Skip site navigation (1)Skip section navigation (2)
Date:      28 Dec 2002 17:20:30 -0500
From:      Shawn Duffy <pakkit@codepiranha.org>
To:        Duncan Patton a Campbell <campbell@neotext.ca>
Cc:        chris@manual-override.net, freebsd-questions@FreeBSD.ORG, security@FreeBSD.ORG
Subject:   Re: Bystander shot by a spam filter.
Message-ID:  <1041114029.3577.60.camel@pitbull>
In-Reply-To: <20021228150203.3c3da308.campbell@neotext.ca>
References:  <20021228134931.373541d9.campbell@neotext.ca> <20021228164035.J58458-100000@manual-override.net> <20021228145101.19f61ce1.campbell@neotext.ca> <1041112853.3577.56.camel@pitbull> <20021228150203.3c3da308.campbell@neotext.ca>

next in thread | previous in thread | raw e-mail | index | archive | help

--=-hYgamAC/8Ubo1V9A/Ysq
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Here is the difference...=20
The US Postal Service is a government agency "owned by the people",
hence, "interfering" with regular mail is bad..=20
email runs over corporate networks and uses private resources, none
"owned" by the "people"...  hence a corporation, ISP, can certainly
decide what it allows into its network to use its resources... if you,
as a customer, have a problem with that, exert pressure on them.. if
enough customers bitch, they will change policy...=20
as far as suing, I am sure someone will figure out a way to do it and
win... doesnt mean they should...=20

