how-to block ads
|
|  
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX
1 edit | Re: Why not to use SPEWS Yes, SPEWS is vicious. SPEWS does not accept requests for blocks to be added or removed. They shift as they please.
The only alternatives are a media campaign (as Something Awful did) or changing hosts (clearly NOT an option) or petitioning NAC to terminate the spammers. | |
| | 
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Why not to use SPEWS said by AmeritecTech  :
YThe only alternatives are a media campaign (as Something Awful did) or changing hosts (clearly NOT an option) or petitioning NAC to terminate the spammers.
No, there is another solution. Publicize the abuses, and convince people that using SPEWS is a bad idea.
SPEWS has no power not given to them by subscribers
I don't subscribe.
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site | |
| | |
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX | Re: Why not to use SPEWS Publicize the abuses....by way of a media campaign? | |
| | | shorej
Premium
join:2002-07-22
Wichita, KS
 ·Cox HSI
| I'm a SPEWS subscriber. Always have been. Always will be. In all my years of professionally filtering spam, I have yet to find another DNSBL that was as effective as SPEWS. The problem isn't SPEWS. The problem is DSLReports.com bought the services of a Your Spam-Supporting Provider. They should expect nothing less than their provider to be blacklisted if DSLReports.com is as anit-spam as the profess to be. | |
| | | | 
Karl Bode
News Guy
join:2000-03-02
Host:
Road Runner
PC gaming GAMES
PC gaming Tech
3 edits | Re: Why not to use SPEWS quote:
You people amaze me. You provider is supporting spam by hosting a very well known spammer, which you profess to be against, and yet you have the gall to bitch and moan when a blacklist operator lists your spamming provider (and effectively YOU). What's wrong with this picture? You shouldn't be complaining to SPEWS about the listing.
Yadda Yadda Yadda.
This high-and-mighty schtick is a little boring in here, folks. You make it sound as if SPEWS is organized, efficient Deity, operating while perched upon an untouchable cloud of righteousness sipping a holy latte.
This idea of urging hosted individuals, businesses and sites to contact their ISP and complain may very well be effective. It will obviously work in this case. Yes ISP's should be held responsible. Yes, we will pressure them. So Yes, this tactic does function.
The problem is SPEWS doesn't release IP blocks or resolve complaints in a timely manner once spammers are booted from the network or move on - there's also no functional public complaint mechanism in place to deal with unfairly blacklisted hosts or delays in getting lifted from the blacklist.
This from their de-listing instructions:
quote:
"You will probably have to wait a while, both while SPEWS makes sure you really did shut down those customers, and to give you a bit of time to think about how you got in SPEWS and how to stay out in the future."
Are you F*ck*ng kidding me? "time to think about"? Is this thing run by grudge-holding pre-schoolers? Comments like that make me want to open a god-damn spamming shop. 
An effective idea? Perhaps. Functional implementation? Not so much. | |
| | Dimensio
join:2004-01-22
Louisville, KY
| The only alternatives are a media campaign (as Something Awful did)
Yeah, that worked. In addition to still being listed in SPEWS, SA's antics got them stuck into quite a few private blocklists from which they will NEVER be removed, even if NHI/Cogentco cleans up its act. | |
| | |
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX
| Re: Why not to use SPEWS said by Dimensio :
The only alternatives are a media campaign (as Something Awful did)
Yeah, that worked. In addition to still being listed in SPEWS, SA's antics got them stuck into quite a few private blocklists from which they will NEVER be removed, even if NHI/Cogentco cleans up its act.
It didn't help SA, but I doubt it increased SPEWS-using admins either. I suspect fewer admins use it since that bad publicity.
--
Independent thinkers tend to ALWAYS have someone not agreeing with them. It's the non-thinkers that always come in legions." -John Callari | |
| | | | Dimensio
join:2004-01-22
Louisville, KY
| Re: Why not to use SPEWS quote:
It didn't help SA, but I doubt it increased SPEWS-using admins either. I suspect fewer admins use it since that bad publicity.
You may have a point. The downside of SPEWS being an anonymous entity is that they can't have a spokesperson countering false claims made about them. As such, when somethingawful and others started lying about how SPEWS works (one jackass even claimed that SPEWS demands money to remove list entries), no official SPEWS people were around to point out the obvious falsehoods. | |
| | | | |
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Why not to use SPEWS said by Dimensio :
no official SPEWS people were around to point out the obvious falsehoods.
I think that an organization that exists to implement a policy can speak through that policy. Updating an FAQ and having anybody point to it should be good enough.
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site | |
| | | | | dda
Premium
join:2003-12-29
Bolton, MA
| Dimensio wrote:
You may have a point. The downside of SPEWS being an anonymous entity is that they can't have a spokesperson countering false claims made about them.
I don't know, you and others have jumped to defend SPEWS. Although it is a little sad that so many of those defending SPEWS are anonymous (or, like you, always doing their First Post!); one might think they were afraid to identify themselves. I'm sure that isn't the case though; I'm sure you are all willing to stand up and be counted as proud defenders of what you so obviously believe in.
Right? | |
| | | | | | 
Spectral
Hates Acl's
Premium
join:2002-05-03
Silverton, OR
clubs:
| Re: Why not to use SPEWS said by dda :
. Although it is a little sad that so many of those defending SPEWS are anonymous (or, like you, always doing their First Post!); one might think they were afraid to identify themselves. I'm sure that isn't the case though; I'm sure you are all willing to stand up and be counted as proud defenders of what you so obviously believe in.
Right?
Or it might have to do with several ppl reading about this in the big threads it generated on slashdot and nanae who are coming over here for the first time in response. Much the same as I'm sure there are probably more than a few from here that visited at least nanae if not slashdot for the first time because of it.
--
"FlyingThere is an art, or rather a knack to flying. The knack lies in learning how to throw yourself at the ground and miss."~Douglas Adams | |
| | | | 
Star Wolf
|
It didn't help SA, but I doubt it increased SPEWS-using admins either. I suspect fewer admins use it since that bad publicity.
In the greater scheme of things, the SA/SPEWS fracas was a non-event for both sides. Neither gained or lost much, though SA got some additional exposure it had not had before. I believe this will be true for DSLR as well.
The bubbas taking the hits this time around are Pwebtech and NAC, whose spam issues until now were not well known. | |
| | | | | 
firephoto
KDE
Premium
join:2003-03-18
 ·Verizon west (ex G..
| Re: Why not to use SPEWS said by Star Wolf:
The bubbas taking the hits this time around are Pwebtech and NAC, whose spam issues until now were not well known.
Interesting that it has taken BBR and this sites exposure to make some things happen all of a sudden. A quick search of the site here doesn't reveal much in the way of bad things related to pwebtech, Pegasus Web Technologies, or NAC.net as they relate to spam since october. I'm sure a little blurb in this forum here would have got some wheels turning if it was such a problem. Maybe the little "hey dlsr/bbr guys...." note should have been posted here. No? doesn't follow the SPEWS way of doing things? It doesn't take much digging in the NANAE to figure out who's behind the mask at SPEWS. Google is your friend. The SPEWS.org register info is interesting too.
It's nice to see the commments from the NAC CEO too. They run a good business that can be proven by the fact that very few haven't been able to get to BBR when they clicked the link. It always works for me except for the rare database error I've seen. Good work to all invovled! | |
| | | | | |
Star Wolf
| Re: Why not to use SPEWS
Interesting that it has taken BBR and this sites exposure to make some things happen all of a sudden. A quick search of the site here doesn't reveal much in the way of bad things related to pwebtech, Pegasus Web Technologies, or NAC.net as they relate to spam since october. I'm sure a little blurb in this forum here would have got some wheels turning if it was such a problem. Maybe the little "hey dlsr/bbr guys...." note should have been posted here. No? doesn't follow the SPEWS way of doing things?
Did you think that through...people with complaints about pwebtech and other NAC customers should post them here? You sent complaints to abuse@ that is what they are there for. If you are a diehard anti, you post in NANAS as well. DSLR is an interesting place, but its not the nexus for NAC complaints.
It doesn't take much digging in the NANAE to figure out who's behind the mask at SPEWS.
Determining who SPEWS is based on posts in NANAE is laughable. If it was that easy, it would have been done by now. Whomever they are, they have fairly good OPSEC, especially after that suit by the idiot Florida lawyer. | |
| | | | | 
Mordy
Comfortably Numb
Premium,MVM,ExMod 2004-07
join:2001-12-02
Denver, CO
·Comcast Formerly ..
| Wonderful. More stupidity at the hands of the train wreck called SPEWS.
Short term, I would see if NAC can give you a non-corrupt IP address. What SPEWS wants you to do is beg NAC to throw who they believe to be spammers off their network, which I would not do. That is playing their game.
I agree with Steve and others; get Karl to publish this on page 1 news, and get the word out.
If I have ever seen an anti-spam site, it is BBR. This is the height of stupidity to block this site.
--
Facts do not cease to exist because the are ignored - Aldous Huxley | |
| |
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Why not to use SPEWS said by Mordy :
Short term, I would see if NAC can give you a non-corrupt IP address.
Actually, it would be easier to just relay the mail through a non-listed server. Postfix makes it easy to do this, and Kasia knows exactly where to find such a mail server.
But it's no surprise - in the big picture of all the wierd people in the world - that any random person runs a list that has bogus listing requirements. Hell, I could run a bogus list. Why not?
The surprise is that people subscribe to the list, and the way to counter SPEWS is to
1) publicize how dumb SPEWS is
2) expose those who use it
Then the free market of public opinion can take it from there.
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site | |
| | |
snicky69
@aol.com | Re: Why not to use SPEWS Workarounds are not a solution.
SPEWS needs to be stopped. | |
| | | | |
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX
| Re: Why not to use SPEWS Almost everyone here is well-aware of how SPEWS works and that it doesn't actually block anyone. SPEWS uses its influence cavalierly, frequently creating secondary victims, like BBR and Something Awful.
I note that you are Premium. Does this mean that you are also supporting a spam-friendly ISP?
--
Independent thinkers tend to ALWAYS have someone not agreeing with them. It's the non-thinkers that always come in legions." -John Callari | |
| | | | | | | | |
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX
| Re: Why not to use SPEWS said by TamaraB :
Absolutely NOT! I support one of the Internet's best sources of information on a very wide range of subjects. BBR is one of the finest discussion systems on the NET, it is NOT however an ISP! It is also NOT spam-friendly, where did you get that Idea?
You wouldn't be trying to mis-represent what I said in my post would you?
What money do you think BBR uses to pay its hosting costs?
--
Independent thinkers tend to ALWAYS have someone not agreeing with them. It's the non-thinkers that always come in legions." -John Callari | |
| | | | | | 
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| Re: Why not to use SPEWS said by AmeritecTech :
What money do you think BBR uses to pay its hosting costs?
I am responsible for who I support. I support BBR, which is NOT spam friendly.
BBR is responsible for who they support! That is entirely their business! And BBR will have to deal with whatever consequences arise or don't arise as a result of their decissions.
Captain Bob
--
Motor Vessel - Tamara B. - 43' Long-Range Trawler Cape Elizebeth ME.»www.tamara-b.org
| |
| | | | | | | 
nil
Java Geek
join:2000-11-27 | Re: Why not to use SPEWS Funny, that's what I've been saying about Nac. | |
| | | | | | | |
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| Re: Why not to use SPEWS said by nil :
Funny, that's what I've been saying about Nac.
You mean you see no difference between the two??
BBR does NOT support hackers, porners, and spammers by providing them space to operate on this Board! By contrast, NAC provides ip-space to the same, and they make money off of them. Does BBR make money from illegal and immoral users? No!
The difference is stark, I am surprised you can't see the difference.
Captain Bob
--
Motor Vessel - Tamara B. - 43' Long-Range Trawler Cape Elizebeth ME.»www.tamara-b.org
| |
| | | | | | | | |
nil
Java Geek
join:2000-11-27
1 edit | Re: Why not to use SPEWS Forget it, I've had enough playing ping-pong for the day. | |
| | | | | | | | |
lord_nightrose
@mi.char
| said by "TamaraB":
BBR does NOT support hackers, porners, and spammers by providing them space to operate on this Board! By contrast, NAC provides ip-space to the same, and they make money off of them. Does BBR make money from illegal and immoral users? No!
Oh no! God forbid a company should make money! | |
| | | | | | | | | |
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
1 edit | Re: Why not to use SPEWS said by lord_nightrose:
Oh no! God forbid a company should make money!
I usually don't feed the spammer trolls... but I will throw you this crumb:
Crack dealers, child pornographers, and purveyors of bogus penis enlargment scams "make money". Making money is not all there is to life (unless you are a spammer), and there are legitimate ways of making money without harming others!
Captain Bob
--
Motor Vessel - Tamara B. -
43' Long-Range Trawler
Cape Elizebeth ME.
»www.tamara-b.org
| |
| | | | | | | | | | 
schnuggles
Stays Crunchy In Milk
join:2003-06-07
Deming, NM
| Re: Why not to use SPEWS said by TamaraB :
Crack dealers, child pornographers, and purveyors of bogus penis enlargment scams "make money". Making money is not all there is to life (unless you are a spammer), and there are legitimate ways of making money without harming others!
Captain Bob
AMEN!
--
Salus Populi Suprema Est Lex-Cicero (106 BC - 43 BC) | |
| | | | | 
Rhobite
Premium
join:2002-02-24
Cambridge, MA
clubs:
| Tamara, I agree 100%. It's interesting that the discussion here has focused on the evils of SPEWS, with little discussion of NAC's failure to deal with its spam problem. Not to mention, zero suggestions about how else to punish people who sell fake drugs and send porn to kids. | |
| | | | | |
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX
| Re: Why not to use SPEWS SPEWS has the right to do what it does, and others have the right to voice their discontent. Others can then decide whether they think the claims of overbearing policies are justified.
--
Independent thinkers tend to ALWAYS have someone not agreeing with them. It's the non-thinkers that always come in legions." -John Callari | |
| | | | | |
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| said by Rhobite :
It's interesting that the discussion here has focused on the evils of SPEWS, with little discussion of NAC's failure to deal with its spam problem. Not to mention, zero suggestions about how else to punish people who sell fake drugs and send porn to kids.
It's called being safe comfortable, and lazy. People don't want to be bothered with having to do any work, they don't want to suffer any discomfort, risk, or inconvience, they just want the problem to go away all by itself, without any cost, without any discomfort, and without any risk.
I wonder... would this thread even have started if BBR did not appear on a level [2] listing? Now spews is an inconvience to Nil, so therefor spews is now evil. Spews was not evil last week. Why? Because there was no inconvience caused by a very effective BL last week. Why isn't NAC deemed evil? You see?
That's childish, and one of the reasons we are in the state we are currently in i'm afraid!
Captain Bob
--
Motor Vessel - Tamara B. - 43' Long-Range Trawler Cape Elizebeth ME.»www.tamara-b.org
| |
| | | | | | |
See 6 replies to this post | |
| | | | russotto
join:2000-10-05
Collegeville, PA
| The problem, Captain Bob, is while the US Military attempts to _avoid_ collateral damage, SPEWS deliberately causes it, by using "area effect" blacklisting when they have at their disposal "precision guided" blacklisting. The idea is that the people they blacklist that way will put pressure on their real targets. | |
| | | | | |
See 42 replies to this post | |
| | | | 
Jason Levine
Premium
join:2001-07-13
USA
| said by TamaraB :
We all know what "collateral damage" means don't we? It is unavoidable in a war (just ask Dubya), and anti-spam operations amount to a war.
Maybe so, but the military still takes steps to minimize collateral damage. For example, when the US was going after Uday and Qusai, they didn't bomb the entire town to the ground to get to them. Instead, they targeted an individual building.
Taking the analogy back to the anti-spam fight, BBR resides on 209.123.109.175. A spammer is located on 209.123.111.20. Does SPEWS target 209.123.111.20? If they did then there would be zero collateral damage.
Or perhaps (if they wanted a wide target) they could block 209.123.111.xx? This would result in, at most, 254 collateral damage sites.
But they don't do either of those. Instead, they target 209.123.xx.yy. This leads to over 65,000 innocent collateral damage sites to block one spammer.
BTW Kasia, it seems like the anonymous folks running SPEWS have put a message for BBR in the SPEWS entry:
said by the SPEWS entry:
=> Hey DSLR/BBR - maybe you guys can help clean up NAC?
No one else has been able to.
Looks like they're outright admitting to blacklisting you falsely now.
--
-Jason Levine
http://www.jasons-toolbox.com/
http://www.PCQandA.com/
http://www.urateit.com/ | |
| | | | | |
See 31 replies to this post | |
| | 
GlobalMind
Domino Dude, POWER Systems Guy
Premium
join:2001-10-29
Hollywood, FL
| said by TamaraB :
As far as being "anti-spam" is concerned, you are correct, BBR is anti-spam. The question is will it remain anti-spam when and if push comes to shove (if NAC refuses to deal with their spammers, and the listing goes to level [1])?
Will BBR continue to financially support a spam operation, or will they move on and financially support an ISP which does not support and harbor spammers? Will BBR vote anti-spam with their checkbook or not?
You honestly think BBR will suddenly start supporting spam? Or wait, you mean if they don't switch providers....oh yea, the guilty by association thing.
Let me ask you, were those who bought power from ENRON corrupt as well? After all, they did support them financially.
Sorry if this is a tad rough...but frankly there is this moral argument too many folks are spouting off here which in my view absolutely does not hold water. Just because your ISP happens to have spammers on it's network does not mean you personally or your org support the activity.
Yes BBR could step away and go with another ISP. However, them not doing so in no way constitutes some sort of support for spammers. It is also a heck of a lot easier said then done in most cases.
K.
--
TheGlobalMind.com
"On a clear disk you can seek forever" | |
| | | |
See 12 replies to this post | |
| 
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
 ·AT&T U-Verse
| I'd like to see the SPEWS lunacy involved here get
Slashdotted. In spite of the excessive traffic that would
be generated here at BBR, that kind of publicity would
do well to point out the damage that SPEWS causes to
innocent thrid parties that happen to be in the same
netblock as spammers. And at /., it would reach a good
target audience.
--
"Kayura or Badamon, whichever you are, you should know that I will never give up this battle. By the will of the Ancient, I shall succeed!" - Shuten (Anubis) from the Ronin Warriors. | |
| | | | | | |
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX | Re: Why not to use SPEWS They made a 90 page dent for that spammer hunt! | |
| | | | jspreha
join:2002-02-02
Harrisburg, PA
| said by nil :
Actually, slashdot hardly makes a dent in our traffic when they link to us, so wouldn't be excessive at all
I believe that is about to change very shortly.
New slashdot story is soon to appear to the masses. | |
| | | | | |
Jason Levine
Premium
join:2001-07-13
USA
| My site (PCQandA.com) was listed as well. We seem to be off the list now though. How we got removed, I can't tell you. Just lucky I guess. It did nothing to change my opinion of SPEWS though. It's an awful operation and I wish it would just go away. (There are much better operations out there that would take up the slack.)
--
-Jason Levine
http://www.jasons-toolbox.com/
http://www.PCQandA.com/
http://www.urateit.com/ | |
| |
nil
Java Geek
join:2000-11-27
Host:
Webmasters and Dev..
Forum Feature Requ..
| Re: Why not to use SPEWS I just wish there was some accountability involved in this.. but there isn't..
I like an operation like ordb, where everything is out in the open, removal is simple, automated and not affected by vengeance-full self-important admins.
--
Life is too short to be boring | |
| | catbert66
join:2004-01-22
Herndon, VA
| said by Jason Levine :
My site (PCQandA.com) was listed as well. We seem to be off the list now though. How we got removed, I can't tell you. Just lucky I guess.
Lucky, nothing. You were listed (and delisted) because of Rackspace. Apparently Rackspace got rid of the spammer that was causing your IP to be listed. When Rackspace got responsive and the spammer got dropped, the listing was removed. This is covered in the SPEWS FAQ, and discussed to death in NANAE.
This is much like BBR's situation with nac.net. All the chest-beating in the world won't change the fact that nac.net continues to take spammer cash to the detriment of its legitimate customers. pwebtech -- a notorious spamhaus -- has gotten the equivalent of over 70 Class C netblocks from nac.net into SPEWS Level 1, and they're still connected. That should be Clue #1 about nac.net's policies. If nac.net continues to ignore the abuse that emanates from its network, the listing will likely expand. If they dispose of their spammers, the listing will disappear. I expect a visit from the Porcine Aviation Squadron before that happens.
As it is, BBR is in a Level 2 (watch) listing, which no reasonable admin should be using for blocking anyway. Why not gripe about the bonehead who's using a DNSBL that's way too aggressive -- and not recommended for blocking -- instead? Some people use bl.spamcop.net for blocking, and often the result is the same: angry whining and finger-pointing, because it's too aggressive for almost all purposes except for tagging and scoring. But pointing out one mail admin's blunder/idiocy doesn't give you a forum to grind your axe, of course...
I think I'll ask blackholes.us to create a "nac.blackholes.us" zone, just so BBR will always be on an IP-based DNSBL that could be used for blocking if someone felt like it. That way, the persecution complex can go on forever.  | |
|
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| said by nil :
»openrbl.org/#209.123.109.175
Blacklisted an entire IP block belonging to nac which includes our mail server.. if you read the handy 'remove instructions' you'll find there's absolutely nothing we can do about it other than rant.
Suggestions? Short of ranting I'm out of ideas...
Full spews listing:
»www.spews.org/html/S2814.html
Nil:
1) your mail server is NOT BlackListed! If you look at the listing it is at level 2 the [2] means level 2. Read the SPEWS FAQ. No one blocks on level 2 listings.
Level 2 listings are netblocks which are watched carefully for evidence of abuse, usually because the adjoining netblocks are in use by spammers, and because the provider (NAC in this case) is ignoring complaints about the abuse, or is doing nothing to remove the abusers.
2) There is something you CAN do other than rant, which will not do you any good at all; and that is to complain to NAC about their spam-friendly policies. It's NAC's hosting network abusers which is the problem. If the listing is upgraded to level [1] then there will be a problem getting your e-mail out; if this is intollerable, the ONLY solution would be to change providers.
3) If NAC persists (usually for a prolonged period of time) in it's disregard for the rest of the Internet, by allowing our mailboxes to be filled up by their customer's garbage, then many system administrators including myself, will choose to refuse mail from larger and larger portions of NAC's IP-Space, IMHO this is a perfectly reasonable choice. It puts presure on the service provider not to host spammers, something, which in the long run will help stop spam.
Understand, that SPEWS does not block anyone, all they do is make available a list of spam-friendly, and spam-supporting providers. Many systems will choose not to communicate with providers who support spam operations in a direct effort to hurt spammers by denying them access to providers.
Yes I run an ISP, and YES we use SPEWS as one of many BL's we use to eliminate UCE/SPAM from our customer's mailboxes. Spews comes in seccond only to spamhaus.org in it's effectiveness. We receive less than 10 spams/day across a user population of over one thousand. Spews alone is responsible for about 30% of the blocking.
Captain Bob
--
Motor Vessel - Tamara B. - 43' Long-Range Trawler Cape Elizebeth ME.»www.tamara-b.org
| |
| |
See 16 replies to this post | |
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX
| There are two sites listed on the RBL entry.
Gordontower.com says "project closed" on the front page and is apparently dead.
sm1l1ngcustomerscomeback.com is not hosted on NAC any longer. It resolves to 209.113.236.162 which is owned by Network Innovations.
So aside from terminating the spammers, what can NAC do to get back in the good graces of SPEWS? Nothing.
--
Independent thinkers tend to ALWAYS have someone not agreeing with them. It's the non-thinkers that always come in legions." -John Callari | |
| |
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| Re: Why not to use SPEWS said by AmeritecTech :
So aside from terminating the spammers, what can NAC do to get back in the good graces of SPEWS? Nothing.
NAC.NET has to terminate all their spammers to get de-listed from spews. That's the way spews works. They (NAC) are rife with spammers. See: »www.lxhp.in-berlin.de/spamsites/···NET.html for a partial current list. NAC also needs to be responsive to complaints, they need to explain what steps they have taken to insure that new spammers will not replace the old ones...
I am not spews, but this is what I have observed, mainly on News://news.admin.net-abuse.email If you go to NANAE and read a bit, you will understand what the process is. Many providers are de-listed all the time. It's not impossible, it's quite common actually.
Captain Bob
--
Motor Vessel - Tamara B. - 43' Long-Range Trawler Cape Elizebeth ME.»www.tamara-b.org
| |
| | | 
Wills
join:2001-01-03
Port Charlotte, FL
| Re: Why not to use SPEWS said by TamaraB :
said by AmeritecTech :
So aside from terminating the spammers, what can NAC do to get back in the good graces of SPEWS? Nothing.
NAC.NET has to terminate all their spammers to get de-listed from spews. That's the way spews works.
Captain Bob
What bothers me is that you find this acceptable. Which you proved with your "collateral damage" reply earlier.
A well known and respected site is crippled because of the way SPEWS works. The site could lose money and subscribers. And why? Because of the way SPEWS works.
Why should BBR go to their ISP and complain about OTHER people that use them. It's not BBR's concern, business, or responcibility.
Essentially SPEWS is holding our IP block ransom and trying to force US into getting rid of the spammers on our ISP. Is SPEWS to lazy? Are they incapable? Are the afraid to get their hands dirty? Why should BBR have to do this. It's assnine.
Yet you openly support this type behavior. You are essentially supporting their "ransom note" way of "business".
I like your style. You're a thinker...
--
Abit VP-6 twin 800EB's @ 1002 Mhz.Proud member of the XDC. | |
|
Mordy
Comfortably Numb
Premium,MVM,ExMod 2004-07
join:2001-12-02
Denver, CO | Well, someone with more influence needs to post to Slashdot...I submitted last night, but no luck yet.
--
Facts do not cease to exist because the are ignored - Aldous Huxley | |
| |
nil
Java Geek
join:2000-11-27
Host:
Webmasters and Dev..
