From owner-freebsd-questions Sat Dec 28 14:14:22 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 89C1137B401; Sat, 28 Dec 2002 14:14:15 -0800 (PST) Received: from pitbull.homeunix.org (pcp02515519pcs.arlngt01.va.comcast.net [68.84.139.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id A535243EC2; Sat, 28 Dec 2002 14:14:13 -0800 (PST) (envelope-from pakkit@codepiranha.org) Received: by pitbull.homeunix.org (Postfix, from userid 504) id 164998CE91; Sat, 28 Dec 2002 17:20:30 -0500 (EST) Subject: Re: Bystander shot by a spam filter. From: Shawn Duffy To: Duncan Patton a Campbell Cc: chris@manual-override.net, freebsd-questions@FreeBSD.ORG, security@FreeBSD.ORG In-Reply-To: <20021228150203.3c3da308.campbell@neotext.ca> References: <20021228134931.373541d9.campbell@neotext.ca> <20021228164035.J58458-100000@manual-override.net> <20021228145101.19f61ce1.campbell@neotext.ca> <1041112853.3577.56.camel@pitbull> <20021228150203.3c3da308.campbell@neotext.ca> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-hYgamAC/8Ubo1V9A/Ysq" Organization: Message-Id: <1041114029.3577.60.camel@pitbull> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.1.99 Date: 28 Dec 2002 17:20:30 -0500 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-hYgamAC/8Ubo1V9A/Ysq Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Here is the difference...=20 The US Postal Service is a government agency "owned by the people", hence, "interfering" with regular mail is bad..=20 email runs over corporate networks and uses private resources, none "owned" by the "people"... hence a corporation, ISP, can certainly decide what it allows into its network to use its resources... if you, as a customer, have a problem with that, exert pressure on them.. if enough customers bitch, they will change policy...=20 as far as suing, I am sure someone will figure out a way to do it and win... doesnt mean they should...=20 shawn On Sat, 2002-12-28 at 17:02, Duncan Patton a Campbell wrote: > No. The automated systems to filtre spam and virii better=20 > be *really* careful about what they block. =20 >=20 > If you block or subvert discrete communications between humans then=20 > you are asking for real trouble. That's all. >=20 > Dhu >=20 > On 28 Dec 2002 17:00:54 -0500 > Shawn Duffy wrote: >=20 > > So we should let the govt open all unopened mail to make sure nothing i= s > > illegal in it? and then leave it up to them to determine if it was > > intentional? > > =20 > > please... > >=20 > > On Sat, 2002-12-28 at 16:51, Duncan Patton a Campbell wrote: > > > The law would have to consider intention of the sender: > > >=20 > > > Virii are (generally) not intended by the sender, except > > > for the original author. If I didn't intend to send the > > > virus, there is no constraint on you scanning and chopping > > > it. As for porn, if you are a minor, then by sending it > > > to you I have probably committed a criminal offense, regardless > > > of the vehicle employed. > > >=20 > > > Dhu > > >=20 > > >=20 > > > On Sat, 28 Dec 2002 16:41:46 -0500 (EST) > > > Chris Orr wrote: > > >=20 > > > > So theoretically scanning email attatchments for viruses is illeaga= l too? > > > > and the same goes for filtering out porn? > > > > -chris > > > >=20 > > > > On Sat, 28 Dec 2002, Duncan Patton a Campbell wrote: > > > >=20 > > > > > Seems to me that this is an invitation to government > > > > > regulation -- interfering with the mail is a criminal > > > > > offense for good reason. > > > > > > > > > > Dhu > > > > > > > > > > On 28 Dec 2002 15:46:10 -0500 > > > > > Shawn Duffy wrote: > > > > > > > > > > > The lists are usually kept on the websites of whatever particul= ar > > > > > > organizations are doing it... they are quite a few... > > > > > > As far as suing them, I would venture to say no... If you dont = want > > > > > > someone to be able to connect to your mail server that is certa= inly > > > > > > within your right to do... and if other people want to agree wi= th you, > > > > > > well then, what can you do... although I am sure someone somewh= ere will > > > > > > probably sue over it and win... > > > > > > > > > > > > shawn > > > > > > > > > > > > > > > > > > On Sat, 2002-12-28 at 15:32, Duncan Patton a Campbell wrote: > > > > > > > How do you find if you are on the list? And who has the list= ? > > > > > > > > > > > > > > Can they be sued? > > > > > > > > > > > > > > Thanks, > > > > > > > > > > > > > > Duncan (Dhu) Campbell > > > > > > > > > > > > > > On Sat, 28 Dec 2002 08:45:23 -0500 > > > > > > > Harry Tabak wrote: > > > > > > > > > > > > > > > [This is a resend. Ironically, the orignal was blocked by F= reeBSD's spam > > > > > > > > filter, I've had to send this from another account] > > > > > > > > > > > > > > > > I am not sure which list is best for this issue, hence the= cross > > > > > > > > posting. I believe spam and anti-spam measures are securit= y issues -- > > > > > > > > the 'Availability' part of C-I-A. I apologize if I am wrong= . A FreeBSD > > > > > > > > ported package is contributing to an internet service avail= ability > > > > > > > > problem that has me stumped. I believe that an unknowable = quantity of > > > > > > > > other internet denizens are also affected. > > > > > > > > > > > > > > > > I'm a long time fan of FreeBSD -- I run it on my small mai= l server and > > > > > > > > I've recommended it for many applications. I even bought a = CD once. I > > > > > > > > write this missive with great reluctance. I've worked with = a lot of > > > > > > > > strange software over the years, But this is a new first --= Software > > > > > > > > that slanders! Software that publicly called me a spammer!!= ! And not to > > > > > > > > my face, but to business associate. And then took action. > > > > > > > > > > > > > > > > I recently discovered, and quite by accident, that a FreeB= SD ported > > > > > > > > package -- spambnc (aka Spambouncer or SB) -- was blocking = mail from me > > > > > > > > to an unknown number of businesses and individuals on the i= nternet. I'll > > > > > > > > probably never have to correspond with most of these people= , but I'm a > > > > > > > > freelancer -- this may have already cost me a job. [Dear re= ader, don't > > > > > > > > be surprised if you or your clients are also blocked. I str= ongly suggest > > > > > > > > that you check it out.] > > > > > > > > > > > > > > > > Anti-spam products have a valuable place in the security a= rsenal. But, > > > > > > > > IMHO, this product is dangerous because it includes filters= and rules > > > > > > > > that are overreaching, and inaccurate. Bad firewall rules a= nd bad > > > > > > > > anti-spam rules may be OK for an individual site. However,= spambnc's > > > > > > > > bad advice is being mass marketed through the good offices = of FreeBSD, > > > > > > > > and it is putting potholes in the net for the rest of us. = Until it is > > > > > > > > fixed, and proven harmless, FreeBSD should stop distributin= g this product. > > > > > > > > > > > > > > > > Basically, the default built-in policies for blocking mail= aren't fully > > > > > > > > described, and there is no mechanism to universally correct= the > > > > > > > > inevitable mistakes in a timely manner. Users (people who i= nstall this > > > > > > > > product) are mislead about the probably of filtering the wr= ong mail. I > > > > > > > > am sure that the software was developed with the very best = intentions, > > > > > > > > but in its zeal to block lots and lots of spam, SB is hurti= ng good people. > > > > > > > > > > > > > > > > The SB rule blocking my mail host has nothing to do with m= e. Even > > > > > > > > though, it can use dynamic anti-spam DNS services, SB hard = codes its > > > > > > > > rules for filtering bad domains by name and by IP address. = My nemisis is > > > > > > > > buried in a 1476 line file, sb-blockdomains.rc, which insta= lls by > > > > > > > > default, and is not documented outside the code. Along with= others, it > > > > > > > > blocks the entire 66.45.0.0/17 space because spammers might= live there. > > > > > > > > This is sort of like a corporate mail room throwing away al= l NJ > > > > > > > > postmarked mail because of the bulk mail distribution cente= rs in Secaucus. > > > > > > > > > > > > > > > > My mail host address gets a clean bill of health from ever= y anti-spam > > > > > > > > site that I can find, such as SPEWS. I've checked at least = 30 of them. > > > > > > > > > > > > > > > > My tiny x/29 block is sub-allocated from my DSL provider's= x/23 block. > > > > > > > > The DSL provider's block is a sub-allocation from Inflo= w.com's > > > > > > > > 66.45.0.0/17 block. Spambouncer doesn't like Inflow. While= they have a > > > > > > > > right to their opinions, they don't have a right to publicl= y tar me > > > > > > > > because of my neighbors. > > > > > > > > > > > > > > > > If I read sb-blockdomains # comments correctly, it is poli= cy to not > > > > > > > > only block known spammers, but to ALSO block entire network= s based on > > > > > > > > their handling of spam complaints. This is like as a busine= ss > > > > > > > > receptionist checking callerID and then ignoring incoming c= alls from > > > > > > > > Verizon subscribers because Verizon tolerates (and probably= invented) > > > > > > > > telemarketing. > > > > > > > > > > > > > > > > I have written to both the Spambouncer contact address > > > > > > > > and the FreeBSD maintainer, but wit= hout a > > > > > > > > response. Possibly they are on holiday, or spambouncer is = eating my > > > > > > > > mail. Perhaps I'm just too impatient. > > > > > > > > > > > > > > > > I have also contacted my ISP's support. They don't know h= ow to help > > > > > > > > me. They vouch for Inflow. They don't recommend it, but for= a fee, my > > > > > > > > service could be switched to a different PVC, and I'd get a= n address > > > > > > > > from a different carrier. But of course, the new address co= uld be > > > > > > > > black-listed on a whim. > > > > > > > > > > > > > > > > Regardless, I assume that these are reasonable people, and= that they > > > > > > > > will oil the squeaky wheel as soon as it is convenient. Bu= t how will I > > > > > > > > ever know that EVERY copy of spambouncer has been fixed? Wh= at about > > > > > > > > other innocent ISP subscribers who are also black-listed? > > > > > > > > > > > > > > > > Harry Tabak > > > > > > > > QUAD TELECOM, INC. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > > with "unsubscribe freebsd-security" in the body of the mess= age > > > > > > -- > > > > > > email: pakkit at codepiranha dot org > > > > > > web: http://codepiranha.org/~pakkit > > > > > > pgp: 8988 6FB6 3CFE FE6D 548E 98FB CCE9 6CA9 98FC 665A > > > > > > having problems reading email from me? http://codepiranha.org/~= pakkit/pgp-trouble.html > > > > > > > > > > > > > > >=20 > > --=20 > > email: pakkit at codepiranha dot org > > web: http://codepiranha.org/~pakkit > > pgp: 8988 6FB6 3CFE FE6D 548E 98FB CCE9 6CA9 98FC 665A > > having problems reading email from me? http://codepiranha.org/~pakkit/p= gp-trouble.html > >=20 --=20 email: pakkit at codepiranha dot org web: http://codepiranha.org/~pakkit pgp: 8988 6FB6 3CFE FE6D 548E 98FB CCE9 6CA9 98FC 665A having problems reading email from me? http://codepiranha.org/~pakkit/pgp-t= rouble.html --=-hYgamAC/8Ubo1V9A/Ysq Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA+DiOtzOlsqZj8ZloRAhwcAJ9Ku8zNNxBOSE4MCwHctHvmNoocWACgihI1 MVx4+C+oyrg8yKf6yrZJIE8= =yrnF -----END PGP SIGNATURE----- --=-hYgamAC/8Ubo1V9A/Ysq-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message