[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: calling Philip Hands <phil@hands.com> [the long version]

On Thu, Jun 03, 1999 at 04:24:26AM -0400, Branden Robinson wrote:
> In the meantime, do me the courtesy of not CC'ing me on list mail.  

no problem.

> I gather you believe I am stupid, 

not true. i've read enough mail from you to know that you're not stupid,
and that you often have something worthwhile to say. i don't think
you're stupid. i just know that you are wrong on this particular issue.

if i thought you were stupid i would just ignore you.

> But non-spammers who get blacklisted by anti-spam rules have no such
> recourse.  They are told to "live with it."  

you don't have a right to deliver mail to anyone. you have a right to
write it, but it is the recipient who decides whether they will accept
delivery or not.

if you choose not to send your mail in a manner acceptable to the
recipient then that is your problem, not theirs. if you have something
you want to say, then say it in a way which your audience can hear.

> > blocking almost all spam for the minor price of requiring end-users
> > to use the smtp relay services provided by their ISP is a big win.
> Ah, you acknowledge that the end-users are REQUIRED to use the SMTP
> relay services provided by their ISP to get reliable electronic mail
> service.  Below, you say it is an option.

it is a user's option to decide whether they want to use their ISP's
smtp relay or not.

it is a recipient's option to decide whether they want to receive mail
from dialup IP addresses or not.

so yes, practically speaking, if you want to send email to people who do
not accept delivery from dialup IPs then you are required to send your
mail through a mail relay.

> Well, I can exercise my option to go without food or water, but that
> is not conducive to the goal of sustained life.

you are unlikely to die if your mail bounces back to you. even if such
an improbable event did occur, it is arguable that it would be suicide
through pig-headed stubborn-ness: "I'll die before i submit to those
fascists who want to make me use my ISP's mail relay!".

> > "innocent bystanders" (to use your zero-content emotionally
> > manipulative label) are not prevented from sending mail by the DUL
> > RBL.
> "Zero-content emotionally manipulative label"; please explain to me
> how I am a guilty party to the transmission of spam messages.

please explain how you can deliberately misundestand plain english.

the phrase is "innocent bystanders" is a 'zero-content emotionally
manipulative label' because it adds nothing useful to the discussion.
it is the kind of throwaway, meaningless phrase which you would hear on
the evening news. it serves no purpose but to bias any listeners through
cheap emotional manipulations.

> I cannot find an RFC that tells me I have to use a mail relay of any
> kind to ensure the reliable transmission of my messages.

you don't have to. there is no such RFC.

i'll say it again because you seem not to want to understand:


> If my ISP purposely refuses delivery to my mailbox of mail that is
> addressed to me, how does that fail to be act of interference in my
> personal correspondence?

assuming your isp uses a DUL:

your isp doesn't refuse delivery of mail to your mailbox. they refuse
acceptance of mail from dialup addresses. your address doesn't enter the
equation at all.

if your correspondent wishes to deliver mail to your ISP then they can
use their own ISP's mail relay. alternatively, if YOUR ISP is using
decent software then they can add your address to a "spam-is-acceptable"
list so that mail to your address bypasses all spam checks (this is
possible with postfix and some other MTAs)

btw, do you consider quotas on mail spools to be unreasonable
interference with your personal correspondence? they also are a limit
placed on the system to keep resource utilisation to manageable levels.

> > tough. other people choose not to receive mail from dialup IPs because
> > of the likelihood that it might be spam. if you want to communicate with
> > these people, then you know what you have to do.
> I see no reason why I should go out of my way to communicate with people
> who have solicited my response but who (or whose ISP) bounces my mail back
> at me.

you don't have to.

if you want to send mail to them, you know what you have to do.

if you don't want to send mail, or you don't care, then don't do anything.

> Well, you can try to use it, as Gordon Fecyk, the ORBS guys, and
> others have illustrated, but the very ferocity of their defense raises
> suspicions of smokescreening.

i don't use orbs - i like the idea but think that they are dangerous
loons with itchy trigger fingers.  MAPS *are* too slow to act against
spammers, but ORBS are way too fast.

> Gordon Fecyk says, if you don't like relaying mail through your ISP's
> relay because of privacy concerns, just use PGP.
> Perhaps he is unfamiliar with public-key cryptography.  To ensure the
> privacy of a message, it must be encrypted.  To encrypt a message, one
> must have the key.  How am I supposed to PGP-encrypt mail to someone
> who doesn't have a PGP key?  But I digress...

this is a red herring - if you care about privacy, you don't have any
choice but to use pgp or gpg or some other decent encryption program.

unless you're using encryption, your ISP can sniff the packets going
through their network and extract your messages out of it if they want

if your messages go through any kind of satellite transit without
encryption, then anyone in the area covered by the satellite can copy
your messages.

