of this is so overly broad that it can only be selectively
   enforced (do you think a big company that spams will be kicked off?).
   Prohibiting anything on a backbone pipe is just another slide down a
   slippery rope to censorship. After all, what do you say to a lawyer or
   politican when after ridding yourself of a spammer you are then asked
   to rid yourself of a pornographer? Can you honestly say you're just
   selling bandwith? Maybe we should consider focusing on the weakness
   in authenticating senders in SMTP instead of blaming spam on the fact
   that not everyone in the world is going to be disciplined (the tragedy of
   the commons...) 

If you have an AUP that says "no spam and no porn," there isn't a thing you can say to someone who asks you to rid yourself of a pornographer. Otherwise, you can say, "there's nothing I can do, they aren't violating our AUP."

Private companies, using private equipment, are premitted to do pretty much anything they like in establishing the terms of service for that equipment. If a backbone decides they don't want people doing IRC, they can put that in their AUP and filter the appropriate traffic. Or they can use the RBL, or any other set of filtering conditions they want to set up. Believe what you like, but there's no requirement that any provider of any size has to accept any traffic at all, absent anything in their contract that says otherwise. UUNet's AUP says, "we expect you and your customers to be good net.neighbors, by our definition; if you aren't, you're violating our rules and we can take action against you." If you find that to be unreasonable, then UUNet and its resellers aren't for you. Luckily, you can choose another reseller who might be more friendly to whatever needs you have.

This argument has nothing to do with the Frea Speach [tm] [r] [c] of the spammers. It's about abuse, plain and simple, the way UUNet defines it. Couching it in the form of a censorship argument is a slap against the First Amendment and anyone who supports it.



[ Parent ]
One point (none / 0) (#61)
by THEWeirdo on Fri Nov 03, 2000 at 01:46:19 AM EST

Good comment, except one point: "So you're not allowed to use a UUNet connection to break the law." What about "material that is obscene, [or] defamatory"? What if you say "Microsoft sucks"? That's defamatory. Or if you go around using the f-word. That's obscene. If you want to get really technical, you could even say that the "material protected by copyright, trademark, trade secret, or other intellectual property right" is a bit iffy. What if you buy, say, Norton Utilities over the Internet, and then download it? It's copyrighted, even if you have legal right to download it.

But maybe I'm just picky.

  - THEWeirdo

"Better paranoid than sorry" -- Me
[ Parent ]

Spam Blocking on the User End (2.11 / 9) (#38)
by rawg on Wed Nov 01, 2000 at 03:41:44 PM EST

I think that spam should be blocked by the end user. I think that all end users should just delete or put in place a filter. I am using SpamBouncer and it is working well for blocking spam.

If we start telling people what they can do, then being free is just a dream. We should let the spammers spam all they want. When they figure out that they are spending more money that what they are getting back, the spam will be gone. Spam only works if people fall for it.

Install filters. Filters work great.

simple filter (2.80 / 5) (#39)
by Barbarian on Wed Nov 01, 2000 at 03:44:39 PM EST

A simple filter that moves anything not explicitly addressed to you (in To: or Cc: ) into a junk folder removes 95% of spam. If you subscribe to mailing lists, you can create filters to make exceptions to this rule. Any modern mail reader can do this.

[ Parent ]
Um, what, exactly, do you think the RBL is? (4.28 / 7) (#40)
by Whizard on Wed Nov 01, 2000 at 04:17:29 PM EST

I hate to break it to you, but in reality, all the RBL is is a tool to facilitate exactly what you're talking about here. It's a list of known spam-hosting sites that a mail host can opt to check incoming mail against before delivering that incoming mail. The decision to check mail against the RBL is made by the destination mailhost. By deciding to enable RBL filtering in your Mail Transfer Agent, you are saying that you trust the MAPS folks to make responsible decisions regarding the contents of that list.

Essentially, it's end-user mail filtering, it's just filtering it against a list provided by someone else...it doesn't stop anyone from sending spam, it just stops those who choose to check their incoming mail against the RBL from receiving it.


--
So Lawrence Lessig, John Perry Barlow, Rusty, and Prince are having dinner...
[ Parent ]

Sneakemail (3.25 / 4) (#43)
by KMS on Wed Nov 01, 2000 at 06:06:03 PM EST

I believe the best app for spam prevention is Sneakemail. Since spam comes in all kinds of forms: true spam (harvested, sold, rented, partnered, etc), broken mailing lists, determined ebiz mailings, etc, something needs to handle all those situations, and sneakemail really does. Thats what I built it for.

[ Parent ]
Nice! (1.66 / 3) (#45)
by mihalis on Wed Nov 01, 2000 at 07:02:31 PM EST

That looks very nice. Bravo. By the way, you have a minor typo : on this page it says

"However, if your encourage them to use Sneakemail, or its quicker version, Sneakemail Express, you will engender more trust in your visitor, or potential customer."

thought you might want to know since the rest of the language seems correct, clear and well-written. I'm not trying to be pedantic here.
-- Chris Morgan <see em at mihalis dot net>
[ Parent ]
Your logic is flawed (2.66 / 3) (#44)
by CentrX on Wed Nov 01, 2000 at 06:17:35 PM EST

"When they figure out that they are spending more money that what they are getting back, the spam will be gone."

It costs practically nothing to spam on the Internet, I bet even with these contracts. The fact is, many people do fall for this stuff. It doesn't take many people to fall for these scams for the spammers to offset their investment.
-- "The price of freedom is eternal vigilance." - Thomas Jefferson
[ Parent ]

Problem is... (4.25 / 4) (#48)
by KindBud on Wed Nov 01, 2000 at 08:07:03 PM EST

If you filter at the client, those clients who pay for metered access have the clock ticking and their wallets shrinking while all this spam is downloaded from the POP server, only to be thrown away.

This is why the anti-spam crowd is so adamant about killing email spam for good. Paper advertisements mailed out to everyone and addressed to "Resident" cost the recipient nothing but the time it takes to drop it in the trash can, and cost the sender plenty of money - the larger the mailing, the more money it costs. Email spam shifts the monetary burden of mass advertising to the recipient/target of the advertising. That's what is wrong with spam; this is not where the burden should lie. It costs the spammer no more to send a million messages as it does to send a hundred, and that cost is a pittance compared to what it takes to do a paper mail ad campaign.

--
just roll a fatty

[ Parent ]

Spam as Theft of Service (4.50 / 6) (#50)
by mattw on Wed Nov 01, 2000 at 08:53:08 PM EST

Hate to say it, but a large, large part of the problem is spammers that aren't paying their way. Primarily, however, there are some big reasons:

(1) It costs next to nothing to spam. You can send out, literally, millions and millions of spam messages with nothing more than a list of addresses, a dialup pop account, and an average PC. Collectively, this takes up hundreds of hours of time, even if users to nothing but quickly hit 'D'. When people call you at home, for example, they have a cost involved -- it takes up their time too. Spam is the practice of consuming thousands and thousands of man hours to get the result of work people are not willing to perform.

(2) Spam is often delivered on stolen services. It is sent across ISPs who do not want their networks used, from dialups never paid for, to users that pay their ISP extra money to store and forward the spam, using mail relays the spammers do not own or administer (and there are many a tale of woe from sysadmins whose mail systems were crushed under the load of a mega-spam run), and finally delivered to end users consuming resources on their computers they do not wish to give up. All this is generally involuntary. For those wishing to receive spam, there are many, many places which let you sign up to receive ads of many types, often with incentives (free stuff, points redeemable for things/discounts, etc). The involuntary spam is like a call placed to you on your cell phone, which you have to pay for, from a caller who wants you to buy something. You pay for the call that the advertiser makes. In the same way, spammers steal various services to deliver spam at no cost to themselves, the primary reason why spam and postal mailings just don't have anything in common (other than, for some, being annoying).

3) Filters are tough to implement right. I do some mild filtering -- blocking nonsense like messages containing references to "Senate bill S.1618", or addresses from known spammers. Many subscribe to the RBL. Some have many additional cooperative filters -- but the most stringest filters still allow in a half dozen spams a month, and the more you try to filter, the more you risk blocking messages you want to receive. The obvious answer, for the consumers involved who are paying for everything, is let the few (very few) who wish to receive UCE sign up for it -- vendors are waiting in line to deliver it to the willing. Plus those signing up get additional goodies, including the ability to select categories. Spam is problematic partially because it is so grossly untargetted, as well as (because of its total lack of cost) very scam-prone (Make a million dollars in 10 days!!!!)

This really isn't about freedom. Telling people they can't send their worthless, unwanted ads to millions across hardware their don't own, is not restricting free speech. The newspaper won't let you run in and ad your own classifieds screaming, "Make millions in a day!". You can still stand on the streetcorner and preach it if you want to. And that's what spam is, only on a much larger, much more impactful, much more annoying scale, where if just 1/100th of 1% of the population of the world decided to advertise to you on a given day, you'd receive 600,000 junk emails. Many new users to the net DID drop their email and their access after getting the heck spammed out of them, and spammers don't deserve any such luxury as people defending them.

