Sunday, June 03, 2001, 3:49:20 PM, you wrote:
>>I agree wholeheartedly. The fact is that the use of orbs and other open
>>relay databases seem totally ineffective in reducing UCE volume.
RSP> Well, it depends on the situation. A business running their own
RSP> mailserver, for example, may want to block based on most of the databases
RSP> to minimize spam.
RSP> With 20 or so DNS-based spam databases to choose from, you can find the
RSP> ones that block the most spam while blocking the least amount of legitimate
RSP> mail. There is no one "right" answer. And some people, of course, prefer
RSP> not to have any E-mail blocked.
RSP> That's one of the reasons we offer per-user and per-domain control with our
RSP> anti-spam software.
You're offering an option that most providers don't even mention. With
my ISP ( RR), it offers no such option and apparently has no idea how
to properly deploy the available databases.
>>I have heard hundreds of complaints from other customers
>>complaining of the blocking of legit e-mail.
RSP> If you block on all the ORBS tests, there's a good chance that will
RSP> happen. But, if you block on the ORBS test without knowing what it is and
RSP> what it does, you're asking for trouble.
>> From my viewpoint, an ISP opens itself to one big class-action lawsuit by
>> claiming
>>it is aggressively censuring e-mail.
RSP> Not if either it is part of the contract, or you allow users to "opt out"
RSP> of the scanning (or better, "opt in" to it).
Many contracts are meaningless in a court. If you can afford to, you
could take an appeal to the supreme court....but look at some of the
judgements that bunch has made most recently. They're sticking their
noses into the private affairs of relatively small organizations to
the extent that I wouldn't delight in taking my chances with them.
>>Some of this spam contains links to what are
>>claimed to be sites containing images of "underage teenage sluts", for
>>example.
RSP> I'm just as concerned by the larger amounts of porno spam being sent to
RSP> children. We estimate that about 1,000,000,000 (yes, BILLION) E-mails are
RSP> sent per year to children under 18 soliciting porno sites. That's 46,000+
RSP> hours a year that children spend deleting those E-mails, if it takes just 4
RSP> seconds to deal with them.
Porn is apparently big business. That alone speaks volumes regarding our
societal values and morals, and none of it is good.
>>As a former ISP owner I see the potential for very costly legal action
>>against ISP's claiming to be successfully censuring unacceptable
>>e-mail via use of these "wonderful" databases.
RSP> A lot depends on what they claim, what techniques they use to find spam,
RSP> and whether or not the users have a say in what is being filtered.
RSP> For example, I can't imagine any court in the U.S. would rule against an
RSP> ISP that adds X-RBL-Warning: headers to E-mail to mark them as spam, for
RSP> the recipient to filter on.
A good money hungry law firm can get about any case into a court. Just
get a jury of little old blue-haired grandmothers listening to horror
stories describing the filth these greedy ISP's are allowing to be sent
to their little grandchildren, and you may be surprised at what could be
granted even in the form of punitive damages. Considering the poor
financial condition of most ISP's, it would be a piece of cake to put
them under just by forcing them to defend themselves. Anyway, when
there are some dollars to be grabbed, lawyers typically do a very good
job of litigating (for themselves ;) and if the defendant isn't
willing to settle out of court to their satisfaction, a jury trial
will be demanded.
>>BTW: Not one single UCE has ever been originated or relayed from either of
>>my sendmail servers.
RSP> Out of curiousity, what do you do to prevent origination of UCE from your
RSP> sendmail servers?
Both are closed to the outside world (port 110), so they can only be
accessed on local network. Of course port 25 is open, but we strictly
enforce anti-relay policies. I've made it clear to my employees that
any e-mail abuse will put them out on the curb the instant I receive
incontestable confirmation of any such activity.
I realize an ISP can't operate and control a mail server anywhere near
as strictly as a private enterprise. Maybe my point should have been, based on my
experience, and that of others, is that most system admins are too
incompetent to make use of databases. I'm sure there are plenty of
sharp cookies out there, but most organizations only bring them in to
clean up a mess beyond repair. After things are back on par they
simply hand the keys back to their low paid lackies. I have personally
seen many examples of what I just mentioned.
Regards,
Ben
RSP> -Scott
RSP> Declude: Anti-spam and Anti-virus solutions for IMail. http://www.declude.com
RSP> Please visit http://www.ipswitch.com/support/mailing-lists.html
RSP> to be removed from this list.
RSP> An Archive of this list is available at:
RSP> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
--
Ben mailto:[EMAIL PROTECTED]
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