> Your refrain, and the refrain of the DUL and ORBS people is,
> "well, just stop sending legitimate mail under the following
> circumstances..."  This is as much as admitting defeat at the hands
> of the spammers.  Documents at www.orbs.org and elsewhere are rife
> with pessimism.  The spammers will just move on to exploit and attack
> thus-and-such anyway, they note.
> Rather than beating a constant retreat and placing ever more burdens
> on non-spamming mail users, why not invest some of that energy in
> attacking spam directly?  Even RFC 2505 acknowledges that the existing
> efforts are but a finger in the dike.
> But no, let's just force legit users to jump through ever more hoops,
> while we come up with more and longer blacklists.  Denial of service
> is becoming a policy, not a tactic used by crackers.  And we've
> especially got to shut up the damnable few who wonder if there might
> be some other way.  Rabble rousers.

yes, anti-spam efforts are just a finger in the dike....but that finger
is the only thing stopping the dam from exploding and completely
deluging the net with spam.

it's not perfect, and it doesn't stop all spam, and it does cause some
minor inconvenience to non-spammers...however, the alternative is worse.
without these anti-spam methods, there would be no reliable email
service on the internet as every mail server would be overloaded dealing
with millions upon millions of spams plus the incidental damage caused
by processing the millions of bounce messages from mis-addressed or
blocked spam.

this would quickly kill of public email - all that would be left would
be email by private pre-arrangement.

> Consider the IPv4 address space.  Kinda funny how they're called
> "addresses", but anyway.  The DUL works, as I'm sure you're aware,
> by marking blocks of IP addresses as dynamically-allocated IP pools.
> These blocks are regarded as "bad" because they generate a lot of
> spam.  In other words, a lot of bad folks seem to come from these
> addresses.
> I really don't need to belabor the point further, do I?

no, you don't...because it doesn't work. nobody's rounded up all the
peasants in Los Angeles and forced them to use a particular dialup IP
address range, nobody is preventing them from using another service or
perhaps buying a static IP.

> > your mail is unacceptable to some sites because you choose to
> > deliver it directly from a dialup IP address, rather than via your
> > ISP's mail server.
> That's *inherently* unacceptable?  Why was this practice ever
> permitted in the first place?

who is there to permit it or not permit it. some sites choose to accept
smtp connections from dialup IPs, some sites do not.

> My mail is considered unacceptable because it's regarded as spam by
> the DUL.

wrong. your IP address is listed as being a dialup ip address by the
DUL. some sites choose to reject smtp connections from dialup IP

> However, the mail I send is not spam.  You do not perceive a disparity
> here?

no, as i have said repeatedly - you have every right to write mail but
you have no right to force someone to accept delivery of it.

people who are using the DUL are effectively saying "if you want to mail
me, then do it through a legitimate mail relay host". it is their right
to state under what conditions they will accept mail.

> You tell me to use my ISP's mail relay, not because I'm sending spam,
> but because of the DUL.  It is our tools that should serve us, not we
> who should serve our tools.

the DUL is a tool which serves those who choose not to receive mail
direct from dialup IP addreses.

this may conflict with your desire to send your mail direct from your
own dialup IP address. there are numerous ways for you to work around
any inconvenience that this may cause - deal with it and move on.

> Resposible mail administrators will:
>   1) Inform their users of any anti-spam policy that may impact non-spam
>      mail;
>   2) Actually study the impact of their anti-spam policies on both spam and
>      non-spam mails;
>   3) Work towards the improvement and/or replacement of the existing crude
>      anti-spam tools;
>   4) Communicate to their fellow administrators the importance of the above
>      points.

agreed. i have no problem with this list. it is an admirable list of

> The MAPS and ORBS sites do not seem to invest very much space at all on the
> above points.  A very great deal of space is instead spent on justifying
> the status quo over and over again.  You may be content with it; I'm not.

i am far from content with the status quo. however, i can remember what
the net was like before the spammers went apeshit on mail and news...i
can remember way back when news was even worth bothering with. i can
remember the net rapidly getting worse as the spammers discovered that
they could hit millions of potential suckers for the cost of a local
call, and I can extraploate from that and know that the net would be
useless for email today if it wasn't for the efforts of people who have
fought hard against spam - using whatever they have to to keep ahead of
the bastards, EVEN if it is inadequate, and even if it does cause some
users to change some of their practices to avoid inconvenience.

this thread is going around in circles. you've stated your opinion. i've
stated mine. others have stated theirs. unless you have something really
new to say, let's just agree to disagree.


craig sanders

Reply to: