Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 28 Dec 2002 12:58:22 -0800
From:      Abe <abe@uniserve.com>
To:        htabak@quadtelecom.com
Cc:        freebsd-questions@FreeBSD.ORG, security@FreeBSD.ORG
Subject:   Re: Bystander shot by a spam filter.
Message-ID:  <3E0E106E.8040603@uniserve.com>
In-Reply-To: <3E0DAAF3.7090103@quadtelecom.com>
References:  <3E0DAAF3.7090103@quadtelecom.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Are you sure that the 66.45.0.0/17 block is from sb-blockdomains.rc file?

My guess is that it is from a listing on Five-Ten-SG blacklist, check out:

http://www.five-ten-sg.com/blackhole.php?ip=66.45.0.0

SpamBouncer supports a variety of blacklists including the Five-Ten-SG 
blacklist, though support for the Five-Ten-SG blacklist is disabled by 
default in the sb.rc file.
(see http://www.spambouncer.org/#BlacklistSupport).


Regards,

Abe Ro


Harry Tabak wrote:
> [This is a resend. Ironically, the orignal was blocked by FreeBSD's spam 
> filter, I've had to send this from another account]
> 
>     I am not sure which list is best for this issue, hence the cross
> posting.  I believe spam and anti-spam measures are security issues --
> the 'Availability' part of C-I-A. I apologize if I am wrong.  A FreeBSD
> ported package is contributing to an internet service availability
> problem that has me stumped.  I believe that an unknowable quantity of
> other internet denizens are also affected.
> 
>     I'm a long time fan of FreeBSD -- I run it on my small mail server and
> I've recommended it for many applications. I even bought a CD once. I
> write this missive with great reluctance. I've worked with a lot of
> strange software over the years, But this is a new first -- Software
> that slanders! Software that publicly called me a spammer!!!  And not to
> my face, but to business associate. And then took action.
> 
>     I recently discovered, and quite by accident, that a FreeBSD ported
> package -- spambnc (aka Spambouncer or SB) -- was blocking mail from me
> to an unknown number of businesses and individuals on the internet. I'll
> probably never have to correspond with most of these people, but I'm a
> freelancer -- this may have already cost me a job. [Dear reader, don't
> be surprised if you or your clients are also blocked. I strongly suggest
> that you check it out.]
> 
>     Anti-spam products have a valuable place in the security arsenal.  But,
> IMHO, this product is dangerous because it includes filters and rules
> that are overreaching, and inaccurate. Bad firewall rules and bad
> anti-spam rules may be OK for an individual site.  However, spambnc's
> bad advice is being mass marketed through the good offices of FreeBSD,
> and it is putting potholes in the net for the rest of us.  Until it is
> fixed, and proven harmless, FreeBSD should stop distributing this product.
> 
>     Basically, the default built-in policies for blocking mail aren't fully
> described, and there is no mechanism to universally correct the
> inevitable mistakes in a timely manner. Users (people who install this
> product) are mislead about the probably of filtering the wrong mail. I
> am sure that the software was developed with the very best intentions,
> but in its zeal to block lots and lots of spam, SB is hurting good people.
> 
>     The SB rule blocking my mail host has nothing to do with me. Even
> though, it can use dynamic anti-spam DNS services, SB hard codes  its
> rules for filtering bad domains by name and by IP address. My nemisis is
> buried in a 1476 line file, sb-blockdomains.rc, which installs by
> default, and is not documented outside the code. Along with others, it
> blocks the entire 66.45.0.0/17 space because spammers might live there.
> This is sort of like a corporate mail room throwing away all NJ
> postmarked mail because of the bulk mail distribution centers in Secaucus.
> 
>     My mail host address gets a clean bill of health from every anti-spam
> site that I can find, such as SPEWS. I've checked at least 30 of them.
> 
>     My tiny x/29 block is sub-allocated from my DSL provider's x/23 block.
>    The DSL provider's block is a sub-allocation from Inflow.com's
> 66.45.0.0/17 block. Spambouncer doesn't like Inflow.  While they have a
> right to their opinions, they don't have a right to publicly tar me
> because of my neighbors.
> 
>     If I read sb-blockdomains # comments correctly, it is policy to not
> only block known spammers, but to ALSO block entire networks based on
> their handling of spam complaints. This is like as a business
> receptionist checking callerID and then ignoring incoming calls from
> Verizon subscribers because Verizon tolerates (and probably invented)
> telemarketing.
> 
>     I have written to both the Spambouncer contact address
> <ariel@spambouncer.org> and the FreeBSD maintainer, but without a
> response.  Possibly they are on holiday, or spambouncer is eating my
> mail. Perhaps I'm just too impatient.
> 
>     I have also contacted my ISP's support.  They don't know how to help
> me. They vouch for Inflow. They don't recommend it, but for a fee, my
> service could be switched to a different PVC, and I'd get an address
> from a different carrier. But of course, the new address could be
> black-listed on a whim.
> 
>     Regardless, I assume that these are reasonable people, and that they
> will oil the squeaky wheel as soon as it is convenient.  But how will I
> ever know that EVERY copy of spambouncer has been fixed? What about
> other innocent ISP subscribers who are also black-listed?
> 
> Harry Tabak
> QUAD TELECOM, INC.
> 
> 
>        
> 
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E0E106E.8040603>