Forum Feature Requ..
| Re: Why not to use SPEWS I have no influence
I do think that more attention to the issue might be good for everyone involved though.. except maybe the spammers.
--
Life is too short to be boring | |
|
some lam0r
@sympatico.ca | wwwwoooooooooooot!
(sincerely hope you solve your spamadelic problems) | |
|
alliozzzz
@net.nz | slashdot says hi. just want to get in before the flood of anonymous lamers!
good luck with this. | |
| | 
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
1 edit | Re: Why not to use SPEWS said by some anonymous guy:
slashdot says hi. just want to get in before the flood of anonymous lamers!
...said the guy who posted anonymously.
--
"Luck is the residue of design." - Branch Rickey | |
| |
BesigedB
@193.39.x.x
| Many companys who get upwards of gigabytes of pure spam daily. To them, post-reciept filtering is not an option. The spammers have wasted their bandwidth to delever their spew. All that spamassassin does is stop the recepient from reading it. The only option to save bandwidth is to DENY suspected ip addresses from DELEVERING IN THE FIRST PLACE. Spamassassin can be used as a second-level line of defence for everything else that gets past trusted lists (spamcop, spamhaus etc). If you paid per megabyte you would be doing this too.
Oh, and anyone blocking on L2 is dumb. Get in contact with the clueless admins of any server that bounces your mail. Chances are BBA should remain largely unaffected. | |
|
Sam Sneak
@waldenweb.com
| Said by Captain Bob
We all know what "collateral damage" means don't we? It is unavoidable in a war (just ask Dubya), and anti-spam operations amount to a war.
That said, it is the "primary" victims which we should be more (primarily) concerned with. The thousands upon thousands of innocent victims who are inundated with porn, viruses, trojans, and lost bandwidth, not to mention the BILLIONS of dollars lost each year due to the spam/uce plague.
The number of secondary victims pales greatly in number compared to the primary victims!
Let's see how you'd like this attitude if, for example, the FBI decided to detain all ISP administrators from Clueless, Idaho or wherever you are from, based on the actions of one anonymous culprit who happened to be tracked to your particular geographic region. What makes you think that a business which provides the livelihood for employees, services for its clients, and in turn the client's livelihood has less of an impact than some people get an X10 camera ad in their email.
(employee/business failure vs some percentage of email that can be filtered in a wide variety of ways)
You are in effect using a shotgun to open a window, with no care for the damage you do. A disclaimer that you are ignorant and illogical does not excuse the behavior.
While I am not a lawyer I suspect that a person who;
1. makes wildly inaccurate assertions,
2. in a publicly accessible forum,
3. as a means of coercing others
is commiting fraud, libel, and extortion (in that order).
I pray you have a better argument prepared on the day that you try this with someone with abundant and aggressive legal representation. When they finish having you shutdown as an accessory they could probably pursue a counter suit for any documented losses. I wouldn't expect them to actually try to get money from you; the 15 minutes it takes them to file one more paper would simply require you to spend your time and money to stay afloat.
You give anti-SPAM efforts a bad name. | |
| |
MidwestWebHoster
@insightBB.com
| Re: Why not to use SPEWS Let's see how you'd like this attitude if, for example, the FBI decided to detain all ISP administrators from Clueless, Idaho or wherever you are from, based on the actions of one anonymous culprit who happened to be tracked to your particular geographic region. What makes you think that a business which provides the livelihood for employees, services for its clients, and in turn the client's livelihood has less of an impact than some people get an X10 camera ad in their email.
Not a good comparison. Not at all. A better comparison would be, based on the actions of one anonymous culprit from your area, the FBI issued a warning 'Be wary of people from Clueless, Idaho. One of them has done bad things.' And businesses turned away people from Clueless, Idaho becuase of this warning. It's the businesses that have the power of the acceptance or denaial here.
It's amazing how many times I've seen people blame a BL for the blocking of e-mail. They provide a list. Pure and simple. Just a list. They do not stop the flow of e-mail, they can't.
I think someone else mentioned this, but if you don't like SPEWS, just make a public campaign showing mail server admins why they shouldn't block against SPEWS.
That being said, as a mail server Admin, I do NOT use Spews. Our company policy is that we'd rather err towards extra spam than blocking a legitimate e-mail. And if you actually want my honest opinion, I think word parsing filters seem to be the best defense so far. About 25% of our incoming mail is stopped by our content filter, and think our false positive rate is about 0.1%. The BL filters catch something like 5% of our incoming traffic, but the way they're tweaked, I'm kind of light-handed with that enforcement effort, but the plus side to the light-handedness is that I think I've had one false positive in the past 4 months. | |
| | |
Steviant
@co.nz
| Re: Why not to use SPEWS It's amazing how many times I've seen people blame a BL for the blocking of e-mail. They provide a list. Pure and simple. Just a list. They do not stop the flow of e-mail, they can't.
What an amazing attitude!
You know, Hitler didn't personally gas any Jews or Gypsies. He was nowhere near the concentration camps, so he couldn't have.
Does that make him innocent? | |
| | | |
Ziga Rat
@worldwithoutwire.com
| Re: Why not to use SPEWS No, because Hitler ordered it done. I don't see SPEWS ordering me to use their list as a part of my spam filtering solution on my e-mail server.
Had Hilter wrote a list of ethnic groups he didn't like, then a bunch of his followers went out and killed them all on their own, technically speaking I believe Hitler would be innocent of any wrong doing. But that wasn't the case, he wrote a book about it and then ordered it done. | |
| | | | 
operagost
join:1999-08-02
Spring City, PA
| said by Steviant:
You know, Hitler didn't personally gas any Jews or Gypsies. He was nowhere near the concentration camps, so he couldn't have.
Does that make him innocent?
I hereby invoke Godwin's law. | |
| | |
Sam Sneak
@waldenweb.com
| I understand exactly how RBL lists work. My point is that when you broadcast something in a public forum you are responsible for the results regardless of a disclaimer.
If you don't believe that, make a little sign that says "Ignore me, I am not responsible for the actions of others based on information I provide."
Then go down to a movie theater and when everyoneis settled in yell Fire, Fire! When some child gets trampled by a mob that excuse will not work very well.
Granted we are dealing with the internet, but SPEWS is irresponsibly reporting information in a public forum when they know it to be incomplete/incorrect without having any sort of mechanism for correction. | |
|
DukeVader
@eastlink.ca
| I have to say that I am NOT defending NAC or any other ISP/Hosting provider that is being blamed as a spam friendly provider. HOWEVER, I can say that a lot of the time there are false reports created that end up causing ISPs, Hosting providers, etc, to be listed. I currently do out-sourced support for some 300 servers and 80 thousand end users and we have to deal with spamblocks on a daily basis because of some a$$clown. But after we do our research, check our logs...more often then not we find that they didn't do it.
If people want to use spam lists as a guideline, great. But take it with a grain of salt. Blindly blacklisting because some 3rd party service says to is lame and I feel unprofessional. I remember the good old days when Sysadmins actually did their own work/research to blacklist appropriate people/providers. Its a shame that those days are all but gone. | |
|
kettle
@138.164.x.x
| Been reading this and I find it funny that while everyone wants to bash SPEWS for listing the IP range, no one wants to address the fact that NAC is spam-friendly...
if the number of posts in this thread were equaled by the number of emails to the NAC support staff to complain about the spammers they host, there might actually be something done about them... | |
|
Jon D
@ac.uk | Godwin's law has been invoked... and the discussion was just getting interesting  | |
| shorej
Premium
join:2002-07-22
Wichita, KS
·Cox HSI
| You people amaze me. You provider is supporting spam by hosting a very well known spammer, which you profess to be against, and yet you have the gall to bitch and moan when a blacklist operator lists your spamming provider (and effectively YOU). What's wrong with this picture? You shouldn't be complaining to SPEWS about the listing. You should be complaining to the cause of the listing: Your Spam-Supporting Provider. They are the only folks that can right the wrong because it's their wrong. It's as simple as that. If you don't like being blacklisted then you shouldn't use the services of a Your Spam-Supporting Provider. This isn't rocket science folks. Hell this isn't even as hard as changing the VCI/VPI on a Cisco 675. | |
| Ozmiroid
join:2004-01-21
Des Moines, IA
| I've had dealings with spammers on NAC's network before - complaints to NAC simply get forwarded to the spammer by NAC (automatically, in fact). NAC doesn't seem to do anything other than that. For example, one time I complained 7 times about ongoing spam from one NAC customer - I didn't stop getting the spam until that part of NAC was listed by Spamhaus SBL (which my ISP uses).
Based on what I see in SPEWS S2814, and my guesses as to how SPEWS operates, this is probably the sequence of events ... SPEWS admins saw that NAC was doing nothing about spam from 66.246.48.0/24, so they listed that block. The spam continued, complaints continued to be ignored, so SPEWS escalated the listing to 66.246.64.0/18. (That doesn't include 209.123.109.175, that's listed in level 2 - "keep your eye on this, but don't block email".) Yes, using SPEWS at this point *will* cause legit, non-spam email to be rejected.
I suspect SPEWS operates this way because ISPs like NAC simply won't do *anything* about abuse from their network until the rest of the internet community becomes outraged and traffic from the offending network is widely blocked. If NAC would get off their lazy butts and take reasonable action on complaints of abuse from their network, they wouldn't find themselves escalated in SPEWS.
The owners of DSL Reports would do well to find a more responsible service provider than NAC.
If you agree with SPEWS tactics, then use SPEWS on your mailserver. Evidently many companies and mailserver admins do agree with SPEWS tactics.
Starting a media campaign won't do any good, unless it prods NAC into cleaning up their network. Someone mentioned the "Something Awful" media campaign when they were in SPEWS... I remember that... Sure, flooding news.admin.net-abuse.email with a DoS is a good way to get admins all over the world on your side - NOT! I know a lot of mailserver/network admins who promptly added Something Awful to their private blacklists/router blocks in response to that attack on the newsgroup.
But back to the point - the problem is not SPEWS, SPEWS is a sometimes drastic attempt to solve the problem where other solutions fail. The problem is ISPs that knowingly and willingly host spammers. NAC seems to be such an ISP. The only solution I see for DSL Reports - Find a more responsible ISP. | |
| |
See 30 replies to this post | |
Flutter Vertigo
@escient.com
| I think you are missing the point. SPEWS starts out by blocking the offending party. If the spamming does not stop, it moves up. Each time the spamming does not stop, it moves up. Eventually, innocent parties become ensnared. The reason? Those innocent parties may be upset at SPEWS, but they can create even more heat for the owners of the IP blocks and eventually, the IP block owners will tire of the heat and kill the spammers. This is not throwing the baby out with the bathwater as the baby is still present. If SPEWS only listed pure spamming IP blocks, it would have no effectiveness. | |
|
Noodles67
@bctel.ca
| We have a legitimate mailing list of about 100,000 names, built up over 9 years. Around 20% (20,000) of the emails on that list expire each year due to the customer closing their ISP account. Though some of the old users remember to update their address to the new one, many don't. Of that 20,000, many get reallocated to new users - some who think we might be spamming them when they get the next newsletter for the old customer.
Despite this, as we scrupulously process all remove requests, we have minimal complaints - but we do have them.
Point: it is easy to have spam complaints for a 100% ethically run mailing list.
Issue: how severe should our hosting company be with spam complaints? Fortunately they realise that few spam complaints now and again are going to occur from any newsletter, and so as the number of complaints is very very small versus our customer base, we've never had a problem.
Problem: we are experimenting with a new host. The host is so good it has well over 20,000 servers/customers. Problem is that a 'few spam complaints now and again' x 20,000 customers means A LOT of spam complaints per day.
Issue: What is a block list to do when it receives tens or hundreds of SPAM complaints from a netblock per day. This is a trivial amount per customer (1-2 per year perhaps). Answer is, now and again the ethical customer at the ethical host gets blocked.
Problem2: if you are a great host, and end up with 20,000 customers, you cannot know all your customers as well as you would like. Spammers will try to sign up, and even if you terminate them quickly, you are likely to have a period of a few hours, multiple times per week, when a spammer gets through your new customer filters, gets a server, and starts spamming at 100,000s of spams a hour. Our host monitors SMTP traffic by server for unusual spikes, but this takes a hour or two to trap and act upon.
Issue: This means that our hosts netblock is forever associated with hundreds of thousands of spams per week, even though they are very proactive about searching and terminating spammers.
This is why SPEWS constantly blocks huge ranges of legitimate customers run by ethical hosts, and why ethical hosts and customers affected by this hate it. This is compounded by its lack of accountability and transparency. | |
| |
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Why not to use SPEWS said by Noodles67:
Spammers will try to sign up, and even if you terminate them quickly, you are likely to have a period of a few hours, multiple times per week, when a spammer gets through your new customer filters, gets a server, and starts spamming at 100,000s of spams a hour.
I think that most people can tell the difference between an ISP with an aggressive and responsive abuse department, and one that ignores responses and drags its feet. The latter get listed, the former do not.
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site | |
| |
ablah
@sympatico.ca
| stop bitching, read the TRUST post, and do smth. seriously, if you had collectively put the efforts into bitching in this forum into actually doing something, you'd be that many man-hours closer. spews can say what the fuck it wants to say -- and ultimately helps a lot more people than you help by getting the ip range delisted without getting the spammer removed. | |
| | |
AmeritecTech
Change we can believe in, 1922
Premium
join:2002-09-06
Houston, TX
| Re: stop bitching, read the TRUST post, and do smth. said by ablah:
seriously, if you had collectively put the efforts into bitching in this forum into actually doing something, you'd be that many man-hours closer. spews can say what the fuck it wants to say
SPEWS can say what the fuck it wants to say, but you shut up and put your efforts into "doing something". Is that it?
--
Independent thinkers tend to ALWAYS have someone not agreeing with them. It's the non-thinkers that always come in legions." -John Callari | |
|
Ponderous
@speakeasy.n
| There is an additional point of view to the issue at hand that I think hasn't been considered yet.
Blacklists, on the whole, probably are a good thing.
Large amount of "collateral damage" in a mail delivery system, on the other hand, is highly undesirable. Why? -think business communication. Would you really prefer to go back to pen-and-paper business correspondance, or do you rather like the convenience and speed of email?
If email becomes unreliable because vigilantes like SPEWS and co. decide that it's good to cause inordinate amount of legitimate email to get lost just so that they can get one or two spammers, this does render the electronic mail system as an unreliable delivery mechanism for correspondance or any type. Between limited set of individuals this may be tolerable, but not for business or government correspondance.
Much as people would LIKE to think otherwise, email is more important than that nowadays. Of course, if SPEWS has it's way this won't be the case though.
SPEWS and their cohorts can blame the ISPs and the mail admins who implement their blacklists. While I agree that the mail admins are unwise to implement SPEWS blacklist (because they're undermining the viability of electronic mail as a viable communications platform), and ISPs should be accountable for spam originating from their networks, SPEWS isn't the way to do it.
The anti-spam solution, in my opinion, should be two-fold: both technical and legal. But that kinda goes beyond the scope of this post, so I'll skip it.
Bottom line, I think the notion of extensive "collateral damage" is unaccetable in a mail delivery system that's to be taken seriously. | |
| |
See 12 replies to this post | |
Ponderous
@speakeasy.n | Also, I think the blacklists should be held accountable as much as the ISPs, just so there wouldn't be abuse of those blacklists. | |
| |
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Why not to use SPEWS said by Ponderous:
Also, I think the blacklists should be held accountable as much as the ISPs,
They are much more accountable than ISPs. Those who don't care for mail blocked by a blacklist will stop using it. If SPEWS - or whatever blacklist - ends up having no users, it becomes irrelevant.
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site | |
| | | |
|
