Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 28 Dec 2002 13:49:31 -0700
From:      Duncan Patton a Campbell <campbell@neotext.ca>
To:        Shawn Duffy <pakkit@codepiranha.org>
Cc:        freebsd-questions@FreeBSD.ORG, security@FreeBSD.ORG
Subject:   Re: Bystander shot by a spam filter.
Message-ID:  <20021228134931.373541d9.campbell@neotext.ca>
In-Reply-To: <1041108369.3504.47.camel@pitbull>
References:  <3E0DAAF3.7090103@quadtelecom.com> <20021228133224.4f3a774f.campbell@neotext.ca> <1041108369.3504.47.camel@pitbull>

next in thread | previous in thread | raw e-mail | index | archive | help
--=.rqC5Ml3Hp_j./O
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Seems to me that this is an invitation to government 
regulation -- interfering with the mail is a criminal
offense for good reason.

Dhu

On 28 Dec 2002 15:46:10 -0500
Shawn Duffy <pakkit@codepiranha.org> wrote:

> The lists are usually kept on the websites of whatever particular
> organizations are doing it... they are quite a few...
> As far as suing them, I would venture to say no... If you dont want
> someone to be able to connect to your mail server that is certainly
> within your right to do... and if other people want to agree with you,
> well then, what can you do... although I am sure someone somewhere will
> probably sue over it and win... 
> 
> shawn
> 
> 
> On Sat, 2002-12-28 at 15:32, Duncan Patton a Campbell wrote:
> > How do you find if you are on the list?  And who has the list?
> > 
> > Can they be sued?
> > 
> > Thanks, 
> > 
> > Duncan (Dhu) Campbell
> > 
> > On Sat, 28 Dec 2002 08:45:23 -0500
> > Harry Tabak <htabak@quadtelecom.com> wrote:
> > 
> > > [This is a resend. Ironically, the orignal was blocked by FreeBSD's spam 
> > > filter, I've had to send this from another account]
> > > 
> > > 	I am not sure which list is best for this issue, hence the cross
> > > posting.  I believe spam and anti-spam measures are security issues --
> > > the 'Availability' part of C-I-A. I apologize if I am wrong.  A FreeBSD
> > > ported package is contributing to an internet service availability
> > > problem that has me stumped.  I believe that an unknowable quantity of
> > > other internet denizens are also affected.
> > > 
> > > 	I'm a long time fan of FreeBSD -- I run it on my small mail server and
> > > I've recommended it for many applications. I even bought a CD once. I
> > > write this missive with great reluctance. I've worked with a lot of
> > > strange software over the years, But this is a new first -- Software
> > > that slanders! Software that publicly called me a spammer!!!  And not to
> > > my face, but to business associate. And then took action.
> > > 
> > > 	I recently discovered, and quite by accident, that a FreeBSD ported
> > > package -- spambnc (aka Spambouncer or SB) -- was blocking mail from me
> > > to an unknown number of businesses and individuals on the internet. I'll
> > > probably never have to correspond with most of these people, but I'm a
> > > freelancer -- this may have already cost me a job. [Dear reader, don't
> > > be surprised if you or your clients are also blocked. I strongly suggest
> > > that you check it out.]
> > > 
> > > 	Anti-spam products have a valuable place in the security arsenal.  But,
> > > IMHO, this product is dangerous because it includes filters and rules
> > > that are overreaching, and inaccurate. Bad firewall rules and bad
> > > anti-spam rules may be OK for an individual site.  However, spambnc's
> > > bad advice is being mass marketed through the good offices of FreeBSD,
> > > and it is putting potholes in the net for the rest of us.  Until it is
> > > fixed, and proven harmless, FreeBSD should stop distributing this product.
> > > 
> > > 	Basically, the default built-in policies for blocking mail aren't fully
> > > described, and there is no mechanism to universally correct the
> > > inevitable mistakes in a timely manner. Users (people who install this
> > > product) are mislead about the probably of filtering the wrong mail. I
> > > am sure that the software was developed with the very best intentions,
> > > but in its zeal to block lots and lots of spam, SB is hurting good people.
> > > 
> > > 	The SB rule blocking my mail host has nothing to do with me. Even
> > > though, it can use dynamic anti-spam DNS services, SB hard codes  its
> > > rules for filtering bad domains by name and by IP address. My nemisis is
> > > buried in a 1476 line file, sb-blockdomains.rc, which installs by
> > > default, and is not documented outside the code. Along with others, it
> > > blocks the entire 66.45.0.0/17 space because spammers might live there.
> > > This is sort of like a corporate mail room throwing away all NJ
> > > postmarked mail because of the bulk mail distribution centers in Secaucus.
> > > 
> > > 	My mail host address gets a clean bill of health from every anti-spam
> > > site that I can find, such as SPEWS. I've checked at least 30 of them.
> > > 
> > > 	My tiny x/29 block is sub-allocated from my DSL provider's x/23 block.
> > >     The DSL provider's block is a sub-allocation from Inflow.com's
> > > 66.45.0.0/17 block. Spambouncer doesn't like Inflow.  While they have a
> > > right to their opinions, they don't have a right to publicly tar me
> > > because of my neighbors.
> > > 
> > > 	If I read sb-blockdomains # comments correctly, it is policy to not
> > > only block known spammers, but to ALSO block entire networks based on
> > > their handling of spam complaints. This is like as a business
> > > receptionist checking callerID and then ignoring incoming calls from
> > > Verizon subscribers because Verizon tolerates (and probably invented)
> > > telemarketing.
> > > 
> > > 	I have written to both the Spambouncer contact address
> > > <ariel@spambouncer.org> and the FreeBSD maintainer, but without a
> > > response.  Possibly they are on holiday, or spambouncer is eating my
> > > mail. Perhaps I'm just too impatient.
> > > 
> > > 	I have also contacted my ISP's support.  They don't know how to help
> > > me. They vouch for Inflow. They don't recommend it, but for a fee, my
> > > service could be switched to a different PVC, and I'd get an address
> > > from a different carrier. But of course, the new address could be
> > > black-listed on a whim.
> > > 
> > > 	Regardless, I assume that these are reasonable people, and that they
> > > will oil the squeaky wheel as soon as it is convenient.  But how will I
> > > ever know that EVERY copy of spambouncer has been fixed? What about
> > > other innocent ISP subscribers who are also black-listed?
> > > 
> > > Harry Tabak
> > > QUAD TELECOM, INC.
> > > 
> > > 
> > > 		
> > > 
> > > 
> > > 
> > > 
> > > 
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-security" in the body of the message
> -- 
> email: pakkit at codepiranha dot org
> web: http://codepiranha.org/~pakkit
> pgp: 8988 6FB6 3CFE FE6D 548E  98FB CCE9 6CA9 98FC 665A
> having problems reading email from me? http://codepiranha.org/~pakkit/pgp-trouble.html
> 

--=.rqC5Ml3Hp_j./O
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQE+Dg5bXgQtJ7uBra8RAgxSAJ4t1R1e1ji5YOBNw47lXSkkyGQw/ACgidcb
MfS/bNfZxselDXcW4rQiAEM=
=l3h7
-----END PGP SIGNATURE-----

--=.rqC5Ml3Hp_j./O--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021228134931.373541d9.campbell>