Re: [Fwd: [Asrg] Verisign: All Your ...
More FUD. Real spammers use opt-in addresses, collected by the companies they are spamming for. This costs the company no more than collecting snail mail addresses. Most companies collect these opt-in addresses. Only radical antispammers collect and abuse addresses via things like webscanning. And then they tell people that spammers do this. Clue: There are no real companies selling fake viagra via spam. These, and many other spams are sent to you by anti-spammer script kiddies to try to get people to pass anti-spam legislation. Of course, real spammers aren't violating the anti-spam legislation. They weren't before, and aren't now. When blacklists like MAPS block them, they sue in court, and win. Real spammers are now on fixed IP addresses with T3 connections. They are easy to pick out of the noise. I haven't seen a single unsolicited spam from them. In fact, haven't seen a spam that is both _unsolicited_ and _genuine_ in over a year. Yet I am getting 500+ a day. It was steady at around 300+ a day all summer, but jumped up to 500+ about a week ago. It has been steady at 500+ a day. Funny, that. Yet almost none of it is genuine, and what is genuine, is opt-in. So there is no reason whatsoever for Verisign to collect verified addresses to spam people. This is completely ludicrous FUD that anti-spammers have been promoting for a long time. While there once were unsolicited spammers. They've all changed their operations, now. But back then, they already had your address. They didn't need to verify it. Advertisers are interested in response rate, not verified addresses. Radical antispammer script kiddies just didn't know this, because they are kiddies with no business or marketing education. FUD doesn't stand the test of time. But Goodwins law has been called, so this will have to wait a little longer. --Dean On Wed, 24 Sep 2003 [EMAIL PROTECTED] wrote: On Tue, 23 Sep 2003 19:35:45 EDT, Dean Anderson [EMAIL PROTECTED] said: There has been no evidence that Verisign has collected any sender addresses, nor would there be any reason for them to want to. *plonk* Sorry Dean, you've finally managed to push over the edge from possibly just dense into obviously being intentionally dense. nor would there be any reason? Take the number of mis-addressed pieces of mail per day (which was sufficient to even DDoS their Snubby server, which was hopefully not a very heavy-weight MTA), and multiply by the going rate for pre-washed e-mail addresses. Or phrased differently - given that it's all about the benjamins, is there any reason to expect them to *NOT* use the data they're being given to compile lists for spammers?
RE: [Fwd: [Asrg] Verisign: All Your ...
Ok, one last message. This removes some apparent confusion between reverse DNS abuse and the current Verisign complaints. The people who have problems with Verisign expect to do a forward lookup on a domain name, and if they don't get NXDOMAIN, they want to do a reverse lookup on the address, and if they match, they assume that the sender is not a spammer. This is known as reverse DNS abuse, or reverse DNS test. Of course, it never worked. But people believe with religious fervor that it does. These people are upset because now the unregistered .com and .net domains don't return NXDOMAIN, but give the address of Verisign. The next step in their test will check the reverse address of Verisign, and find it to match. Thus, they are upset that their test doesn't work. It didn't work to begin with. The premises on which this test was based, are false, and have always been false. The DNS working groups have discussed the issue, and have considered removing Reverse DNS because of these abuses due to a long and well documented history of harms due to this abuse, and the comparatively small positive value of Reverse DNS in proper usage. IPv6 has host identification facilities which replace Reverse DNS. I think that Reverse is presently broken in IPv6 due to recent changes in IPv6 work. I forget if it has been fixed. It seems likely that IPv6 won't have reverse DNS, so if we ever get it deployed, the problem will go away. But, obviously, you are unfamiliar with the history of the problem, which is why you don't recognize the reverse DNS abuse and what the term signifies. I should have realized that earlier. --Dean On Wed, 24 Sep 2003, Laird, James wrote: Dean wrote: It is you who is struggling in vain. You and the rest of the reverse DNS abusers are confused. REVERSE DNS? Abusers? Give me a break. Looking up an IP (or getting an NXDOMAIN) from a domain name is FORWARD dns. Where's the reverse? (Where's the abuse?)
RE: [Fwd: [Asrg] Verisign: All Your ...
Sorry, this is actually WRONG. Dean wrote: These people are upset because now the unregistered .com and .net domains don't return NXDOMAIN, but give the address of Verisign. The next step in their test will check the reverse address of Verisign, and find it to match. --snip-- nslookup www.thisdomaindoesnotexist.com Name:www.thisdomaindoesnotexist.com Address: 64.94.110.11 64.94.110.11 Address: 64.94.110.11 Name:sitefinder-idn.verisign.com --snip-- So you're saying that reverse DNS programs will match www.thisdomaindoesnotexist.com with sitefinder-idn.verisign.com? Hopeless. --James Disclaimer: Whilst every attempt has been made to ensure that material contained in this email is free from computer viruses or other defects, the attached files are provided, and may only be used, on the basis that the user assumes all par responsibility for the use of the material transmitted. The email is intended only for the use of the individual or entity named above and may contain information, distribution or copying that is confidential and privileged. If you are not the intended recipient please note that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email and destroy the original message.
Re: [Fwd: [Asrg] Verisign: All Your ...
Dean; Specifically, you insist that DNS queries, via DNS _protocol_ can be used to check if a domain exists. No, I never. Masataka Ohta
Re: conclusion for ALL YOUR WILDCARDS
Keith; Your mistake (or, is it intentional?) is to have narrowed the focus of the discussion that your point is on a minor protocol issue of an e-mail protocol. Yes, you should conclude it. In general, trying to teach things to people with read-only minds is an exercise in futility. Exactly. Masastaka Ohta
Re: [Fwd: [Asrg] Verisign: All Your ...
Dean; When you get an NXDOMAIN DNS protocol reply, the DNS protocol (RFC 1034, etc) defines a specific meaning. Neither rfc1034 nor rfc1035 define NXDOMAIN DNS protocol reply. But when you don't get NXDOMAIN, there is no meaning to be implied. This is a fact due to the inclusion of wildcard records in the DNS protocol. Wrong. As is clearly stated in rfc1034: The general idea is that any name in that zone which is presented to server in a query will be assumed to exist, with certain properties, unless explicit evidence exists to the contrary. domain names matching a wildcard is assumed to exist. Masataka Ohta
RE: conclusion for ALL YOUR WILDCARDS
Vint wrote: if there is a strong ietf consensus that this practice should be ended, it would be helpful to find a way to express that, to add to the expressions from iab and secsac. There seems to be only one person on this mailing list who does not agree that the practice is inappropriate. Maybe we should put together a summary of the discussion and send it to ICANN? --James Disclaimer: Whilst every attempt has been made to ensure that material contained in this email is free from computer viruses or other defects, the attached files are provided, and may only be used, on the basis that the user assumes all par responsibility for the use of the material transmitted. The email is intended only for the use of the individual or entity named above and may contain information, distribution or copying that is confidential and privileged. If you are not the intended recipient please note that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email and destroy the original message.
RE: conclusion for ALL YOUR WILDCARDS
if you do that, I hope you will edit to manageable and understandable proportions... :-/ v At 10:50 PM 9/24/2003 +1000, Laird, James wrote: Maybe we should put together a summary of the discussion and send it to ICANN? Vint Cerf SVP Technology Strategy MCI 22001 Loudoun County Parkway, F2-4115 Ashburn, VA 20147 703 886 1690 (v806 1690) 703 886 0047 fax [EMAIL PROTECTED] www.mci.com/cerfsup
Please restrict your posting volume
Dean, as has happened before, your volume of posting has grown enough to cause people to complain. I make your posting volume 27 messages in the last 3 days, comprising 1/3 of the list volume for these days. Please restrain yourself to a reasonable level - in email, there is no particular harm coming to you by waiting a few hours before responding. Harald
Re: Please restrict your posting volume
Goodwins law has been invoked, so seems all points have been made, that can be made. I have received a number of off-list encouragment messages, but no off-list hate mail. Unlike many IETF discussions, this one was rather civil. I wonder if the complaints you mention are simply meant to suppress the reasonably articulate opposition I bring against your position in the IETF commentary. Given your IETF commentary letter and its lack of factual statements and genuine harms, it seems likely to be the latter. However, email lists aren't the only way to counter such irrational positions. As I've said many times previously, FUD doesn't stand the test of time. I think perhaps like at NASA, it is time to end the practice of political pandering to persons who are beyond the technical usefulness. Like the NASA Safey Council, it seems time for the current IAB members to resign, and time to find some competent engineers to take over, who can make engineering decisions based on facts rather than hyperbole. It is indeed horrifying to think that the technical engineering decisions about the future of the internet is being guided by the same people who wrote the IETF commentary. I expect this document will continue to haunt the IAB for some time after we've gotten used to Verisign's and the 20 some other TLD's wildcard DNS records. --Dean On Wed, 24 Sep 2003, Harald Tveit Alvestrand wrote: Dean, as has happened before, your volume of posting has grown enough to cause people to complain. I make your posting volume 27 messages in the last 3 days, comprising 1/3 of the list volume for these days. Please restrain yourself to a reasonable level - in email, there is no particular harm coming to you by waiting a few hours before responding. Harald
Re: Please restrict your posting volume
Oops, this wasn't meant for the list. I doubt Harald meant his to go to the list, either. My apologies. --Dean On Wed, 24 Sep 2003, Dean Anderson wrote: Goodwins law has been invoked, so seems all points have been made, that can be made. I have received a number of off-list encouragment messages, but no off-list hate mail. Unlike many IETF discussions, this one was rather civil.
Re: Please restrict your posting volume
--On 24. september 2003 19:51 -0400 Dean Anderson [EMAIL PROTECTED] wrote: Goodwins law has been invoked, so seems all points have been made, that can be made. I have received a number of off-list encouragment messages, but no off-list hate mail. Unlike many IETF discussions, this one was rather civil. I wonder if the complaints you mention are simply meant to suppress the reasonably articulate opposition I bring against your position in the IETF commentary. Given your IETF commentary letter and its lack of factual statements and genuine harms, it seems likely to be the latter. However, email lists aren't the only way to counter such irrational positions. As I've said many times previously, FUD doesn't stand the test of time. and as I've said a few times previously, repeating an argument does not make it more true. FWIW, the IAB position statement (NOT an IETF statement - read the text) has had largely positive feedback, a number of comments that it is not harsh enough, and a number of additional examples of actual harm done. If you have some facts to contribute that you want considered in further work on this issue in the IAB, I'm sure you know the IAB's email address as well as I do. Harald
