a spamcop experience [was: Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at]]
Here's a SpamCop experience that was posted to NANOG:
----- Forwarded message from Scott A Crosby <deleted> -----
Return-Path: <owner-nanog@merit.edu>
On Tue, 27 Aug 2002 03:43:42 +0000, Paul Vixie <paul@vix.com> writes:
> dialup users and get away with it, but that person was VERY busy.
> that ratio only works if the rest of the system is designed to repel
> the professional spammers, [[SNIP]], and instant termination even at
> 4AM on sunday morning, ~30 hours or more before the account manager
> or any other manager could give approval.
Careful here....
I don't know if the rest of you saw this.. But Edward Felton (computer
science faculty at Princeton University) had his site blackholed for
*three* days because of overzealousness on the parts of spamcop and
his ISP in responding to a mistaken spamcop complaint.
http://catless.ncl.ac.uk/Risks/22.19.html#subj7
http://catless.ncl.ac.uk/Risks/22.21.html#subj4
There must be a balance. Mistakes happen. How overzealous do you want
ISP's to be be at shutting off spam sites or accounts? Some might
consider the costs of mistakes acceptable, but are they the majority?
Or a minority?
If such a system is created, how will this new system be abused, when
an innocent misunderstanding and a single message took down a site
created by princeton faculty member for 3 DAYS
This was an accident.... How fast will someone's site go down if
someone doesn't like them? Given this, who on the list would want to
be a customer of any ISP with behavior like Felton's?
Scott
**
Keystone SpamKops
"Edward W. Felten" <felten@CS.Princeton.EDU>
Fri, 16 Aug 2002 09:45:06 -0400
I recently set up a web site at www.freedom-to-tinker.com. It's a weblog
containing my commentary on various issues. Earlier this week, my ISP shut
off the site, because the site had appeared on a list of "spammers"
published by an outfit called SpamCop.
Apparently, this happened because one person, whose identity I was not
allowed to learn, had sent SpamCop an accusation saying that he had received
an unwanted e-mail message, which I was not allowed to see, that did not come
from me but that did mention my web site. On that "evidence" SpamCop
declared me guilty of spamming and decreed that my site should be shut down.
Never mind that I had never sent a single e-mail message from the site.
Never mind that my site was not selling anything.
Naturally, I was not allowed to see the accusation, or to learn who had
submitted it, or to rebut it, or even to communicate with an actual human
being at SpamCop. You see, they're not interested in listening to
complaints from spammers.
With help from my ISP, I eventually learned that the offending message was
sent on a legitimate mailing list, and that the person who had complained
was indeed subscribed to that list, and had erroneously reported the message
as unsolicited. Ironically, the offending message was sent by someone who
liked my site and wanted to recommend it to others. Everybody involved (me,
my ISP, the person who filed the complaint, and the author of the message)
agreed that the report was an error, and we all told this to SpamCop.
Naturally, SpamCop failed to respond and continued to block the site.
Why did my ISP shut me down? According to the ISP, SpamCop's policy is to
put all of the ISP's accounts on the block list if the ISP does not shut
down the accused party's site.
Note the similarities to the worst type of Stalinist "justice" system:
conviction is based on a single anonymous complaint; conviction is based not
on anything the accused did but on favorable comments about him by the
"wrong" people; the evidence is withheld from the accused; there is no
procedure for challenging erroneous or malicious accusations; and others are
punished based on mere proximity to the accused (leading to shunning of the
accused, even if he is clearly innocent).
Note also that the "evidence" against me consisted only of a single unsigned
e-mail message which would have been trivial for anyone to forge. Thus
SpamCop provides an easy denial of service attack against a web site.
The only bright spot in this picture is that our real justice system allows
lawsuits to be filed against guys like SpamCop for libel and/or defamation.
My guess is that eventually somebody will do that and put SpamCop out of
business.
----- End forwarded message -----
--
Nathan Norman - Micromuse Ltd. mailto:nnorman@micromuse.com
We're sysadmins. Sanity happens to other people.
-- Chris King
Reply to: