Speakeasy's mailservers blacklisted

0 views
Skip to first unread message

Matthew Russotto

unread,
Jun 27, 2003, 4:25:24 PM6/27/03
to
Found it. http://mirror.bliab.com/contrib/badhost_dyna.bz2 contains a
listing for

216.254.0.0/17 dsl.speakeasy.net SPEAKEASY-2

Yep, they blacklisted an entire /17 as being "dynamic", even though it
includes not only huge ranges of static DSL addresses, but the main
MX for speakeasy. Nice.
--
Matthew T. Russotto mrus...@speakeasy.net
"Extremism in defense of liberty is no vice, and moderation in pursuit
of justice is no virtue." But extreme restriction of liberty in pursuit of
a modicum of security is a very expensive vice.

Neb Revod

unread,
Jun 28, 2003, 12:04:07 AM6/28/03
to
In article <Yd6cnaRWCMa...@speakeasy.net>,
russ...@grace.speakeasy.net says...

> Found it. http://mirror.bliab.com/contrib/badhost_dyna.bz2 contains a
> listing for
>
> 216.254.0.0/17 dsl.speakeasy.net SPEAKEASY-2
>
> Yep, they blacklisted an entire /17 as being "dynamic", even though it
> includes not only huge ranges of static DSL addresses, but the main
> MX for speakeasy. Nice.
>

Clearly, Speakeasy needs to tighten things up a bit. They didn't make
yet another blacklist, AGAIN, for NOT allowing spam to come out of their
network.

Dan Lawrence

unread,
Jun 28, 2003, 1:39:59 AM6/28/03
to
On 27 Jun 2003, Neb Revod <spammer...@flatline.com> wrote in
speak.easy:

Aren't you jumping the gun a bit there? It seems pretty obvious to
me that this list is trying to block dynamically assigned IP's.
While some consider that an Anti-spam measure, it is clearly a
proactive move.

It's knee-jerk reactions like yours that give the anti-spam folks a
bad name.

<sarcasm>
Thank god the government is going to step in and control what people
around the world can say to me. At least that way I won't have to
think for my self or anything...
</sarcasm>

--
danla...@pobox.com http://www.cutthatout.com Seattle, WA USA
I can't spell and I don't care.
Join the team at Distributed.net www.cutthatout.com/dnetteam/
SPAM bait: u...@ftc.gov rep...@fraud.org abuse@localhost
postmaster@localhost admin@localhost

Neb Revod

unread,
Jun 28, 2003, 1:58:15 PM6/28/03
to
In article <a9Scnfhf766...@speakeasy.net>, danla...@pobox.com
says...

> > Clearly, Speakeasy needs to tighten things up a bit. They didn't
> > make yet another blacklist, AGAIN, for NOT allowing spam to come
> > out of their network.
>
> Aren't you jumping the gun a bit there? It seems pretty obvious to
> me that this list is trying to block dynamically assigned IP's.
> While some consider that an Anti-spam measure, it is clearly a
> proactive move.
>

It works like this...
Speakeasy has a class B network. Among the things they asign to the IP
addresses within that network are some of their dial-up resources. They
also asign the primary mail server (MX address) for the entire Speakeasy
domain to an IP address within this space.

Joe Spambag heard that Speakeasy is lax on controlling what emails come
out of their network, so he signs up for one or more (probably several)
dial-up accounts. Mr. Spambag knows that life will be good, because even
if the IP address he's using is blocked, all he has to do is disconnect
and dial-in again and he'll probably be on another address that has not
been blocked. Life is good and he fires his spam cannon at will.

Meanwhile, the folks who have taken it upon themselves to do SOMETHING
about the ruinous and rapidly rising tide of spam are getting tired of
blocking one address at a time in the Speakeasy address space and/or
having Speakeasy fail to respond to their requests to clean up their
act, so they have no choice but to block the entire network.

Another too Mr. Spambag has at his disposal is an open proxy on a system
operated by a clueless user. Using nmap or the scanning tool of his
choice, he scans that same address space, finds any number of vulnerable
systems, and aims his spam cannon to shoot through these holes. Again,
Speakeasy apparently is unconcerned about this liability and proceeds to
let it make life miserable for millions. Anti-spam forces again must
take action that Speakeasy fails to.

This is hardly a knee-jerk reaction. If you want to take issue with
someone, take it up with Speakeasy. There ARE ways to control these
liabilities. That they refuse to do so is the real problem here, not the
volunteers who are trying to keep the Internet from being buried under
the load of crap Mr. Spambag is hosing it with.

Bruno Wolff III

unread,
Jun 28, 2003, 2:15:55 PM6/28/03
to
In article <MPG.196776f6e...@pdx.news.speakeasy.net>, Neb Revod wrote:
>
> It works like this...
> Speakeasy has a class B network. Among the things they asign to the IP
> addresses within that network are some of their dial-up resources. They
> also asign the primary mail server (MX address) for the entire Speakeasy
> domain to an IP address within this space.

Nope. They outsource dialup. They do provide dynamic IP addresses for
DSL though. DSL hopping is a lot harder the dialup hopping.
They also have signicantly more IP addresses than the equivalent of a
class B space.

> Joe Spambag heard that Speakeasy is lax on controlling what emails come
> out of their network, so he signs up for one or more (probably several)
> dial-up accounts. Mr. Spambag knows that life will be good, because even
> if the IP address he's using is blocked, all he has to do is disconnect
> and dial-in again and he'll probably be on another address that has not
> been blocked. Life is good and he fires his spam cannon at will.

The people they outsource dialup access block port 25 to random mail
servers. So email can't come directly from their outsourced dialup
service.

> Meanwhile, the folks who have taken it upon themselves to do SOMETHING
> about the ruinous and rapidly rising tide of spam are getting tired of
> blocking one address at a time in the Speakeasy address space and/or
> having Speakeasy fail to respond to their requests to clean up their
> act, so they have no choice but to block the entire network.

Some dynamic IP address lists actually ask ISPs which addresses are
dynamic so they get the right ones rather than make wild guesses.

> Another too Mr. Spambag has at his disposal is an open proxy on a system
> operated by a clueless user. Using nmap or the scanning tool of his
> choice, he scans that same address space, finds any number of vulnerable
> systems, and aims his spam cannon to shoot through these holes. Again,
> Speakeasy apparently is unconcerned about this liability and proceeds to
> let it make life miserable for millions. Anti-spam forces again must
> take action that Speakeasy fails to.

That is a different kind of list. Those lists usually list by IP address
since you don't typically have whole networks of open proxies.

> This is hardly a knee-jerk reaction. If you want to take issue with
> someone, take it up with Speakeasy. There ARE ways to control these
> liabilities. That they refuse to do so is the real problem here, not the
> volunteers who are trying to keep the Internet from being buried under
> the load of crap Mr. Spambag is hosing it with.

No it isn't a knee jerk reaction. It appears to be an incompetent black
listing service. They claim to list dynamic IP addresses, but don't
seem to try very hard to provide reliable information.

Matthew Russotto

unread,
Jun 28, 2003, 10:39:20 PM6/28/03
to
In article <MPG.1966b3968...@pdx.news.speakeasy.net>,

Right, the anti-spammer is always right. They're never to blame for
blacklisting an entire /17 containing the main mail server for a
domain, on the grounds that that /17 is all dynamic addresses.

(anyone know if there are ANY dynamic addresses in that block?)

Neb Revod

unread,
Jun 29, 2003, 1:46:44 PM6/29/03
to
In article <slrnbfrmtn...@localhost.localdomain>, br...@wolff.to
says...

> In article <MPG.196776f6e...@pdx.news.speakeasy.net>, Neb Revod wrote:
> >
> > It works like this...
> > Speakeasy has a class B network. Among the things they asign to the IP
> > addresses within that network are some of their dial-up resources. They
> > also asign the primary mail server (MX address) for the entire Speakeasy
> > domain to an IP address within this space.
>
> Nope. They outsource dialup. They do provide dynamic IP addresses for
> DSL though. DSL hopping is a lot harder the dialup hopping.
> They also have signicantly more IP addresses than the equivalent of a
> class B space.

I know that Speakeasy has more than one class B network (duh...). I was
simply illustrating a point.

So, you're saying that SE has NO dial-up customers assigned to the block
in question? And you know this how?

> The people they outsource dialup access block port 25 to random mail
> servers. So email can't come directly from their outsourced dialup
> service.
>

I seem to remember this being the case. This is a good thing.

> Some dynamic IP address lists actually ask ISPs which addresses are
> dynamic so they get the right ones rather than make wild guesses.

Which is, of course, the right thing to do. But what about when the ISP
is unresponsive? We all know that getting to a person at Speakeasy with
the level of expertise/authority to answer questions like this is
tortuous path, at best.

> > let it make life miserable for millions. Anti-spam forces again must
> > take action that Speakeasy fails to.
>
> That is a different kind of list. Those lists usually list by IP address
> since you don't typically have whole networks of open proxies.

Many of the BH lists list open proxies in addition to spam-friendly SMTP
servers.

Neb Revod

unread,
Jun 29, 2003, 1:50:35 PM6/29/03
to
In article <W-6cnTBMEbb...@speakeasy.net>,
russ...@grace.speakeasy.net says...

> >Clearly, Speakeasy needs to tighten things up a bit. They didn't make
> >yet another blacklist, AGAIN, for NOT allowing spam to come out of their
> >network.
>
> Right, the anti-spammer is always right. They're never to blame for
> blacklisting an entire /17 containing the main mail server for a
> domain, on the grounds that that /17 is all dynamic addresses.
>
> (anyone know if there are ANY dynamic addresses in that block?)
>

If that's what it takes to get the attention of the right people at
Speakeasy, then its fine with me. My mail server uses the resources of
several black hole lists. If someone can't reach an address here because
of blacklisting, it is the fault of their ISP for not doing a better job
of keeping their nose clean. As we can readily see, this pisses off
their customers no end. A well run ISP would care about this.

Bruno Wolff III

unread,
Jun 29, 2003, 11:19:20 PM6/29/03
to
In article <MPG.1968c5dca...@pdx.news.speakeasy.net>, Neb Revod wrote:
>
> So, you're saying that SE has NO dial-up customers assigned to the block
> in question? And you know this how?

I don't have a way to guarenty it since they may have some special
customers that get different service. However their outsourced dialups
get their IP addresses from the outsourced providers, not from speakeasy.
It would be very unusual for SE to have a mail server IP address in the
same /17 as one of their dialups. More likely the /17 had some dynamic
DSL IP addresses.

>> Some dynamic IP address lists actually ask ISPs which addresses are
>> dynamic so they get the right ones rather than make wild guesses.
>
> Which is, of course, the right thing to do. But what about when the ISP
> is unresponsive? We all know that getting to a person at Speakeasy with
> the level of expertise/authority to answer questions like this is
> tortuous path, at best.

Well, it is probably best not to list them on a list that claims to list
dynamic IP addresses. Stick them on some other list for which they
fit the characteristics that the list claims to have.



> Many of the BH lists list open proxies in addition to spam-friendly SMTP
> servers.

But do they claim they are lists of dynamic IP addresses? The problem was
that the list misclassified IP addresses on the list.

Keith Keller

unread,
Jun 30, 2003, 2:34:39 AM6/30/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <MPG.1968c6c5f...@pdx.news.speakeasy.net>, Neb Revod wrote:
>
> If that's what it takes to get the attention of the right people at
> Speakeasy, then its fine with me. My mail server uses the resources of
> several black hole lists. If someone can't reach an address here because
> of blacklisting, it is the fault of their ISP for not doing a better job
> of keeping their nose clean. As we can readily see, this pisses off
> their customers no end. A well run ISP would care about this.

s/blacklisting/incompetent blacklisting/;

Is it really Speakeasy's fault that the group doing the blacklisting
added some of SE's static IP space into their stated dynamic dialup IP
address range? If you don't understand the difference between a
blackhole list based on spam activity and a blacklist based strictly
on whether the IP is a dialup dynamic IP, you need to do some more
research into the subject.

If the group had listed SE's IPs as spammers, your argument would be
valid, but it seems pretty clear that they believe SE's MX is a dynamic
dialup IP address. I'm pretty sure that's not the case. Certainly
SE should be asking them to deal with the situation, but it should be
from the standpoint of "You incorrectly listed blocks of our IP
space as dialups when they're not", not "We're sorry we had spammers
on our space, it won't happen again, please delist us".

(Interestingly, a few months back my static IP address got listed in
another dynamic dialup IP list. Fortunately, the admin had a clue and
removed my address from his list very quickly when I emailed him about
it.)

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj7/2fwACgkQhVcNCxZ5ID8SGACffxnZ3f964r8PiO77IrXnMXiJ
UwwAnjstj1cwIE7bTWeLsVRFMVxitaBw
=SaL1
-----END PGP SIGNATURE-----

Neb Revod

unread,
Jun 30, 2003, 2:54:48 PM6/30/03
to
In article <vllodb...@goaway.wombat.san-francisco.ca.us>, kkeller-
spa...@wombat.san-francisco.ca.us says...

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In article <MPG.1968c6c5f...@pdx.news.speakeasy.net>, Neb Revod wrote:
> >
> > If that's what it takes to get the attention of the right people at
> > Speakeasy, then its fine with me. My mail server uses the resources of
> > several black hole lists. If someone can't reach an address here because
> > of blacklisting, it is the fault of their ISP for not doing a better job
> > of keeping their nose clean. As we can readily see, this pisses off
> > their customers no end. A well run ISP would care about this.
>
> s/blacklisting/incompetent blacklisting/;
>
> Is it really Speakeasy's fault that the group doing the blacklisting
> added some of SE's static IP space into their stated dynamic dialup IP

Well..., yes. The ISP's are typically notified very early on in the
process. Failure to act is a sure-fire way to get listed. Failure to
create and enforce policies, or deploy technological solutions that
prevent abuse by spammers is another way to make the list.

Yes, some lists block ranges of IP addresses merely for belonging to a
pool of dynamically assigned addresses. Again, proper organization of
that pool, and communication with the maintainers of the lists will
prevent bad things like the black-listing of Speakeasy's MX address.

> address range? If you don't understand the difference between a
> blackhole list based on spam activity and a blacklist based strictly
> on whether the IP is a dialup dynamic IP, you need to do some more
> research into the subject.
>
> If the group had listed SE's IPs as spammers, your argument would be
> valid, but it seems pretty clear that they believe SE's MX is a dynamic
> dialup IP address. I'm pretty sure that's not the case. Certainly

I can say with all certainty that SE's MX addresses are NOT in "...
dynamic dialup IP addresses...". The rub is that it may lie within a
network of address that ARE dynamically assigned. If this is, in fact,
the case, it was a stupid move on Speakeasy's part. Even still, it
should be easy enough to COMMUNICATE with the list folks and let them
know which ranges ARE dynamic and which are not.

Keith Keller

unread,
Jun 30, 2003, 3:12:07 PM6/30/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <MPG.196a27585...@pdx.news.speakeasy.net>, Neb Revod wrote:
>
> Well..., yes. The ISP's are typically notified very early on in the
> process. Failure to act is a sure-fire way to get listed. Failure to
> create and enforce policies, or deploy technological solutions that
> prevent abuse by spammers is another way to make the list.

Typically, but not always. But you're talking mainly about
spam blacklists, not dialup blacklists, here, where there should
be different standards of notification by the blacklisters. An
ISP could have an impeccable antispam reputaton that's completely
ignored by dialup blacklist maintainers.

> Yes, some lists block ranges of IP addresses merely for belonging to a
> pool of dynamically assigned addresses. Again, proper organization of
> that pool, and communication with the maintainers of the lists will
> prevent bad things like the black-listing of Speakeasy's MX address.

Okay. Let's say I start up a new dialup blacklist. Are you suggesting
that SE should somehow realize that I'm starting a new list and
proactively contact me to tell me what their dialup space is? Or that
it's their fault if I screw up my list? Once they find out I've
screwed up my list, then they can tell me so, but even then it's my
responsibility, not theirs, to fix it. The best they can do is
tell others what a hosehead I am for running a b0rken dialup list.

[I wrote:]

>> address range? If you don't understand the difference between a
>> blackhole list based on spam activity and a blacklist based strictly
>> on whether the IP is a dialup dynamic IP, you need to do some more
>> research into the subject.

I suggest you reread my above paragraph.

> Even still, it
> should be easy enough to COMMUNICATE with the list folks and let them
> know which ranges ARE dynamic and which are not.

Sure, but don't blame Speakeasy for the errors of the list maintainers.

BTW, Kat, do you know whether anyone from SE has contacted the folks
Matthew found dialup-blacklisting part of SE's MX? Obviously my
position is clear, but you should still be in touch with them and
(hopefully) get a positive response.

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8Ai4QACgkQhVcNCxZ5ID+10wCbBB7iCG5KoZUqiCZpfUOBnbSs
M9MAnRP/xW/nEsPgstgdf8h1XWXTnORp
=HuB5
-----END PGP SIGNATURE-----

Neb Revod

unread,
Jun 30, 2003, 3:55:33 PM6/30/03
to
In article <722qdb...@goaway.wombat.san-francisco.ca.us>, kkeller-
spa...@wombat.san-francisco.ca.us says...

> Typically, but not always. But you're talking mainly about
> spam blacklists, not dialup blacklists, here, where there should

Same thing. If a mail server is blacklisted, it is because it, or the
range of IP addresses wherein it resides, has produced spam. Dynamically
assigned IP addresses (as are virtually all dial-up addresses) are
blocked by the lists when they are shown to produce spam. By themselves,
they are not the problem.

> Okay. Let's say I start up a new dialup blacklist. Are you suggesting
> that SE should somehow realize that I'm starting a new list and
> proactively contact me to tell me what their dialup space is? Or that

Its SPAM that gets you listed, not being a dynamically assigned address.
Before you get listed, you get notified. No proactivity required. Fail
to act promptly, and you make the list. Repeatedly fail to act, and
there's a good chance you'll go back on and stay there.

> it's their fault if I screw up my list? Once they find out I've
> screwed up my list, then they can tell me so, but even then it's my
> responsibility, not theirs, to fix it. The best they can do is
> tell others what a hosehead I am for running a b0rken dialup list.
>
> [I wrote:]
>
> >> address range? If you don't understand the difference between a
> >> blackhole list based on spam activity and a blacklist based strictly
> >> on whether the IP is a dialup dynamic IP, you need to do some more
> >> research into the subject.
>
> I suggest you reread my above paragraph.
>

I think YOU don't understand. Spam blackhole lists exist so that mail
servers may reference those lists and refuse to deliver mail coming from
sites on that list. You don't get their attention, and thus make these
lists unless you produce spam. If it appears that an address in question
comes from a range of dynamic addresses, the range gets black listed by
those lists that have that as a criteria.

Again, this is absolutely fine with me, because virtually no legitimate
email comes directly from a dynamic address. The only reason an SMTP
service would be running on a dynamic address is to deliver spam. ISP's
SHOULD be blocking such delivery at their own borders. Since many of
them don't, I am glad to have resources like the DNSBL to do it for
them.

>
> Sure, but don't blame Speakeasy for the errors of the list maintainers.

No errors involved. The subnet produces spam, it gets listed. The subnet
is dyamic, it gets listed. The ISP knows is informed of this and it is
THEIR responsibility to set things up in a net-friendly way. If they
done so from the start, there would NO ISSUE.

Matthew Russotto

unread,
Jun 30, 2003, 4:55:15 PM6/30/03
to
In article <MPG.1968c6c5f...@pdx.news.speakeasy.net>,

Neb Revod <spammer...@flatline.com> wrote:
>In article <W-6cnTBMEbb...@speakeasy.net>,
>russ...@grace.speakeasy.net says...
>> >Clearly, Speakeasy needs to tighten things up a bit. They didn't make
>> >yet another blacklist, AGAIN, for NOT allowing spam to come out of their
>> >network.
>>
>> Right, the anti-spammer is always right. They're never to blame for
>> blacklisting an entire /17 containing the main mail server for a
>> domain, on the grounds that that /17 is all dynamic addresses.
>>
>> (anyone know if there are ANY dynamic addresses in that block?)
>>
>
>If that's what it takes to get the attention of the right people at
>Speakeasy, then its fine with me. My mail server uses the resources of
>several black hole lists. If someone can't reach an address here because
>of blacklisting, it is the fault of their ISP for not doing a better job
>of keeping their nose clean.

Moron anti-spammer. Exactly what is an ISP supposed to do to keep
from getting a /17 mis-listed as _dynamic IP_? Not as a spam source,
but as an address block which contains only dynamically assigned IPs.

Matthew Russotto

unread,
Jun 30, 2003, 5:00:51 PM6/30/03
to
In article <722qdb...@goaway.wombat.san-francisco.ca.us>,

Keith Keller <kkeller...@wombat.san-francisco.ca.us> wrote:
>
>BTW, Kat, do you know whether anyone from SE has contacted the folks
>Matthew found dialup-blacklisting part of SE's MX? Obviously my
>position is clear, but you should still be in touch with them and
>(hopefully) get a positive response.

I contacted them myself (I hope Speakeasy has too). No response. Of
course, maybe my mail was silently filtered (it didn't bounce, or I
would have re-sent directly).

Now mail15 is on a 'multi-hop' list again. It seems that any time a
Speakeasy customer has an open relay, if the anti-spammers find it
before Speakeasy does, they list one of Speakeasy's main mailers as a
"multi-hop open relay". They're clearly trying to pressure Speakeasy
(or rather, all ISPs) into blocking port 25 for all customers :-(.

Keith Keller

unread,
Jun 30, 2003, 5:24:31 PM6/30/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <MPG.196a3568d...@pdx.news.speakeasy.net>, Neb Revod wrote:
>
> Same thing. If a mail server is blacklisted, it is because it, or the
> range of IP addresses wherein it resides, has produced spam. Dynamically
> assigned IP addresses (as are virtually all dial-up addresses) are
> blocked by the lists when they are shown to produce spam.

This is *not* how all dialup blacklists work. Clearly you still haven't
taken my advice.

> Its SPAM that gets you listed, not being a dynamically assigned address.

This is *not* how all dialup blacklists work. Clearly you still haven't
taken my advice. Here it is again:

>> [I wrote:]
>>
>> >> address range? If you don't understand the difference between a
>> >> blackhole list based on spam activity and a blacklist based strictly
>> >> on whether the IP is a dialup dynamic IP, you need to do some more
>> >> research into the subject.
>

> I think YOU don't understand.

I know I understand. I'm not going to spend any more time getting
you to do so. Hopefully those at SE will disregard your rants and
go about solving the problem the way it should be solved. Hopefully
they'll be more polite in blowing off your misguided ideas than we've
been. :)

> You don't get their attention, and thus make these
> lists unless you produce spam.

This is *not* how all dialup blacklists work. Clearly you still haven't
taken my advice.

> Again, this is absolutely fine with me, because virtually no legitimate
> email comes directly from a dynamic address.

This may be true, but

> The only reason an SMTP
> service would be running on a dynamic address is to deliver spam.

this is not. There are valid non-spam reasons to run an SMTP server
on a dynamic IP. (Of course, those admins would need to deal with
dialup/dynamic blacklist admins themselves.)

> No errors involved. The subnet produces spam, it gets listed. The subnet
> is dyamic, it gets listed. The ISP knows is informed of this and it is
> THEIR responsibility to set things up in a net-friendly way. If they
> done so from the start, there would NO ISSUE.

This is *not* how all dialup blacklists work. Clearly you still haven't
taken my advice.

