[...]
The problem was resolved by the next morning but now we found out outgoing mail was being blocked by an anti-spam list (perhaps an irate member reported that we were spamming them). We are still attempting to have our list server de-listed on the spam block list, but we have found an alternate relay that will allow us to operate in the mean time.
Spam is an ever-increasing problem, and it will continue to be so until we find a way to coordinate internet user activity; it is one of a whole class of serious problems that could be solved by developing new ways of communicating (by which I mean social technology, only secondarily computer technology). See www.beyondpolitics.org for what may be a poorly-written (my wife tells me so) introduction to the concepts.
The SpamCop network of volunteers is closest to what I'd see as a solution, but it falls short. Forum Admin did not tell us what spam list was involved, but the real problem here is not the spam list, nor is it the user who complained, if that is what happened. The problem is overworked or lazy system administrators who take a list like the SpamCop list -- which is merely advice -- and act on it without applying any intelligence, by simply blocking any mail from an IP address on the list.
SpamCop filtering has become central to my own email strategy, but I never allow mail to be deleted merely because the source IP is on the filter list.
If all of Techserv's mail was being blocked, the problem system would be either Techserv's own service provider or a major link upstream from that provider. It should have been resolved quickly under the circumstances described. Spam lists don't block mail, system administrators do, or programs set up and controlled by system administrators.
I just looked and did not find any major blacklist problems with techservinc.com's IP, nor with IP for ns1.mailer.org. Likely the problem has been resolved.
Now, to take the opportunity and dilate upon what I see as SpamCop's shortcomings:
I use Mailwasher Pro, which, among other things, checks a series of public blacklists to see if the source IP is listed. If it is, I can configure Mailwasher to display the fact and mark the mail for deletion. It would automatically delete it, but I can't afford to allow that. The reason is that source blacklisting often attaches to mail that is perfectly legitimate, the sender suffering only from sharing source IP with a spammer (or apparent spammer). Since a lot of spam is sent through AOL servers, any AOL user who happens to be accessing the internet through the same server can get his mail tagged. One of our businesses gets mail from the general public, many of whom may have never before written us, so they will not be on a whitelist. Once every week or so I find legitimate mail that has been tagged by a blacklist. I don't want this mail to be lost.
So I am forced to review all the spam we receive, unless it is on a local blacklist. I no longer add mail to my own blacklist automatically, it is simply too dangerous. If I receive repeated unwanted mail from a source that does not appear on the SpamCop blacklist (or one of the others, but SpamCop is far more effective than any other), then I'll put it on my own blacklist or create a filter to identify it. It is rare that I need to do this.
However, the vast majority of spam is tagged by SpamCop, and there are few false positives, perhaps on the order of 0.02%. When I have a system that will autorespond to tagged mail with a message that informs the sender that their mail has been blocked, why it has been blocked, and how to get around the block, then I might hide and autodelete spam. As the matter is now, however, I don't have a means to do that. (This would violate the rule that you don't reply to spam, but under circumstances that would allow me not to care if the spammers learn that my address is real by getting a bounce.)
Now, SpamCop seems to identify about 90 to 95 percent of spam based only on source IP. Source IP is perhaps the only reliable way of identifying so much spam, given the tricks that spammers use. Challenge systems are defective, for my purposes, because they add burden to the sender. Some of our correspondents are not at all computer literate and I don't want to add confusion to their lives, just to save myself a little trouble. If it were a *lot* of trouble, maybe. But it's not, with the system I'm using.
Anyway, I check my mail with Mailwasher before using my mail program (Eudora). Mailwasher is a POP client; it downloads headers and the first 21 lines of a message, and it processes the mail accordingly, automatically querying a configurable series of blacklists. When commanded, it will delete mail that has been tagged for deletion; it will, on request, download the complete mail for examination and you can even respond to mail from within Mailwasher. Undeleted mail remains on the server for my mail program to retrieve. When I highlight a mail in the list that appears, the text of the mail appears immediately in a display so I can peruse it if I have any doubt about it.
I have Mailwasher set to sort mail, once the blacklist responses have come in, by deletion status. There are then, if I've waited overnight, a screen or two of untagged mails. (Whitelisted mail is hidden unless I configure it to appear, which I occasionally do for some reason or other.) Nearly all of these mails are spam; but they haven't made it to the blacklist yet. So these are fresh spam. (If a mail is legitimate, I add it to the Friends list, or, sometimes, set a filter for it, and it is then hidden.)
So what's wrong with SpamCop? Well, the latest version of Mailwasher includes a field for each mail, a checkbox, "report to SpamCop." If I have set up a SpamCop subscription and have configured Mailwasher to use it, Mailwasher will automatically send the headers report that SpamCop wants. It is about as easy as I can imagine. (Most SpamCop volunteers seem to be still copying and pasting headers, vastly more time-consuming.)
When I first received this version of Mailwasher, I joined SpamCop, eager to contribute to the rapid demise of spam. However, when a mail is reported to SpamCop, what SpamCop does is to send the mail back with an analysis of the headers and a link to confirm the report. To activate the report, I need to follow the link and confirm it. This takes a hundred times as long as simply checking the SpamCop report box. I did it for a day and then gave up. I want to help, but the cost is too great!
So I'm sponging off the labor of the volunteers who are willing to put up with this onerous system. I followed one of the mailing lists, and some poor volunteers were complaining about spending hours each day reporting spam. But they would then say it's worth it! It might be, but it is unnecessary, a poor solution to a real problem (spammers and others would try to abuse the system for their own nefarious purposes).
The system has not been thought out, all the way through, to efficiently use the huge pool of volunteer labor available. Yes, of course, no IP should be blocked just because a verified user reports it (I'm a verified user, they've already received proof I'm a human being and not some robot). But if several verified users report a single source IP, it should either be blocked immediately or referred to what they call a Deputy. I'm not sure exactly how that works, but Deputies are apparently volunteers who've been given some authority to make decisions.
It should be possible to identify that a server is sending spam within minutes of the first transmission, if there were, for example, many users of Mailwasher taking the trouble to examine their mail and check a box. I'd be willing to pay for the privilege of being a volunteer in such a system, because I'm certain it would be far more destructive to spam than any possible governmental interference. When the reception rate of spam falls below a certain amount, they'll stop sending it. When spammers are reliably losing money, most of them will quit!
Source IP blocking should be used, not to totally block mail, but to divert it or delay it pending confirmation. Whenever source IP is added to the SpamCop blacklist, I think the host is notified. It should be possible for a host to rapidly shut down the spammer at that point, or to protest the blacklisting. There should be commercial whitelists to which mailing lists and other frequent mailers would, for a nominal fee, subscribe. A small bond might be posted, to be forfeited if the mailer violates the rules of the whitelist. Then, if you are on a whitelist, the rebuttable presumption would become that you are *not* a spammer, but a legitimate mailer who might have been misidentified as a spammer due to something like what happened to the PEDA server. Noncommercial lists might be covered without fee. I don't think the fees or bonds would need to be very much.
This is an example, potentially, of a system where a huge task is accomplished by a large number of people each putting in a very small effort. There are *many* more of us than there are spammers; we are only vulnerable to spammers and other parasites because we are not organized. We need organizational technology to solve this and similar problems. That technology cannot place more of a burden on members than they can spare; for most causes they can spare very little, so the organization must demand of them very little. Not zero, but something as simple as checking off mail that makes it through a spam filter. (In my case, I'd look through the thirty or forty mails for anything legitimate or even arguably legitimate and hide it, then select and check en masse, a single click, what was left. I'd never have misidentified the PEDA mailing as spam, it had a clearly relevant subject line -- as well as a known source.)
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * To post a message: mailto:[EMAIL PROTECTED] * * To leave this list visit: * http://www.techservinc.com/protelusers/leave.html * * Contact the list manager: * mailto:[EMAIL PROTECTED] * * Forum Guidelines Rules: * http://www.techservinc.com/protelusers/forumrules.html * * Browse or Search previous postings: * http://www.mail-archive.com/[EMAIL PROTECTED] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
