[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Massive increase of spam on debian-*@l.d.o

on Thu, May 06, 2004 at 10:40:47AM -0700, Robin Lynn Frank (rlfrank@paradigm-omega.com) wrote:
> On Thursday 06 May 2004 00:36, Paul Johnson, Paul Johnson <baloo@ursine.ca>  
> wrote:
> > Steve Lamb <grey@dmiyu.org> writes:
> > > Personally I haven't used any of my hosting company's email
> > > servers since setting up my own server.  In the same time I've
> > > never sent out virus email or been an open relay.  Yet because of
> > > boneheaded ideas like the above I now have to get around idiotic,
> > > lazy blocks.  Tired of it.
> >
> > I agree.  Dialup/residential IP lists used for blocking purposes is
> > pretty retarded.  However, using something like bl.spamcop.net,
> > which only lists currently spamming IPs, is considerably more
> > useful.
> Actually, you can block a lot of infected boxes by blocking dynamic
> IPs, so there is something to be said for it.

It's effective.  It's easy.  For a lot of sites, it's the least-pain
solution.  And for the rest of it:  it's not going to go away any time
soon.  While I disagree with the principle of DUL/IPL blocking, I've
pretty much given up on that battle.

The problems with DUL/IPL blocking are:

  - It's an attribute-based, rather than activity-based block.  It's
    effectively the same as redlining.

  - It's unaccountable.  DUL/IPL IP ranges are blocked regardless of
    activity.  They cannot be unblocked for cleaning up a mess.  They're

  - The information provided by a DUL/IPL can be obtained pretty
    reliably from other sources.  Including IP-specific blocklists *and*
    aggressive but accountable blocklists such as SPEWS which *are*
    targetted at _organizations_ which practice bad network management.

Unfortunately for your typical consumer-grade ISP, the amount of work
required (not much, but _some_) for a relatively minimal gain isn't
worth the effort.  In their calculus.

> But tell me, since spamcop accepts reports from anyone able to click a
> mouse button, which of the following are they NOT subject to?
> 1.  Reports from people to stupid or lazy to unsubscribe lists or
>     newsletters they receive.
> 2.  Spammers intentionally reporting legitimate mail sources with the
>     intent to keep the number of false positives high enough that
>     people will not risk using spamcop.
> In the past few days, I've seen netfilter.org's list and foxnews in
> spamcop.  They were both removed, but the fact remains that they
> should never have been there to begin with.

Broad-based reputation systems aren't easy.  Particularly where creating
identities is trivial.  Been there.  Done that.  Didn't solve the
problem either.


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   Moderator, Free Software Law Discussion mailing list:

Attachment: signature.asc
Description: Digital signature

Reply to: