Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Paul Graham Describes Dangers of Spam Blacklists

CmdrTaco posted more than 9 years ago | from the what-we're-stuck-with dept.

Spam 611

CRoby writes "Paul Graham posted an essay describing the danger and corruption of the main spammer blacklists today. It discusses MAPS and the SBL, the blacklist created to try to alleviate the abuses of MAPS, and suggests (maybe) another blacklist's creation."

cancel ×

611 comments

Sorry! There are no comments related to the filter you selected.

In soviet russia (-1)

Anonymous Coward | more than 9 years ago | (#12834770)

Spam blacklists you.

Re:In soviet russia (2, Funny)

TeacherOfHeroes (892498) | more than 9 years ago | (#12834790)

In Soviet Russia; old, tired, worn-out joke tells you

Really!? (2)

Alaren (682568) | more than 9 years ago | (#12834909)

Forget CAN-SPAM, let's bring back Soviet Russia! If I could get blacklisted by all the spammers in Russia...

...well, that would just be super.

$article_title by $blowhard (4, Funny)

Neil Blender (555885) | more than 9 years ago | (#12834783)

$idea will not help cut down on spam. In fact, it is detrimental. This has been know for $num_years years, but I feel I must prove that I am really smart by writing an article about it.

Re:$article_title by $blowhard (-1, Troll)

Anonymous Coward | more than 9 years ago | (#12834860)

if (blowhard == "Paul Graham") {
"My " + smart_friends[] + " tell me this, so it must be true, and therefore, anyone who does the opposite is stupid! lisp rocks!";
}

Re:$article_title by $blowhard (0)

2names (531755) | more than 9 years ago | (#12835089)

Very funny sschtuff, man.

Somehow, I think the guy thought it said "blackfist"

yoyo (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12834784)

yoyoy biaaatch!

Definitely a bad idea... (3, Informative)

nev4 (721804) | more than 9 years ago | (#12834785)

We've been blacklisted before and the sysadmins who run these things often WILL NOT remove you, no matter what. I'd take all the SPAM anyday vs. not being able to send legitimate emails.

Re:Definitely a bad idea... (0)

Triumph The Insult C (586706) | more than 9 years ago | (#12834806)

then don't use MAPS or SBL on your mail servers. you will get all of the spam

Re:Definitely a bad idea... (3, Informative)

Anonymous Coward | more than 9 years ago | (#12834864)

You really don't get it.

The point isn't *me* using MAPS/SBL. The point is that others use it, thinking it makes a difference. Your netblock (that is, your ISPs netblock, or your ISPs ISPs netblock, etc) gets included in that list and *bang* you're a casualty of war.

Get it yet?

Re:Definitely a bad idea... (0, Troll)

Triumph The Insult C (586706) | more than 9 years ago | (#12834886)

Yes, I do get it. I have.

What I do is get a new ISP that doesn't allow spammers.

Simple. Problem resolved.

Re:Definitely a bad idea... (1)

Skye16 (685048) | more than 9 years ago | (#12834973)

Wow. You have multiple choices of ISPs? I have 3, and one is AOL.

Must be nice for you. :(

Re:Definitely a bad idea... (1, Flamebait)

Neil Blender (555885) | more than 9 years ago | (#12835009)

Gee whiz. That's great for you and your little PHP blog that you use to write stories about your cat and host pictures of last week's bbq. However, that is not such a simple solution to someone who has 6 cabinets packed floor to ceiling with 1Us.

Re:Definitely a bad idea... (2, Informative)

hawkbug (94280) | more than 9 years ago | (#12835093)

Right on - a company can't simply get out of an ISP contract for a lot of reasons. Technical reasons aside, imagine getting out of a 3 yr contract after 2 months. It's not going to happen.

Re:Definitely a bad idea... (2, Insightful)

Seumas (6865) | more than 9 years ago | (#12835067)

Oh, NEAT. So you can afford the downtime of a service/site that must be available 99.999% of the time to find and move to another colo provider and deal with weeks of inavailability inbetween (due to the SBL block) every time SBL decides to block a slew of subnets around you just because some jerkoff decided to spam from it?

I'm glad you're so flexible. In the real world, most of us aren't.

Re:Definitely a bad idea... (1)

jdhutchins (559010) | more than 9 years ago | (#12835100)


What I do is get a new ISP that doesn't allow spammers.


Your ISP may not allow spammers, but it really can't do a whole lot to stop every zombie before it sends any spam. A zombie from your ISP can send a couple of spams, and that could cause your entire ISP to get blacklisted. Your ISP doens't have to allow spammers for it to get blacklisted.

Re:Definitely a bad idea... (1)

lawpoop (604919) | more than 9 years ago | (#12834876)

Does this blacklist have a name?

Re:Definitely a bad idea... (5, Insightful)

Vainglorious Coward (267452) | more than 9 years ago | (#12834919)

I'd take all the SPAM anyday vs. not being able to send legitimate emails.

Except that blocklists don't stop you sending email, they merely allow others to decide whether to accept that mail. Or do you think other people should be forced to accept any and every email you send?

Wrong (3, Insightful)

autopr0n (534291) | more than 9 years ago | (#12835042)

What they do is allow others to block email between two diffrent people, simply because they run the mail servers that sit between them. If it was only individual users who were using these blocklists, it would be a diffrent issue. But it's not.

Re:Definitely a bad idea... (1)

Singletoned (619322) | more than 9 years ago | (#12835080)

"Except that blocklists don't stop you sending email, they merely allow others to decide whether to accept that mail. Or do you think other people should be forced to accept any and every email you send?"

Well, someone didn't RTFA.

The whole article is about blacklists that stopped people from sending mail, and the grandparent has a very good point.

Re:Definitely a bad idea... (1)

Vainglorious Coward (267452) | more than 9 years ago | (#12835135)

Well, someone didn't RTFA.

More like someone (ie you) RTFA but didn't understand it. Blocklists do not stop people sending. They are used on the receiving side. Receivers choose whether to use them or not. Of course, receivers need to understand the implications of that, and in particular, they need to understand what the policies of the particular list(s) are (and indeed, whether they have changed - Spamcop is a good example there).

Re:Definitely a bad idea... (5, Insightful)

Seumas (6865) | more than 9 years ago | (#12834927)

John Reid of the SBL told me this wasn't true-- that the SBL was still clean, and that they only blacklisted hosting companies' mail servers when they were spam hosts who took on innocent users as camouflage:

He is right. That definitely is NOT how SBL actually operates. I have a site that is heavily trafficked (millions per month) and they blocked my email (from my own personal server) that has delivered mail for my site for seven years with absolutely no outgoing spam or relaying having ever occurred in its entire life.

However, a spammer with false credentials faked his way into a hosting account with my colo provider and as a result, SBL blocked multiple entire submnets, rendering my entire site and service useless for almost an entire month (we deal with auctions, meaning nobody was getting closed notices, won notices, outbid notices, addresses to send payment, registration emails, lost password emails - and when they complained, I couldn't respond to help them and explain it to them).

SBL couldn't have cared less. As far as they are concerned, if one IP is a source of spam, they all are. And they'll get to fixing it in their own damn sweet time.

But the defense of SBL fan-boys is typically "well it's VOLUNTARY!".

Yeah. Whatever. Fuck off.

Get real. (1)

bananasfalklands (826472) | more than 9 years ago | (#12835116)

If your buying on the cheapest isp connectivity then jolly good for you.

But I, and my company have no quams with blocklists. Yes I also block Korea, and China

Any **sane** email admin person will know that some isps just love the money - I do not yet love spam.

Blocklists work for the cluefull. When you isp responds to spam compliants then I will accept you email - if everybody else gets the idea to locally block (even worse than a bl), or use a blocklist then that is not our fault. We block, the bl only provides a list, which i could (should i want to want to white list)

We are based in europe. American law (can-spam) does not apply so do not think that list you bought is to american citizens only. So dont believe your list (spammer) provider. If i really do have a desire for Viagra - im really sure that i can get it, and no you do not you have to spam me.

So that email address list that you bought this year but was harvested from 1997 does not exist is that my problem no. its yours. If your isp is too greedy and feel that it is ok to ignore my spam reports why is that not an issue to us?.

When your isp considers the report then I might change but until say chinanet do not give a stuff except for the money do yourseleves a favour Change isps end of matter.

A few comments (4, Informative)

alanw (1822) | more than 9 years ago | (#12834789)

From Paul Graham's original article http://paulgraham.com/spamhausblacklist.html [paulgraham.com]
any filter relying on the SBL is now marking email with the url "paulgraham.com" as spam
The primary use of the SBL is to allow sysadmins to refuse e-mail coming from listed IP addresses. The mail should be rejected during the SMTP header conversation, and the senders of genuine (non-spam and non-virus) e-mails will receive a non-delivery report from their outgoing MTA.

I assume that what Paul Graham is complaining about must be SpamAssassin, or some other content filter, applying a score to articles containing URLs, which when looked up in DNS resolve to listed IP addresses. This is much less acceptable, since the sender has no way to know that their e-mail may have been classified as spam.

The details of the listing can be found at http://www.spamhaus.org/sbl/sbl.lasso?query=SBL279 45 [spamhaus.org] . This is a /32 - i.e. a single IP address. I don't know why Paul Graham's web site (which has that IP address) has been associated with textileshop.com, which has a completely different IP address.

The other Yahoo listing on the SBL is also a /32.

I also note in another of Paul Graham's articles http://paulgraham.com/sblbad.html [paulgraham.com] he claims

The most notorious example is the MAPS RBL
As any fule kno, the most notorious spam blacklist is SPEWS. ~

Re:A few comments (1)

slavemowgli (585321) | more than 9 years ago | (#12834883)

As any fule kno, the most notorious spam blacklist is SPEWS.

ORBS, and its later reincarnation, ORBZ, also weren't exactly the nicest players on the field. I remember one incident where I couldn't send email to someone from a GMX [gmx.net] account, because GMX - a webmail provider not unlike Hotmail etc., with several million users - had ended up on their blacklists (I'm not sure anymore whether it was ORBS or ORBZ at the point that happened, but it matters little, anyway).

This article [isp-planet.com] on the death of ORBZ has some more interesting points regarding the controversy surrounding these lists.

What IP is the originating mail from? (2, Informative)

isn't my name (514234) | more than 9 years ago | (#12834934)

# dig paulgraham.com MX

; <<>> DiG 9.2.4 <<>> paulgraham.com MX
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53349
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;paulgraham.com. IN MX

;; ANSWER SECTION:
paulgraham.com. 3600 IN MX 10 milter1.store.vip.sc5.yahoo.com.

;; AUTHORITY SECTION:
paulgraham.com. 3600 IN NS st-ns1.yahoo.com.
paulgraham.com. 3600 IN NS st-ns2.yahoo.com.

;; ADDITIONAL SECTION:
st-ns1.yahoo.com. 154169 IN A 216.136.225.202
st-ns2.yahoo.com. 134882 IN A 216.136.225.203

;; Query time: 228 msec
;; SERVER: 192.168.1.23#53(192.168.1.23)
;; WHEN: Thu Jun 16 14:30:43 2005
;; MSG SIZE rcvd: 150
Looking up the IP for his mail server, we get:
# nslookup milter1.store.vip.sc5.yahoo.com

Non-authoritati ve answer:
Name: milter1.store.vip.sc5.yahoo.com
Address: 216.136.232.238
A Multi-RBL check on that IP [rbls.org] shows absolutely no black-listing in any of the many RBLs.

Is it possible that it's his outgoing cable-modem IP address that is the problem?

Is it, as the parent suggests, spam-assasin filtering?

I'm more than happy to get on the wagon of unresponsive RBLs. The only way they can actually get the response they want is if cleaning up your act results in de-listing.

However, Mr. Graham makes some big claims with nothing to back it up--and attempting to investigate on your own shows that his claims don't seem to check out.

Re:A few comments (3, Informative)

mercuryresearch (680293) | more than 9 years ago | (#12835030)

Seeing as how this exact situation happened to me this week, I can provide some light on the /32 IP address issue.

In my case, I moved a server to a new colo facility. Most facilities have an IP block, and you get assigned an IP from it. Six months or a year ago that IP might have belonged to someone else. For me, it turned out in February a spammer installed a server at the colo, spammed from that server for a single day before the colo ISP turned them off. That IP got listed in Spamhaus; in the beginning of June I was assigned that IP.

So, I ended up with a Spamhaus listing for my mail server's IP address -- and _I_ can't get it removed. Spamhaus expects the colo operator to contact them (which they did on my request) but even there, if the blacklist operator doesn't like the ISP/colo people, they can ignore the request.

Fortunately Spamhaus listened and I got the record for my IP removed. But this showed me it was trivial for a non-spammer to inherit a blacklisted IP. I've added doing DNSBL checks on colo-assigned IP addresses for future moves to prevent any future issues.

Paul is just pissed because... (3, Informative)

SSpade (549608) | more than 9 years ago | (#12834793)

...his website is hosted on the same IP address as a spammer (textileshop.com) was on yesterday, and because of that he's seeing some of his mail blocked.

There's certainly a need for thoughtful and hopefully positive criticism of blacklist behaviour. This article is not it.

Whiskey. Tango. Foxtrot. Over. (5, Insightful)

Skye16 (685048) | more than 9 years ago | (#12834840)

So...it's okay if he goes to Federal Pound-Him-In-The-Ass penitentiary just because he rented a car from a place that also rented a car to a crack dealer?

Huh?

Sorry, but that's still bullshit. He states it clearly in his article: You can't screw over innocents just to make the guilty pay. Does the your government put a neighbor family through torture just because you got a parking ticket? No. It's YOUR fault and YOU should be punished. Not some innocent bystander.

Re:Whiskey. Tango. Foxtrot. Over. (1)

Cylix (55374) | more than 9 years ago | (#12834882)

In the age of the internet...

It's not like it's difficult to register a domain. With cars... it's a little more expensive and there are several registriations that take place.

So two discern two cars in a particular rental agency is not the same as two domains on the same ip/subnet.

Your comparison is fundamentally flawed.

Re:Whiskey. Tango. Foxtrot. Over. (1)

Skye16 (685048) | more than 9 years ago | (#12834902)

Not in the slightest. You're basically saying "It's too hard otherwise". I'm basically saying "That's too goddam bad". You can't fuck over those who are innocent just to punish those who are guilty. If that means you can't win, then fine, you can't win. Deal with it.

Or, of course, you can keep doing it, but you're still a prick. (General you, not specific you - I don't know you, so I wouldn't dare make that claim right off the bat :] )

Re:Whiskey. Tango. Foxtrot. Over. (1)

Detritus (11846) | more than 9 years ago | (#12835098)

If you sleep with dogs, you get fleas.

If you hang out with crack dealers, you run a much higher risk of getting arrested or shot. Collateral damage is a fact of life.

Re:Paul is just pissed because... (2, Insightful)

DikSeaCup (767041) | more than 9 years ago | (#12834887)

Is he making an accusation that Spamhaus isn't taking the IP off of the SBL? If so, maybe it's because they won't accept his word in the matter, only the word of the people who actually admin the box. Too bad - *I* wouldn't accept the word of a hosted person that the spammer is gone, only the word of the *hoster*, who, if he ends up lying, should rightfully end up with a more permanent ban. Yeah, this sucks for the hosted people, but hey - move your site. Your hoster sucks and doesn't deserve your business.


Or maybe he needs to realize that it can take some time for stuff to happen. I know so many folks who have become accustomed to immediate feedback.


Anyone know anybody who has something to do with Spamhaus? From what I understood, they were anti-spam pitbulls (this is not always a bad thing) but were also rather good at avoiding false blocks ...

Re:Paul is just pissed because... (3, Informative)

SSpade (549608) | more than 9 years ago | (#12834950)

Actually the IP address that's listed is store.yahoo.com.

Yahoo hosting is riddled with spammers, and store.yahoo.com is where most of them live, and where they accept credit cards for their purchases.

The SBL lists IP addresses that are involved in spam. 66.163.161.45 is involved in a lot of spam. It's not been removed from the SBL because, well, it's still actively being used by spammers.

Because countless spammers register domains on a daily basis, yet point them at the same IP addresses some people choose to resolve the URLs in incoming email and bounce the mail if any of them resolve to particularly filthy IP addresses.

66.163.161.45 is filthy. Blocking mail that has URLs pointing there will stop a fair amount of spam. Not an approach I'd use myself, but certainly a lot more effective (in terms of spam caugh and false positives) than many, many other approaches in widespread use.

Paul chose to host his website there, despite supposedly knowing a lot about the spam issue. That was probably not a good call.

Re:Paul is just pissed because... (1)

Joe U (443617) | more than 9 years ago | (#12834997)

So, the best way to ruin the SBL is to get some $10 domains from every hosting service you can and spam from them, then repeat in 2 weeks.

Everyone gets a "more permanent ban" and the SBL is now worthless.

Re:Paul is just pissed because... (1)

SpeedyG5 (762403) | more than 9 years ago | (#12834899)

what paul seems to be oblivious to, is "spam friendly" ISP's. There are a ton of them out there. They do nothing to stop these folks and in fact work to help them, additionally some businesses become ISP's so they can facilitate there Spam Activities. These folks offer cheap hosting to people like Paul who don't really care who they do business with as long as its cheap. Then they wanna whine about it when they are shown to have made a bad choice. Blacklists can be effective, peronally I would like to see a system based on a trusted whilelist, but you'll only get a bunch of whining spammers complaining about that!

Re:Paul is just pissed because... (1)

l2718 (514756) | more than 9 years ago | (#12834984)

...his website is hosted on the same IP address as a spammer (textileshop.com) was on yesterday

I'd say this neatly demonstrates the problem with blacklists. I agree that the style is marred by the emotional state of the author, but then it's an essay on the guy's personal page.

If you want some analysis, start with a personal exmample of mine: an ISP in Israel my parents used to use would occasionally get blacklisted. Since I'm behind company-level spam filtering there was nothing I could do about it (no personal white lists).

What went wrong? The problem is exactly that not all mail from a domain/ip address is spam, and yet MAPS/SBL only give you 1 bit of information: in the list or not in the list. This bit can be very useful as an ingredit of a Bayesian filter (certainly mail coming from that ISP is more likely to be spam than mail coming from whitehouse.gov). However, letting that bit dictate the classification of messages by itself is probably not a good approximation to the true correlation between the two events "mail was sent from domain in the SBL list" and "mail is spam".

Vigilante it ain't (4, Insightful)

Rosco P. Coltrane (209368) | more than 9 years ago | (#12834805)

The problem was, as vigilantes so often do, the guys at MAPS got carried away

For some reason, journalists keep calling blackmail lists "vigilantes". But there's something they don't understand: nobody forces email system administrators to use those lists.

These lists are provided by people for free. They decide to list bad email servers, but they may as well include any server they want. After all, who's to force them to provide quality of service?

The real problem, of course, is that blacklists are needed in the first place. If ISPs did their jobs a little better (aol, hotmail and the likes), the amount of spam would already decrease significantly. And don't speak to me about chinese ISPs, since most spam comes from the US.

Re:Vigilante it ain't (1)

danheskett (178529) | more than 9 years ago | (#12834849)

AOL actually does a good job filtering SPAM. I can't imagine AOL being used to send any significant amount of SPAM at this point, and it does a fine job of filtering incoming SPAM.

Re:Vigilante it ain't (1)

Rosco P. Coltrane (209368) | more than 9 years ago | (#12834853)

blackmail lists

I meant blacklists of course...

Re:Vigilante it ain't (4, Insightful)

Maestro4k (707634) | more than 9 years ago | (#12834924)

For some reason, journalists keep calling blackmail lists "vigilantes". But there's something they don't understand: nobody forces email system administrators to use those lists.
No, but the non-spamming sites that end up on it would certainly disagree with you, they didn't do anything to merit the block.

You seem to be confused about what a vigilante is, dictionary.com gives me this: "One who takes or advocates the taking of law enforcement into one's own hands." Note it doesn't say anything about them forcing others to agree with their views or take part in them. If you decide to take legal actions in your own hands, then you are, by definition, a vigilante. So it does apply here, just because they don't force anyone to use their lists doesn't change that.

These lists are provided by people for free. They decide to list bad email servers, but they may as well include any server they want. After all, who's to force them to provide quality of service?
TFA's point was that these lists start out listing just IPs/hosts/sites they know are sending spam, then later the power corrupts ("power corrupts, absolute power corrupts absolutely") them and they start using the power they've gained by their blacklist being used by many people to start trying to force ISPs to comply with them by blocking bunches of innocents at the same ISP. That indeed has happened, although I'm really not sure if it's happened here or not. The risk of it occuring is pretty high, humans are, after all, only human and it's hard to resist that temptation, especially when you're a strong enough anti-spam advocate to run a blacklist.
The real problem, of course, is that blacklists are needed in the first place. If ISPs did their jobs a little better (aol, hotmail and the likes), the amount of spam would already decrease significantly. And don't speak to me about chinese ISPs, since most spam comes from the US.
The real problem is human nature in all of this. In spam existing in the first place (greed), in ISPs not blocking things they should (laziness, lack of knowledge or time), in people actually buying from spam (greed (getting something cheaper than legal means would allow), sexual desire (gotta have a longer penis!) or just simply a criminal desire to purchase illegal goods (prescription drugs for example)) as well as humans becoming corrupted by power when their blacklists get to be popular.

So basically if we can solve how to get people to stop being, well, people and giving in to baser instincts we can stop spam. Of course we'd also stop crimes of all sorts as well and we've not managed that in hundreds of years so I'm not holding my breath for it to happen.

Re:Vigilante it ain't (3, Insightful)

hesiod (111176) | more than 9 years ago | (#12835122)

> If you decide to take legal actions in your own hands, then you are, by definition, a vigilante

What law enforcement activities do the blacklists take into their own hands?

Re:smart you ain't (0)

Anonymous Coward | more than 9 years ago | (#12834938)

Spam is a crime (legally and ethically IMHO). Therefore spam blacklists could be considered vigilante operations.

I've seen small ISP's and web hosting companies with some of the most dedicated, proactive, and talented security officers fail to stop all if not a good chuck of out going spam from their networks. So saying "Oh ISP just need to do their jobs a little better!". Spam is big business on both side of the fence.

Lots of spam blacklists get drunk on their own power and DO make some bad calls. SPEWS in my opinion has been one of the worst to deal with. I can't say I trust any organization who is accountable to no one but themselves.

Calling a spade a spade (2, Insightful)

Valdrax (32670) | more than 9 years ago | (#12834993)

For some reason, journalists keep calling blackmail lists "vigilantes". But there's something they don't understand: nobody forces email system administrators to use those lists.

To be honest, I like his other analogy for blacklist maintainers -- terrorists. It's much truer to the point. Vigilante in my mind at least implies an attempt to go after the bad guys and protect the innocents thanks to the pop culture influence of TV, movies, and superhero comics.

This doesn't describe blacklist maintainers.

Blacklist maintainers are cynical, bitter, little men who care nothing for the people they hurt so long as they get a spammer. They deliberately target innocents in the hopes that the innocents will complain to the higher power to get rid of the things that bothers them. This leaves little to distinguish them from terrorists other than the fact that they don't kill people. Their deeds are less dark, but their tactics are the same as the Madrid bombers who hurt innocent people to push them to choose a government more favorable to their wishes.

Sure, nobody forces email admins to use those lists. Nobody forces people in the Middle East to contribute money to Hamas either. I don't care if you think you're funding hospitals and charity for Palestinians or if you think you're fighting to keep spam off the web -- you're paying to see people get hurt too. Stop it.

Re:Vigilante it ain't (2, Insightful)

Mike Markley (9536) | more than 9 years ago | (#12835109)

This argument is horseshit. It's been horseshit for years and it will always be horseshit. The blacklists exist for the sole purpose of allowing other people to block mail based on the data contained therein. The blacklist operators don't get off the hook for having some frickin' responsibility just because they're not holding a gun to anyone's head. They publish this information with precise knowledge of what it will be used for, so this argument is basically just the administrators trying to weasel out of personal responsibility for what they list.

In case you're wondering, I do use a couple of blacklists. I use them to reject mail, as intended. I like to think that the ones I use are operated by folks who take seriously the fact that people like me are using it for that purpose.

A Paradox? (3, Insightful)

LegendOfLink (574790) | more than 9 years ago | (#12834809)

A blacklist for a blacklist for a blacklist...

Personally, I find the need to disable more and more RBL's, because today a user might come thru OK, tomorrow, they're stuck in SORBS and considered a HIGH risk.

Re:A Paradox? (1)

smitty_one_each (243267) | more than 9 years ago | (#12834889)

Yep. Turtles all the way down.
I forsee a split between the www 'wild, wild, west' and private networks that you pay real cash money and have a smart card with certificates on it to play (or some variation on the military theme you see here [osd.mil] ), just so the wheat is available, and you can surf the chaff if you want to.
One wonders if some marketing twit won't tie these ideas to IPv6, as a forcing function to sell that technology to an otherwise indifferent market.

Not like people get all radical about it... (4, Interesting)

dmorin (25609) | more than 9 years ago | (#12834824)

Actual quote I have heard on the subject of spam blacklists: "I don't care that you're not a spammer. Your ISP allows spammers in their midst and therefore you all go on the list. Get a new ISP."

Oh, ok. Nothing like over reacting a bit.

Re:Not like people get all radical about it... (4, Interesting)

Uruk (4907) | more than 9 years ago | (#12835099)

No, the principle is that if ISPs know that this kind of overreaction will occur, they will make quite sure that they don't have spammers in their midst. In essence, it's an attempt to incentivize ISPs to police themselves.

What's the alternative? Having some centralized, international spam cop whose job it is to clean up every ISP on the planet? If ISPs get a completely free pass on spam and don't have to care whether their subscribers are abusing other people or not, where is their incentive to prevent the abuse? The way you avoid the tragedy of the commons is by getting people to see their individual stake in the issue.

Certainly the quote that you're pointing out isn't the most diplomatic or effective way of putting it, and I doubt this kind of thinking is behind that quote - it probably is the knee-jerk reaction that you're identifying it for. Still, the idea might have some merit.

today? (2, Interesting)

BitwiseX (300405) | more than 9 years ago | (#12834826)

an essay describing the danger and corruption of the main spammer blacklists today.

today? Articles linked are from 2000 and 2002!

I don't know how many times you can use the word "vigilante" in one article :/ Vigilante is a very strong word IMO.

Re:today? (1)

suitepotato (863945) | more than 9 years ago | (#12835040)

Which only means we need Paul Kersey (Chuck Bronson) to go out and deal with the spammers. For the squeamish, our vigilante can use humiliation instead, like tranquilizing them, stripping them down and painting them pink and blue and putting them on a 3am bus to Grand Rapids. I'd of course prefer something stronger like repeated tasering...

Re:today? (3, Interesting)

Joe U (443617) | more than 9 years ago | (#12835076)

"Vigilante is a very strong word "

You're right. The correct words are 'overreacting assholes'.

Most RBLs are run by assholes who have no concept of how to properly manage something as complex as a RBL.

And no, I've never been blocked by one and I weight RBL positives very low.

Language (-1, Offtopic)

Vainglorious Coward (267452) | more than 9 years ago | (#12834831)

I've always been a little uncomfortable with the underlying assumptions white=good, black=bad. I prefer to describe such lists as "blocklists" and "accept lists"

Yeah, yeah, very PC of me; go ahead, shoot me down. Sometimes, these things *do* matter, and individuals have to stand up and say so.

Re:Language (0, Offtopic)

PitaBred (632671) | more than 9 years ago | (#12834913)

Because white is the color of sunlight, generally regarded as pure, and black is the color many wounds turn when rotting and bad... I'm failing to see the problem?
Methinks you're finding ghosts because you feel like being oppressed.
Besides, isn't it african american, not black?

Re:Language (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12834951)

Last time I checked, the sun was yellow.

Re:Language (1, Offtopic)

Vainglorious Coward (267452) | more than 9 years ago | (#12834962)

Besides, isn't it african american, not black?

Who said anything about American?

On a practical level, "block list" and "accept list" are just much better descriptions of what such lists actually do.

Re:Language (1)

Vainglorious Coward (267452) | more than 9 years ago | (#12834987)

Would that be an editor that is modbombing this thread? I'd be flattered by the attention, if I had the slightest respect for them (-1 Flamebait)

Re:Language (0)

Anonymous Coward | more than 9 years ago | (#12835070)

Yes. Stop calling them blacklists. They're African American lists. :-)

Re:Language (0)

Anonymous Coward | more than 9 years ago | (#12835017)

>>I've always been a little uncomfortable with the underlying assumptions white=good, black=bad. I prefer to describe such lists as "blocklists" and "accept lists"

>>Yeah, yeah, very PC of me; go ahead, shoot me down. Sometimes, these things *do* matter, and individuals have to stand up and say so.

I think California has a law against this very thing. In fact, the words MASTER/SLAVE on an IDE drive or anywhere else is illegal in California government hardware.

Now "that's hot." (TM)

Pure and simple... (4, Insightful)

jellisky (211018) | more than 9 years ago | (#12834835)

I had the unfortunate "joy" of being blocked by some of these draconian blacklists. My sister requested some information from me for a trip that she has upcoming via my yahoo.com account. After it bounced from her ISP saying that I was sending it from a "spam-hosting" ISP, I sent it from my mac.com account. Same schtick. After a couple other choices, I finally got it sent from my .edu account.

Her ISP uses SpamBag for their blacklist. SpamBag? ScamBag is more like it.

No wonder my sister is disenchanted by email. Her yahoo account got spammed to no end, then she can't get emails from most of her friends since they get bounced back by her ISP's stupid blacklist.

Blacklists are fine and dandy in principle, but practice has shown them to be useless. IT managers, just drop them. They're more annoying than anything.

-Jellisky

Re:Pure and simple... (0, Troll)

Megor1 (621918) | more than 9 years ago | (#12834941)

Lol for fun look up the picture of the guy that runs spambag and then ask yourself if you want him telling you who can send you mail (It's a Jem)

Re:Pure and simple... (0)

Anonymous Coward | more than 9 years ago | (#12835112)

Look up the neck beard that runs BLARS.

Re:Pure and simple... (1)

NitroWolf (72977) | more than 9 years ago | (#12835012)

SpamBag is run by Sam Varshavchik, the author of Courier. A singularly most unpleasant and moronic individual.

I had the misfortune to cross his path a number of years ago about an issue with Courier I believe or something else, I can't quite recall, and I will never forget it. He is one of the most vitrolic, annoying, moronic individuals I have ever come across. I'm amazed he was able to produce something as nice as the Courier MTA package, but I guess idiot savants like him can do good things. It's just unfortunate he has the social skills of a diseased whore.

Anyone that uses SpamBag as their RBL is a dumbass in the extreem. Then again, anyone that uses ANY RBL as the final arbitrator of email delivery should be beaten to begin with.

Re:Pure and simple... (1, Interesting)

Anonymous Coward | more than 9 years ago | (#12835016)

Speaking of blacklists not working, the company I work for had an open relay. We discovered this when we started getting Blacklist replies one December. Management wouldn't do anything, because our admin wanted to spend $20k upgrading our server to fix the problem. By May our server would crash daily, usually with 10k messages in the queue.

The only reason we actually fixed the problem was because the boss couldn't get his email on the road (the server had crashed again). Incidentally, I was the only one available to actually do the fix, and I did it with Linux/qmail and an old box over the weekend. $0 spent.

Maybe if we had been blacklisted to the point of not being able to send any email, they would have paid more attention. Instead most of our mail was still going through, so we were allowed to be a menace to the net.

Exactly (1)

autopr0n (534291) | more than 9 years ago | (#12835090)

It's not so easy for people to "get a new ISP" on both sides of the blacklist. Blackhole proponents act like there totaly optional when there not. If your ISP decides to use a blackhole, there's really nothing you can do. You miss important email that you would have chosen to recive if you could have. But you can't, because some BOFH with a stick up his ass decided that fighting spam was more important then people talking to eachother.

As long as the individual user makes the choice on the client side, it's great. When it gets to be the admin making choices for the users, it's not.

Paul Graham's book (0, Offtopic)

pHatidic (163975) | more than 9 years ago | (#12834836)

I just finished his book Hackers and Painters last night, and I highly recommend it. It has given me a much better understanding of economics, and has made me understand the conservative economic point of view much better. Of course I am also in the process of starting a startup, which is exactly what Graham recommends as the fastest way to wealth (for the most talented 1%, but indulge me here for a bit), so I may be a bit biased. But I do this that it is worthwhile for everyone to read, both for the life/economic advice as well as his technical insight into programming languages. Of course you should give it to your boss to read after you finish with it, as it is really in large part to help non-nerds understand nerds.

Re:Paul Graham's book (1)

Brando_Calrisean (755640) | more than 9 years ago | (#12834900)

Of course you should give it to your boss to read after you finish with it, as it is really in large part to help non-nerds understand nerds.

Except that non-nerds aren't nerdy enough to read books about nerds.

Wholehearted Agreement (4, Insightful)

Alaren (682568) | more than 9 years ago | (#12834841)

I work in lower-level management for a major domain name registrar and a significant number of our tech support calls every day concern bounced emails. Between Spamhaus and our RBL, we bounce a lot of email.

Worst of all, many RBL's (including ours) pretty much block any dynamic IP pool as "dial-up zombie hell"--but a lot of these IPs get reallocated to broadband as DSL coverage grows, and we end up blocking genuine mail routers and SMTP relays instead.

We have a process for requesting the unblocking of an IP, but about 30% of the time the answer is "tough luck, pal. You (or your client who is trying to reach you) is blocked and we aren't unblocking you." There is no appeal process; if one of our admins decides not to unblock your IP or IP range, you can't reach any of our customers via email.

In short, these tools may block a lot of spam, but they also block a lot of legitimate communication. I think the appropriate metaphor is that RBLs are like tourniquets--viable for quick fixes, but eventually they do more damage than they prevent.

I'm sure this seemed like a good idea at the time. (1)

the_rajah (749499) | more than 9 years ago | (#12834843)

but five minutes later they should have recognized the likelihood of unintended consequences and looked for a better solution, much as our fine lawmakers always do....oh, wait....

Happens to all blacklists (1)

m50d (797211) | more than 9 years ago | (#12834847)

All blacklists get corrupted over time. On the other hand, new ones won't be very effective because they don't have enough spammers on them. You have to choose what false positive level is acceptable to you.

Pay and you get removed (4, Interesting)

tmk (712144) | more than 9 years ago | (#12834848)

I have found an interesting offer: pay 50 bucks and you are removed immediately from the spam list. Have a look here [uceprotect.net] .

Interesting: The company won't say who they are. [admins.ws] They say this was approved by local authorities, but this is bullshit. Local authorities can not brake federal law in Germany.

Re:Pay and you get removed (1)

Reverend528 (585549) | more than 9 years ago | (#12835059)

That's a great idea! There's certainly no incentive to be corrupt when they're only getting $50 to remove ISPs from the blacklist.

Oblig. Simpsons Reference (3, Funny)

Mr.Progressive (812475) | more than 9 years ago | (#12834852)

Blacklists have a structural flaw: there is no one to watch the watchers.

Lisa: If you're the police, who will police the police?
Homer: I 'unno, Coast Guard?

Who watches the Watchers? (3, Insightful)

redelm (54142) | more than 9 years ago | (#12834855)

... the Watched, of course! Ruel enforcement isn't a heirarchy but a loop.

Blocklists are made by people for others to use if they see fit. When they become unusable, they're no longer used. Personally, I use none. The cost to me of one false positive is greater than 1000 spams that leak through. No list is that good.

Re:Who watches the Watchers? (0)

Anonymous Coward | more than 9 years ago | (#12834974)

Ruel enforcement isn't a heirarchy but a loop.

Ruel dictoinaries help yuo write in inglish.

Dont quite understand (1)

jmkrtyuio (560488) | more than 9 years ago | (#12834856)

" This is, strictly speaking, terrorism: harming innnocent people as a way to pressure some central authority into doing what you want " -the harm is inflicted, often intentionaly, by those who CHOOSE to use a blocklist -Innocent is at best debatable " As of this writing, any filter relying on the SBL is now marking email with the url "paulgraham.com" as spam. Why? Because the guys at the SBL want to pressure Yahoo, where paulgraham.com is hosted, to delete the site of a company they believe is spamming. " I was under the distinct impression that the SBL is an IP blocklist. And I see absolutely no evidence here of motive. Merely his say so.

Paul Graham updates his blog (2, Insightful)

a7244270 (592043) | more than 9 years ago | (#12834874)

OK, so PG wrote some code in the past, and is generally a smart guy, and to be honest, I actually like his writing. I like it enough that I'll even read his stuff despite the fact that he uses an excessively narrow column width for his text which makes it very annoying to read. However, there are many blogs out there written by smart programmers, some with far, far, far more geek cred than PG.

Why exactly is this a Slashdot story ?

Been considering... (1)

danheskett (178529) | more than 9 years ago | (#12834880)

I've been considering going to a whitelist only system.. Everyone I know gets on a whitelist, and my personal website/webpage will have a CAPTCHA and a way to suggest your name onto my whitelist.

Pratical for me? Yes, but I wonder how well it would apply to other users.

*PLONK* (0)

Anonymous Coward | more than 9 years ago | (#12834894)

In 1997, a group of anti-spam vigilantes called MAPS started a blacklist of mail servers... This is, strictly speaking, terrorism


His other stuff on spam [paulgraham.com] also missed the mark.

Corruption does exist (1)

geekwithsoul (860466) | more than 9 years ago | (#12834906)

I work for an organization with ties to many different ISPs and I've heard many horror stories about large blocks of addresses getting blacklisted for the actions of a few, and when the ISP has either already gotten rid of the offending customer or tried to get incorrectly blacklisted blocks off the lists, they've been told "Pay me $xxxx and I'll remove you."

I guess some blacklist managers have not taken to heart the adage "With great power comes great responsibility." I'm also sure many users of the data these blacklists provide are not even aware of the practices of these folks.

There is a problem with blacklists (5, Insightful)

WebHostingGuy (825421) | more than 9 years ago | (#12834915)

We deal with this all the time. Leaving any IP on a blacklist for any period of time doesn't help. Most spammers nowdays spam and run. They unload from a hacked account through a broken formmail script or a zombie computer. After 36 hours they have dumped their million emails and moved on to another IP. Blacklists generally don't get this though. They just make a bigger and bigger list. The problem with this approach is that they already missed the spammer. One time we dealt with someone who was running a blacklist and when we asked why an IP was on the list they said because it spammed years ago. When we said we have controlled the IP for the past three years they said it doesn't matter. It's like give me a break...

The solution to blacklists is to use an AOL model in which dynamic IP blocking is used. When spam is noted from an IP that IP is automatically blocked for 24-36 hours after the last spam comes in. That way the innocents are not being blocked and the spammers email doesn't make it through. There are a couple blacklists which do this but more should.

Compare this to the opposite blacklists like BLARS which requires a thousand dollars for "him" to investigate whether an IP should be removed. I have never seen an IP which is not listed with BLARS.

Re:There is a problem with blacklists (1)

kaarlov (259057) | more than 9 years ago | (#12835073)

Practically nobody uses BLARS, so I wouldn't worry about it. Among other things, BLARS lists /16 netblocks which are allocated to different providers in different countries as one listing. But I wouldn't worry about it.

About spam and run. Yes sometimes it is just quick spam and run. But sometimes they use the same ip-address for months. While ago I received a lot of annoying spam to different role accounts from one ip-address, which wasn't blocked by any blacklist I use (It was blocked by SPEWS because of the same spammer), and I placed a manual block on it. I periodically check all my manually blocked IP's because I don't want to keep them listed forever. That one went on for months, though it was finally listed by SBL too.

Spammers use different methods to get by different types of blocking. And AOL-style dynamic blocking isn't very effective for smaller providers or smaller companies. Unless someone creates a trusted network of admins and good infrastructure to collect enough spam to judge which ip's should be dynamically blocked.

Re:There is a problem with blacklists (0)

Anonymous Coward | more than 9 years ago | (#12835083)

I remember having my server blacklisted on BLARS blacklist.

At the time I didn't know who he was. Sure enough, when I emailed him, along came the demand for the USD$1,000 came along I thought who is this giddy creep?

I'm sure there are some suckers he defrauds into paying him, but it was quite a feeling of helplessness (and anger) until I realised that no-one bothered with his "blacklist" or takes him seriously.

However, one day he's going to piss off the wrong person and get sued for blackmail or extortion - I'm sure some creative attorney could frame a case around his demand letter...

Re:There is a problem with blacklists (1)

argent (18001) | more than 9 years ago | (#12835087)

Leaving any IP on a blacklist for any period of time doesn't help.

Then you should have no problem with SBL. They automatically delete listings after six months, even for known spam gangs (though of course they get back in again if they're still being used).

And some spammers really do spam from the same address for years. I've got several addresses that I've had in a hardcoded block list on my mail server that are still spamming me after two or even three years. And the SBL is effective: I use my own dynamic block lists and greylists and dynamic IP lists, and the SBL still blocks a huge number of messages after all that.

Good riddance (-1, Flamebait)

Jay Maynard (54798) | more than 9 years ago | (#12834931)

If Paul Graham supports spamming by giving spammer-friendly ISPs his dollars, he deserves to get blocklisted. He should be complaining about the spammer and the ISP's failure to terminate their accound, not the blocklist.

Re:Good riddance (0)

Anonymous Coward | more than 9 years ago | (#12835001)

The major backbone providers are all spam-friendly. If you use the internet, someone, somewhere who supports spammers is getting your money.

Ooh, blackholing is TERRORISM now! (0)

Medievalist (16032) | more than 9 years ago | (#12834968)

Graham writes: For example, in order to get revenge on people they believed were spamming, MAPS would blacklist the mail server of the company hosting their site.

Wrong. "Revenge" is completely off the menu. Paul's being a crybaby and refusing to look at anyone else's point of view.

The truth is, MAPS blacklists the mail server of the company hosting the spammer because MAPS subscribers are willing to give up their ability to recieve mail from some innocent bystanders if that will break spamhosters' profit model. That is the choice of those who use the blacklist.

Graham also writes: This is, strictly speaking, terrorism: harming innnocent people as a way to pressure some central authority into doing what you want.

Now Paul's really gone over the top. Allowing MAPS subscribers to block email is "harming innocent people"? Get a sense of proportion, man! Terrorism has a definition, although some dispute the details [wikipedia.org] and this isn't it. Where's the terror? Are you living in fear that your email might be blocked, because you use a spamhoster? I don't think it's MAPS fault if you are terrorised; I hope you are not, but if you think you are, you need to see a psychiatrist quick.

Once you get past the hyperbole in the first few paragraphs, Graham makes at least one valid point (his site has been wrongly blacklisted) and asks at least one pertinent question (who watches the watchers? answer: subscribers). But this article is mostly just a hysterical anti-blacklisting rant.

Don't blacklist me! (0, Offtopic)

utnow (808790) | more than 9 years ago | (#12834969)

Let me spam my http://www.youeatit.com/ [youeatit.com] shit.

What's the real story? (3, Insightful)

argent (18001) | more than 9 years ago | (#12834971)

People switched from MAPS because the other lists were free, not because MAPS was too aggressive.

"As of this writing, any filter relying on the SBL is now marking email with the url "paulgraham.com" as spam."

Whisky Tango Foxtrot? *BLs block IP address ranges, not URLs.

"Because the guys at the SBL want to pressure Yahoo, where paulgraham.com is hosted, to delete the site of a company they believe is spamming."

1. Given that Paul's mixing up URLs and addresses of mail servers, I'm not prepared to take at face value the statement that SBL is blocking Yahoo's mail servers to pressure Yahoo to drop a "site", rather than (say) mail services Yahoo is providing the spammer.

2. If Yahoo is providing services to a spammer and Yahoo refuses to deny those services to a spammer, than Yahoo is being "spam friendly", no matter what their reputation is, and they may well be depending on the many legitimate lists they're hosting to avoid responsibility for their actions. That's exactly the situation that John Reid is referring to in Paul's quote.

I don't know what alleged spammer this is referring to, but what Paul's written is clearly not anywhere near the whole story.

Re:What's the real story? (1)

Russ Nelson (33911) | more than 9 years ago | (#12835088)

DNSBLs block IP address ranges, not URLs.

