Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Spam, spam, spam - Is it unstoppable?

By dreamfish in Internet
Sat Nov 18, 2000 at 02:58:46 PM EST
Tags: Internet (all tags)
Internet

The Mail Abuse Prevention System, MAPS, may be in trouble. In the past 12 months it has been hit with a number of lawsuits from various companies that believe their e-mail feeds were blocked unfairly. Recently Exactis, a subsidiary of 24/7 Media, won a temporary order against MAPS claiming precisely this. If such actions spiral and MAPS ever had to close, what hope is there of protecting ourselves from the ever-rising levels of spam e-mail?


Spam e-mail has almost become an occupational hazard of using the internet. A lot of people now go to great lengths to disguise their email addresses when posting on news or discussion websites because they know the golden rule of spam: once it starts it's almost impossible to stop. Even worse, it has long been recogised that spammer's unsubscribe addresses are scams - all they do is validate the existence of your address, the consequence being you get more spam rather than less.

Legislation for controlling Unsolicited Commercial E-mail (UCE) has been stalled for some time. Often it only applies to certain US states; there is certainly nothing that is effective (read: enforcable) across countries as such legislation is almost always based on the geographical location of the spammer's server.

This is where MAPS comes in. They don't pretend to stop spam. They don't even go after the spammers themselves. All they do is maintain a list of SMTP servers and relays that are known to be sources of spam e-mail. This list is then made available for ISPs and network backbone providers who use it to prevent the relay of e-mail from anyone on the list.

Why is this a good approach? A number of reasons: For the ISP/Backbone provider it's simple to use, cheap, apparently effective and can be 'sold' to customers as an added-value service. In reality there is nothing else to attack the spam problem - no 'controlling organisation' or suitable laws. It has been shown to work well, mostly due to the respect that Paul Vixie, who runs MAPS, has throughout the Internet community. He's considered to be an un-sung hero, doing us a service. His policies are fair: a potential spammer is warned repeatedly, mainly because a lot of spam is caused by others using the facilities of an unsecured mail relay. Furthermore MAPS has extensive advice on best practice for bulk e-mailing.

One of these is the double opt-in where a person has to confirm their initial request to receive e-mail from an organisation. It's contentious issue with MAPS whether to label those who don't use double opt-in as spammers. This upsets a number of companies who believe the blocking of their e-mail by an unelected and (supposedly) unaccountable organisation is unfair and damaging to the whole commercial business of bulk emailing. Hence the law suits.

MAPS used to laugh off any idea of litigation; they even had a How to Sue Us section on their website. However the recent judgement in favour of Exactis, where the judge claimed MAPS was irresponsible in including Exactis is worrying. It came close with the Harris Interactive case but this is potentially worse. What if this led to more law suits against MAPS? What if they had to abandon the Realtime Blackhole List (RBL)? What hope would there be to reduce the ever-increasing level of spam e-mail? Could it eventually lead to people keeping their e-mail addresses secret? Would junk mail filters have to become a core component of any e-mail client, even though they are only partially effective and require considerable upkeep?

Maybe this is part of the argument over the growing commercialisation of the Internet. It's a complicated issue when people talk about the 'right to send you e-mail'. It may be, in the end, something we'll just have to live with.

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Poll
What is the best way to deal with spam e-mail?
o MAPS approach 48%
o Some other organisation 2%
o Legislation 4%
o A polite word with the offenders 1%
o There is no problem - it's a legitimate business practice 0%
o Just delete it and get on with life 21%
o Calling the spammers at home, and showing them how it feels. 21%

Votes: 92
Results | Other Polls

Related Links
o MAPS
o won a temporary order against MAPS
o Legislatio n
o stalled
o Paul Vixie
o extensive advice
o How to Sue Us
o Harris Interactive
o Also by dreamfish


Display: Sort:
Spam, spam, spam - Is it unstoppable? | 108 comments (103 topical, 5 editorial, 0 hidden)
The next list will be offshore... (3.78 / 23) (#1)
by bgalehouse on Sat Nov 18, 2000 at 12:15:47 PM EST

A block list is the right way to avoid this problem. It works well, I'd expect something new to take it's place if MAPS went down. "Gnutella" style peer to peer message passing about spam would be a cool tech heavy approach.

Simplp moving the same thing offshore would be another, more conservative approach. All you need is to put the servers there, and declare somebody there 'in charge'. The same volunteers in this country could actually be doing the investigations and such. I don't know exactly where would be best. Sealand would be overkill, but it would be good press for them if they decided to do it. And really bad press for the 'land of the free'.

If the US refuses to see the publication of such a list as protected speach, find a country that will. Two can play at the international juristiction game.

BAD approach (3.57 / 7) (#16)
by Miniluv on Sat Nov 18, 2000 at 04:40:06 PM EST

Moving servers because we don't like laws is not the way to fight those laws. I'm all for protecting free speech and expression and whatnot, but I'm not for continuing this playing the Internet against itself game.
I do not advocate an international force to police the net, instead I advocate reaching treaties with countries who wish to be linked regarding what is acceptable and what isn't for extradition and the like.
The Internet does not exist outside of normal societal constraints, nor does it extend the law. Instead the 'net and the people who add to it need to be finding ways to extend normal society if need be to fit their ideas. This means getting out and telling people in an intelligent, rational manner why you feel MAPS is the way to go, not that if they shut you down here they can't do it to you in Sealand. The first makes you look intelligent, the second makes you look paranoid (not to mention juvenile).
Your mention of "investigations" however is interesting, and I wonder what exactly that implies. Does this mean random searches of MX records and testing for open relays, or does this mean legitimate investigation of reported spam servers? Currently MAPS does neither, aside from automated messages going to RFC required addresses at the MX in dispute.


"Its like someone opened my mouth and stuck a fistful of herbs in it." - Tamio Kageyama, Iron Chef 'Battle Eggplant'
[ Parent ]

Yes and no (none / 0) (#80)
by kmself on Sun Nov 19, 2000 at 08:36:30 PM EST

See my prior post -- MAPS provides an institutional as well as a technical function. This role will be hard to replace.

Still, a driving law on the 'Web is that date will express itself. Trying to censor it in one way merely moves it elsewhere. The quality and accessibility of that data may be effected in the process, however.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.
[ Parent ]

Former fan of MAPS... now against it. (4.00 / 23) (#2)
by Speare on Sat Nov 18, 2000 at 12:38:46 PM EST

I was formerly on the side of MAPS. I thought it was a sensible way to force bad ISPs to secure their email servers. Now, I'm not so sure, and here's why.

MAPS is an infrastructure feature. ISPs install it for the benefit of their subscribers. It seems good to offer this, as it's against spam, right? It also seems like a customer would choose another ISP if they didn't like their inbox being filtered. Choice is good, right?

However, I am a part of a small company (~10 people). We're already shelling out a considerable number for our broadband connections and other ISPish fees. Our ISP joined the MAPS setup a few months ago, and didn't notify us. Even if they had, we probably would have thought it a good thing.

Until we heard via telephone and mouth-to-mouth channels, that some prospective investors and venture capitalists were unable to send our executives email messages. See, venture capitalists are inordinately wealthy, yet they still use mainstream simplistic ISPs for their business, as that's not their major interest. So, when a VC's ISP gets blackholed, we don't get their mail. When we don't get their mail, we look bad. When we look bad, we endanger our payroll.

The "solutions" listed by our ISP and by MAPS is to tell the legitimate senders to complain to their ISP. Yeah, that's a realistic solution. "Sorry, Mr. Investor, your ISP is a POS, can you gripe to them for us?" And how about those other investors or potential clients who have tried to contact us, that we haven't heard about, because their email to us bounced?

Fortunately for us, our ISP was able to disable MAPS for our domain name. [No, don't take that as an invitation to spam us.] People who don't go to the trouble of having a registered domain name are probably not so lucky.

MAPS may sound good, but it's unrealistic to expect the pawns to do the lions' share of the workarounds. As an infrastructure feature, it needs to be completely off the radar from the point of view of individual emailers, and yet it's not. When your legitimate mails are being blocked, it can be disastrous to a small company.


[ e d @ h a l l e y . c c ]
Better implementation - More granularity (2.80 / 10) (#4)
by DeepDarkSky on Sat Nov 18, 2000 at 02:06:47 PM EST

I think the whole idea is not bad, just need to be better implemented. Picture this: If you had a firewall configuration that behaved like DNS - delegating more specific information to smaller servers - then the largest firewall near the top would block practically nothing, getting more and more specific until you get to specific hosts that block EXACTLY what it wants to block. MAPS can be implemented at different locations based on the same principle. Of course, if you are an ISP, you really cannot block too many things because you don't know what your clients want to do. You can only take some precautionary measures to ensure that UCEs don't affect your ability to provide service. If a company has specific policy about UCEs, then they can implement a policy as strictly as they want using MAPS as a guideline, and should have the ability to create exceptions, and provide its own modified MAPS list (that is always based on the current MAPS list) to its clients as a guideline, and so on. This would make it so that specific hosts have ultimate ability to configure exactly which hosts to receive mail from. I know it sounds like a lot of work, but so is DNS, I believe. I think that this would address at least immediate problems like those that you mention while still maintaining an implementation of MAPS.

[ Parent ]
Re: Former fan of MAPS... now against it. (3.71 / 7) (#35)
by Perpetual Newbie on Sat Nov 18, 2000 at 08:25:07 PM EST

The "solutions" listed by our ISP and by MAPS is to tell the legitimate senders to complain to their ISP. Yeah, that's a realistic solution. "Sorry, Mr. Investor, your ISP is a POS, can you gripe to them for us?" And how about those other investors or potential clients who have tried to contact us, that we haven't heard about, because their email to us bounced?

As long as your investors were giving money to ISPs that support spam, they were themselves indirectly supporting spam. Companies will continue to support spam until they start seeing a negative impact on their bottom line. Giving their customers a reason to go somewhere else will do this.

MAPS may sound good, but it's unrealistic to expect the pawns to do the lions' share of the workarounds.

The workaround is in getting the pawns to stop giving their money to the spammers. Since there is nobody other than the pawns who have the power to do this, then the effort must be taken to them.

A similar strategy was used by farmworkers in the 1960s. Over ten thousand impoverished farmworkers from grape fields in California's central valley left their jobs and marched to the state capitol in Sacramento demanding better wages, better living and working conditions, and the right to unionize. The government did nothing for them, and not only did Governor Reagan call them Communists but alleged that not one of the protestors had ever worked on a farm in their entire lives. The workers asked markets not to buy product from the growers with whom they had issues, and most markets did not change their purchases. The workers then took their effort to the public, and workers and their supporters across the country began picketing supermarkets, asking people not to buy grapes. This tactic eventually worked.

Not to say that MAPS is the only or the best solution, but it is one which IMO must be tried. Most ISPs do not like to cut off paying customers who spam or support spam, we see this especially in cases where the ISP is a major network and the customer is a smaller ISP. You will never see AT&T cut off Worldcomm's access to its network for spamming or something similar, nor will you see a company like Amazon.com get disconnected from its ISP for spamming, because there is more money to be made in supporting the spam than there is to be saved in fighting it. ISPs don't get onto MAPS unless they have been complained at more than once and they tell MAPS where to stick their list. If an ISP refuses to solve the problem, and the ISP's upstream refuses to solve the problem, then a list like MAPS is useful in taking the issue to the ISP's downstream.

[ Parent ]

too much (1.00 / 3) (#51)
by Barbarian on Sun Nov 19, 2000 at 03:56:29 AM EST

As long as your investors were giving money to ISPs that support spam, they were themselves indirectly supporting spam. Companies will continue to support spam until they start seeing a negative impact on their bottom line. Giving their customers a reason to go somewhere else will do this. Oh boy. This is like equating spam to communism -- if anyone is at all associated with it, they're communist. Give me a break man. Tell your investors to change ISP's? That cross is a little to much to bear for a small company.

[ Parent ]
A Simple Solution. (3.75 / 4) (#71)
by tzanger on Sun Nov 19, 2000 at 02:19:02 PM EST

Use your own mail server.

Honestly, it is Not that difficult. And then you can decide for yourself whether to use MAPS or not. Personally I would Not use my ISP's mail server for my business. Too much can go wrong.



[ Parent ]
Data vs. acting on data (3.00 / 2) (#79)
by kmself on Sun Nov 19, 2000 at 08:32:57 PM EST

The issue is one of how the MAPS database is to be used.

MAPS is simply advisory. Implementations of MAPS at a given ISP may be advisory (insert an X-Header indicating that the server or originating domain is MAPS listed) or action (blocking MAPS-listed mail).

The onus is on the ISP, not MAPS, to configure the service to the needs and desires of customers. If I feel that a MAPS listed server should clean up its act, and its users should pressure the ISP to do same, I'll allow blocking of all MAPS listed servers and networks. If I prefer to selectively allow certain MAPS listed servers, I'll take an advisory note and take the action on my own network.

This isn't MAPS's problem, it's between you and your ISP.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.
[ Parent ]

How we use it. (3.00 / 1) (#102)
by Malachi on Mon Nov 20, 2000 at 03:36:53 PM EST

We use MAPS/RBL, and at times one of our clients gets blocked. I politely write them an email (need to carbonize that) that explains what MAPS is, MAPS web page with what is going on, and explain to them that I will temporarily remove the rule affecting them but will return it within 60 days.

I haven't had many problems yet. What I do run into is schools that get blocked, and major isps (bellsouth), and those end up causing me grief. One the Postfix mail list we talked about how just about everything from .kr .jp or... damn.. another foreign nation, which spam seemed to centralize out of more than naught.

Its all a tough game of where to enforce rules and when to pull them back..

-M
We know nothing but to ask more questions.
[ Parent ]

Kill spam dead. (3.58 / 17) (#5)
by Inoshiro on Sat Nov 18, 2000 at 02:23:56 PM EST

The most effective way of killing spam is to have a whitelist of allowed senders. For all new people, have a magic cookie reply and queue system. That way people can confirm they are who they say they are, and you can converse with them normally. This will stop all of the silly fly-by-night spammers who are otherwise unaffected by you cancelling their account.

By virtue of being a whitelist, it's provably possible that spam will never get through. Why? No accountability. If the sender can't be contacted to verify that they are the sender (and cached as 'known-good' in the whitelist db), then they aren't shown to the recipient at all.

I've actually been working on such a system which will work as glue between procmail and your mail spool (my mail spool is Cyrus IMAP, so it invokes deliver). It stores common data in an SQL table that is also controllable via a nice PHP web interface :)



--
[ イノシロ ]
Another good idea (4.14 / 14) (#10)
by rusty on Sat Nov 18, 2000 at 02:59:26 PM EST

Another suggestion I've heard that's actually pretty smart is set your mail client to dump any piece of mail that doesn't have your address in the "to" field. This won't stop all spam, but the majority that I get is addressed to some "list" address, not to me. Very simple, yet fairly effective.

The problem I personally have with a "whitelist" scheme is that people forget they have it. I occasionally get a reply to a K5 "new user account" email that requests I jump through some hoop to get the mail delivered to the intended recipient. I never do, because I feel like if you requested email from my automated system, it's your responsibility to allow it through your filters. This event always irks me though. But, in general, I'd prefer this to a MAPS-style system since at least the end user is in charge of their filtering. MAPS wouldn't bother me, except for the fact that very likely the majority of MAPS users aren't aware that they're using it, since their ISP runs it, and most people don't even know this exists, let alone how to find out if their ISP has it. That kind of upstream, silent filtering bothers me greatly, for reasons that Lawrence Lessig outlines very well in Code and Other Laws of Cyberspace.

____
Not the real rusty
[ Parent ]

A point, yes (3.60 / 10) (#12)
by Inoshiro on Sat Nov 18, 2000 at 03:11:00 PM EST

"The problem I personally have with a "whitelist" scheme is that people forget they have it. I occasionally get a reply to a K5 "new user account" email that requests I jump through some hoop to get the mail delivered to the intended recipient. "

Yeah, we both get that email ;) My solution to this is allowing the client to add addresses to be passed through via the web interface. One-off mails can be let through, and list mail is already handled by procmail. The place in this program is for mail not FROM: a mailing list. This lets it verify if it's a whitelist person (be it a friend or something like a kuro5hin mailing), or if it's unknown (leading to a bounce). I'm just trying to add a measure of accountability.



--
[ イノシロ ]
[ Parent ]
I've been pondering this... (3.42 / 7) (#15)
by Miniluv on Sat Nov 18, 2000 at 04:33:11 PM EST

Having read a previous discussion here about spam, and then having rediscovered the joys of using PGP for everything possible.
I've recently issued an ultimatum to everyone I know that by a certain date I will not read ANY unencrypted email, unless the return address is @securityfocus.com for my mailing lists. Now, since spam is not regularly encrypted or signed with PGP/GPG/Etc, I won't have to read it. I'm even debating writing something that'll parse my mail spool on a regular basis and discard anything without the above conditions met.
The nice thing about this is that if someone I don't know wants to send me email, and uses PGP they'll still get through, otherwise they get an email back with instructions on how to download PGP and acquire my public key.
The only reason I prefer this solution is that not only does it prevent spam and provide a white list like solution, it also encourages encrypted email which I think is the only sane way to email.


"Its like someone opened my mouth and stuck a fistful of herbs in it." - Tamio Kageyama, Iron Chef 'Battle Eggplant'
[ Parent ]

That's part of it. (3.25 / 4) (#32)
by Inoshiro on Sat Nov 18, 2000 at 08:09:12 PM EST

I was going to have the system also sort encrypted email and unencrypted email, as well as signature verification. But that design did a bit more than I need right now, so I went for the simplified whitelist method.



--
[ イノシロ ]
[ Parent ]
White/Black/Grey (4.25 / 4) (#81)
by kmself on Sun Nov 19, 2000 at 08:49:19 PM EST

I posted regarding this about a month ago the last time this topic came up.

A whitelist mechanism works best with a bit of grey:

  • Explicitly whitelisted mail (known trusted accounts) are delivered straight to subsequent processing (main box or list folders).
  • Explicitly blacklisted mail (known untrusted acounts) are disposed of accordingly -- /dev/null or a spam folder for subsequent investigation.
  • Ambiguous mail is examined more closely. If it has specified password, it's treated as whitelist mail. If it triggers a set of scored criteria (say, commonly occuring phrases in spam such as "one time mail", "remove address", "this is not spam" (what I say three times is true...), etc., isn't mailed directly to my address (or addresses), it's treated as spam. Otherwise, it's identified as questionable, and dropped to a 'nopassword' file. You may or may not want to send a message to originators of spam or nonpassworded mail.

As I wrote previously, I've created a set of scripts for managing my black and white lists -- in Mutt, I can pipe a message through wl-add or bl-add to add an address to the white or black list. This also works on groups of messages for bulk processing.

This system also gets around the issues mentioned by Rusty -- it's pretty likely that a friendly source won't trigger spam responses -- their mail will hit the greylist. Over times, as lists grow richer, the likelihood of miscategorizing mail tends to fall. Though I did have an interesting episode last week with an abuse@ autoresponder which wasn't whitelisted and included a number of 'spam profile' phrases (included as warnings) in their autoresponse message.

Turns out they and I had exchanged a few hundred messages of the course of a day or so.... I've found that adding abuse@, postmaster@, and administrator@ as allowed accounts will tend to avoid this problem.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.
[ Parent ]

Set up the Realtime Freenet Blackhole List (4.00 / 22) (#6)
by the Epopt on Sat Nov 18, 2000 at 02:43:52 PM EST

This situation is exactly what Freenet is being developed to deal with. Someone is trying to censor information; i.e., the list of spam-friendly sites. So insert the list into the MAPS subspace of Freenet daily, whether it has changed or not. Then mail agents can always look up freenet:SSK@MAPSsubspacepublickey/RBL/todaysdate to get the latest list -- and since nobody can prove who's maintaining the list (someone who knows the private key to that subspace, that's who!), nobody can be sued.

Ba-da, as they say, bing.


-- 
Most people who need to be shot need to be shot soon and a lot.
Very few people need to be shot later or just a little.

K5_Arguing_HOWTO
Accountability (4.00 / 2) (#78)
by kmself on Sun Nov 19, 2000 at 08:27:52 PM EST

Thing is, MAPS provides several functions, one of which is as a checkpoint and trusted authority for the list. While Freenet could provide a technical solution to legal attacks on MAPS, it would be more difficult to come up with a replacement for the institutional infrastructure provided by MAPS.

MAPS gathers data, verifies it, vouches that correction attempts have been made, and goes to bat when cases go to court. These are not functions which a distributed data archival network can provide of itself.

There would have to be some serious design effort going into process and authentication measures for such a service to be useful and/or usable.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.
[ Parent ]

Getting off the list (4.00 / 1) (#90)
by magney on Mon Nov 20, 2000 at 03:10:53 AM EST

One of the crucial functions of MAPS is that when a spam-source or relay mends its ways, MAPS takes it back off the list. If people were in the habit of using out-of-date blocking lists from Freenet, there would be a tendency for no-longer-spammers to still be blocked, perhaps for weeks or months depending on how often admins updated their list.

By keeping the list in a centralized position, ISPs and other servers can be rewarded swiftly for reducing spam, which makes them better disposed to MAPS, and perhaps even encouraging them to use MAPS themselves.

Do I look like I speak for my employer?
[ Parent ]

Why we need MAPS (4.04 / 23) (#7)
by Pac on Sat Nov 18, 2000 at 02:44:29 PM EST

If I could run some software in my house phone system that would refuse any call from a known direct marketing company number, I would. If I could run some software at the Post Office machine that sorts my mail that would throw away junk mail I also would.

MAPS is presently our best defence against spam. Remember, there are almost no laws in place, much less international treaties (yes, the spammers can move abroad also!), to help with spamming issues.

The essential B ship candidates, the direct marketeers obviously hate MAPS and they have considerable resources at their disposal (being part of the sum of earth has its advantages). Direct marketeers should also be considered armed and dangerous and shot to death at will without previous notice, but that is another rant. :)

Is MAPS infalible? No and they don't claim to be. The system has lots of opportunities for enhancement and it will, now and then, include innocents in the blackhole list. But for any defects it has, I would insist that live with MAPS is far better than without.

I think eventually MAPS will have to be moved abroad to run from the scum of earth (see above) barrage of lawyers. While it does not happen, anyone worried about spam should really be considering helping them defend themselves.

Also, we should be asking our ISPs to use MAPS if they dont do it already. And considering changing ISPs if they refuse. Where the last possibility is not an option, one should at least install spam filters (mine work to 95% accuracy), so spam will have less and less return.


Evolution doesn't take prisoners


shesh. (1.33 / 6) (#43)
by pastorangryshanez on Sun Nov 19, 2000 at 12:30:33 AM EST

You bitch when the goverment regulates the internet, then you bitch when they don't. You can have it both ways folks.

[ Parent ]
There will always be government on the Internet. (2.00 / 3) (#61)
by Perpetual Newbie on Sun Nov 19, 2000 at 08:18:49 AM EST

You bitch when the goverment regulates the internet, then you bitch when they don't. You can have it both ways folks.

There will always be government on the Internet. If not the state government, our Internet connections will be governed by our ISPs, and by the backbone operators governing them.

[ Parent ]

Kill spammers dead? (1.54 / 22) (#8)
by pastorangryshanez on Sat Nov 18, 2000 at 02:45:05 PM EST

<rant> You can't get rid of spam. For every spammer stopped with MAPS 20 others will take his place. It's just one of those things people have to learn to deal with. Don't give XXXsex.musuem your e-mail address then bitch that you get spam. I personaly can't stand the AntiSpam-Nazis, they're like the AntiSmoking-Nazis. Have a ciggarette at the bar and they bitch you out about how bad it is. Work for an ISP you'll get death-threats, lawsuit-threats, and everything else in between when someone even sends something that barely counts as spam. Then they go and email MAPS.

idiot (none / 0) (#108)
by fmaxwell on Fri Dec 01, 2000 at 06:59:02 PM EST

Spammers have destroyed Usenet, both with their spam postings and with the harvesting of email addresses. How many of us want to reconfigure our clients so that they show return addresses of bsmith@DELETE_THIS_BECAUSE_I_HATE_SPAM.att.net? Spammers have made it impossible to post an address as a web page link. Do so, and you WILL end up on a million-email-address CD and spam will fill your mailbox. As to your comment about "anti-smoking Nazis", get a clue: Some of us (including me, as an asthmatic) don't want you to put our health at risk with your secondhand smoke. I have a right to eat at a restaurant or get a drink at a bar without being choked by tobacco smoke. You want to smoke? Smoke in your own house or car. If your nicotine addiction is so bad that you can't have a drink at a bar without smoking, stay home.

[ Parent ]
yahoo (2.40 / 10) (#13)
by radar bunny on Sat Nov 18, 2000 at 03:21:45 PM EST

I use yahoo as my gerneal give away to anyone email adress. This goes to forums like K5 and to all my friends who insist on forwarding every piece of mail they receive to me (be it a joke, urban legend or warnings about the newest deadly virus out there). Yahoo sets up a bulk mail folder for you and I have to say that it is about 95% effective -- literally less than 5 out of a hundred get through to my regular inbox. so, i never see the spam and it and never gets in my way.

Re: yahoo (2.28 / 7) (#14)
by n3m6 on Sat Nov 18, 2000 at 04:19:06 PM EST

sometimes its not that great when i
send a couple of emails together to a
yahoo mail box. if it all has a similar
subject line it tends to block it out
sometimes never reaching the unaware
user. however it is better than some
of the other mailboxes as it is not
flooded down by 20+ spam messages a day
like my hotmail account


. MIA
[ Parent ]
Yahoo vs. Hotmail (3.00 / 6) (#17)
by AEtherean on Sat Nov 18, 2000 at 05:01:39 PM EST

I agree that Yahoo has a better spam filter than Hotmail. The feature I like most about Yahoo over Hotmail is that you can exempt a "To/CC" address from the spam filter (by adding a custom filter to move all mail sent "To" a certain address into your inbox).

The reason I need this is that I have more than one alternate email address forwarded to my primary address, and the forwarded mail has the alternate address in the "To" field. With Hotmail, there's no way to allow mail "To" a specific address through the filter.

(The nice thing about the multiple alternates forwarded to one primary setup is that once spam gets very bad to any one of the alternates, I can just break that link without having to abandon my primary address.)

[ Parent ]
Court case not right, but MAPS not the answer (2.50 / 8) (#18)
by ScuzzMonkey on Sat Nov 18, 2000 at 05:18:32 PM EST

The biggest problem I see with MAPS is that it doesn't really target spammers--it targets mail servers. Now, I'm all for ISPs self-policing and ditching people that spam through their servers, but I'm uncomfortable with holding them strictly accountable for the actions of their users. I mean, doesn't anyone else see that as being a little scary? Haven't we been working to keep the government from requiring ISPs to police their own users? MAPS does exactly that.

I don't think that legal intervention should be used against it, since it is voluntary and privately run, but I have strong reservations about any system that cuts such a wide and arbitrary swath. I'd be much more comfortable if MAPS simply ran as a service that notified ISPs about their problem users or insecure relay setups, without blacklisting them.

I don't know; it's certainly a contentious issue and I don't claim to have an answer (personally, I just don't give my address out much, and the one I give to people other than trustworthy friends goes to a mailbox I don't care much about with some rudimentary filters on it). But MAPS affects too many innocent/clueless people for me to support it. I see it as being kind of elitist, really--the average user had enough problems just getting things to work with his/her current ISP, let alone figuring out how to protest to them or switch to another. People shouldn't have to understand the technical ins and outs of their e-mail service in order to use it. The Internet isn't an old-boys club anymore.
No relation to Happy Monkey (User #5786)
MAPS can't list "users" (3.60 / 5) (#33)
by chickenhead on Sat Nov 18, 2000 at 08:13:25 PM EST

I'd be much more comfortable if MAPS simply ran as a service that notified ISPs about their problem users or insecure relay setups, without blacklisting them.

But the network is distributed. Nobody can know who the "user" is at the other end of the wire. It is simply not possible to block a "user" because TCP has no sense of what a "user" is.

[ Parent ]

Huh? (2.66 / 3) (#45)
by ScuzzMonkey on Sun Nov 19, 2000 at 12:54:33 AM EST

In the first place, we're not talking about TCP, we're talking about SMTP. IIRC, MAPS already provides header information back to ISPs from the offending mail pieces. I mean, how do you think these issues get resolved now? If the ISP could not identify the user, how would anyone ever be able to shut down the spammers and get off the blacklist? I think either I don't understand what you are saying or you didn't understand what I said.

If you thought I was suggesting that MAPS blacklist users rather than ISPs, perhaps I was unclear. I'm well aware that it's pretty much impossible to block individual user traffic at the delivery level, since spammers move around so much. I'm just saying that MAPS should keep doing what it is doing, only without the blacklist. It's useful for someone to provide feedback to ISPs about problem users. I'm just uncomfortable with the arbitrary blocking.
No relation to Happy Monkey (User #5786)
[ Parent ]
Without the blacklist? (3.60 / 5) (#53)
by KindBud on Sun Nov 19, 2000 at 04:20:02 AM EST

I'm just uncomfortable with the arbitrary blocking.

But it's not arbitrary, where did you get that idea? They only list an IP address after all attempts at notifying, educating, pleading, have failed to correct the problem. What more do you want? The blacklist is the last resort.

--
just roll a fatty

[ Parent ]

Of course it's arbitrary (2.00 / 1) (#75)
by ScuzzMonkey on Sun Nov 19, 2000 at 04:36:51 PM EST

You're only thinking about servers. I'm talking about users. A specific listing is entered for a server after all the steps you note have been taken. My point is that while they've been notifying, educating, and pleading with the ISP that runs the server, the thousands of un-involved users besides the spammer who also use it are left completely in the dark until the box is actually blacklisted. These are people who have no way of knowing what is going on between MAPS and their ISP, and aren't engaged in any form of spamming at all. MAPS doesn't know or care who they are. You can't get much more arbitrary than that.
No relation to Happy Monkey (User #5786)
[ Parent ]
Civilian casualties? (5.00 / 1) (#97)
by J'raxis on Mon Nov 20, 2000 at 11:02:37 AM EST

Civilian casualties in the war against spam?

Maybe they shouldn't do business with spamhaus ISPs. If my ISP ever gets blocked I'd can it immediately.

This works on the same theory as the old USENET Death Penalties. If the ISP doesn't deal with their spam, they get cut off, their customers, innocent bystanders or not, complain and/or leave, hurting the ISPs business, ISP acts or loses more customers.

It's probably unfair; maybe if there wasn't so much spam I'd be on the side of those users; but I'm sick of the spam.

-- The Pissed-off, Antispamming Raxis

[ J’raxis·Com | Liberty in your lifetime ]
[ Parent ]

If MAPS is declared illegal... (3.33 / 9) (#19)
by Demona on Sat Nov 18, 2000 at 05:47:13 PM EST

...then it will effectively be illegal for one person to tell another person, "I don't trust that person beacuse they screwed me over; you might want to stay away from them." In which case, it really *will* be time to start shooting the bastards.

already illegal (1.80 / 5) (#21)
by enterfornone on Sat Nov 18, 2000 at 06:08:58 PM EST

MAPS doesn't go after spammer, it will go after a server that spam originates from. It's a bit like saying "a black guy screwed me over, you might want to stay away from black people". In Australia at least, that sort of thing is already illegal.

It saddens me that people here will jump up and down to fight against censorware but then turn around and claim MAPS is a good thing. Letting a third party decide for you what you can read is censorship and censorship is never a good thing.

--
efn 26/m/syd
Will sponsor new accounts for porn.
[ Parent ]
Re: already illegal (2.66 / 6) (#23)
by edibiase on Sat Nov 18, 2000 at 06:27:16 PM EST

It's a bit like saying "a black guy screwed me over, you might want to stay away from black people". In Australia at least, that sort of thing is already illegal.

Are you saying that it's illegal in Australia for me to come up to you and say, "A black guy kicked the hell out of me once; consider staying away from black guys?" If so, I find that extremely disheartening. While I'm certainly not planning on stereotyping a group of people like blacks (or anyone else, for that matter) any time soon, I'm very much of the opinion that other people should be free to do so.

[ Parent ]

RACIAL HATRED ACT 1995 (3.00 / 5) (#28)
by enterfornone on Sat Nov 18, 2000 at 07:46:23 PM EST

You can find the text here. Your example probably wouldn't be illegal since it only covers public acts.

Take this example. If I was to say in public that you were a child molester, you would have a good case to sue me for defamation. So what if I say your race are all child molesters. And back on topic, if I say everyone on your server is a spammer. And encourage people not to deal with you because of that.

That said, I don't entirely agree with all the interpretations of that law. In one case it was used to close down a history web site that denied the holocaust happened. I think that is probably taking things a bit far.

--
efn 26/m/syd
Will sponsor new accounts for porn.
[ Parent ]

Hrm... (3.00 / 1) (#62)
by edibiase on Sun Nov 19, 2000 at 09:36:30 AM EST

You can find the text here. Your example probably wouldn't be illegal since it only covers public acts.

That's what it looks like. Apparently, though, I couldn't tell you in your house if your window was open and someone passed by who was "in a public place" (the street).

Take this example. If I was to say in public that you were a child molester, you would have a good case to sue me for defamation. So what if I say your race are all child molesters. And back on topic, if I say everyone on your server is a spammer. And encourage people not to deal with you because of that.

What if you actually were a child molester? You'd probably only have a case if I said it maliciously, in order to injure you in some way. If you were to say that my entire race is a bunch of child molesters, well, I'd say, "That's your opinion, even though it's incorrect, so you're entitled to it." Australian law might view it a bit differently.

And again, it would seem that you are perfectly within rights (from my perspective, anyway) to tell people, "Hey, this server is doing things that we think are bad. You can find our criteria for 'bad' online, and if you agree with us, here's a way to make sure that you don't get mail from these sites." MAPS provides the list, you agree with the list, and you use it on your server. It's as if you had gone out, determined what sites you didn't want to get mail from for spamming reasons, and made sure you didn't get mail from them, except that MAPS is doing this for you.

[ Parent ]

"Everyone on your server"? (none / 0) (#100)
by J'raxis on Mon Nov 20, 2000 at 11:15:58 AM EST

I don't think MAPS is meant to say "Everyone on your server is a spammer." It's more like "You have spammers so unfortunately everyone gets cut off, spammer or not."

Whether you consider this fair or not depends on how much you despise spam. I'm at the point where I feel like taking a shotgun to each and every spammer after I download my email, so I think you can see which side I'm on. ;)

-- The Spam-Killing Raxis

[ J’raxis·Com | Liberty in your lifetime ]
[ Parent ]

Degrees of generalization (3.00 / 6) (#27)
by kmself on Sat Nov 18, 2000 at 07:24:06 PM EST

Not quite accurate.

MAPS lists a domain or server if it has shown a consistant pattern, and unwillingness to change, of posting or enabling posting of spam.

This is less like generically discriminating against all people of a race -- or all mailservers or mail clients of a type. I've seen several suggestions lately to block Outlook or Exchange traffic due to virus propogation problems. I tend to oppose this, attractive as it may sound, in favor of simply not using these products on my personal and business systems. I'm actively discouraging use of MS mail products at work for these reasons.

MAPS is more akin to saying: "This is a bad neighborhood, we've talked to the cops and leadership, they're either unwilling to squelch crime or are actively participating i it. We advise against any contact." In this sense, MAPS has much more in common with sanctions used against countries, sometimes successfully, sometimes not, such as South Africa, Cuba, and Iraq.

Used with discretion, I believe it's a useful tool, and it's certainly been directly responsible for several sites to clean up their acts.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.
[ Parent ]

and like trade sanctions (1.40 / 5) (#29)
by enterfornone on Sat Nov 18, 2000 at 07:52:27 PM EST

it punishes a lot more innocent people than guilty

--
efn 26/m/syd
Will sponsor new accounts for porn.
[ Parent ]
If you dont like it... (3.00 / 3) (#55)
by UrLord on Sun Nov 19, 2000 at 05:52:10 AM EST

If your isp uses it and you do not agree with its use dont use that isp! It should be on everyone's list of questions to ask before signing up for a service. Everyone should have the CHOICE of using it if they wish. And if you are using one of the spam friendly isps, well you are SOL when trying to email someone who has implimented this list.

Whether you agree with it or not, don't you think the choice to be able to use it if you want is worth keeping it around?

We can't change society in a day, we have to change ourselves first from the inside out.
[ Parent ]

in my experience (3.00 / 3) (#57)
by enterfornone on Sun Nov 19, 2000 at 06:29:38 AM EST

My experience being three years in ISP tech support...

ISPs generally don't tell customers before they sign up that they use MAPS. Often the sales and even tech support don't know until someones email starts bouncing.

MAPS and the rest generally don't inform networks that they are being listed. It isn't until mail starts bouncing and users complain that they find out.

--
efn 26/m/syd
Will sponsor new accounts for porn.
[ Parent ]
You didn't have a postmaster address then (4.25 / 4) (#59)
by pw201 on Sun Nov 19, 2000 at 07:16:37 AM EST

or you didn't read it. MAPS and ORBS both send mail to postmasters at some point in the process (ORBS at the point of listing, MAPS at the point of nomination, I think). If you don't maintain a working postmaster address for your domains (as is required by RFC822) or you don't read it, this is your problem, not MAPS's.

[ Parent ]
Degrees of generalization (3.00 / 4) (#30)
by kmself on Sat Nov 18, 2000 at 08:01:43 PM EST

Not quite accurate.

MAPS lists a domain or server if it has shown a consistant pattern, and unwillingness to change, of posting or enabling posting of spam.

This is less like generically discriminating against all people of a race -- or all mailservers or mail clients of a type. I've seen several suggestions lately to block Outlook or Exchange traffic due to virus propogation problems. I tend to oppose this, attractive as it may sound, in favor of simply not using these products on my personal and business systems. I'm actively discouraging use of MS mail products at work for these reasons.

MAPS is more akin to saying: "This is a bad neighborhood, we've talked to the cops and leadership, they're either unwilling to squelch crime or are actively participating i it. We advise against any contact." In this sense, MAPS has much more in common with sanctions used against countries, sometimes successfully, sometimes not, such as South Africa, Cuba, and Iraq.

Used with discretion, I believe it's a useful tool, and it's certainly been directly responsible for several sites to clean up their acts.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.
[ Parent ]

bad comparison. (3.33 / 6) (#36)
by www.sorehands.com on Sat Nov 18, 2000 at 08:38:49 PM EST

This issue is not one of race.

What this is, is a provider that permits someone to send SPAM from it -- either by leaving it as an open relay, or by knowlingly permitting it.

This is similar to an airline that does not allow planes from a certain airline to land, because they do not perform proper maintance.

Or it could be the State department warning people that certain airports have been found to be unsafe.



------------------------------------------------------------------------------
http://www.barbieslapp.com
Mattel, SLAPP terrorists intent on destroying free speech.
-----------------------------------------------------------
[ Parent ]

censorware (3.00 / 3) (#54)
by UrLord on Sun Nov 19, 2000 at 05:47:20 AM EST

I believe this blacklist file can be modified, unlike the blacklist in most censorware. I also believe censorware is not necessarily a bad thing. I think parents should be able to install this software on thier home computers (but it should be kept off of publicly funded computers).

I don't know if I would use this list if I were in a position to decide. I don't like losing possibly legitimate email/phonecalls/pages/contact/whatever, even if I have to put up with a little/lot more BS.

I can kind of see the point being made by some posters here. If you know some bad things have gone on in a certain bar (Where is my mind? ;) you should probably stay away from that bar. You know some spammers use certain isps, stay away from those isps.

Sorry if this doesnt read well, its 6am and I have 2 hours left in my 12 hour shift :P

We can't change society in a day, we have to change ourselves first from the inside out.
[ Parent ]

Here we go again... (4.00 / 1) (#96)
by J'raxis on Mon Nov 20, 2000 at 10:45:02 AM EST

I have nothing against censorware in and of itself. Censorware when used voluntarily is a Good Thing, because it allows the pr0n to still exist but lets the overly sensitive people protect themselves (and/or their children) from it.

It's the fact that the government is attempting to mandate censorware in public facilities that most people are "jump[ing] up and down" about.

MAPS is only used by some ISPs. If I don't like this, I'll take my business elsewhere, etc, etc (same old argument). If the government was to attempt to mandate something like MAPS, then it'd be as much of a censorship issue as "Censorware."

-- The Antispamming Raxis

[ J’raxis·Com | Liberty in your lifetime ]
[ Parent ]

"double opt-in" a spammer misnomer (3.55 / 9) (#20)
by chickenhead on Sat Nov 18, 2000 at 06:06:49 PM EST

It's not &qout;double" opt-in we want. It's "confirmed" opt-in.

Spammers like to claim you opted into their lists. We're only asking that opting-in should trigger a keyed confirmation message that the subscriber would just need to "reply" to be confirmed.

That's intended to make it impossible for spammers to claim that "someone else must have signed you up."

When you call it "double" opt-in you're just feeding the spammers' argument that confirmation is burdensome and not needed.

Disposable addresses (3.20 / 10) (#22)
by vastor on Sat Nov 18, 2000 at 06:12:39 PM EST

Disposable e-mail addresses are kind of a solution I think might work. So every month/quarter you get issued with a new e-mail address that you hand out to all the sites that require registration and that may be dubious - it works perfectly for the month/quarter forwarding all e-mail to your "real" address and then is just deleted and a new one created for you.

If someone was genuine you'd reply with your real address and they could talk to you normally - if you got sent spam pretending to be opt out or whatever then you can ignore it knowing that the account will be inactive soon and you'll get another disposable address.

Kind of like I use my hotmail account now (I just check it periodically to get non-spam mails and generally end up taking conversations to my "real" e-mail addresses, depending on which is appropriate).

One thing I found useful was setting the filters to reject e-mail from people with a number in the their name, it cuts out a lot of the spam that hotmail misses itself (and I try to remember to check that nobody was rejected that shouldn't have been, but other than AOLers for the most part, very few people use numbers in an e-mail address in my experience).

I haven't got MAPS running on either of my mail servers however I would install it if I had enough mail coming in that spam was an issue. Got a heap of spam the other weekend going to nonexistant e-mail addresses (bustthecarbs23456@) with the number changing so just told smtpd to reject mail coming to addresses with numbers in them (with an exception for the single user I have with a number in their address). Though then the open relays kept trying to redeliver the e-mail over and over again so I ended up opening it up again for a short while to just accept it and stop them retrying. Maybe MAPS just kills the e-mail off more effectively than a block like I put in.

Another possible problem is the 'try every single address combination' spam method. Certainly with @hotmail.com and @aol.com etc there is a good chance of getting lucky (and some do it already). I could see there being a project to map all the e-mail addresss on the internet just like there was the map all the IP numbers one (though hopefully it'll never happen - such an action would count as a DoS attack against smaller systems, though maybe some jail time would wake some of these people up. It'd be nice for someone to run a test case against a spammer to see if the unauthorised computer use laws apply to spam - spammers are afterall using your resources without your permission - some country is bound to have a suitable law that could be applied to it and extradition agreements with the US and other main sources).

I don't think spam is unstoppable - it'd just be nice to have a technological solution (MAPS) to do it rather than a legal one by getting gov'ts to pass anti-spam laws.



Unique addresses (3.00 / 1) (#67)
by flieghund on Sun Nov 19, 2000 at 12:53:55 PM EST

My solution is to create unique addresses for everything I use. So if I have to give an email address for Comapny X, I use "companyx@mysever.com". If I ever receive spam at that particular address, and it is not from Company X, I know who has been selling my address, and I can proceed to do something about it. (I usually avoid registering at sites unless they specifically state that they will not give my address to anyone else. I believe misrepresentation about that can be construed as wire fraud, but IANAL.)

It's not a perfect solution -- but it seems to work. The only spam I get nowadays is to addresses that I had before I began applying this system. This isn't for everyone, either: it helps if you have your own mailserver, or access to an ISP that allows for "unlimited aliases."


Using a Macintosh is like picking your nose: everyone likes to do it, but no one will admit to it.
[ Parent ]
Real and fake addresses. (none / 0) (#77)
by loprox on Sun Nov 19, 2000 at 08:08:44 PM EST

I use my pop3 from my provider as my "real" e-mail address. Anything else just goes to my hotmail and other various free email accounts. I used to work for a marketing firm that dealt with spam... and if you calculate it: one firm gets your address, sells it to 100 companies at LEAST. Then there are those companies that re-sell the lists. Do this 2-3 times... your on a hell of alot of lists. Just keep a hotmail account for public uses and check to see if anything important gets through once in a while. Works wonders.
You mean... meatloaf is made with... MEAT?
[ Parent ]
You're conceding to the spammers (none / 0) (#82)
by kmself on Sun Nov 19, 2000 at 08:56:41 PM EST

Problem with this model is that it makes your own communications more difficult -- people need to know your current email and update it frequently. This is real work in large scale or over time.

I've had my current email address for over five years, it's well known. I'll probably trade it for a self-hosted mail service in the near future, but I hope that is the last email address I ever have. You're advocating making my life (and the lives of those communicating with me) more difficult on account of spammers. No thanks.

I'm of the good rules and filters school. Strong fences make good neighbors.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.
[ Parent ]

Lawsuits will stop SPAM. (3.40 / 10) (#24)
by www.sorehands.com on Sat Nov 18, 2000 at 06:28:23 PM EST

There is a federal law that stops SPAM!

The anti-junk-fax law. A computer that has a modem and printer attached falls under the definition of a fax.

File a case in your small claims court against some of the spammers for $500/spam.

ALso, report them to the postal service. Let the postal service go after some of them for mail fraud.

Go after the SPAM list providers the same way.

If enough people know that it's expensive to SPAM and it is not cost effective, then SPAM may stop.



------------------------------------------------------------------------------
http://www.barbieslapp.com
Mattel, SLAPP terrorists intent on destroying free speech.
-----------------------------------------------------------

Two things. (2.80 / 5) (#42)
by mindstrm on Sun Nov 19, 2000 at 12:00:53 AM EST

One,it's an aging law, and was clearly not intended to apply to the internet.

Secondly, not one of my computers has a modem ;)


[ Parent ]
Application of law (3.33 / 3) (#47)
by www.sorehands.com on Sun Nov 19, 2000 at 02:22:10 AM EST

Even if a law is not intended to be applied in a specific way does not mean that it cannot be. One good example are the ERISA laws and how they are applied. Or look at some of the ealier applications of the ADA. With any law, the application of the law is modified by time by the courts. And then sometimes, the legislature will correct some of their mistakes.


------------------------------------------------------------------------------
http://www.barbieslapp.com
Mattel, SLAPP terrorists intent on destroying free speech.
-----------------------------------------------------------
[ Parent ]

fax law thingy (2.00 / 5) (#56)
by UrLord on Sun Nov 19, 2000 at 05:55:41 AM EST

Im not positive, but I thought I read somewhere that law held up when applied to email... If I see where I saw that info Ill post it, but I could just be delusional...

We can't change society in a day, we have to change ourselves first from the inside out.
[ Parent ]

god. (1.00 / 8) (#44)
by pastorangryshanez on Sun Nov 19, 2000 at 12:34:19 AM EST

I am really starting to think you are all hypocrits here at kuro5hin. You bitch when the goverment tries to sniff mail (carnivore) then you bitch when they don't?

[ Parent ]
Why am I replying to a troll? (3.66 / 3) (#70)
by chewie on Sun Nov 19, 2000 at 02:08:45 PM EST

...No idea. Perhaps to clarify a point to a knuckle-draggin' troll. SPAM blocking is not mail sniffing. It isn't even technically close to mail sniffing. You should do a little research and visit the MAPS site, then visit ORBS. Reexamine your statement, and realize what an unwarranted and uneducated statement you had made. It's trolls like you in a seat of power, such as on a judicial bench, that scare me.
assert(expired(knowledge)); /* core dump */
[ Parent ]
The legal notice... (3.50 / 2) (#66)
by flieghund on Sun Nov 19, 2000 at 12:47:31 PM EST

Heh. I remember being forwarded this years ago:

LEGAL NOTICE: Anyone who sends me unsolicited commercial email will be charged a $500 proofreading fee. Consider this official notification. Failure to abide by this will result in legal action.
Pursuant to US Code Title 47, Section 227(a)(2)(B), a computer/modem/printer meets the definition of a telephone fax machine.
Section 227(b)(2)(C) prohibts the delivery of unsolicited commercial messages to such an apparatus.
Section 227(b)(3)(C) states that a violation of the aforementioned Section is punishable by action to recover actual monetary loss, or $500, whichever is greater, for each violation.

Using a Macintosh is like picking your nose: everyone likes to do it, but no one will admit to it.
[ Parent ]
Spam is a DoS (4.25 / 12) (#25)
by Perpetual Newbie on Sat Nov 18, 2000 at 06:55:26 PM EST

Sending unsolicited commercial email is abuse of the network.

Years ago, Vint Cerf outlined well what should not be allowed on the Internet:

  • Any action, the intent of which is to seek to gain unauthorized access to a computer system
  • Any action that disrupts the intended use of a system
  • Any action that destroys the integrity of computer-based information
  • Any action that compromises the privacy of users
  • Wasting resources through such actions

There can be no argument that unsolicited commercial email and Usenet posts disrupt the intended use of the system. Anybody who has tried to read 3 legitimate email messages among 40, or a newsgroup where there are 40 real posts and a hundred spam, knows that these messages are disruptive and wasteful. Spam is no more legitimate free speech than a SYN flood, and should be just as illegal. It amazes me that there can even be debate on this.

The debate is because ... (3.33 / 6) (#50)
by Chakotay on Sun Nov 19, 2000 at 03:23:13 AM EST

... spam is sent by the big corporations with the big money, while most DoS attempts are done by 12-year-old script kiddies who obviously need more parental guidance.

What would happen if a script kiddie sent out spam? He'd have the police on his ass in no time, and he'd likely get all his equipment seized. Maybe he'll even never see his equipment again even if the judge says he's innocent - but then again, aren't people innocent until the judge says they're not? But that's a whole different can of worms...

--
Linux like wigwam. No windows, no gates, Apache inside.

[ Parent ]

free speech (4.20 / 5) (#58)
by Wouter Coene on Sun Nov 19, 2000 at 06:30:13 AM EST

Actually, in the Netherlands, commercial messages are constitutionally excluded from being free speech. Wouldn't that help in the US?

- Wouter

[ Parent ]
Yes it would (4.00 / 1) (#98)
by J'raxis on Mon Nov 20, 2000 at 11:09:44 AM EST

But I'd like to see someone try and pass anticommercial laws in the U.S...

-- The Cynical Raxis

[ J’raxis·Com | Liberty in your lifetime ]
[ Parent ]

Yes it would (none / 0) (#99)
by J'raxis on Mon Nov 20, 2000 at 11:09:44 AM EST

But I'd like to see someone try and pass anticommercial laws in the U.S...

-- The Cynical Raxis

[ J’raxis·Com | Liberty in your lifetime ]
[ Parent ]

Too broad... (4.00 / 2) (#69)
by chewie on Sun Nov 19, 2000 at 01:55:15 PM EST

Years ago, Vint Cerf outlined well what should not be allowed on the Internet:
  • Any action, the intent of which is to seek to gain unauthorized access to a computer system
  • Any action that disrupts the intended use of a system
  • Any action that destroys the integrity of computer-based information
  • Any action that compromises the privacy of users
  • Wasting resources through such actions

Some of the items on this list simply cover too broad of a range of topics. The first one on the list, for example, can actually be helpful, given that the person performing the hack has a genuine curiosity and drive to help plug security holes. Such action may be disruptive to the intended use of the box, but if a solution evolves of said break-in, then is it not helpful?

You will find it a rare occassion when someone schedules a "hack-time" for their servers. You will find it even more rare on commercial NT-based web sites hosted by ISP's without a clue, and businesses who trust these ISP's. A hack is a violation of their privacy and a shock, but the attention it gains is usually beneficial to the customer and owner of the site.

No, I think this list is too broad and conveys little in the matter of environmental context. I know my discussion may seem a little off topic, but I couldn't let this list go unanswered. It is entirely too subjective and does not warrant the high ratings it's been receiving on kuro5in. The only thing I can agree with on the above comment is that SPAM is an act of wasting network resources, a point which can be reinforced with objective data.


assert(expired(knowledge)); /* core dump */
[ Parent ]
Digital Signatures (3.16 / 6) (#26)
by piercew on Sat Nov 18, 2000 at 07:06:47 PM EST

...maybe it's because I work in the security field. But I (eventually) plan to setup a filter that checks for digital signatures on email messages. If the person doesn't have an email signed with a digital signature that I know it goes into a different folder or get's sent back. This would work for me because most of the people I know either use them now or would use them when talking to me. It would be interesting to see if something like this would gain widespread acceptance as it would help get people using digital signatures and encryption. Wayne

Works, but... (none / 0) (#83)
by kmself on Sun Nov 19, 2000 at 09:01:25 PM EST

I'd consider a particular digital signature as a good validation (or rejection) rule, but given current adoption of the practice of signing email, lack of a signature isn't a good criterion for rejecting email.

Mind, I sign my email, encourage others to do so, and have a publicly available GPG key (posted to K5 under user info as well). But not enough people are doing same yet, and there may be some valid arguments not to sign mail.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.
[ Parent ]

Spam is unstoppable (2.16 / 6) (#31)
by blixco on Sat Nov 18, 2000 at 08:06:10 PM EST

Spam is free and might make the spammer money somehow. I've never studied it close enough to figure out how, but this gives it an undeniable appeal to anyone interested in commerce.

The solution, if it can be said to be a solution, is to use a spam safe email address for any public registration / posting / etc. In fact, I'm pretty sure that's why Hotmail exists. My personal addresses are personal, and everything posted in public gets hotmail.

MAPS is a good idea, a great idea. Now if only there was a way to have a good idea in the US without getting sued. Maybe move MAPS servers to, oh, Libya.
-------------------------------------------
The root of the problem has been isolated.
Hotmail helps spammers somehow... (3.00 / 7) (#34)
by jbridges on Sat Nov 18, 2000 at 08:18:00 PM EST

I have never ever given out my hotmail address to anyone, I created it, and then forgot it.

It's not based on a common username or other real english word.

Yet, that hotmail account is FLOODED with spam!

So even the idea of a "hidden" email address doesn't work unless you can be sure about who is hosting it. For instance I receive zero spam to my Panix account.



[ Parent ]
Most free e-mails help spammers (4.00 / 2) (#85)
by C0vardeAn0nim0 on Sun Nov 19, 2000 at 11:34:46 PM EST

I don't think they do this on purpose, but they do. All free mail sites I visited or created an acount offers to register you in some e-mail search engine like whowhere, which is an excelent font of addresses for spammers.

When I created my address in netaddress.com (it was 1997) I checked the option to be included in search engines. At that time spammers weren't searching the web to e-mail addresses yet, but a year after I started to receive their junk. I removed my name from all the search engines I could, but it was too late.

To block at least 90% of the junk I added a simple rule in my configurations. The rule is basicaly accept e-mail only if my address is in the To: field, otherwise reject it. This block e-mails sent with my address in CC: or BCC: field. A few keywords usually found on the subject block another 5%. With this I only receive 1 or 2 spamms in my inbox every 15 days, which is pretty good IMHO.

http://www.comofazer.net
[ Parent ]
Making money from spam (3.75 / 4) (#40)
by hypatia on Sat Nov 18, 2000 at 10:44:46 PM EST

Spam is free and might make the spammer money somehow. I've never studied it close enough to figure out how, but this gives it an undeniable appeal to anyone interested in commerce.

The way you make money from it is usually described as being a function of the very low input cost.

Simply, it costs, say $100 to advertise a $20 product/scam to 100 000 people (figures pulled out of thin air). You only need 6 people to buy it to make a profit.

In those 100 000 people, there's probably a few who haven't received much spam yet and might bite. If you've spent more and bought a 'suckers list' (a list of people who have bitten before - they must exist for spam - they certainly do for bulk snail mailings) then many more people will buy.

And if no one responds, you're not losing much money, and if you send it disguised through an unsecured relay, you're not going to get in much trouble.

[ Parent ]

radical warfare (2.66 / 9) (#38)
by semis on Sat Nov 18, 2000 at 09:28:54 PM EST

sometimes (mostly just after I get a few spams) I just wish there existed some radical terrorist group that hunted down these fsckers and killed them. Yes, I _am_ serious.

Imagine how many spammers would think twice if they knew there was a decent possibility they would be the target of a car bomb or something. Well, it's fanciful thinking - and I'm sure such tactics would really be a bad thing - so most of the time I don't condone it.

But, like I said before, that's how I feel when my unspammable mailbox gets spammed!

Killing spammers (none / 0) (#93)
by wiredog on Mon Nov 20, 2000 at 10:02:24 AM EST

Jerry Pournelle suggests boiling oil...

The idea of a global village is wrong, it's more like a gazillion pub bars.
Phage
[ Parent ]

I Don't Get It (3.00 / 9) (#39)
by Grimster on Sat Nov 18, 2000 at 10:21:22 PM EST

How is this different than say "Cyber Nanny"? No one forces anyone to USE the list that MAPS creates, no one is coerced into using the blacklist, it is all voluntary. How can you sue for that? Grimster
--- Do Not Click! Grimster
There are some grounds. (3.40 / 5) (#41)
by mindstrm on Sat Nov 18, 2000 at 11:59:24 PM EST

It is commonly understood that MAPS maintains a list of 'known spammers'.
Even though MAPS does not actively block anything themselves, I'd bet under US law they could be held accountable for wrongly putting someone in there, even if the resulting effects (mail blocking) are not done by them.

Sort of like 'defamation of character'?

Like.. if I put a note up saying someone is a known child sex offender, accidentally.


[ Parent ]
Then why doesn't that approach work on CyberNanny? (3.00 / 3) (#49)
by Chakotay on Sun Nov 19, 2000 at 03:00:28 AM EST

Lawsuits against CyberNanny and other internet censoring software have been tried on exactly those grounds, without much effect. Why did it have no effect on commercial internet censoring software, while it apparently does have effect on a free spam filtering "service"?

(Yes, this is a semi-rethorical question ;)

--
Linux like wigwam. No windows, no gates, Apache inside.

[ Parent ]

My guess... (4.66 / 3) (#65)
by flieghund on Sun Nov 19, 2000 at 12:39:37 PM EST

My cynical guess is that lawsuits against censorware fail because they do not maintain a legally accessible list of the sites/servers being blocked. If a particular company discovers that it is being blocked by CyberPatrol, and tries to sue, CyberPatrol can claim that the company in question was not blocked by default, but rather added to the restricted list by the end user. The only way for the company to learn the truth would be to illegally decode the block list. MAPS, by allowing public access to their base list, opens themselves up to litigation.

Perhaps the solution for MAPS is to "weenie encrypt" their list (say, by converting the IP addresses to ASCII characters?), and then distributing the list under a license that absolutely forbids reverse engineering. That doesn't necessarily mean that MAPS actually has to prosecute people who reverse engineer their list, but it does provide them with protection (under the DMCA no less!) when a particular company claims that they are listed on the MAPS list. 8^) Oh, and MAPS should definitely stop notifying people that they are now added to the list; that does nothing but provoke lawsuits. How many censorware programs notify their victims? If it works for them, it should work for MAPS.

In a perfect world, MAPS should be able to take the moral high ground with its current system. But if their going to be dragged down a few levels into the muck of the American legal system, they might as well start to fight fire with fire.


Using a Macintosh is like picking your nose: everyone likes to do it, but no one will admit to it.
[ Parent ]
Stop notifying people? Are you nutz? (none / 0) (#68)
by chewie on Sun Nov 19, 2000 at 01:39:44 PM EST

Oh, and MAPS should definitely stop notifying people that they are now added to the list; that does nothing but provoke lawsuits. How many censorware programs notify their victims? If it works for them, it should work for MAPS.

The reason that a given postmaster is notified about SPAM is to give them a chance to rectify the situation. If the site does not want to be on the known-SPAM'ers list, they can take action to track down and stop said SPAM'ers from using their email server as a relay. If their business is based on SPAM'ing, well, then they're shit out of luck, aren't they.


assert(expired(knowledge)); /* core dump */
[ Parent ]
MAPS & Litigation (4.00 / 1) (#76)
by infinitewaitstate on Sun Nov 19, 2000 at 06:54:34 PM EST

Another simpler explanation for the MAPS/litigation problem might be simply that companies when an ISP block out their entire domain.

Applications like CyberNanny etc. are suscribed to by the end user, or installed/maintained by the end-user, not decided for 20,000 clients by one ornery sysadmin hooking the MAPS db into sendmail. That in and of itself is a major sticking point.

CyberNanny is like you screening you phone calls, while MAPS is like your telco flat out refusing to switch a compnay's phone number because they do cold-sales over the phone.

While, from your POV, the result is the same, to the company affected, it's like being denied "fair access", which, in the business world, is usually a matter for litigation.


---
... but then again, what do I know?
[ Parent ]

bull (3.00 / 6) (#52)
by Barbarian on Sun Nov 19, 2000 at 04:00:21 AM EST

How is this different than say "Cyber Nanny"? No one forces anyone to USE the list that MAPS creates, no one is coerced into using the blacklist, it is all voluntary. How can you sue for that? Grimster

It's not voluntary when your ISP signs up for it without telling you, the user, and then critical mail doesn't get through.

[ Parent ]

beyond... (none / 0) (#72)
by cetan on Sun Nov 19, 2000 at 03:14:46 PM EST

that's beyond the scope of the above article and (I think) the above comment. The lawsuit was not brought by irate users, but by a professional spamming company. To claim that they are not professional spammers is a thin veil that everyone but (apprantly) themselves can see through.

===== cetan www.cetan.com =====
[ Parent ]
Don't Like This? (5.00 / 1) (#88)
by moshez on Mon Nov 20, 2000 at 02:23:22 AM EST

Use another ISP. Or rent your own T1 line and administrate your own machine. You do have the freedom. Possibly, if you tell your ISP you're leaving because of this, they'll reconsider. Possibly not. Freedom for *both* sides.


[T]he k5 troll HOWTO has been updated ... This update is dedicated to moshez, and other bitter anti-trolls.
[ Parent ]
Maps. (3.28 / 7) (#46)
by infinitewaitstate on Sun Nov 19, 2000 at 02:15:31 AM EST

Just a minor comment, as postmaster for an ISP...

They do not warn you before putting you on the list. They inform you that you have been submitted to the list. It's this minor detail that can, upon occasion, be the problem.

In my personal experience (and I stress personal) MAPS is more of a pain to deal with than the ORBS list, which fullfills a similar function.

I'm not saying anything against MAPS on this one, don't get me wrong, however, I am addressing something that was mentioned in the article.

Either way, I am voting for this article to make it to section level (not everyone cares about MAPS, RSS, RBL or ORBS).


---
... but then again, what do I know?

It's a temporary order, folks (3.25 / 4) (#60)
by pw201 on Sun Nov 19, 2000 at 07:29:49 AM EST

This isn't the end of the world. IANAL, but if I remember rightly the point of orders like this is to prevent further damage to someone (in this case, the spammer) while the law considers what to do about the case. It doesn't mean the spammers have won outright.

One thing I've not seen anyone mention is whether MAPS actually has to comply with this ruling. I don't understand USA law well enough to know this: it the judge in the same state as MAPS, or does that not matter? I can see that MAPS may want to comply anyway so they get their day in court without the judge already holding them in contempt, as it were.



my opinions (3.71 / 7) (#63)
by hany on Sun Nov 19, 2000 at 09:50:17 AM EST

1) MAPS

MAPS should be operated as "it is my database, it is my choice and only my choise on what I put in and who TF are you tell me to whom I can't give access to my database".

2) right to sent someone e-mail

Such right is riddiculous and does not exists (IMO). What does exists is MY right of what I let into my mailbox through my mail gate (or mailgate I'm renting from some service provider).

So every reasonable judge should throw away every suit "they refused to recive e-mail from us" against private person or privat business (but not suits of citizens against govermnent agencies in case of GAs refusing to accept e-mail to addresses know to be for public posting such as 'complaints@president.gov' of course).

Who the hell give those bulk mailing entities right to use my internet connection, my mailing equipment, my disk storage to waste my time without my permission?!?!


hany


Tresspassing (none / 0) (#95)
by J'raxis on Mon Nov 20, 2000 at 10:23:31 AM EST

Simply put, spamming is akin to tresspassing. Sending me email without my permission is akin to tresspassing on my property.

Spammers complaining because "They refused to receive email from us" is as rediculous as a telemarketer complaining because I hung up on them or TV advertisers complaining because I changed the channel.

-- The Antispamming Raxis

[ J’raxis·Com | Liberty in your lifetime ]
[ Parent ]

Are Exactis really spammers? (2.75 / 4) (#64)
by squigly on Sun Nov 19, 2000 at 11:34:20 AM EST

I had a look at their web site. I was kind of surprised to find that it was reasonable sensibly designed. If they were spammers then surely they would be using the <h1>, and <font> tags as much as possible.

But they do seem to have a reasonable policy. It isn't double opt in, but it is easy opt out. It does claim to be opt in only. It doesn't vclaim not to spam. Okay, I'd prefer not to receive any email from them ever, and I realise that someone could sign me up to irritate, but putting them on the same list as corporations that harvest usenet, and the web for email addresses, or unsecured mail servers just seems a little excessive.

What really concerns me however is that there is no choice. You get MAPS, nothing, or the hassle of fiddling with the db yourself. Why is there so little choice?

--
People who sig other people have nothing intelligent to say for themselves - anonimouse
It doesn't matter if Exactis are spammers or not. (4.50 / 2) (#89)
by Skapare on Mon Nov 20, 2000 at 03:09:15 AM EST

The MAPS policy, I believe, requires double opt-in. Since we all have the option to NOT use MAPS (and I do NOT use MAPS), I believe the judge's ruling is totally inappropriate. MAPS does NOT prevent ANYONE from receiving mail from Exactis or 24/7 Media if they want to get it. If your ISP uses MAPS and you don't like it, YOU have a choice to change ISP. In the probably very rare case where you might not, the ruling should be on the ISP to not use MAPS, not for MAPS to not include Exactis. If I wanted to exclude all non-double-opt-in mailers, then I would use MAPS, and the judge's ruling is a denial of my right to elect to conduct my business freely.

