The second time SpamCop incorrectly listed the Politech server, I wrote at the time that: "I give the SpamCop folks high marks for responsiveness." (http://www.politechbot.com/p-03734.html) Not so now. I'm glad to offer Julian Haight the opportunity to reply to the list, but his reply is needlessly antagonistic. Julian has declined to whitelist the Politech server, saying he'll "perhaps" do it if he feels like it. He suggests that I was "paraphrasing" parts of his July message to me (about the second blacklisting) that I "want to remember," when in fact I copied-and-pasted. These are not the actions of someone who wants to work with the Internet community. I agree with Ray Everett-Church, who says Julian "seems to relish" harming innocent people. I advise Politech readers not to use SpamCop. It seems that SpamCop's users weren't even told about SpamCop's new policy of blacklisting not actual spammers -- but people at the same Internet provider as a suspected spammer: http://news.spamcop.net/pipermail/spamcop-list/2002-November/022715.html In a column in September (http://news.com.com/2010-1074-957024.html), I predicted what will happen as the market for SpamCop and its brethren develops: "As spam increases and a reliable blacklist becomes something that Internet providers will pay for, the discipline of the free market means their quality is likely to improve." Part of the discipline of the free market, of course, is that less capable firms will vanish as customers turn to more attractive products. I wouldn't be surprised if that happens to SpamCop. -Declan --- Date: Mon, 4 Nov 2002 10:14:58 -0800 (PST) From: Julian Haight <julianat_private> Sender: <julianat_private> To: Declan McCullagh <declanat_private> cc: <politechat_private>, Argyle <serviceat_private>, "deputiesat_private" <deputiesat_private> Subject: Re: Politech incorrectly blocked by SpamCop -- for the third time In-Reply-To: <5.1.1.6.0.20021104085626.0221b328at_private> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 4 Nov 2002, Declan McCullagh wrote: > First, SpamCop incorrectly listed the Politech server as a source of spam > on Feb. 11. Then SpamCop incorrectly listed the Politech server as a source > of spam for three or four days (if I recall properly) circa July 8. Now > SpamCop lists Politech on its spammer-list because some other servers also > hosted at Rackspace.com are alleged spammers. Rackspace has been negligent in this case. They had an open relay which they should have been aware of since at least 9/6/02. That relay is still on their network, sending massive amounts of spam. Since complaints from their spam-victims don't seem to have any effect, perhaps complaints from their paying users will! If rackspace does not take action to stop this source of spam, it is quite possible that other, innocent rackspace customers will be affected again. That said, if you would like to send me your IP address again, I'll again investigate and perhaps give your server a temporary break. > I wrote to SpamCop's Julian Haight in July asking him if he could prevent > this from recurring. He wrote back: "I don't see what proactive action I > can take. There is nothing wrong with the system and it may well happen > again. Sorry." Perhaps you are paraphrasing the parts you want to remember. > SpamCop is a commercial service that compiles a list of alleged spammers > and charges $30 a year for individual email accounts and far more, I > imagine, for corporate filtering. > > No spam has ever been sent from the Politech server. Nor was I notified > when it was placed on SpamCop's list again. Rackspace was certainly notified. Many, many times. I myself sent them a very stern warning on friday and have no response yet. The open relay on their network (216.110.36.16) is still wide open. I would appreciate anything you can do to bring their attention to this glaring problem. There are several other sources of spam on this same rackspace network - IP (qty in past week): 216.110.36.18 (1) 216.110.36.149 (9) 216.110.36.21 (4) 216.110.36.70 (1) 216.110.36.16 (88) 216.110.36.89 (6) If you would like to get copies of all reports about your server, or even about the whole /24 network, you can. Use the tool documented here: http://spamcop.net/fom-serve/cache/94.html That will give you early warning about problems on that network, which will in turn let you know if there is a pending blacklisting by spamcop. > Don't get me wrong. SpamCop has the right to compile and publish > blacklists, even if they are not vetted for accuracy and are therefore > overbroad and certain to block legitimate mail. But we also have the right > to speak out against SpamCop's practices and criticize it where appropriate. I'm glad you feel that way. Plenty of people threaten to sue me, and it only makes me question their credibility. My system is mostly mechanical, and the rules which govern it are public. I feel that as long as I'm truthful about what rules I'm using, I'm at least free from liability. It's up to the people using the list to block mail. Each user or administrator gets to decide for themselves if my rules are a close enough approximation of their definition of 'spam', and if they want to reject mail on that criteria. > I invite SpamCop to defend this overbroad listing -- and say why anyone > should trust their service in the future, if my experience with SpamCop is > any indication. Personally, I use SpamAssassin and am very happy with it. Thank you, there are a few points I'd like to make. First is that this new "list the whole network" policy is new, and your feedback is certainly something I'll take into account when evaluating it's effectiveness. Second, this policy is not intended as a way of punishing the innocent neighbors of a spam source. There are spammers who have been avoiding my filters by rotating through different IPs. This whole-network rule helps stop that type of spam. Although I argue above that rackspace is too slow, punishing them is also not the intent here - it's a secondary effect. Some would say it's even a beneficial effect, and I would agree to a certain extent. But if it were the only effect, I would not be doing it. It is intended to make my filters better at filtering out spam, not coercing ISPs into action. Third, spamassasin, though different in some ways, is similar in one important way to spamcop and many other spam-fighting tools: false positives. Practically any attempt to filter spam will result in false positives. Spamassassin is no different. Perhaps it works better for you than spamcop. Part of it's effectiveness is that it considers spamcop's list in making it's determination. So depending on your configuration, you are actually using spamcop. If it works for you, and you continue to use it, please give a donation ;) Finally, I don't think your experience with spamcop is typical. Primarily becuase you are a publisher. Most users don't ever see it from that perspective. A few far-sighted comments on the state of email: Unfortunately, spam is killing email. Anti-spam reaction is killing legitimate bulk email with the illegitimate. I suggest that bulk emailers find another medium for their message. I am actively encouraging the development of a new protocol to deliver opt-in bulk messages. It should not 'push' the message to the user, rather it provides a system whereby the user's agent (mail software) can 'pull' messages in a timely manner from the publisher. To the user, this system would be much easier to use (opt-in/out). To the publisher, the user would still be presented with the message in a familiar format (text or html). - -=Julian=- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9xrkikdq17G+XLoYRArYJAJ9FlMKpyMlxznhhhxHhm+eHUTDlEACeIXgx uFi4bFt2GMq6L0L+JTDzZ6g= =2eTj -----END PGP SIGNATURE----- --- Date: Mon, 4 Nov 2002 10:26:07 -0800 (PST) From: Julian Haight <julianat_private> Sender: <julianat_private> To: Declan McCullagh <declanat_private> cc: <politechat_private>, <serviceat_private>, <deputiesat_private> Subject: Re: Politech incorrectly blocked by SpamCop -- for the third time -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I just called and spoke with Ron Simmons in Rackspace's security department. He vowed to look into this problem and get it resolved ASAP. - -=Julian=- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9xru/kdq17G+XLoYRAg7MAJ44hZAxlfvGJH3TpvxpLZSTbhkXQACeM/uh BPHim+sEL8+Q84iVxGIcJow= =eIqu -----END PGP SIGNATURE----- --- Date: Mon, 4 Nov 2002 13:28:21 -0500 (EST) From: "Matthew G. Saroff" <msaroffat_private> Reply-To: "Matthew G. Saroff" <msaroffat_private> To: declanat_private Subject: SpamCop and Politech It seems to me that the criteria used by SpamCop are exactly what they sell their customers: that the volume of spam will be markedly reduced, and that it will be done so in a manner that will make it more difficult for spammers to find friendly havens. While unfortunate for Politech, this is an example of an honest vendor serving the customers. -- Matthew Saroff --- From: "Downes, Stephen" <Stephen.Downesat_private> To: "'declanat_private'" <declanat_private> Subject: RE: Ray Everett-Church on systemic problems with SpamCop Date: Mon, 4 Nov 2002 20:36:12 -0500 Hiya, This one is a bit trickier: "Now SpamCop lists Politech on its spammer-list because some other servers also hosted at Rackspace.com are alleged spammers." Assume for the sake of argument that your service provider, Rackspace.com, does indeed host spammers (if it doesn't, it's an erroneous listing and my comments do not apply). If Rackspace is delivering spam, then that could be construed as a good argument for refusing any traffic from Rackspace. This includes your newsletter. The good being done by Rackspace - sending your newsletter - does not mitigate the bad being done by rackspace. By accepting email from Rackspace, even if it is benign, the service is showing tolerance to a spam host. It also opens the door to abuse by spam providers who, in an effort to appear innocuous (and much harder to block) mix innocent content among the spam. In such a case, I would argue that you, as an innocent party, are the victim of Rackspace's abuse of the net, and not SpamCop's attempt to counter that abuse. This is not to excuse any other errors SpamCop may have made in the past, and it is not to endorse them in any way. But on this particular point, I would side with SpamCop. My recommendation would be that you obtain a new service provider, and explain clearly to Rackspace that their policy of distributing spam is what