Actually .... since the one thing you can count on in spam is a working URL pointing to the spammer's advertising, some people are now parsing email, and checking the IP of all URLs. If any one of them is listed on a blacklist, then the email is rejected. Works pretty well, actually.
-russ

Easy answer to this... (0)

Anonymous Coward | more than 9 years ago | (#12834978)

I knew it when I started reading that posting. He must have got listed somehow by one of them.

Well talk to your provider and get them to get rid of the spammer. If they won't correct the problem then leave. That's the whole point of an RBL anyway.

Customers get blocked and complain to their provider. The provider fears loss of further business and removes the offender. Of course this is only a theory cause it's rare someone does confront the provider.

DUL (1)

egburr (141740) | more than 9 years ago | (#12834982)

The DUL is another very annoying list. Earthlink reports all of its cable modem customers to DUL because we are forced to use "dynamic" addresses with DHCP. My address is so dynamic it has changed once since I because a customer, and that change occurred three years ago. For DSL customers, Earthlink offers a special service: a static IP address for only $15/month extra. Cable subscribers don't get that option. I really have to wonder how that static address could possibly cost them any more to maintain than my current dynamic address. In my case, the only difference it would make is whether I am on the DUL or not. (I use dyndns.org to have a dynamic domain point to me and now have a regular paid-for domain pointing directly to my IP address which I will manually update should my address ever change again.)

I remember you used to pretend to have a clue... (0)

Anonymous Coward | more than 9 years ago | (#12835124)

If your IP address is dynamic, you have no business talking to other networks' port 25. Set define(`SMART_HOST', `smtp.earthlink.net') and shut up.

Abuse my hind end (0, Flamebait)

Arker (91948) | more than 9 years ago | (#12835003)

I really get sick of this sort of whining.

Yes, innocent users get hurt when their ISP chooses to host spammers. There's no way around that, unfortunately, except for users to become more choosy about their ISPs.

But when an ISP gets blacklisted for hosting spammers, this is not abuse or corruption - this is exactly what a blacklist has to do to be effective, and exactly what those of us that use blacklists expect and desire for them to do.

You can play whack-a-mole with spammers day in and day out for years, and have zero or very near zero effect on them. I know, I've done it. By the time you report a spamming IP, the run is done. The spammer isn't going to come back there, he's going to come back from a different IP for his next run. If you want to have any significant effect at deterring spam, you have to do more than whack-a-mole, you have to get them where it hurts. They can send out a million emails from one IP, then never use that IP again. But they have to have someplace more stable to take the money from the handful of morons that go ahead and click on their links.

If an ISP allows spammers to host on their network, they should be blacklisted. I don't want to carry their traffic. And if that means I'm turning down traffic from their other, non-spamming customers, that's a shame, but so be it. Maybe if their customers complain they'll get rid of the spammers. If not, I suggest their customers vote with their wallets, and find a new ISP. That is, if their purpose in having an ISP is communication with those of us that don't want spam. If they're happy being able to connect only to the fraction of the internet that welcomes spam, that's fine too. But it's up to them to make a choice.

All the blacklists do is allow those of us that DO NOT WANT traffic from spam-friendly networks to implement these blocks. Trying to spin an informational service as 'vigilantism' and 'abuse' and 'corruption' because it doesn't work the way the spammers and spam-friendly hosts want it to is abuse of the language, and insulting to the readers intelligence, IMOP.

Guideline, not a rule (5, Interesting)

bitflip (49188) | more than 9 years ago | (#12835027)

I use blacklists all the time. Rather than simply rejecting the mail, if the server is on a blacklist, the initial OK is delayed by five seconds.

If you're sending a ton of mail, i.e., spam, little of it gets through. If you're only sending one or two messages, ie, likely legit mail, it goes through just fine.

Combined with more specific stuff further back (bayes, et. al), it's been quite effective at reducing the amount of spam sent, and the amount of mail that gets scanned.

The problem isn't blacklists, its how people use them.

spam blacklist blackmail? (2, Insightful)

matt me (850665) | more than 9 years ago | (#12835044)

Blacklisting is clearly just opening more oppurtunies for cyber-crime: spammers threatening to get companies blacklisted by major ISPs unless they pay up. Sending a few emails from fake addresses to the right places is a lot easier than organising DoS attacks from BotNets.

Loss of email hurts more too.

Best (1)

bahwi (43111) | more than 9 years ago | (#12835054)

The best would be to make a new RBL that added headers to each email when a site is known to be using an RBL.

SPF is the way of the future, blacklists have no place and should be actively discouraged. Until SPF is in full deployment, or even after, TMDA works great too, and is the wave of today. RBL's are old, outdated, too high on themselves, etc.... Time to move on to the next solution.

"Power-hungry weenies" (5, Interesting)

slavemowgli (585321) | more than 9 years ago | (#12835086)

Interestingly enough, the owner of the acme.com domain who was recently featured in a story due to his getting more than a million spam mails (well, attempts to send spam) a day, agrees:

DNS-RBLs - Domain Name System Realtime Black Lists. In theory the idea is fine. You have a set of sites that you blacklist, and you want to let other folks use the same list so you distribute it using DNS, which is a nice efficient de-centralized database. What's not to like?

Well, I don't know why, but in practice every single DNS-RBL eventually comes under the control of power-hungry weenies. They start listing sites unreliably, and if you complain you find yourself listed. And there's usually no way to get off the list.

A lot of people tell me I'm wrong about this. They say that certain DNS-RBLs are ok, with objective criteria for inclusion and simple procedures for getting off the list. The thing is, they give conflicting recommendations for which lists are good and which are bad. Some of these folks recommend lists which I know from personal experience are bad.

This problem is really inherent in the way DNS-RBLs are set up. You cede control of your mail system to a third party, with no real possibility of checking how they are doing. The people running the lists get overwhelmed with bogus feedback from spammers and/or idiots, to the point where they assume all their mail about the lists is from spammers and/or idiots.

If the lists you use have not yet descended into corruption and chaos, consider yourself temporarily lucky.

Do not use DNS-RBLs.

(from http://www.acme.com/mail_filtering/shame_frameset. html [acme.com] )

Re:"Power-hungry weenies" (1)

argent (18001) | more than 9 years ago | (#12835131)

Jef's a great guy, but he's not always right. For example, he also says "don't use qmail because it always bounces after receipt". I use qmail, and yet I somehow manage to handle bounces in the initial handshake.

Gosh darn terrorists (2, Insightful)

RickPartin (892479) | more than 9 years ago | (#12835101)

From the article:
This is, strictly speaking, terrorism: harming innocent people as a way to pressure some central authority into doing what you want.

Can we please stop throwing the word terrorism into every sentence? Please? No? Damn.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>