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8AqowACgkQhVcNCxZ5ID9GWgCdFCxDLwwaam/ghINDLoVEV7gs
EBkAni8LSzbb755cyk+htEqxWXYgPqwg
=lfjf
-----END PGP SIGNATURE-----

Keith Keller

unread,
Jun 30, 2003, 5:37:54 PM6/30/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <o9udnUJNOaG...@speakeasy.net>, Matthew Russotto wrote:
>
> Now mail15 is on a 'multi-hop' list again.

Doh. Of course, from http://www.dsbl.org/usage:

Note that the multihop and unconfirmed lists are very agressive and have
the potential for a high level of false positives.

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8ArbEACgkQhVcNCxZ5ID8dMQCdFmL1JNm5XTIlssVJ209f/8yD
2HAAnRiY40WUWK2FzAsln5IZC3Etm4ip
=r5C2
-----END PGP SIGNATURE-----

Matthew Russotto

unread,
Jun 30, 2003, 9:01:05 PM6/30/03
to
In article <ijaqdb...@goaway.wombat.san-francisco.ca.us>,

Keith Keller <kkeller...@wombat.san-francisco.ca.us> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>In article <o9udnUJNOaG...@speakeasy.net>, Matthew Russotto wrote:
>>
>> Now mail15 is on a 'multi-hop' list again.
>
>Doh. Of course, from http://www.dsbl.org/usage:
>
>Note that the multihop and unconfirmed lists are very agressive and have
>the potential for a high level of false positives.

Wink, wink, nod, nod.

I can't wait until they blacklist 0.0.0.0/0; that seems to be the
logical endgame of the whole anti-spam blacklisting thing.

David B Terrell

unread,
Jun 30, 2003, 10:07:47 PM6/30/03
to
Neb Revod <spammer...@flatline.com> says:
> In article <722qdb...@goaway.wombat.san-francisco.ca.us>, kkeller-
> spa...@wombat.san-francisco.ca.us says...
>> Typically, but not always. But you're talking mainly about
>> spam blacklists, not dialup blacklists, here, where there should
>
> Same thing. If a mail server is blacklisted, it is because it, or the
> range of IP addresses wherein it resides, has produced spam. Dynamically
> assigned IP addresses (as are virtually all dial-up addresses) are
> blocked by the lists when they are shown to produce spam. By themselves,
> they are not the problem.

You're not The Dumbest Person On Usenet Ever, but man you're
definately an honorable mention.

--
David Terrell |
Nebcorp Prime Minister |
d...@meat.net | The best free things in life are free.
http://wwn.nebcorp.com/ |

Keith Keller

unread,
Jun 30, 2003, 10:33:23 PM6/30/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <slrnbg1r8...@pianosa.catch22.org>, David B Terrell wrote:


> Neb Revod <spammer...@flatline.com> says:
>
> You're not The Dumbest Person On Usenet Ever, but man you're
> definately an honorable mention.

You haven't read alt.pets.rabbits lately, I take it. ;-0

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8A8vEACgkQhVcNCxZ5ID/rfQCeIAkSqp6m+JWSqtSlUOpyZaGh
mXMAmwWuglC9knCsSfDCiN5OnriRc0vw
=DG59
-----END PGP SIGNATURE-----

Neb Revod

unread,
Jun 30, 2003, 11:29:51 PM6/30/03
to
In article <slrnbg1r8...@pianosa.catch22.org>, d...@meat.net
says...

> Neb Revod <spammer...@flatline.com> says:
> > In article <722qdb...@goaway.wombat.san-francisco.ca.us>, kkeller-
> > spa...@wombat.san-francisco.ca.us says...
> >> Typically, but not always. But you're talking mainly about
> >> spam blacklists, not dialup blacklists, here, where there should
> >
> > Same thing. If a mail server is blacklisted, it is because it, or the
> > range of IP addresses wherein it resides, has produced spam. Dynamically
> > assigned IP addresses (as are virtually all dial-up addresses) are
> > blocked by the lists when they are shown to produce spam. By themselves,
> > they are not the problem.
>
> You're not The Dumbest Person On Usenet Ever, but man you're
> definately an honorable mention.
>
>

I rather doubt that, but you are free to try and substantiate your
claim. Otherwise, we can dismiss it as just another ham-fisted ad
hominem attack that is put forth for want of an argument based on
something approaching reason.

Neb Revod

unread,
Jun 30, 2003, 11:43:52 PM6/30/03
to
In article <fq9qdb...@goaway.wombat.san-francisco.ca.us>, kkeller-
spa...@wombat.san-francisco.ca.us says...

> > You don't get their attention, and thus make these
> > lists unless you produce spam.
>
> This is *not* how all dialup blacklists work. Clearly you still haven't
> taken my advice.

I don't need to take your advice. I know how spam and what you are
calling "dialup" blacklists work. I repeat my assertion, you don't make
EITHER list unless you've done something to attract their attention.
The folks here, would agree with me: http://mail-abuse.org/dul/
The MAPS DUL list is typical of what you are calling "dialup" black
lists. It exists to prevent spam. Period.

>
> > Again, this is absolutely fine with me, because virtually no legitimate
> > email comes directly from a dynamic address.
>
> This may be true, but
>
> > The only reason an SMTP
> > service would be running on a dynamic address is to deliver spam.
>
> this is not. There are valid non-spam reasons to run an SMTP server
> on a dynamic IP. (Of course, those admins would need to deal with
> dialup/dynamic blacklist admins themselves.)

Mmmm...., you're going to have to convince me on this one. I see
absolutely no reason why an ISP should let dial-up users send email
directly to other servers, as opposed to going through the ISP's
servers.

Neb Revod

unread,
Jun 30, 2003, 11:50:13 PM6/30/03
to
In article <Dd2dnSQBBYU...@speakeasy.net>,
russ...@grace.speakeasy.net says...

> >
> >If that's what it takes to get the attention of the right people at
> >Speakeasy, then its fine with me. My mail server uses the resources of
> >several black hole lists. If someone can't reach an address here because
> >of blacklisting, it is the fault of their ISP for not doing a better job
> >of keeping their nose clean.
>
> Moron anti-spammer. Exactly what is an ISP supposed to do to keep
> from getting a /17 mis-listed as _dynamic IP_? Not as a spam source,
> but as an address block which contains only dynamically assigned IPs.
>

Oh, name calling. What an elegant argument...
Let's stick to the issue, shall we?

The ISP can set up their network so that mail can not be sent directly
from a dial-up IP address. They can take advantage of any number of
readily available solutions that can identify and shut off a stream of
spam that is being directed through their mail servers by one of their
customers. They can can get off their ass and COMMUNICATE with the list
maintainers.

Keith Keller

unread,
Jul 1, 2003, 12:08:36 AM7/1/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <MPG.196aa34fc...@pdx.news.speakeasy.net>, Neb Revod wrote:
>
> I don't need to take your advice. I know how spam and what you are
> calling "dialup" blacklists work. I repeat my assertion, you don't make
> EITHER list unless you've done something to attract their attention.
> The folks here, would agree with me: http://mail-abuse.org/dul/
> The MAPS DUL list is typical of what you are calling "dialup" black
> lists. It exists to prevent spam. Period.

David, I take back my reservations about Neb's Honorable Mention award.
When's the award ceremony?

Neb, I'll take back my criticism if you research every DUL and tell
us what their policy is on adding address space to their lists. I
would especially appreciate a report on the DULs not intended to
prevent spam. Don't miss any, now.

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8BCUAACgkQhVcNCxZ5ID9r3wCeJiVD+KcKk8QtbHH4Puy9Tp3N
AfIAoJE/B7EaqjhA/n+pdo9cfkLcOGO/
=RlpC
-----END PGP SIGNATURE-----

David B Terrell

unread,
Jul 1, 2003, 12:25:11 AM7/1/03
to
Neb Revod <spammer...@flatline.com> says:
> I rather doubt that, but you are free to try and substantiate your
> claim. Otherwise, we can dismiss it as just another ham-fisted ad
> hominem attack that is put forth for want of an argument based on
> something approaching reason.

Dialup User Lists are not created based on spam origination at all.
They're set up so that ISPs can block SMTP traffic from dialup users
and force them to use their ISPs to relay. You keep saying that
it's a black mark against speakeasy to have their MX hosts put on
such a list but in fact it's just a dumbass blacklister who didn't
actually ask speakeasy.

The grandaddy of them all, originally run separately, then hosted
by MAPS (mail-abuse.org), then forked off again was a completely
ISP-supplied list. You could contact the blacklist admin and have
your own hosts blacklisted if you wanted to force your customers
to use your SMTP relay for outgoing mail (these days such ISPs
usually simply block outgoing port 25, which is actually a much
suckier solution but not enough other ISPs used the DUL on all
incoming traffic).

David B Terrell

unread,
Jul 1, 2003, 12:27:10 AM7/1/03
to
Neb Revod <spammer...@flatline.com> says:
> In article <fq9qdb...@goaway.wombat.san-francisco.ca.us>, kkeller-
> spa...@wombat.san-francisco.ca.us says...
>
>> > You don't get their attention, and thus make these
>> > lists unless you produce spam.
>>
>> This is *not* how all dialup blacklists work. Clearly you still haven't
>> taken my advice.
>
> I don't need to take your advice. I know how spam and what you are
> calling "dialup" blacklists work. I repeat my assertion, you don't make
> EITHER list unless you've done something to attract their attention.
> The folks here, would agree with me: http://mail-abuse.org/dul/
> The MAPS DUL list is typical of what you are calling "dialup" black
> lists. It exists to prevent spam. Period.

the process of "attracting MAPS attention" to get put on the DUL consists
of contacting them with a list of your dialup netblocks, and saying
"please add these to your list".

DUL was a way for ISPs to prevent direct-to-SMTP by their customers
without blocking people doing authenticated SMTP to their office
or whatnot.

Matthew Russotto

unread,
Jul 1, 2003, 12:35:28 PM7/1/03
to
In article <MPG.196aa4d27...@pdx.news.speakeasy.net>,

Neb Revod <spammer...@flatline.com> wrote:
>In article <Dd2dnSQBBYU...@speakeasy.net>,
>russ...@grace.speakeasy.net says...
>
>> >
>> >If that's what it takes to get the attention of the right people at
>> >Speakeasy, then its fine with me. My mail server uses the resources of
>> >several black hole lists. If someone can't reach an address here because
>> >of blacklisting, it is the fault of their ISP for not doing a better job
>> >of keeping their nose clean.
>>
>> Moron anti-spammer. Exactly what is an ISP supposed to do to keep
>> from getting a /17 mis-listed as _dynamic IP_? Not as a spam source,
>> but as an address block which contains only dynamically assigned IPs.
>>
>
>Oh, name calling. What an elegant argument...
>Let's stick to the issue, shall we?

This, coming from a guy calling himself "Neb Revod"?

>The ISP can set up their network so that mail can not be sent directly
>from a dial-up IP address.

Here, I'll type this slowly so you understand:

The /17 block listed does not contain dial-up IP addresses.

>customers. They can can get off their ass and COMMUNICATE with the list
>maintainers.

Hard to do when you can't even figure out who is maintaining the
list. This is a list in "contrib" at the bliab site.

Neb Revod

unread,
Jul 1, 2003, 1:08:45 PM7/1/03
to
In article <slrnbg23a...@pianosa.catch22.org>, d...@meat.net
says...


> Dialup User Lists are not created based on spam origination at all.
> They're set up so that ISPs can block SMTP traffic from dialup users
> and force them to use their ISPs to relay.

... because of SPAM.

From the MAPS DUL web page (http://mail-abuse.org/dul/index.html)...

"We accomplish this by preventing trespassing by mass e-mailers who
offload unsolicited e-mail, aka: spam, using direct connections to their
victims' mail servers without using their ISP's mail server as a relay
or gateway..."


> You keep saying that
> it's a black mark against speakeasy to have their MX hosts put on
> such a list but in fact it's just a dumbass blacklister who didn't
> actually ask speakeasy.

More likely, its a frustrated blacklister who, after the umpteenth flood
of spam poured out of Speakeasy IP space, contacted Speakeasy YET AGAIN
to call their attention to the problem and to get them to do something
about it, only to have Speakeasy's top-notch support system drop the
ball.

Again, things like this don't usually happen when the responsible party
is responsive and communicates.

Kat Oak

unread,
Jul 1, 2003, 2:19:16 PM7/1/03
to

"Matthew Russotto" <russ...@grace.speakeasy.net> wrote in message
news:Yd6cnaRWCMa...@speakeasy.net...

> Found it. http://mirror.bliab.com/contrib/badhost_dyna.bz2 contains a
> listing for
>
> 216.254.0.0/17 dsl.speakeasy.net SPEAKEASY-2
>
> Yep, they blacklisted an entire /17 as being "dynamic", even though it
> includes not only huge ranges of static DSL addresses, but the main
> MX for speakeasy. Nice.

Yesterday, I passed this information along to our Engineering & Abuse teams
for follow-up. We have received no notices regarding this listing - which
is fairly common, actually. Maintainers of these lists often do not contact
the owner of the IPs, nor do they verify the use/nature of the IP, and it's
often difficult to get ahold of them. We are incredibly communicative and
responsive to any notices of this type from any organization - our
relatively open customer policies force us to be vigilant when it comes to
abusive activity.

In general, RBL's are a headache - the idea itself has merit, but the
maintenance thereof leaves much to be desired.

I'll follow-up here with more information as soon as we have any - thanks
for your patience,

Kat Oak
Speakeasy
k...@speakeasy.net


Jonathan Kamens

unread,
Jul 1, 2003, 2:22:19 PM7/1/03
to
Neb Revod <spammer...@flatline.com> writes:
>Again, things like this don't usually happen when the responsible party
>is responsive and communicates.

To be blunt, that's a load of horse-shit.

About a year ago, I discovered that some of my at-the-time employer's
servers (I have since moved on to a new job) had been listed as spam
sources at relays.osirusoft.com.

In the spirit of full disclosure, I must admit that my employer was
hardly squeaky clean -- you can search for "WorldWinner" in
news.admin.net-abuse.email at groups.google.com if you want to see all
the sordid details.

I did not understand why WorldWinner had been listed as a spam source,
so I sent E-mail to the maintainer of relays.osirusoft.com, Joe Jared,
asking politely for an explanation so that I could do something about
whatever got us listed. Since he had WorldWinner's mail servers
blocked, I sent the E-mail to him from home, i.e., from my Speakeasy
IP address.

He didn't respond to my E-mail. Instead, he added my Speakeasy IP
address to his database, asserting that it was affiliated with
WorldWinner. You can still see it there if you go to
<URL:http://relays.osirusoft.com/cgi-bin/rbcheck.cgi> and search for
66.92.77.120.

There has never been a single spam message from my IP address, and
there never will be a single spam message from my IP address. I have
never spammed, and I never will. I have a history of actively
combatting spam on the Usenet going back over 15 years. Despite all of
this, Joe Jared thinks it's reasonable to block-list me merely for
attempting to correspond with him about why he block-listed my employer.

This, despite the fact that by the end of the discussion in
news.admin.net-abuse.email I admitted that WorldWinner was doing some
stuff wrong (in particular, not doing using double opt-in for
registrations on their Web site) and began working to change things
from the inside (an effort which, alas, I did not finish before
leaving).

This, despite the fact that I stopped working for WorldWinner in late
March and sent Joe Jared E-mail notifying him about that fact.

You might try to argue that Joe Jared is an aberration, that most of
the block-list maintainers are reasonable about removing incorrect
entries from their lists. But despite repeated pleas from me in
news.admin.net-abuse.email, not a single person was willing to publicly
agree with me that block-listing my personal IP address merely for
attempting to communicate with Joe Jared was inappropriate.

The anti-spam movement has become completely polarized since I stopped
actively spam-fighting. Whereas I was and still am capable of
perceiving grey areas in spam, the modern activists, for the most part,
seem incapable of doing so. It's all black and white -- you're either
a totally evil spammer or an anti-spam hero, with nothing in between.

I think Joe Jared's behavior might be the extreme, but I don't think
it's so far from the behavior of other block-list maintainers. You
asserted, "things like this don't usually happen when the responsible
party is responsive and communicates," but the fact of the matter is
that my personal IP got block-listed BECAUSE I was trying to be
responsive and communicate.

I used to maintain exactly the position that you're maintaining -- that
the block-list maintainers are reasonable people and that entries in
block-lists are usually removed quickly when they are shown to be in
error or when the blocked parties show that they have taken steps to
address the problems. When I heard people complain about being blocked
inappropriately, I'd tell them to go make their case in
news.admin.net-abuse.email and, if they were right, the problem would
be solved. I no longer believe that.

Keith Keller

unread,
Jul 1, 2003, 6:40:38 PM7/1/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <bdsjgr$er8$1...@jik.kamens.brookline.ma.us>, Jonathan Kamens wrote:
>
> About a year ago, I discovered that some of my at-the-time employer's
> servers (I have since moved on to a new job) had been listed as spam
> sources at relays.osirusoft.com.

Well. I think I'm glad you've left WorldWinner. :)

> In the spirit of full disclosure, I must admit that my employer was
> hardly squeaky clean -- you can search for "WorldWinner" in
> news.admin.net-abuse.email at groups.google.com if you want to see all
> the sordid details.

> You might try to argue that Joe Jared is an aberration, that most of


> the block-list maintainers are reasonable about removing incorrect
> entries from their lists. But despite repeated pleas from me in
> news.admin.net-abuse.email, not a single person was willing to publicly
> agree with me that block-listing my personal IP address merely for
> attempting to communicate with Joe Jared was inappropriate.

I might not agree, either--they're right in that you were representing
your company from that IP. You're also right, though, in that Joe's
site doesn't really provide much of a method for actually contacting
him. It seems like your only option would have been to post to nan-ae
instead of using private email--it wouldn't have helped WorldWinner,
but at least you would have avoided getting your own IP blocked. (I
laugh at the ludicrous suggestion that you use a Hotmail or other
web-based account--I bet Joe discards most mail from those sources
on sight. If I ran a list like his, I would.)

There was definitely some questionable treatment of you in that
thread, but quite bluntly you said some dumb things, too. Had you
stuck to getting your home IP off of his list, without trying to
defend WorldWinner, you might have gotten a less hostile audience.
Or perhaps not. NANAE is a funny bunch. :)

You mentioned a response from Joe, but I didn't find it in that thread
on Google. Do you have a message-ID? I have contacted Joe before
(though not because I'd been blackholed), and didn't find him to
be an unreasonable hothead. It might be interesting to try to
get your SE IP delisted now that you're no longer at WorldWinner.

> The anti-spam movement has become completely polarized since I stopped
> actively spam-fighting. Whereas I was and still am capable of
> perceiving grey areas in spam, the modern activists, for the most part,
> seem incapable of doing so. It's all black and white -- you're either
> a totally evil spammer or an anti-spam hero, with nothing in between.

Obviously we know where Neb stands here. ;-)

> I think Joe Jared's behavior might be the extreme, but I don't think
> it's so far from the behavior of other block-list maintainers. You
> asserted, "things like this don't usually happen when the responsible
> party is responsive and communicates," but the fact of the matter is
> that my personal IP got block-listed BECAUSE I was trying to be
> responsive and communicate.

As you've seen, Neb has an incorrect view of the list mail15 is on--
I think that if Joe had listed you as a dynamic/dialup IP, you probably
would not have had difficulty getting off his list. (I don't think
he maintains any lists like a DUL, though.)

> When I heard people complain about being blocked
> inappropriately, I'd tell them to go make their case in
> news.admin.net-abuse.email and, if they were right, the problem would
> be solved. I no longer believe that.

OTOH, where else can spamblocked people go? Certainly, as your case
demonstrates, private email is not a workable solution.

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8CDeMACgkQhVcNCxZ5ID/qXQCfcQVXoiolaMoXDHe0fENCXtzT
UAMAniA0woP5O1TZLs/TMxoBj29hoSTX
=nBXV
-----END PGP SIGNATURE-----

Jonathan Kamens

unread,
Jul 1, 2003, 7:49:40 PM7/1/03
to
Keith Keller <kkeller...@wombat.san-francisco.ca.us> writes:
>I might not agree, either--they're right in that you were representing
>your company from that IP.

And why does that matter? The purpose of a block-list is to block IP
addresses from which spam might originate. I don't think anyone in
NANAE tried to make a serious case that there was any chance that spam
would ever originate from my IP address. Instead, everyone seem to
agree that it is acceptable to punitively block someone's personal IP
address. I find this attitude abhorrent.

I suspect that if there other anti-spam people besides me who have not
bought into the us-versus-them, all-or-nothing attitude that is
prevalent in NANAE, they, like I, have been scared out of the group by
the zealots. It just isn't worth the energy to try to represent a
moderate point of view in that newsgroup.

It reminds me of when, during the year my wife and I spent living in
Israel, I inadvertently ended up studying at an ultra-right-wing
seminary. Now, when it comes to Israeli politics I'm not exactly a
right-winger, but it became very clear to me very quickly that the
other students there and I had nothing in common. I wasn't about to
attempt to represent the voice of moderation in a school full of
hot-heads, so I left and went to study somewhere else.

>You're also right, though, in that Joe's
>site doesn't really provide much of a method for actually contacting
>him. It seems like your only option would have been to post to nan-ae
>instead of using private email--it wouldn't have helped WorldWinner,
>but at least you would have avoided getting your own IP blocked.

First of all, how was I to know *in advance* that I was not "allowed"
to contact Joe via E-mail?

Second, on the Internet that *I* grew up on, it was the ultimate in
rudeness to post a message in a public newsgroup that was intended for
one person; that's what E-mail is for. On the other hand, considering
the prevalance of people posting with munged E-mail addresses without
indicating anywhere in their postings how to contact them by E-mail, I
suppose I should resign myself to the fact that this battle has been
lost.

>(I
>laugh at the ludicrous suggestion that you use a Hotmail or other
>web-based account--I bet Joe discards most mail from those sources
>on sight. If I ran a list like his, I would.)

If true, then it's yet another reason why I think the anti-spam
zealots like Joe are irresponsible. I was on the receiving end of a
hell of a lot of complaints from spammers when I was actively
canceling Usenet spam, and I read every single message. In the >15
years I've been on the Internet, I've read every single E-mail message
that was sent to me.

If you don't have time to read the E-mail from people trying to
contact you about your block-list, then you shouldn't be running a
block-list.

>There was definitely some questionable treatment of you in that
>thread, but quite bluntly you said some dumb things, too. Had you
>stuck to getting your home IP off of his list, without trying to
>defend WorldWinner, you might have gotten a less hostile audience.
>Or perhaps not. NANAE is a funny bunch. :)

First of all, a lot of the things I said in defense of WorldWinner I
later retracted.

Second, I was not merely defending WorldWinner; I was defending the
idea that spam isn't all black and white, that there are grey areas
and that people deserve the respect of having their situations
considered on a case-by-case basis.

>You mentioned a response from Joe, but I didn't find it in that thread
>on Google. Do you have a message-ID?

No, I'm afraid I don't. It's there somewhere, I think.

>I have contacted Joe before
>(though not because I'd been blackholed), and didn't find him to
>be an unreasonable hothead.

I certainly consider it "unreasonable" that his response to my sincere
attempt to find out why WorldWinner was block-listed was to (a) not
respond to my E-mail and (b) block my personal IP address.

I certainly consider it "unreasonable" that he still hasn't unblocked
my IP address, despite the fact that I notified him that I'm no longer
with WorldWinner.

>It might be interesting to try to
>get your SE IP delisted now that you're no longer at WorldWinner.

As I said, I've already sent him E-mail about it, which he ignored?
What would you have me do, post about it in NANAE? No thank you, I
got enough abuse the first time.