See CAUCE for more. They've been fighting this junk for a long time.


[Scrapbooking Supplies]
[ Parent ]
That's what MAPS is (4.00 / 2) (#54)
by J'raxis on Thu Nov 02, 2000 at 09:05:17 AM EST

MAPS/RBL/etc and ORBS are filter services that some ISPs use, and some don't. They explain their philosophies fairly well at their websites, so I'm not going to repeat it here. If you don't like your ISP filtering mail for you, get a new ISP.

I have two different 'primary' mail accounts (in addition to the 3,847,327,213,497 hotmail and mail.com ones ;) -- my web host Kracked.com and my dialup ISP iCi.net -- one uses the RBL, one doesn't. I get maybe a spam or two per day at Kracked. I get anywhere from 7 to 15 at iCi.net. Which sounds better to you?

-- The Antispamming Raxis


[ J’raxis·Com | Liberty in your lifetime ]
[ Parent ]

nevadahosting has no website (3.80 / 5) (#47)
by beertopia on Wed Nov 01, 2000 at 07:39:27 PM EST

At least, not as far as I can find. The document this whole article's about is dated in February, so maybe things have happened since then, but I can't find any of them. I.e., google search on "nevadahosting" has no results, search on spamhaus.org has no results that contain the word "nevada".


Not that that proves anything, but maybe the "rogue ATT salesman" theory is true, and ATT figured it out & TOS'ed 'em. Whatever, if these spammers have to not only keep changing web providers/domain hosters, but to keep changing their domain name to stay in business, it seems like maybe the spam-fighters are doing some good.

Spamming Vs Hosting Spammers, and AUPs of big ISPs (4.00 / 6) (#49)
by mattw on Wed Nov 01, 2000 at 08:37:36 PM EST

Some have said there is a difference between spamming and hosting a spammer. While factually the actions are different, there is little difference in effect. First, spammers know their spamming network access will be terminated. Permitting them to draw this line (hosting spamvertised sites vs permitting spam) allows them to do business as usual, because they simply get throw-away dialup accounts, spam through open relays all they want, and then reap the benefits. Their losses? A dialup account, which probably had 30 days free and cost nothing at all anyhow.

It is typical for major providers, who host customers large enough to, in turn, host other customers, to relay such messages down to their customers for action. For example, if UUnet was hosting a major web hoster, and the web hoster had a customer that spamvertised (or had a 3rd party spamvertise) their site, then UUnet would expect their customer to take action, such as termination of the spamvertised site. This is very standard operating procedure for sites that host, for example, free web pages (geocities, etc). Most of those sites have their own abuse departments anyhow.

There are guidelines for responsible providers, from both the RBL and CAUCE, both of which define spamvertising a site to be cause for termination, and most major providers, especially the internet-centric ones, agree. AboveNet, for example, has Paul Vixie as a VP, so it shouldn't surprise anyone that they agree. Exodus, with the lions share of hosting the big ones (40% of the top 100, and that's before any GlobalCenter acquisition that's been announced recently), also agrees. UUnet is a beast enforcing spam provisions with anyone connecting to their network, and they agree. So, despite the fact that spammers would like you to think that hosting spamvertised sites isn't at all despicable like spam is, fortunately most big providers agree that it is.

In the end, just think about the results: since the mail can be sent easily, basically anonymously, and the accounts it was sent from discarded after a single spam run, if you don't cancel the sites they advertise, you don't even begin to fight the problem. Obviously, sites aren't spamvertised without their express consent (and generally payment), except in cases where someone is out to make them look bad, but for every time that happens, it happens at least 100 times with the knowledge and consent (and generally payment) of the advertised site. (Or, it is the advertised site itself just spamming from another network)


[Scrapbooking Supplies]
Three points (4.12 / 8) (#55)
by gnubie on Thu Nov 02, 2000 at 12:11:45 PM EST

Three points that many posters are missing:

  • The author does not imply that the contract allows NevadaHosting to spam from AT&T - only to host pages that have been "spamvertised". The trouble with hosting spamvertised web pages is that said pages are typically the impetus for sending the spam, so the only way to shut down a spammer is to take away his web hosting.
  • We're not talking about censorship - note that the contract's definition of "Bulk Hosted Web Sites" does not even mention the subject matter of the pages in question, only the method in which traffic is drawn to them. They're not saying that it's OK to host porn, or make-money-fast schemes, or any other type of page. Of concern to this contract is method, not content.
  • Spam is theft - make no mistake, spammers do not do legitimate business. They play hit-and-run with dial-up providers (using throwaway dial-up accounts to send the mail), web hosting providers (often putting up pages on Geocities, Angelfire, etc. with encoded URLs), and mail servers (raping open relays and saturating ISP mail exchangers). These "business" methods represent, at most, a total outlay of about $20 USD for the spammer. The costs of staffing, storage, and bandwidth and CPU upgrades to deal with the spam end up squarely on the shoulders of the companies whose resources the spammers are abusing. Anti-spammers often make the comparison to the existing U.S. law prohibiting unsolicited junk faxes -- though the sender pays nominal long distance charges, the recipient has to pay for paper, toner, equipment depreciation, and lost utility.

--
What doesn't kill you permanently maims you.
We got a request... (3.83 / 6) (#57)
by Darchmare on Thu Nov 02, 2000 at 03:31:04 PM EST

I work as part of the abuse team for Dreamhost.com, a mid-sized web hosting company.

We received a request just a day or two ago from someone who wanted us to sign an agreement that would allow him to use 'bulk email' without recourse. He didn't outright claim to be spamming, but did mention that there would be complaints and he would be willing to pay twice as much to avoid any cancellation. Obviously a spammer.

Ironically, the request was made as a bulk message sent to - I would assume - other web hosts.

We just deleted the message without reply. We don't want spammers for customers. Still, this is definitely a bit disturbing. Has anyone else gotten offers like this?

AT&T backpeddles. (4.00 / 2) (#60)
by mrsam on Thu Nov 02, 2000 at 09:38:48 PM EST

Yes, many NOC-heads on spam-l and Usenet have reporting getting that inquiry for spam-friendly web hosting.

Let me guess: the guy was prepared to pay two or three times the going rate for a T-1, and that the request came from an AOL account, right?

Oh, by the way, CNET just weighed in with their thoughts on the subject matter.

[ Parent ]

NYTimes says AT&T confirms the contract (3.00 / 1) (#62)
by Despammed.com on Sat Nov 04, 2000 at 09:45:47 PM EST

<a href=http://www.nytimes.com/cnet/CNET_0_4_3369773_00.html>The New York Times is reporting that AT&T confirms the contract -- but that they're nuking Nevada Hosting anyway.
"That document represents an unauthorized revision to AT&T's standard contract and is in direct conflict with AT&T's anti-spamming policies," wrote AT&T representative Bill Hoffman.
I'm not sure how I feel about that. On the one hand, it's reprehensible that the contract was made -- but on the other hand, that AT&T can just back out of it when it changes its mind... Isn't that a little scary? I'm not a lawyer. Although I sometimes wonder if I should become one.
Michael
Sheesh, I could at least format the link right (3.00 / 1) (#63)
by Despammed.com on Sat Nov 04, 2000 at 09:49:27 PM EST

And that was after previewing it. I think I need more sleep. The article is, of course, here, and this time I'm closing the element.

Oh. It's not that I didn't close the element, it's that I neglected to enclose the URL in quotes. Well. I still should have caught it on the preview....

Michael
Michael
[ Parent ]

RE: NYTimes says AT&T confirms the contract (none / 0) (#67)
by Keepiru on Thu Nov 09, 2000 at 01:44:16 AM EST

AT&T is probably smart enough to have some sort of "at will" clause so they can always back out.

What's annoying is that this was supposedly never even reviewed until they got called on it. How many contracts like this (from any company) exist?

--Kai
--slashsuckATvegaDOTfurDOTcom


[ Parent ]

When do we get to the doing bit? (none / 0) (#64)
by tobin on Mon Nov 06, 2000 at 09:32:20 AM EST

Just as a lot of advertizing on homepages can be blockd by using a filtering proxy so can E-mail from known spammers be blocked. Personaly I use junkbuster for my websurfing and with some scripting you can share you blockfile with lots of others. This is interesting because as of jet this doesn't exist for E-mail. I bet that a couple of experienced people could write some scripts to share blockfiles for a spamfoiling scheme. If this takes on, sending spam would not be very lucrative any more and our mailboxes a lot less full.

Just my bit..

Tobin
-- It's time to send a B-arch!!
PSInet now too (5.00 / 1) (#65)
by J'raxis on Tue Nov 07, 2000 at 10:52:52 AM EST

Slashdot posted a C|Net story today about PSInet's pink contracts with some spamhaus called Cajunnet.

Slashdot's commentary here.

-- The Antispamming Raxis

[ J’raxis·Com | Liberty in your lifetime ]

Existence of "pink" spam contracts confirmed. | 68 comments (54 topical, 14 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!