shawn

On Sat, 2002-12-28 at 17:02, Duncan Patton a Campbell wrote:
> No.  The automated systems to filtre spam and virii better=20
> be *really* careful about what they block. =20
>=20
> If you block or subvert discrete communications between humans then=20
> you are asking for real trouble.  That's all.
>=20
> Dhu
>=20
> On 28 Dec 2002 17:00:54 -0500
> Shawn Duffy <pakkit@codepiranha.org> wrote:
>=20
> > So we should let the govt open all unopened mail to make sure nothing i=
s
> > illegal in it? and then leave it up to them to determine if it was
> > intentional?
> > =20
> > please...
> >=20
> > On Sat, 2002-12-28 at 16:51, Duncan Patton a Campbell wrote:
> > > The law would have to consider intention of the sender:
> > >=20
> > > Virii are (generally) not intended by the sender, except
> > > for the original author.  If I didn't intend to send the
> > > virus, there is no constraint on you scanning and chopping
> > > it.  As for porn, if you are a minor, then by sending it
> > > to you I have probably committed a criminal offense, regardless
> > > of the vehicle employed.
> > >=20
> > > Dhu
> > >=20
> > >=20
> > > On Sat, 28 Dec 2002 16:41:46 -0500 (EST)
> > > Chris Orr <chris@manual-override.net> wrote:
> > >=20
> > > > So theoretically scanning email attatchments for viruses is illeaga=
l too?
> > > > and the same goes for filtering out porn?
> > > > -chris
> > > >=20
> > > > On Sat, 28 Dec 2002, Duncan Patton a Campbell wrote:
> > > >=20
> > > > > Seems to me that this is an invitation to government
> > > > > regulation -- interfering with the mail is a criminal
> > > > > offense for good reason.
> > > > >
> > > > > Dhu
> > > > >
> > > > > On 28 Dec 2002 15:46:10 -0500
> > > > > Shawn Duffy <pakkit@codepiranha.org> wrote:
> > > > >
> > > > > > The lists are usually kept on the websites of whatever particul=
ar
> > > > > > organizations are doing it... they are quite a few...
> > > > > > As far as suing them, I would venture to say no... If you dont =
want
> > > > > > someone to be able to connect to your mail server that is certa=
inly
> > > > > > within your right to do... and if other people want to agree wi=
th you,
> > > > > > well then, what can you do... although I am sure someone somewh=
ere will
> > > > > > probably sue over it and win...
> > > > > >
> > > > > > shawn
> > > > > >
> > > > > >
> > > > > > On Sat, 2002-12-28 at 15:32, Duncan Patton a Campbell wrote:
> > > > > > > How do you find if you are on the list?  And who has the list=
?
> > > > > > >
> > > > > > > Can they be sued?
> > > > > > >
> > > > > > > Thanks,
> > > > > > >
> > > > > > > Duncan (Dhu) Campbell
> > > > > > >
> > > > > > > On Sat, 28 Dec 2002 08:45:23 -0500
> > > > > > > Harry Tabak <htabak@quadtelecom.com> wrote:
> > > > > > >
> > > > > > > > [This is a resend. Ironically, the orignal was blocked by F=
reeBSD's spam
> > > > > > > > filter, I've had to send this from another account]
> > > > > > > >
> > > > > > > > 	I am not sure which list is best for this issue, hence the=
 cross
> > > > > > > > posting.  I believe spam and anti-spam measures are securit=
y issues --
> > > > > > > > the 'Availability' part of C-I-A. I apologize if I am wrong=
.  A FreeBSD
> > > > > > > > ported package is contributing to an internet service avail=
ability
> > > > > > > > problem that has me stumped.  I believe that an unknowable =
quantity of
> > > > > > > > other internet denizens are also affected.
> > > > > > > >
> > > > > > > > 	I'm a long time fan of FreeBSD -- I run it on my small mai=
l server and
> > > > > > > > I've recommended it for many applications. I even bought a =
CD once. I
> > > > > > > > write this missive with great reluctance. I've worked with =
a lot of
> > > > > > > > strange software over the years, But this is a new first --=
 Software
> > > > > > > > that slanders! Software that publicly called me a spammer!!=
!  And not to
> > > > > > > > my face, but to business associate. And then took action.
> > > > > > > >
> > > > > > > > 	I recently discovered, and quite by accident, that a FreeB=
SD ported
> > > > > > > > package -- spambnc (aka Spambouncer or SB) -- was blocking =
mail from me
> > > > > > > > to an unknown number of businesses and individuals on the i=
nternet. I'll
> > > > > > > > probably never have to correspond with most of these people=
, but I'm a
> > > > > > > > freelancer -- this may have already cost me a job. [Dear re=
ader, don't
> > > > > > > > be surprised if you or your clients are also blocked. I str=
ongly suggest
> > > > > > > > that you check it out.]
> > > > > > > >
> > > > > > > > 	Anti-spam products have a valuable place in the security a=
rsenal.  But,
> > > > > > > > IMHO, this product is dangerous because it includes filters=
 and rules
> > > > > > > > that are overreaching, and inaccurate. Bad firewall rules a=
nd bad
> > > > > > > > anti-spam rules may be OK for an individual site.  However,=
 spambnc's
> > > > > > > > bad advice is being mass marketed through the good offices =
of FreeBSD,
> > > > > > > > and it is putting potholes in the net for the rest of us.  =
Until it is
> > > > > > > > fixed, and proven harmless, FreeBSD should stop distributin=
g this product.
> > > > > > > >
> > > > > > > > 	Basically, the default built-in policies for blocking mail=
 aren't fully
> > > > > > > > described, and there is no mechanism to universally correct=
 the
> > > > > > > > inevitable mistakes in a timely manner. Users (people who i=
nstall this
> > > > > > > > product) are mislead about the probably of filtering the wr=
ong mail. I
> > > > > > > > am sure that the software was developed with the very best =
intentions,
> > > > > > > > but in its zeal to block lots and lots of spam, SB is hurti=
ng good people.
> > > > > > > >
> > > > > > > > 	The SB rule blocking my mail host has nothing to do with m=
e. Even
> > > > > > > > though, it can use dynamic anti-spam DNS services, SB hard =
codes  its
> > > > > > > > rules for filtering bad domains by name and by IP address. =
My nemisis is
> > > > > > > > buried in a 1476 line file, sb-blockdomains.rc, which insta=
lls by
> > > > > > > > default, and is not documented outside the code. Along with=
 others, it
> > > > > > > > blocks the entire 66.45.0.0/17 space because spammers might=
 live there.
> > > > > > > > This is sort of like a corporate mail room throwing away al=
l NJ
> > > > > > > > postmarked mail because of the bulk mail distribution cente=
rs in Secaucus.
> > > > > > > >
> > > > > > > > 	My mail host address gets a clean bill of health from ever=
y anti-spam
> > > > > > > > site that I can find, such as SPEWS. I've checked at least =
30 of them.
> > > > > > > >
> > > > > > > > 	My tiny x/29 block is sub-allocated from my DSL provider's=
 x/23 block.
> > > > > > > >     The DSL provider's block is a sub-allocation from Inflo=
w.com's
> > > > > > > > 66.45.0.0/17 block. Spambouncer doesn't like Inflow.  While=
 they have a
> > > > > > > > right to their opinions, they don't have a right to publicl=
y tar me
> > > > > > > > because of my neighbors.
> > > > > > > >
> > > > > > > > 	If I read sb-blockdomains # comments correctly, it is poli=
cy to not
> > > > > > > > only block known spammers, but to ALSO block entire network=
s based on
> > > > > > > > their handling of spam complaints. This is like as a busine=
ss
> > > > > > > > receptionist checking callerID and then ignoring incoming c=
alls from
> > > > > > > > Verizon subscribers because Verizon tolerates (and probably=
 invented)
> > > > > > > > telemarketing.
> > > > > > > >
> > > > > > > > 	I have written to both the Spambouncer contact address
> > > > > > > > <ariel@spambouncer.org> and the FreeBSD maintainer, but wit=
hout a
> > > > > > > > response.  Possibly they are on holiday, or spambouncer is =
eating my
> > > > > > > > mail. Perhaps I'm just too impatient.
> > > > > > > >
> > > > > > > > 	I have also contacted my ISP's support.  They don't know h=
ow to help
> > > > > > > > me. They vouch for Inflow. They don't recommend it, but for=
 a fee, my
> > > > > > > > service could be switched to a different PVC, and I'd get a=
n address
> > > > > > > > from a different carrier. But of course, the new address co=
uld be
> > > > > > > > black-listed on a whim.
> > > > > > > >
> > > > > > > > 	Regardless, I assume that these are reasonable people, and=
 that they
> > > > > > > > will oil the squeaky wheel as soon as it is convenient.  Bu=
t how will I
> > > > > > > > ever know that EVERY copy of spambouncer has been fixed? Wh=
at about
> > > > > > > > other innocent ISP subscribers who are also black-listed?
> > > > > > > >
> > > > > > > > Harry Tabak
> > > > > > > > QUAD TELECOM, INC.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > > > > > with "unsubscribe freebsd-security" in the body of the mess=
age
> > > > > > --
> > > > > > email: pakkit at codepiranha dot org
> > > > > > web: http://codepiranha.org/~pakkit
> > > > > > pgp: 8988 6FB6 3CFE FE6D 548E  98FB CCE9 6CA9 98FC 665A
> > > > > > having problems reading email from me? http://codepiranha.org/~=
pakkit/pgp-trouble.html
> > > > > >
> > > > >
> > > >=20
> > --=20
> > email: pakkit at codepiranha dot org
> > web: http://codepiranha.org/~pakkit
> > pgp: 8988 6FB6 3CFE FE6D 548E  98FB CCE9 6CA9 98FC 665A
> > having problems reading email from me? http://codepiranha.org/~pakkit/p=
gp-trouble.html
> >=20
--=20
email: pakkit at codepiranha dot org
web: http://codepiranha.org/~pakkit
pgp: 8988 6FB6 3CFE FE6D 548E  98FB CCE9 6CA9 98FC 665A
having problems reading email from me? http://codepiranha.org/~pakkit/pgp-t=
rouble.html

--=-hYgamAC/8Ubo1V9A/Ysq
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQA+DiOtzOlsqZj8ZloRAhwcAJ9Ku8zNNxBOSE4MCwHctHvmNoocWACgihI1
MVx4+C+oyrg8yKf6yrZJIE8=
=yrnF
-----END PGP SIGNATURE-----

--=-hYgamAC/8Ubo1V9A/Ysq--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1041114029.3577.60.camel>