What I will probably do, at some point, is ask Speakeasy to assign me
a different IP address. Given the circumstances, I hope that they
will be reasonable about it if I make such a request. Even if they're
not willing to replace my "tainted" address, I'm entitled to two
addresses as part of my service and I'm only using one, so I could
just ask them to assign me a second one and switch over to using that
as my primary address.

>> When I heard people complain about being blocked
>> inappropriately, I'd tell them to go make their case in
>> news.admin.net-abuse.email and, if they were right, the problem would
>> be solved. I no longer believe that.
>
>OTOH, where else can spamblocked people go? Certainly, as your case
>demonstrates, private email is not a workable solution.

The point is that there *is* no workable solution. The block-list
maintainers are vigilantes in the worst sense of the word. They have
taken it upon themselves to decide what the law is, how to adjudicate
it, and how to enforce it.

I don't want to lump everybody together -- there are some good
block-list maintainers. But the bad ones, and the zealots who inhabit
NANAE and tear to shreds anyone who dares to challenge any of their
inviolate assumptions, give the entire group a bad name.

Keith Keller

unread,
Jul 1, 2003, 8:53:03 PM7/1/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <bdt6mk$qv6$2...@jik.kamens.brookline.ma.us>, Jonathan Kamens wrote:
> Keith Keller <kkeller...@wombat.san-francisco.ca.us> writes:
>>I might not agree, either--they're right in that you were representing
>>your company from that IP.
>
> And why does that matter? The purpose of a block-list is to block IP
> addresses from which spam might originate.

<devil's advocate>

True--so if someone from a suspected spammer starts using another IP,
it's possible spam may eventually originate from there.

</devil's advocate>

I know you disagree with this policy, but it is their policy. The
problems obviously arose when you tried to get off the blacklist.

> I don't think anyone in
> NANAE tried to make a serious case that there was any chance that spam
> would ever originate from my IP address.

I don't think they felt it necessary. Yes, that's problematic.

>>You're also right, though, in that Joe's
>>site doesn't really provide much of a method for actually contacting
>>him. It seems like your only option would have been to post to nan-ae
>>instead of using private email--it wouldn't have helped WorldWinner,
>>but at least you would have avoided getting your own IP blocked.
>
> First of all, how was I to know *in advance* that I was not "allowed"
> to contact Joe via E-mail?

His website (relays.osirusoft.com) is a little vague, but it does seem
to imply that NANAE is one acceptable method of contacting him about a
listing. That, plus his intentionally-designed contact form, would be
indicators that private email might get you in trouble. But, again, I
agree that it's not entirely clear that email is not desired.

> Second, on the Internet that *I* grew up on, it was the ultimate in
> rudeness to post a message in a public newsgroup that was intended for
> one person; that's what E-mail is for. On the other hand, considering
> the prevalance of people posting with munged E-mail addresses without
> indicating anywhere in their postings how to contact them by E-mail, I
> suppose I should resign myself to the fact that this battle has been
> lost.

Face it--our internet is gone. :(

> In the >15
> years I've been on the Internet, I've read every single E-mail message
> that was sent to me.

Even the spam? :0

>>You mentioned a response from Joe, but I didn't find it in that thread
>>on Google. Do you have a message-ID?
>
> No, I'm afraid I don't. It's there somewhere, I think.

Perhaps in a different thread. I'll take a look later if I'm curious.

Anyhoo, I hope Neb gets the point that not all blacklists work in the
same way, and that there are times when the listee is not at fault.
(That was your point, right?)

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8CLOsACgkQhVcNCxZ5ID940wCggw8TOvm+7sC460UyXD3Dy4KS
HJwAn3KlqcPefHJPbPJ0CG4iP8x8zxsN
=Sj+m
-----END PGP SIGNATURE-----

Neb Revod

unread,
Jul 1, 2003, 9:13:46 PM7/1/03
to
In article <bdsjgr$er8$1...@jik.kamens.brookline.ma.us>,
j...@kamens.brookline.ma.us says...

> You might try to argue that Joe Jared is an aberration, that most of
> the block-list maintainers are reasonable about removing incorrect
> entries from their lists.

Yes, I would indeed argue that such is the case. I am not personally
familiar with Joe's list, nor am I familiar with you and the issue you
raise.

IMO, as you describe the events, they were right to list the IP
addresses of unrepentant spammers (WorldWinner), NOT right to list your
personal IP address, and certainly not right to fail to communicate on
this issue.

To paint all the list maintainers with the same brush is just as absurd
an act as Mr. Jared's treatment of you; a black and white view. The
maintainers of the lists our servers use are nothing like what you
describe. They have my sincere thanks for reducing the spam hitting our
cusotmers mailboxes by well over 95%.

To illustrate it another way, I have often been in a position similar to
that of black hole list maintainer, in that I have had to report issues
to ISP's and network administrators. Most were reasonable, producing at
the very least, a tacit response that they had received my complaint and
would be investigating it. Some were depressingly silent. It would
hardly be rational to assess the whole lot to just as worthless as the
latter.

Matthew Russotto

unread,
Jul 1, 2003, 9:35:29 PM7/1/03
to
In article <bdt6mk$qv6$2...@jik.kamens.brookline.ma.us>,

Jonathan Kamens <j...@kamens.brookline.ma.us> wrote:
>Keith Keller <kkeller...@wombat.san-francisco.ca.us> writes:
>>I might not agree, either--they're right in that you were representing
>>your company from that IP.
>
>And why does that matter? The purpose of a block-list is to block IP
>addresses from which spam might originate.

You'd think so, from half the propaganda of the anti-spammers. Look
at the other half -- their discussions with other true believers --
and you realize that the purpose of a block list is to punish anyone
somehow associated with a spammer. And to ultimately restrict
communication on the net to only those approved by anti-spammers.

Jonathan Kamens

unread,
Jul 1, 2003, 10:37:13 PM7/1/03
to
Keith Keller <kkeller...@wombat.san-francisco.ca.us> writes:
><devil's advocate>
>True--so if someone from a suspected spammer starts using another IP,
>it's possible spam may eventually originate from there.
></devil's advocate>

Anyone who took the time to examine all the facts of my situation and
honestly concluded that there was any possibility at all that spam
would originate from my Speakeasy IP address is a moron.

I don't think a single person in NANAE did that. Either (a) they
didn't bother to examine all the facts, or (b) they realized that spam
would never originate from my IP but didn't care because the real point
of (some) block-lists isn't to block spam, it's to punish people who
disagree with them, and they're OK with that.

The folks in NANAE have a semi-formalized, semi-humorous set of "rules"
they apply in their interactions with spammers. The first rule is,
"Spammers lie." Ergo, once they've decided that someone is a spammer,
they no longer feel obliged to listen to or consider anything the
person has to say -- since spammers lie, everything the person has to
say which might reflect favorably on him/her is a lie and not worth
paying any attention to.

"You're a spammer!"

"No, I'm not, and here's why...."

"Everything you've said is a lie, because you're a spammer!"

See the Catch-22 here?


>His website (relays.osirusoft.com) is a little vague, but it does seem
>to imply that NANAE is one acceptable method of contacting him about a
>listing.

I don't know if I saw anything implying that before I sent him E-mail.
If I had, and it was "vague," I probably would have ignored it, since
(as I mentioned previously) I think it's inappropriate to post a
message that's intended for one person.

>That, plus his intentionally-designed contact form, would be
>indicators that private email might get you in trouble.

As I pointed out in the discussion in NANAE, none of the categories on
his contact form were appropriate for what I was trying to contact him
about, and the default category says, and I quote, "Default (Not
recommended unless intellectually challenged)." I hope you understand
why I was reluctant to use his contact form with that category
selected.

Jonathan Kamens

unread,
Jul 1, 2003, 10:47:34 PM7/1/03
to
Neb Revod <spammer...@flatline.com> writes:
>To paint all the list maintainers with the same brush is just as absurd
>an act as Mr. Jared's treatment of you; a black and white view.

I've already conceded in a different posting from the one to which
you were responding that there are some good block-list maintainers.

I didn't paint the people in NANAE with the brush you're putting in my
hand; they painted themselves with it. As I mentioned, not a single
person in NANAE was willing to step forward and state that it was
inappropriate for my IP address to be listed in Joe's database. Not a
single one. On the other hand, quite a few people stated that they
thought it was perfectly reasonable.

A good number of the block-list maintainers read NANAE. The fact that
none of them were willing to express the opinion that I didn't deserve
to have my IP block-listed says something about their integrity, even
for the people who wouldn't do the same thing in their own lists.

Mike Easter

unread,
Jul 1, 2003, 11:09:50 PM7/1/03
to
Fresh threads - spamcop one has about 28 msgs, nanae's just started

news://news.spamcop.net/bdsqdm$gka$1...@news.spamcop.net
Newsgroups: spamcop
Subject: An interesting commen on another (not SC) blacklist
Date: Tue, 01 Jul 2003 20:20:03 +0000
Message-ID: <bdsqdm$gka$1...@news.spamcop.net>

Newsgroups: news.admin.net-abuse.email
Subject: Jonathan Kamens and osirusoft
Message-ID: <WnrMa.94000$49.36...@twister.socal.rr.com>
Date: Wed, 02 Jul 2003 02:24:54 GMT

--
Mike Easter

Keith Keller

unread,
Jul 1, 2003, 11:19:36 PM7/1/03
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <bdtggp$27f$1...@jik.kamens.brookline.ma.us>, Jonathan Kamens wrote:
> Keith Keller <kkeller...@wombat.san-francisco.ca.us> writes:

>>That, plus his intentionally-designed contact form, would be
>>indicators that private email might get you in trouble.
>
> As I pointed out in the discussion in NANAE, none of the categories on
> his contact form were appropriate for what I was trying to contact him
> about, and the default category says, and I quote, "Default (Not
> recommended unless intellectually challenged)." I hope you understand
> why I was reluctant to use his contact form with that category
> selected.

Well, yeah, that's what I meant--the form was designed to
discourage direct email contact with Joe. I know you believe
that's wrong, but obviously he does not, and since it's his
list your choices were to a) tolerate being on them, or b)
use his preferred method of contact. (I neither support nor
oppose his policy.) Obviously, we can see why not all mail
admins use these lists (or use them to tag messages, not to
refuse them). Certainly there's a strong contingent of
''anti-anti-spammers'' in this newsgroup. :)

- --keith

- --
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8CT0MACgkQhVcNCxZ5ID+MvQCfROlTXXPiGX+YqHpwF90sNfgt
+ggAoJfN22LXicCEIeGIQCS6UyxilBUR
=wN/P
-----END PGP SIGNATURE-----

Dan Lawrence

unread,
Jul 2, 2003, 2:15:01 AM7/2/03
to
On 01 Jul 2003, Keith Keller
<kkeller...@wombat.san-francisco.ca.us> wrote in speak.easy:
(snip)

> Certainly there's a strong contingent of
> ''anti-anti-spammers'' in this newsgroup. :)
>
> - --keith

Just please don't confuse the ''anti-anti-spammers'' with pro-
spammers. They are two totally different types of people :)

--
danla...@pobox.com http://www.cutthatout.com Seattle, WA USA
I can't spell and I don't care.
Join the team at Distributed.net www.cutthatout.com/dnetteam/
SPAM bait: u...@ftc.gov rep...@fraud.org abuse@localhost
postmaster@localhost admin@localhost

Jonathan Kamens

unread,
Jul 2, 2003, 8:33:25 AM7/2/03
to
Have fun. I, for one, have no intention of reading either spamcop or
news.admin.net-abuse.email.

Bruno Wolff III

unread,
Jul 2, 2003, 11:21:49 AM7/2/03
to
In article <bdujel$p05$1...@jik.kamens.brookline.ma.us>, Jonathan Kamens wrote:
> Have fun. I, for one, have no intention of reading either spamcop or
> news.admin.net-abuse.email.

I don't blame you on spamcop. They were sending us bogus reports a while
back and wanted to make us jump through hoops to contact them. Before
that they would occasionally send test messages to our postmaster or
abuse address asking us to jump through hoops to prove the mail was
read by a human. Now I (and I am usually the only one that would respond
to that kind of message at work) just ignore (as in filter to /dev/null) any
complaints from them.

David B Terrell

unread,
Jul 3, 2003, 1:11:29 AM7/3/03
to

Heh. My favorite spam report ever has to be when spamcop tried to
put my IP on their blacklist because somebody hit reply-all to a
mailing list (thus hitting the person to whom they were replying
with two copies, one via list, one via To:) and had a website I
host quoted in their .sig.

Spam sucks, antispam sucks. What's a poor guy to do who just wants
to read his damn email?

Jonathan Kamens

unread,
Jul 3, 2003, 8:33:32 AM7/3/03
to
David B Terrell <d...@meat.net> writes:
>Spam sucks, antispam sucks. What's a poor guy to do who just wants
>to read his damn email?

Use bogofilter, or at equivalen Bayesian filter.

Will Yardley

unread,
Jul 5, 2003, 4:44:37 PM7/5/03
to
In article <slrnbg7er...@pianosa.catch22.org>, David B Terrell wrote:
> Bruno Wolff III <br...@wolff.to> says:

>> I don't blame you on spamcop. They were sending us bogus reports a
>> while back and wanted to make us jump through hoops to contact them.
>> Before that they would occasionally send test messages to our
>> postmaster or abuse address asking us to jump through hoops to prove
>> the mail was read by a human. Now I (and I am usually the only one
>> that would respond to that kind of message at work) just ignore (as
>> in filter to /dev/null) any complaints from them.

FWIW, I've always had good luck getting responses from humans at
Spamcop, and I think that most of their "hoops" are there for good
reason. They just want to make sure that their users don't get constant
auto-acks from abuse desks which ARE (only) auto-acks.

In general, bogus Spamcop reports are due to user error. If there's an
actual flaw in their system, I've found that Spamcop deputies are
generally quick to fix it.

> Heh. My favorite spam report ever has to be when spamcop tried to
> put my IP on their blacklist because somebody hit reply-all to a
> mailing list (thus hitting the person to whom they were replying
> with two copies, one via list, one via To:) and had a website I
> host quoted in their .sig.

Again.... User error.



> Spam sucks, antispam sucks. What's a poor guy to do who just wants
> to read his damn email?

Antispam doesn't suck... sure - sometimes people make mistakes. I make
mistakes, and I've certainly made mistakes when sending complaints
before.

I generally try to explain peoples' errors when I get misdirected abuse
reports.... but if you don't have time to do that, simply ignore them.

If you really don't want to get Spamcop complaints, Spamcop itself lets
you disable them (you can even disable certain kinds of complaints
specifically, if you get incorrect complaints of one certain type all
the time).

I've said it before and I'll say it again -- Spamcop isn't perfect, but
it's better than a user with no experience reading headers at all - and
SC is right on the money a surprising amount of the time.

--
No copies, please.
To reply privately, simply reply; don't remove anything.

Bruno Wolff III

unread,
Jul 6, 2003, 4:31:24 PM7/6/03
to
In article <slrnbgee5...@jazz.hq.newdream.net>, Will Yardley wrote:
>
> FWIW, I've always had good luck getting responses from humans at
> Spamcop, and I think that most of their "hoops" are there for good
> reason. They just want to make sure that their users don't get constant
> auto-acks from abuse desks which ARE (only) auto-acks.

Just because they have good reasons for making people jump through hoops
doesn't mean I am going to jump through them for them.

> I've said it before and I'll say it again -- Spamcop isn't perfect, but
> it's better than a user with no experience reading headers at all - and
> SC is right on the money a surprising amount of the time.

We don't need spamcop to tell us if there are problems. Generally if someone's
machine on campus gets abused we will hear about it. For us Spamcop messages
were almost always redundant or false positives, so it is better for us
to ignore them.

Reply all
Reply to author
Forward
0 new messages