At 12:27 26/09/2003 +1200, Mark Foster wrote:
On Fri, 26 Sep 2003, Brian Gibbons wrote:
From: "Simon Byrnand"
[half hearted effort to block spam] (And in that category I include manual blocking of huge swarths of ip space, outright blocking based on most RBL blacklists, Mailmarshall, and Challenge response systems, all of which have unacceptable collateral damage
Well said.
I recently dealt with an ISP in the US who had blocked 202.0.0.0/8 (!) because "all we ever get from that netblock is spam from China".
And there is the issue.
If ISPs use network blocking as a mechanism to block Spam then the ultimate outcome will be be a block on all networks and zero email delivery.
A human being can scan down 20 emails in their Inbox and immediately descriminate between Spam and valid email because they have an educated eye and brain.
My comment on this is simply that I do not block at the /8 - I use whois, and DNS, and calculate exactly how wide a block I can put in without blocking someone *elses* network.. and I do that. If I cant do it by network then I do it by /32, starting with the offending MTA.
I don't agree with blocks such as 202/8 (been the victim of one of those) but I think educated, selective blocking is quite acceptable - at least untill those networks involved actually do something about the whole 'spam' thing. What amazes me is the number of people out there who still thing opt-out is acceptable..
That approach (and point of view to the problem) is one that a lot of people hold, (including Spews, albeit more militant) but it doesn't address the basic issue of collateral damage. If you as an individual decide to block ranges like that, so be it, however a large entitity like an ISP or institution can't do this without the risk of collateral damage. At the end of the day *WHY* should someone trying to send a legitimate message have their message rejected because someone else that happens to use the same ISP is either spamming or has an insecure machine which is being exploited to send spam. Hence my comments about how each message (when processed on an ISP scale) *must* be treated on its own merits. Don't tar everyone with the same brush. Before you say "they should just move to another ISP", in some parts of the world there AREN'T any alternatives to a given ISP. Say you're on ADSL with the only ISP in your area that provides it (quite common in some areas of Europe) and your ISP has other customers whose machines keep getting exploited to relay spam, what are you going to do when you can't send your email because your ISP is blacklisted ? Move to another ISP and go down to a dialup connection ? To give an analogy imagine you live on the same street as a car conversion racket, and every time the police get a tipoff they come and raid EVERY house on the street. When you complain that your house keeps getting raided by the police for no reason they say "well you live on the same street as them and you're not doing anything about stopping them, so tough". How rediculous. Do they think that if they raid everyones houses enough times all the neighbours will finally get so fed up that they'll go and beat up the crooks themselves ? Or do they expect that people that get sick of being raided all the time will move house to another street ? :) Might sound like a silly analogy, but this is *exactly* whats happening to the innocent bystanders in the "war against spam"....IMHO people implementing spam filtering, at least on any scale, should be doing their utmost to minimize collateral damage, and not take a "well if we blacklist this whole ISP maybe they'll do something about their spammers" approach... Private individuals that run their own mail servers for themselves and/or a small group of friends and family are free to block whatever they please of course :) Regards, Simon