[CLUE-Talk] Oh No! Not Again! (spam spam spam spam ...)

David Willson DLWillson at TheGeek.NU
Wed Apr 16 13:45:30 MDT 2003 

Charlie and Jed, thank you for the clarifications.  Now, I'll offer
mine.

<steps on soapbox, prepares for possibly pugnacious propounding>

I agree with all these points:
1)  IBM should have clearly disclosed their intent to use the sign-up
list for follow-up contact.
2)  IBM should NOT have sent a message over 100K to an audience with
unknown capabilities.
3)  Every reasonable anti-spam measure should be taken by system
administrators.  Let me recommend Todd Williams as one of the
best-in-class at this, and an effective consultant for anyone needing
help.
4)  There is a class of spammers whose resource-wasting is criminal, and
we need to be vigilant in our efforts to hamper their progress.

I disagree with our apparent attitude toward business-people that
prospect among us.  We use their time and talent, so it is an
appropriate return that they should regard us a business prospects.  It
is time that we started briefing them (and each other?) ~beforehand~ on
~how~ to promote their businesses within CLUE, so that these sorts of
mis-understandings can be avoided.  They should be able to do business
with us, and we should be able to do business with each other without
fear of getting publicly flamed.

Folks, this is business ~and~ pleasure.  Allow room for business,
please.  Nothing good is free.  Somebody always pays, and if you don't
pay him back, he'll eventually starve, and you'll have no more of what
you thought was free.  Prove that our reputation as cheap-skates is
unearned by spending your time, talent, and treasure supporting your
beliefs and supporting the people that support your beliefs.  In this
case, the 'people' is IBM, and the 'belief' is Linux, and your 'time,
talent, and treasure' are your email system and your patience, perhaps
more, but that's up to you.

Give your associates some room to fail.  "Praise publicly, criticize
privately." some wise person once said.

Wouldn't it be kinder and more effective to replace the public flamings
with a gentle, private reproof, and a public re-posting of "This is how
we do business within CLUE.FAQ"

Someone will likely tell me about several public "Don't" lists.  Let me
head that off by saying that it is better to tell a person, "Do this."
rather than "Don't do this."  It's behavioral truth.  You can't motivate
people with "don't", and you ~can~ motivate people with ~do~.

David Willson
(720)334-5267

On Wed, 2003-04-16 at 11:59, Charles Oriez wrote:
> At 08:38 AM 4/16/2003 -0600, Charles Oriez wrote:
> 
> >At 07:59 AM 4/16/2003 -0600, you wrote:
> >
> >>So, Maureen from IBM one of the "thieving scum who are trying to steal a
> >>communications medium and make it worthless..."
> >>
> >>Huh.  <dumbfounded>
> >
> >
> >if she's spamming, yes
> 
> I'd like to apologize for this response.  I made it hurriedly on my way out 
> the door to an appointment.  I started a sub thread which is a distraction, 
> and I'd like to retract it and focus on the main core of the debate.  While 
> most spammers are in fact convicted criminals, criminals currently under 
> indictment, or criminals who just haven't gotten caught yet ( about 95% of 
> my spam over the last month by my count, including people hijacking 
> servers), painting with too broad a brush and too little thought is 
> inappropriate.
> 
> Notice where David and I didn't disagree though.  He didn't disagree with 
> the proposal to report spammers to their ISPs.  We don't even disagree on 
> the principle of just hitting delete, although we probably disagree on 
> where and how to delete.  I include a quote below from 
> news.admin.net-abuse.email which I think is appropriate.  By using blocking 
> lists on the servers, the different people and ISPs reporting spam are 
> deleting faster and cheaper.  We also notify the ISP the spam is coming 
> from that we are not accepting their traffic, which gives them the 
> opportunity to terminate the spammers and get their traffic 
> unblocked.  Checking logs at rmc.sierraclub.org, I notice that I once 
> deleted 2430 pieces of spam targeting about 200 mailboxes in a one half 
> hour period (same source, with each spam attempting to convince the 
> recipient to held the sender smuggle embezzled money out of Nigeria - the 
> famous 419 scam).  Each of those deletions sent a connection refused 
> message back to the connecting server.  A competent sysadmin can then fix 
> his problem (in that case an open relay exploit from the looks of it).  Far 
> better than each of those users hitting delete multiple times and not 
> advising the sending system of the problem.  Also, because the refused 
> connections were based on spamcop, we didn't even have to file reports, 
> because a couple of hundred people had already done so.  And as long as the 
> reports kept coming in, the server remained blocked.  By my own logs, 
> spammer attempts to touch my server only succeed in delivering their junk 
> to my mail box about 1 time in 30, because almost every server used to 
> deliver spam has already been listed as an open relay or proxy, known to be 
> coming from a spam friendly ISP, or otherwise has confirmed spam sign (such 
> as unicode spam: ^Subject: \=\?big5\?.* or ^Subject: \=\?gb2312\?.*)
> 
> But the key principles are these: spam should be reported before being 
> deleted.  ISPs who don't terminate spammers when they get complaints should 
> be blocked until the spammers are terminated or the ISP goes out of business.
> 
> In my opinion, global block lists are better than a million local block 
> lists, because it is easier for an ISP who decides to mend his ways to get 
> off the global lists.  A study I did one month found that any given piece 
> of spam I blocked came from a server on about 14 global lists.  However, as 
> Michael Rathbun said long ago, "I think it likely that when the successor 
> to IPV6 is just about to be deployed throughout the Solar System there will 
> still be null routes and deny table entries for 205.199.212.0/24 in an 
> uncountable number of places."
> 
> 
> 
> 
> 
> charles oriez          coriez at oriez.org
> 39  34' 34.4"N / 105 00' 06.3"W
> **
> "You want us to hit delete.  A blocking list is basically a diesel delete
> key.  A blocking list is the bulk delete response to unwanted bulk email.
> When we use a blocking list, we are hitting delete, as you ask us to
> do.  Why do you object?"  -- David Canzi
> 
> _______________________________________________
> CLUE-Talk mailing list
> CLUE-Talk at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-talk

More information about the clue-talk mailing list