Would you like a MAPS which allowed you to make discrete exceptions? That might be nice. Actually you can, just add entries in your DNS server to override parts. I think that will work.



[ Parent ]
More choice., More granularity (3.00 / 1) (#91)
by squigly on Mon Nov 20, 2000 at 03:46:48 AM EST

I realise this. But All or Nothing isn't a good choice. Manually figuring out which ones I don't have a problem with is also a nuisance. I don't disagree with MAPS in principle. I do feel that others should produce lists that are more or less harsh. Does the system allow a different database? I'm sure it does, but why can't more people produce databases?

Of course if I really cared enough, I'd make one. I don't.

The judges ruling is only temporary. If Exactis are proved right (I don't think they will be, but the court has to decide) then this would have cost exactis money.

--
People who sig other people have nothing intelligent to say for themselves - anonimouse
[ Parent ]
"Double Opt-in?" (none / 0) (#107)
by Arker on Fri Nov 24, 2000 at 11:41:37 AM EST

That's spammer-talk, an attempt to sway opinions by deceptive phrasing.

What MAPS wants to see is confirmed opt-in. There is nothing double about it - there are ways to confirm the identity of the requestor in a single step.

In a system that lacks confirmation, not only can someone else use it to harrass you - the spammer himself can do exactly what the spammers that admit to being spammers do. He can harvest random addresses and add them to his list anonymously. Many do. It's just shoddy at best, and a con at worst.



[ Parent ]
I'd rather have spam than physical junk mail. (3.25 / 4) (#73)
by Perianwyr on Sun Nov 19, 2000 at 03:29:20 PM EST

I'd rather have neither, actually- but in the grand scheme of things, if paper-based direct marketing that wasn't directly opted into (and that would not cease immediately upon request) was banned tomorrow, we'd be a lot happier. If you delete spam, it's deleted. It isn't just another piece of another tree thrown into a landfill. Electronic marketing is nice for one good reason- while it may be too cheap for someone to get a hold of you, it's also very easy to destroy what's sent to you utterly. I've been trying to get off of Dell's mailing list for almost a year now- they send me two different catalogs, and way too often. These are not single pieces of paper- these are glossy multipage catalogs. And they become trash immediately, because if I was merely ambivalent about getting something from Dell before, I just won't buy anything through their catalog now for that very reason. Waste of their money, waste of my time, and waste of the landfill space that belongs to both of us. Now, if it were just a simple matter of being on Dell's email promotions list (which amusingly I am not) it would be simple enough to just kill the messages as they come in. Gone, destroyed, literally recycled into component storage space. Paper based marketing makes that an impossibility.

Not much spam? (3.00 / 1) (#94)
by J'raxis on Mon Nov 20, 2000 at 10:18:28 AM EST

I don't think you get as much spam as some of us. I've gotten up to 30 spams a day (averaging around 7-15 daily) whereas I might get 1-2 real emails a day.

The spam not only takes time to download but has on more than one occasion locked up my email client due to about 40 inline images in their godawfully-written HTML email. The images themselves take even more time to download (about the same time as hitting a banner cesspool such as Deja.com or some other portal).

It may only be a few minutes but it's a few minutes everytime I sign on to the internet to go and do something and instead spend time cleaning up someone else's mess on my computer.

As for paper mail, which I rarely use anyway, it takes me all of 1 second to trash the 2-3 junk mails I get a day. Spam mail of the type that I seem to receive usually entails deleting mail, attachments (if the images were sent along with the mail), and files from a couple temp directories (if they were inline and downloaded from a server). It's a pain in the ass to go around my hard drive and clean up a mess some asshole decided to spew at me without my permission.

-- The Antispamming Raxis

[ J’raxis·Com | Liberty in your lifetime ]
[ Parent ]

I'd rather have spam than physical junk mail. (3.00 / 1) (#103)
by thejeff on Tue Nov 21, 2000 at 08:11:23 AM EST

That's a hard call. Physical junk mail is environmentally worse of course, but the real difference between the two is that physical junk mail is paid for by the sender, spam is not. They pay the cost for an account to send from etc, but increase in bandwidth, disk space on mailservers etc is mainly paid by ISPs. Not the ISP that it's sent through, but the target's ISP. This cost is passed on to you of course. So you don't mind the time spent deleting spam, do you mind paying for the privilege? (This is of course much worse, but more obvious, in areas where people have to pay per minute to connect.)

thejeff

[ Parent ]

On the other hand... (none / 0) (#104)
by dorward on Tue Nov 21, 2000 at 08:45:33 AM EST

Spam has a nasty tendancy to use up bandwidth, this may not be important, but lots of people do not have the luxury of unmetered Internet access (Up until a month ago I was one of them), and others just don't have much bandwidth anyway, (Sharing a 56k modem between ten users, the lengths sutdents will go to to save a few pounds). This means that either you end up paying to recieve the spam, or you wait for quite sometime as the email slowly arrives in your mail spool.

Paper junk mail is wasteful, but you don't have to pay for it. If the company doesn't get the hint then you can stick a label on it "Unknown, return to sender" and drop it in the postbox (in the UK at least, I don't know if other countries allow free returns).

(/me grings, having noticed the spam warning on the comment submission screen)

[ Parent ]
You don't understand the severity (none / 0) (#105)
by job on Wed Nov 22, 2000 at 07:38:57 AM EST

I live in Sweden (northern Europe). In my paper mail I never receive advertisements for lawyers in California. Neither am I offered services to import a wife from Russia. I am actually offended by some of the things I receive in my e-mail.

On my primary e-mail account I don't receive more than perhaps 10 unsolicted mails per day. This is not more than I can browse the subjects and delete them without having to actually read them. The problem here is that the number is growing. It has been growing gradually, faster and faster. What will the situation look like in 5 years?



[ Parent ]
Traceable addresses? (3.75 / 4) (#74)
by knarf on Sun Nov 19, 2000 at 03:37:26 PM EST

One of the things I've been doing to reduce the amount of crap in my mailbox is create separate mail-addresses for each and every commercial and public entity I deal with. If kuro5hin were a commercial entity, I'd create an alias like 'k5-frank' (or something like that), point it to my real username, and add it to my list of personal aliases. This gives me two advantages:

- I can disable the address if/when it is picked up by spammers
- I can trace the 'spam infection' back to a single community/group/company, and deal with them in an appropriate way...

I also have several 'honeypot' addresses, which I never use in real life. They are only given to companies which claim to remove me from spam lists, opt-out services, etc. As soon as spam arrives on one of those addresses, I have 'proof' that the company is lying, I can disable the address and haul them to court/slashdot/whereever...

Anyone else doing something like this?

"Traceable addresses" == Sneakemail.com (5.00 / 2) (#87)
by KMS on Mon Nov 20, 2000 at 01:07:02 AM EST

>Anyone else doing something like this?

Yes, we did it so often we made an online service that does it for us. Sneakemail

[ Parent ]
Lawsuits are not necessarily cause for concern (2.75 / 4) (#84)
by er333 on Sun Nov 19, 2000 at 10:20:14 PM EST

Actually, MAPS has been eagerly awaiting the filing of lawsuits against them. It is their chance to prove their approach perfectly legal in court. They are so confident they can win, they have been posting a "How to sue MAPS" page on their site.

MAPS Suits (3.33 / 3) (#92)
by acestus on Mon Nov 20, 2000 at 07:24:39 AM EST

I think that the author knew this. He wrote:
MAPS used to laugh off any idea of litigation; they even had a How to Sue Us section on their website. However the recent judgement in favour of Exactis, where the judge claimed MAPS was irresponsible in including Exactis is worrying. It came close with the Harris Interactive case but this is potentially worse.
I think the point, there, is that they have been eagerly awaiting lawsuits, but now they're losing them. RTFA.

Acestus
This is not an exit.
[ Parent ]
postmaster (2.50 / 2) (#86)
by enterfornone on Sun Nov 19, 2000 at 11:57:00 PM EST

Actually my ISP was never blocked AFAIK. We actually used MAPS (or was it ORBS, one of them), not my decision of course, I was just a bob. But tech support were the ones that had to deal with it.

We would find that we were blocking someone when our customers told us their customers were unable to get through to them. Our postmaster would basically say "yeah, we're blocking them, tell them to close their relay", this dispite the official line to customers "we don't censor your incoming mail in any way".

Upon informing the ISP in question (via their postmaster address) we are usually informed that this was the firdt they heard about it (of course they could be lying, or they could have dismissed the notification as spam).

Do spammers even use open relays anymore? It's so easy to get a webmail account I can't see why they would bother.

--
efn 26/m/syd
Will sponsor new accounts for porn.
the most disgusting kind of spam... (3.25 / 4) (#101)
by janra on Mon Nov 20, 2000 at 02:53:12 PM EST

is the kind that advertises to spammers. I just got one today (the university must have some good spam filters, because I rarely get spam) that advertised excite.com as a safe haven for spammers to host their website. Not even 'marketers' but straight up 'you have had your websites shut down many times because of complaints about spam - come host your site here, we won't shut you down'.

Is excite.com now in the business of hosting spammers, or was the whole ad just a forgery...
--
Discuss the art and craft of writing
That's the problem with world domination... Nobody is willing to wait for it anymore, work slowly towards it, drink more and enjoy the ride more.

stopping spam... (2.00 / 1) (#106)
by mstevens on Fri Nov 24, 2000 at 07:36:23 AM EST

I've become convinced the only real way to stop spam would be to give up on the internet. Form a new network (mail2?) tunnelled on top of existing systems, and restrict access using contractual agreements. Only accept mail from this network.

Yes, I know it's throwing the baby out with the bathwater, but I really can't see anything else that can be made to work...



Spam, spam, spam - Is it unstoppable? | 108 comments (103 topical, 5 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!