DUL (was Re: RBL report..)
I've just sent another, long, message about mail acceptance, blacklisting, and this whole flamewar. Please read that message first; it explains the context of this mail, and without it you might misinterpret this one. This message is about my opinion of the DUL, which I support and use. In fact my software will not usually accept mail from dynamic dialups anyway - even those not on the DUL. It does seem that some people do find it beneficial to send mail direct from their dialups (static or dynamic). I don't understand why they think this is a good idea, and I think it has a number of technical problems. However, I don't think that it's reasonable to effectively forbid people from doing this solely for those reasons, provided they're willing to accept the consequences - which will include excessive retransmissions over their modem, long connect times, and/or extended delays to the delivery of mail. *But*, there is a definite problem with people using _dynamically assigned_ dialup. This is because a dynamic dialup address cannot effectively be blacklisted, and mail sent direct from such an address cannot be monitored or controlled by the connectivity provider. Since much of the net's current spam-fighting infrastructure is based on blacklists of IP addresses and proactivity by ISPs, this is a big problem. That mail direct from dynamic dialups is a problem is recognised throughout the community. Not only did Paul Vixie, the author of BIND, and other leading lights of the Internet, decide to host, support, etc, the DUL. Many ISPs prevent you from doing direct SMTP by having their routers block outgoing SMTP or transparently redirect it to their own mailservers. I think that this is going to become much more common. Use of the DUL is becoming more common too - for example, Cambridge University no longer accept DUL mail. Sites that use DUL blocking report that it has very low false-positive rates - some claim even lower than the MAPS RBL. Now, I agree that for those people who want to do direct SMTP from dynamic addresses it is inconvenient for them to have to change, but I don't think this inconvenience is very great. Furthermore, the number of people inconvenienced in this way is very low, and all the people who are doing this are technically competent and have quite reasonable alternative ways of having their mail delivered. (IMO doing direct SMTP from a dialup accidentally or `by default' almost certainly reflects a bug in the software or documentation or a mistake by the user.) It's clear, though, that the project will have to come to a common decision about this. It's not just about what the project's mailservers will accept. As I said in my other mail, since we all need to communicate with each other, either every developer must be forbidden from using the DUL, or every developer must either not send mail direct from their dynamic dialup, or must be prepared to send it differently if there is a problem. Until a common decision can be arrived (if only by vigorous ranting here until one side feels they can't win), this issue will keep raising its head. We can't punt on it. If we decide that developers are allowed to reject DUL mail then the listmanagers should be allowed to do so too on the central systems. Ian.
Re: DUL (was Re: RBL report..)
On Mon, Apr 03, 2000 at 12:56:05AM +0100, Ian Jackson wrote: That mail direct from dynamic dialups is a problem is recognised throughout the community. Not only did Paul Vixie, the author of BIND, and other leading lights of the Internet, decide to host, support, etc, the DUL. Many ISPs prevent you from doing direct SMTP by having their routers block outgoing SMTP or transparently redirect it to their own mailservers. I think that this is going to become much more common. Use of the DUL is becoming more common too - for example, Cambridge University no longer accept DUL mail. Sites that use DUL blocking report that it has very low false-positive rates - some claim even lower than the MAPS RBL. You appeal to authority, call for bandwagon jumping, and rely upon anecdotal accounts, but have yet to point to an RFC that forbids or discourages the establishment of outbound SMTP connections from dialup machines, whether they have dynamically assigned IP's or not. The best way to force people like myself to do what you want is to get your personal preferences on the standards track. If they as widely shared as you assert, this shouldn't be an insuperable problem. Once you have done that, you won't have to shore up your position with invalid inferences. -- G. Branden Robinson|A celibate clergy is an especially good Debian GNU/Linux |idea, because it tends to suppress any [EMAIL PROTECTED] |hereditary propensity toward fanaticism. roger.ecn.purdue.edu/~branden/ |-- Carl Sagan pgpGPGWELM81K.pgp Description: PGP signature
Re: DUL (was Re: RBL report..)
Hi, I don't like getting spam. I dislike the fact that I am inconvenienced. I have not yet decided to give in, though. And, in my opinion, bouncing mail from people innocent of sending spam is giving in to spammers. I ifnd this phenomena remniscent of may people in the trhoes of a war: they become obsessed by the enemy; and collateral damage is increasingly acceptable in the pursuit of the war. I have not yet gotten that numbed out. The problem with DUL is that they don't care if the people blocked ever sent any spam. The have the wrong color ski^H^H^H^H^H^H^H^H^H type of connection, and must be the enemy. Frankly, it is an arbitrary criteria to reject mail, based on an assumption that people from those kind of net neighborhoodsare more likely to commit crimes, since criminals in them there neighborhoods are less likely to be caught and punished. The Net version of racial profiling. Personally, if I get a bounce from anywhere telling me they have blacklisted me, I return the favour. It's all going to end in heat death anyway. manoj -- Perhaps the most widespread illusion is that if we were in power we would behave very differently from those who now hold it -- when, in truth, in order to get power we would have to become very much like them. (Lenin's fatal mistake, both in theory and in practice.) Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Re: DUL (was Re: RBL report..)
On Mon, Apr 03, 2000 at 02:38:24AM -0500, Manoj Srivastava wrote: It's all going to end in heat death anyway. Of course, so we might as well turn off the computers right now. Cheers Hamish -- Hamish Moffatt VK3SB [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: DUL (was Re: RBL report..)
On Mon, Apr 03, 2000 at 12:00:52AM -0400, Branden Robinson wrote: You appeal to authority, call for bandwagon jumping, and rely upon anecdotal accounts, but have yet to point to an RFC that forbids or discourages the establishment of outbound SMTP connections from dialup machines, whether they have dynamically assigned IP's or not. RFCs do not forbid or discourage spam either, yet most people do not consider it to be a good idea. Once you have done that, you won't have to shore up your position with invalid inferences. Nor will you. Hamish -- Hamish Moffatt VK3SB [EMAIL PROTECTED] [EMAIL PROTECTED] pgpR9F392AgPg.pgp Description: PGP signature
Re: DUL (was Re: RBL report..)
On Mon, Apr 03, 2000 at 02:38:24AM -0500, Manoj Srivastava wrote: The problem with DUL is that they don't care if the people blocked ever sent any spam. The have the wrong color ski^H^H^H^H^H^H^H^H^H type of connection, and must be the enemy. The analogy is flawed. Solutions have been offered several times owner for DUL-listed or potentially DUL-listed users. All of which should not be too difficult to set up for a Debian developer. You see, DUL users don't reject mail from particular people, just from particular addresses. You just have to route your email to me through a trusted mail server. It's a bit like the no junk mail sticker on my letter box; you're not welcome to drop things in my mailbox directly, but if you post them they'll arrive just fine. hamish -- Hamish Moffatt VK3SB [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: DUL (was Re: RBL report..)
On Mon, Apr 03, 2000 at 06:09:41PM +1000, Hamish Moffatt wrote: On Mon, Apr 03, 2000 at 12:00:52AM -0400, Branden Robinson wrote: You appeal to authority, call for bandwagon jumping, and rely upon anecdotal accounts, but have yet to point to an RFC that forbids or discourages the establishment of outbound SMTP connections from dialup machines, whether they have dynamically assigned IP's or not. RFCs do not forbid or discourage spam either, yet most people do not consider it to be a good idea. Weak analogy. Specification of a set of circumstances under which Internet hosts are expected to initiate (or accept) SMTP connections is a technical issue well within the scope of the existing RFC's. I'd imagine RFC's don't forbid spam (if in fact they don't -- I don't know) because it is difficult to identify what is spam and what is not based on criteria easily evaluated by alogorithmic processes amenable to computation. Furthermore, that any issue is unspecified in an RFC does not mean that the RFC's already address all issues that need to be addressed. If any DUL users feel that the specification within a standards-track RFC of a set of circumstances under which Internet hosts are expected to initiate (or accept) SMTP connections is an undesirable end, I'd certainly like to hear the reasons why. Once you have done that, you won't have to shore up your position with invalid inferences. Nor will you. You have asserted, but offer no evidence. Please identify the fallacious reasoning or false premise you claim to perceive. -- G. Branden Robinson| Yesterday upon the stair, Debian GNU/Linux | I met a man who wasn't there. [EMAIL PROTECTED] | He wasn't there again today, roger.ecn.purdue.edu/~branden/ | I think he's from the CIA. pgpERoAb1dLiO.pgp Description: PGP signature
Re: DUL (was Re: RBL report..)
On Mon, Apr 03, 2000 at 06:58:18PM +1000, Hamish Moffatt wrote: On Mon, Apr 03, 2000 at 02:38:24AM -0500, Manoj Srivastava wrote: The problem with DUL is that they don't care if the people blocked ever sent any spam. The have the wrong color ski^H^H^H^H^H^H^H^H^H type of connection, and must be the enemy. The analogy is flawed. Solutions have been offered several times owner for DUL-listed or potentially DUL-listed users. All of which should not be too difficult to set up for a Debian developer. You demonstrate limited facility to construe the analogy. The solutions that have been offered effectively result in concealing the fact that the ultimate origin of the mail is a dynamic IP, therefore this is like asking people with the wrong color skin to paint it an acceptable color. What mechanism do you propose that people on dynamic IP's use to identify their mails as non-spam while still making direct SMTP connections to the MX host of the destination domain? -- G. Branden Robinson| The first thing the communists do when Debian GNU/Linux | they take over a country is to outlaw [EMAIL PROTECTED] | cockfighting. roger.ecn.purdue.edu/~branden/ | -- Oklahoma State Senator John Monks pgpcK5XZjFL6K.pgp Description: PGP signature
Re: DUL (was Re: RBL report..)
Branden Robinson [EMAIL PROTECTED] wrote: On Mon, Apr 03, 2000 at 06:58:18PM +1000, Hamish Moffatt wrote: The analogy is flawed. Solutions have been offered several times owner for DUL-listed or potentially DUL-listed users. All of which should not be too difficult to set up for a Debian developer. You demonstrate limited facility to construe the analogy. The solutions that have been offered effectively result in concealing the fact that the ultimate origin of the mail is a dynamic IP, therefore this And that is the whole point of the DUL. When a dynamic IP site is relaying through someone else, the relaying host will be responsible if and when the dynamic IP site misbehaves. If they're sending directly, then no one needs to claim responsbility as the receiver cannot block the sending address easily due to its dynamic nature. OTOH, if a relay doesn't do something about a spammer, it can easily be blocked, thus giving a relay's admin a very strong incentive to act. -- Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmVHI~} [EMAIL PROTECTED] Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: DUL (was Re: RBL report..)
On Mon, Apr 03, 2000 at 06:42:21AM -0400, Branden Robinson wrote: Furthermore, that any issue is unspecified in an RFC does not mean that the RFC's already address all issues that need to be addressed. Yes, exactly. Therefore ommission of any comment about dialup users making direct SMTP connections for mail delivery does not indicate that the RFCs think it is a good idea. They simply do not comment. You are taking this omission as support of your case where it is not. Hamish -- Hamish Moffatt VK3SB [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: DUL (was Re: RBL report..)
On Mon, Apr 03, 2000 at 06:49:17AM -0400, Branden Robinson wrote: What mechanism do you propose that people on dynamic IP's use to identify their mails as non-spam while still making direct SMTP connections to the MX host of the destination domain? None, it is not necessary. Hamish -- Hamish Moffatt VK3SB [EMAIL PROTECTED] [EMAIL PROTECTED]