has caused you to close your account. -- Stephen [Comments in this email almost certainly do not reflect the views of my employer. ;) ] ---------------------------------------------------------------------------- - Stephen Downes ~ Senior Researcher ~ National Research Council Moncton, New Brunswick, Canada --- Date: Mon, 04 Nov 2002 21:55:02 -0500 To: Declan McCullagh <declanat_private> From: "Lawrence R. Ware" <larryat_private> Subject: Rackspace and SpamCop Hi Declan, I've been reading politech list via the web interface for a couple of years now. Saw your comments re Spamcop. You said: >Now SpamCop lists Politech on its spammer-list because some >other servers also hosted at Rackspace.com are alleged spammers. My first thought was amazement that Rackspace actually had a legitimate customer. :-) I'm not trying to defend SpamCop because Julian should of white listed Politechbot after the first problem back in Feb. His system does have problems. But at the same time I would point out that if I had subscribed to the email version of your list, I'd never see it. Not because of SpamCop, but because just about all of Rackspace is in many blocking lists including several I use to filter mail. Rackspace is an un-repentant provider of spam support services and if you believe in the Boulder Pledge you will move your site instead of supporting people who believe pissing in the community well is fine as long as they get a dollar for it. Once a lot of evidence is available that a hosting company like Rackspace doesn't care how many spammer web sites they host, blocking lists often start to increase the size of the blocks in order to put pressure on the provider. I use these lists and I support turning up the pressure on providers like Rackspace. A little googling would let you know just who you are doing business with and why most anti-spammers can't say the word "Rackspace" without swearing. Sincerely, Lawrence Ware PS: Why do journalists always ask Ray Everett-Church what he thinks about spam related issues? The majority of working anti-spammers, (those running networks and fighting spam day in and day out) consider him and his organization CAUCE about as relevant to spam fighting as the Libertarian presidential candidate is to tomorrows election. --- Subject: Re: FC: Ray Everett-Church on systemic problems with SpamCop From: "B. Johannessen" <bobat_private> To: Declan McCullagh <declanat_private> In-Reply-To: <5.1.1.6.0.20021104150745.02294388at_private> References: <5.1.1.6.0.20021104150745.02294388at_private> Content-Type: text/plain; charset=UTF-8 Date: 05 Nov 2002 00:33:02 +0000 Message-Id: <1036456382.10255.24.camel@getafix> Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Declan, (you may include my email, should you decide to forward this) as there has been no reply from Julian or anyone else coming out in favor of SpamCop, and since I'm the one who brought this to everyones attention in the first place, I'd like to contribute a few words from the perspective of a satisfied SpamCop user. First of I would like to address a few of the comments made by Mr. Everett-Church > > "There is nothing wrong with the system and it may well > > happen again. Sorry." > If you find this statement nonsensical and outrageous, you > should. There is nothing nonsensical about the above statement. You are being told that the system is performing exactly like it was designed to do. You are free to disagree with the stated goals of the SpamCop system, but calling in nonsense just proves that you have not taken the time to learn how the system works. > Julian's system is designed to have a hair-trigger response > to any spam complaint from a SpamCop user -- no matter how > wrong the complaint is -- which translates through some > arbitrary algorithms into a blocklist entry. There is a fairly good explanation of what Mr. Everett-Church above describes as “arbitrary algorithms” on the following link http://spamcop.net/fom-serve/cache/297.html This page is also liked to from the page referenced in my original message. Once again comments like the above leaves me with the impression that Mr. Everett-Church did not take the time to research the issue at hand. In closing I would like to include a few words about my personal experience as a SpamCop user. In the time that I've been using SpamCop (since March of this year) I would guesstimate that SpamCop has filtered about 5000 messages as spam. Out of these, less the 50 has been legitimate email. In addition SpamCop neither rejects nor deletes the “suspected” messages, they are placed in the (IMAP) folder “Held Mail” for me to inspect. I think we can all agree that a perfect automated system for dealing with spam is an impossibility. For me, the quality of such a system is measured by the time I spend correcting it's mistakes. As for my use of SpamCop, this has turned out to be a few minutes per day. Your mileage may vary. B. Johannessen ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ ------------------------------------------------------------------------- Like Politech? Make a donation here: http://www.politechbot.com/donate/ Recent CNET News.com articles: http://news.search.com/search?q\clan -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Nov 05 2002 - 00:46:52 PST