From: Dossy (dossy@panoptic.com)
Date: Fri Jul 04 2003 - 18:35:23 MDT
On 2003.07.04, Harvey Newstrom <mail@HarveyNewstrom.com> wrote:
> My guess is that extropy.org, extropy.com, sl4.org, lucifer.com,
> javien.com, and everybody else hosted by Spots InterConnect are
> similarly being blocked. You might talk to Spots InterConnect to
> confirm if all their subscribers are being blocked. If so, they may
> be able to help resolve this issue at their level by informing AOL
> that these addresses are not dynamic. However, I am not sure AOL will
> respond, because this bone-headed policy is intentional on their part.
This policy isn't bone-headed. It's a very reasonable one, actually.
ISPs have the option to self-elect their IP netblocks as being resold to
third parties on various lists. Folks who receive mail then can
subscribe to those lists and refuse to receive mail from those IPs.
Why is this good? Because folks who buy access may not properly secure
their mail servers. They may either intentionally or inadvertently set
up their machines as open mail relays, run an open proxy, or otherwise
allow unauthorized individuals to use their machines (and thus, their IP
address) to send mail out. So, the ISP in good faith elects to add
the IP addresses they license to customers in these DUL (Dial-Up Users)
or other lists. (Yes, "Dial-Up" today is a misnomer, but that's where
it started and thus got its name.)
ISPs who do self-elect in this fashion should be offering a mail relay
server that their customers can use to send mail to the outside world.
This mail relay should only allow mail to be relayed from IP addresses
that they own (and have self-elected to add to these DUL lists). This
way, there's proper logging of what mail is passing out of the ISPs
networks by its customers. This makes identifying violations of their
TOS or AUP easier, rather than waiting for angry complaints about a
particular IP address in their netblock and having to figure out who and
what is doing it.
David needs to contact Spots InterConnect and ask them what mail server
he should be using as a relay host.
My previous ISP, Eclipse Internet (now NetCarrier Communications)
self-elected their IPs that they use to provide dial-up and DSL
connections through. Even the static IPs that I was assigned. For
hosts who blocked mail from me via DUL lists, I simply had to add
entries to my /var/qmail/control/smtproutes file like so:
aol.com:mail.eclipse.net
aol.net:mail.eclipse.net
mail.eclipse.net is their mail relay for their customers. Really easy,
and it keeps the DUL system working with only a minor inconvenience to
me.
> This is apparently a common problem for all mailing lists. AOL not only
> blocks certain type of addresses as above, they also block on keywords
> indicating messages that are sexual, extremely political, violent, racist or
> subversive.
Do you have proof of this? Do you have a sample message that will
trigger this block?
An individual customer can always report an email they receive as
offensive, but I don't think they actually block email that a customer
hasn't flagged as coming from a sender they don't wish to receive mail
from.
I think if enough customers report the same sender as sending offensive
messages, then yes, that sender may be blocked from sending messages to
any OTHER customers. I think this is a good service. One complaint
might just be a difference in opinion, but if 50 people report being
harassed from the same sender ... should you really allow that sender to
send mail to any other people?
> They also will trigger from subscribers pressing the "report
> spam" button.
I think this is what is really happening in the behavior you mentioned
above.
> They also block mail if any intervening ISP is blocked.
Guilt by association. It sucks, but the many true positives usually
outweighs any possible false positives.
> It may not even be extropy or javien that is blocked, but some other
> customer of that same ISP.
Or, more likely, some customer of Spots InterConnect performed repeated
abuse and people threatened to blackhole the entire ISP if they didn't
self-elect their IPs to various block lists, like DUL. (Guess that
doesn't sound so much like /self/-election anymore, but it still is.)
> In any case, the problem is apparently well known and definitely
> inside AOL. Their subscribers may simply need to understand that
> their mail is being censored. The Extropians List is still available
> to them via the web bbs interface, so nobody is completely cut off.
The problem stems from a protocol (SMTP) that hasn't been adequately
updated to reflect the needs of the Internet, today. Maybe it was fine
15 years ago, but it sure isn't workable today. AOL's simply trying one
potential hack or workaround to the problems that SMTP isn't addressing.
It's not perfect, but again, the massive number of true positives it
blocks definitely outweighs the false positives. Especially when it's
trivial to correct things once you realize you're being blocked as a
false positive.
-- Dossy
-- Dossy Shiobara mail: dossy@panoptic.com Panoptic Computer Network web: http://www.panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70)
This archive was generated by hypermail 2.1.5 : Fri Jul 04 2003 - 18:46:19 MDT