> From: Nathaniel Borenstein <nsb@xxxxxxxxxxxxx> > ... > I also have to say that I fear your approach would help the larger ISPs > use spam as an excuse to kill off smaller ISP's... How so? Exactly what is my approach? Please note what I've said too many times: - I don't currently use a public blacklist and have never used one for non-trivial mail. - I'm flogging spam defenses that compete with blacklists. > and I question the > fundamental legitimacy of blocking all of an ISP's customers before > there's a fair due process to establish the ISP's culpability. "Fair due process" and "free speech" and even "legitimacy" are none of your concern unless you own the mailbox that would *RECEIVE* the blocked mail. No one has any right to send anyone any mail. We have only privileges granted by targets of our mail. If our targets are foolish and hire ISPs with long histories of both permitting a lot of outgoing spam and blocking a lot of incoming legitimate mail (see recent complaints about RR's false positives), then that's just tough and perhaps we should convince our correspondents to switch ISPs or find new correspondents. Good or bad spam filtering is merely a part of the rest of good or bad SMTP or any other ISP service. It makes no more sense to condemn the HTTP protocol because many web pages are junk than it does to condemn blacklists because some blacklists are junk or used badly. If you think blacklists are bad because they can be run by fools, then you also must hate any network authentication and authorization mechanism. What's the difference between Kerberos and a mail blacklist? Both are responsible for summary denial of services. I fear there are bad reasons for the disdain for blacklists: - they are effective against spam from spam friendly ISPs. - some of us work for spam friendly ISPs and let the interests of our employers color our thinking. - some of us are lazy and hire ISPs have been spam friendly. - some of us feel we have a devine right to send any mail to anyone and are deeply offended by any contrary suggestion, not to mention an effective mechanism. > "Caring > enough about spam" is an awfully slippery concept on which to base a > blacklist. I am offended by your implication that I suggested any such thing. I only pointed out that using spam-friendly ISPs has consequences. (You evidently know about XO's reputation, which I think has improved lately.) The only major blacklist that does anything remotely like your implication is SPEWS, which "escalates" in order to get the attention of ISPs. If I did use a blacklist, it wouldn't be SPEWS but that would be only one reason among serveral. > ... > > that is not blacklist, then why can't a blacklist be run properly? > > Good point. That's why I favor giving users access to their spam pool > when they suspect problems, and using challenge/response in certain > (carefully defined) situations. A good filtering mechanism is not > nearly as black and white as a blacklist. The last part of that is simply wrong. Every filtering mechanism is exactly as black and white as a blacklist. Whether or not an SMTP server keeps good logs has nothing to do with whether it decides to reject messages using blacklists of IP addresses or domain names or anything else. If your correspondents use software that consults any blacklist but doesn't keep good logs, then the fault lies first with your correspondents for using bad software, second with you for having foolish correspondents, and not at all with the blacklist. Yes, I realize that I'm implying that to keep good logs you need to act on a blacklist (if you use one) at the end of the DATA command instead of before the HELO. > > Any fool > > can set up a blacklist. That many fools have and other fools have > > used them does not show that blacklists are bad any more than the ease > > of setting up an IP network shows TCP is the spawn of the devil. > > I will confess that my personal experience makes it very hard for me to > be rational on the subject of blacklists, as I fear that any concession > to them will only encourage the creation of destructive blacklists by > "fools". In general I prefer a solution that any fool can implement, > because one surely will. Then you'd better give up on the Internet. As with much of the net, the information in and functioning of any spam system is at least somewhat "administrative" and subject to the whims of any fools administrating it. The buyer must beware, not only of hiring a spam friendly ISP, but contracting with a foolish spam filter. The greater fool is often the buyer of services offered by lesser fools. Vernon Schryver vjs@xxxxxxxxxxxx